package com.mes.common.filter;
|
|
import com.mes.common.utils.RedisUtil;
|
import com.mes.userinfo.service.SysUserService;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.filter.OncePerRequestFilter;
|
|
import javax.annotation.Resource;
|
import javax.servlet.FilterChain;
|
import javax.servlet.ServletException;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.io.IOException;
|
|
/**
|
* @Author : zhoush
|
* @Date: 2024/4/10 9:42
|
* @Description:
|
*/
|
@Component
|
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
// 此处解释为什么不去实现Filter接口,因为在某些情况下会过滤两次,执行两次Filter里面的方法,所以我们选择继承SpringSecurity中的OncePerRequestFilter
|
@Autowired
|
private RedisUtil redisUtil;
|
|
@Resource
|
private SysUserService sysUserService;
|
|
@Override
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
//获取token
|
String token = request.getHeader("token");
|
//
|
// if (!StringUtils.hasText(token)) {
|
// //放行
|
// filterChain.doFilter(request, response);
|
// return; // 此处加上return好处是后面结果返回的时候就不会再走一遍此过滤器的方法了
|
// }
|
// //解析token
|
// String userid;
|
// try {
|
// Claims claims = JwtUtil.getClaimByToken(token);
|
// userid = claims.getSubject();
|
// } catch (Exception e) {
|
// e.printStackTrace();
|
// throw new RuntimeException("token非法");
|
// }
|
// //从redis中获取用户信息
|
// String redisKey = "login:" + userid;
|
// LoginUser loginUser = redisUtil.getCacheObject(redisKey);
|
// if (Objects.isNull(loginUser)) {
|
// response.setHeader("token", "");
|
// throw new RuntimeException("用户未登录");
|
// }
|
// //将用户信息放入当前线程
|
// UserInfoUtils.set(loginUser.getUser());
|
// //存入SecurityContextHolder,以供后面的过滤器使用
|
// List<String> permissionKeyList = sysUserService.getUserAuthorityInfo(Long.parseLong(userid));
|
// List<GrantedAuthority> authorities = permissionKeyList.stream().
|
// map(SimpleGrantedAuthority::new)
|
// .collect(Collectors.toList());
|
// UsernamePasswordAuthenticationToken authenticationToken =
|
// new UsernamePasswordAuthenticationToken(loginUser, null, authorities);
|
// SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
//放行
|
filterChain.doFilter(request, response);
|
}
|
}
|
