From 52e704a605087ae55a821c9173b3ae512e823353 Mon Sep 17 00:00:00 2001 From: huangqizhen Date: Sat, 28 Dec 2024 11:13:48 +0800 Subject: [PATCH] =?UTF-8?q?=E5=90=8E=E7=AB=AF=E6=95=B4=E5=90=88=E6=A8=A1?= =?UTF-8?q?=E5=9D=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/example/demo/mapper/UserMapper.java | 2 +- .../com/example/demo/security/TokenFilter.java | 108 ++++++++++++++++++++- 2 files changed, 108 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/example/demo/mapper/UserMapper.java b/src/main/java/com/example/demo/mapper/UserMapper.java index 3431246..bbf0c5f 100644 --- a/src/main/java/com/example/demo/mapper/UserMapper.java +++ b/src/main/java/com/example/demo/mapper/UserMapper.java @@ -11,7 +11,7 @@ import java.util.List; @Mapper public interface UserMapper { @Select({ - "select jwcode from user" + "select jwcode from user where jwcode=#{jwcode}" }) List selectJwcode(); @Select({ diff --git a/src/main/java/com/example/demo/security/TokenFilter.java b/src/main/java/com/example/demo/security/TokenFilter.java index 9bcd291..ea2f22b 100644 --- a/src/main/java/com/example/demo/security/TokenFilter.java +++ b/src/main/java/com/example/demo/security/TokenFilter.java @@ -158,6 +158,7 @@ public class TokenFilter extends OncePerRequestFilter { } else { // 使用RequestWrapper包装原始的HttpServletRequest,使其输入流可以被重复读取 RequestWrapper requestWrapper = new RequestWrapper(request); + System.out.println(request); // 确保请求体只被读取一次 boolean hasRequestBody = "POST".equals(requestWrapper.getMethod()); if (hasRequestBody) { @@ -191,4 +192,109 @@ public class TokenFilter extends OncePerRequestFilter { filterChain.doFilter(requestWrapper, response); } } -} \ No newline at end of file +} +//package com.example.demo.security; +// +//import com.example.demo.Util.JWTUtil; +//import com.example.demo.Util.RequestWrapper; +//import com.example.demo.Util.TokenPayload; +//import com.example.demo.domain.entity.Admin; +//import com.fasterxml.jackson.core.JsonProcessingException; +//import com.fasterxml.jackson.core.type.TypeReference; +//import com.fasterxml.jackson.databind.ObjectMapper; +//import jakarta.servlet.FilterChain; +//import jakarta.servlet.ServletException; +//import jakarta.servlet.http.HttpServletRequest; +//import jakarta.servlet.http.HttpServletResponse; +//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +//import org.springframework.security.core.context.SecurityContextHolder; +//import org.springframework.security.core.userdetails.UserDetails; +//import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +//import org.springframework.stereotype.Component; +//import org.springframework.util.ObjectUtils; +//import org.springframework.util.StringUtils; +//import org.springframework.web.filter.OncePerRequestFilter; +// +//import java.io.IOException; +//import java.io.InputStream; +//import java.util.List; +// +//@Component +//public class TokenFilter extends OncePerRequestFilter { +// +// private final ObjectMapper objectMapper = new ObjectMapper(); +// +// @Override +// protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) +// throws ServletException, IOException { +// // 检查是否是上传请求 +// boolean isUploadRequest = request.getRequestURI().startsWith("/upload"); +// System.out.println(request.getRequestURI()); +// System.out.println(isUploadRequest); +// if (isUploadRequest) { +// // 如果是上传请求,直接将请求传递给下一个过滤器或目标资源 +// filterChain.doFilter(request, response); +// return; +// } else { +// // 使用RequestWrapper包装原始的HttpServletRequest,使其输入流可以被重复读取 +// RequestWrapper requestWrapper = new RequestWrapper(request); +// System.out.println(request); +// // 确保请求体只被读取一次 +// boolean hasRequestBody = "POST".equals(requestWrapper.getMethod()); +// if (hasRequestBody) { +// // 获取输入流 +// InputStream inputStream = requestWrapper.getInputStream(); +// +// // 检查Content-Type是否为application/json,并且请求体不为空 +// String contentType = request.getContentType(); +// if (contentType != null && contentType.startsWith("application/json") && inputStream.available() > 0) { +// // 尝试反序列化JSON +// try { +// // 尝试将输入流转换为字符串,以检查是否为数组 +// String json = objectMapper.readTree(inputStream).toString(); +// if (json.startsWith("[")) { +// // JSON是数组 +// TypeReference> typeRef = new TypeReference>() {}; +// List tokenPayloads = objectMapper.readValue(json, typeRef); +// // 处理tokenPayloads列表 +// for (TokenPayload tokenPayload : tokenPayloads) { +// processTokenPayload(tokenPayload, requestWrapper); +// } +// } else { +// // JSON是单个对象 +// TokenPayload tokenPayload = objectMapper.readValue(json, TokenPayload.class); +// processTokenPayload(tokenPayload, requestWrapper); +// } +// } catch (JsonProcessingException e) { +// e.printStackTrace(); +// // JSON解析失败,可以在这里添加相应的处理逻辑,例如返回400状态码等 +// } +// } +// } +// // 非上传请求,继续执行过滤器链 +// filterChain.doFilter(requestWrapper, response); +// } +// } +// +// private void processTokenPayload(TokenPayload tokenPayload, HttpServletRequest request) { +// // 检查tokenPayload中是否存在token属性,并且这个属性不为空 +// String token = tokenPayload.getToken(); +// if (StringUtils.hasText(token)) { +// try { +// UserDetails userDetails = JWTUtil.getUserDetailsList(token, Admin.class); +// if (!ObjectUtils.isEmpty(userDetails)) { +// // 将这个用户注册到Security中 +// UsernamePasswordAuthenticationToken authenticationToken +// = new UsernamePasswordAuthenticationToken( +// userDetails, null, +// userDetails.getAuthorities()); +// authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); +// SecurityContextHolder.getContext().setAuthentication(authenticationToken); +// } +// } catch (Exception e) { +// e.printStackTrace(); +// // Token无效,可以在这里添加相应的处理逻辑,例如返回401状态码等 +// } +// } +// } +//}