2021与蓝度共同重构项目,服务端
blame | 历史 | 原始文档
chenjiantian
2021-11-24 6bdb5dda11b8723ddc20a37b9cbcc1e1fdace13a 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65

package com.sandu.common.security;


 


import com.sandu.common.redis.online.OnlineUser;


import com.sandu.common.redis.online.OnlineUserService;


import com.sandu.common.security.config.SecurityProperties;


import com.sandu.common.security.jwt.JwtTokenProvider;


import com.sandu.common.util.SpringContextHolder;


import lombok.extern.slf4j.Slf4j;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.context.SecurityContextHolder;


import org.springframework.security.core.userdetails.UserDetails;


import org.springframework.util.StringUtils;


import org.springframework.web.filter.GenericFilterBean;


 


import javax.servlet.FilterChain;


import javax.servlet.ServletException;


import javax.servlet.ServletRequest;


import javax.servlet.ServletResponse;


import javax.servlet.http.HttpServletRequest;


import java.io.IOException;


 


/**


 * spring security过滤器


 * 根据token拿到用户信息,放入spring security


 *


 * @author chenjiantian


 */


@Slf4j


public class TokenFilter extends GenericFilterBean {


 


    private final JwtTokenProvider tokenProvider;


 


    public TokenFilter(JwtTokenProvider tokenProvider) {


        this.tokenProvider = tokenProvider;


    }


 


    @Override


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)


            throws IOException, ServletException {


        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;


        String token = tokenProvider.getToken(httpServletRequest);


        SecurityProperties properties = SpringContextHolder.getBean(SecurityProperties.class);


 


 


        if (StringUtils.hasText(token) && tokenProvider.validateToken(token)) {


            Authentication authentication = tokenProvider.getAuthentication(token);


            // 是否使用redis缓存用户功能


            if (!properties.isCacheOnline()) {


                SecurityContextHolder.getContext().setAuthentication(authentication);


            } else {


                OnlineUserService onlineUserService = SpringContextHolder.getBean(OnlineUserService.class);


                OnlineUser onlineUser = onlineUserService.getOne(properties.getOnlineKey() + ((UserDetails) authentication.getPrincipal()).getUsername());


                if (onlineUser != null) {


                    // 匹配上当前用户的token才合法,防止jwt不受控制


                    if (token.equals(onlineUser.getToken())) {


                        SecurityContextHolder.getContext().setAuthentication(authentication);


                    }


                }


            }


        }


 


        filterChain.doFilter(servletRequest, servletResponse);


    }


 


}