From 0ece3ba8c92df0438af52b8de6b9225d8ada4103 Mon Sep 17 00:00:00 2001
From: wu <731351411@qq.com>
Date: 星期四, 30 十一月 2023 08:46:34 +0800
Subject: [PATCH] Merge branch 'master' of http://10.153.19.25:10101/r/CanadaMes
---
springboot-vue3/src/main/java/com/example/springboot/security/NoSessionFilter.java | 93 ++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 93 insertions(+), 0 deletions(-)
diff --git a/springboot-vue3/src/main/java/com/example/springboot/security/NoSessionFilter.java b/springboot-vue3/src/main/java/com/example/springboot/security/NoSessionFilter.java
new file mode 100644
index 0000000..db70704
--- /dev/null
+++ b/springboot-vue3/src/main/java/com/example/springboot/security/NoSessionFilter.java
@@ -0,0 +1,93 @@
+package com.example.springboot.security;
+
+import cn.hutool.core.util.StrUtil;
+import com.example.springboot.security.constant.SystemConstant;
+import com.example.springboot.security.entity.JwtToken;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+@Slf4j
+public class NoSessionFilter extends BasicHttpAuthenticationFilter {
+
+ @Override
+ protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
+ HttpServletRequest servletRequest = (HttpServletRequest) request;
+ // 1.浠嶤ookie鑾峰彇token
+ String token = getTokenFromCookie(servletRequest);
+ if (StrUtil.isBlank(token)) {
+ // 2.浠巋eaders涓幏鍙�
+ token = servletRequest.getHeader(SystemConstant.TOKEN_HEADER);
+ }
+ if (StrUtil.isBlank(token)) {
+ // 3.浠庤姹傚弬鏁拌幏鍙�
+ token = request.getParameter(SystemConstant.TOKEN_HEADER);
+ }
+ if (StrUtil.isBlank(token)) {
+ return false;
+ }
+ // 楠岃瘉token
+ JwtToken jwtToken = new JwtToken(token);
+ // 鎻愪氦缁檙ealm杩涜鐧诲叆锛屽鏋滈敊璇粬浼氭姏鍑哄紓甯稿苟琚崟鑾�
+ // todo https://www.cnblogs.com/red-star/p/12121941.html https://blog.csdn.net/qq_43721032/article/details/110188342
+ try {
+ SecurityUtils.getSubject().login(jwtToken);
+ } catch (Exception e) {
+ return false;
+ }
+ // 濡傛灉娌℃湁鎶涘嚭寮傚父鍒欎唬琛ㄧ櫥鍏ユ垚鍔燂紝杩斿洖true
+ return true;
+ }
+
+ @Override
+ protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
+ PrintWriter printWriter = response.getWriter();
+ response.setCharacterEncoding("utf-8");
+ printWriter.write("403");
+ printWriter.flush();
+ printWriter.close();
+ return false;
+ }
+
+ private String getTokenFromCookie(HttpServletRequest request) {
+ String token = null;
+ Cookie[] cookies = request.getCookies();
+ int len = null == cookies ? 0 : cookies.length;
+ if (len > 0) {
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals(SystemConstant.TOKEN_HEADER)) {
+ token = cookie.getValue();
+ break;
+ }
+ }
+ }
+ return token;
+ }
+
+ /**
+ * 瀵硅法鍩熸彁渚涙敮鎸�
+ */
+ @Override
+ protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
+ HttpServletRequest httpServletRequest = (HttpServletRequest) request;
+ HttpServletResponse httpServletResponse = (HttpServletResponse) response;
+ httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
+ httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
+ httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
+ // 璺ㄥ煙鏃朵細棣栧厛鍙戦�佷竴涓猳ption璇锋眰锛岃繖閲屾垜浠粰option璇锋眰鐩存帴杩斿洖姝e父鐘舵��
+ if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
+ httpServletResponse.setStatus(HttpStatus.OK.value());
+ return false;
+ }
+ return super.preHandle(request, response);
+ }
+}
--
Gitblit v1.8.0