|
|
|
@ -25,8 +25,8 @@ |
|
|
|
// @Override |
|
|
|
// protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { |
|
|
|
// // 取Token 生成登录信息 |
|
|
|
//// String token = request.getHeader("token"); |
|
|
|
// String token = new RequestWrapper(request).getBodyString(); |
|
|
|
// String token = request.getHeader("token"); |
|
|
|
// |
|
|
|
// |
|
|
|
// System.out.println(token+"123132132"); |
|
|
|
// |
|
|
|
@ -55,6 +55,7 @@ |
|
|
|
package com.example.demo.security; |
|
|
|
|
|
|
|
import com.example.demo.Util.JWTUtil; |
|
|
|
import com.example.demo.Util.RequestWrapper; |
|
|
|
import com.example.demo.Util.TokenPayload; |
|
|
|
import com.example.demo.domain.entity.Admin; |
|
|
|
import com.fasterxml.jackson.databind.ObjectMapper; |
|
|
|
@ -77,37 +78,42 @@ import java.io.InputStream; |
|
|
|
public class TokenFilter extends OncePerRequestFilter { |
|
|
|
@Override |
|
|
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { |
|
|
|
// 使用RequestWrapper包装原始的HttpServletRequest,使其输入流可以被重复读取 |
|
|
|
RequestWrapper requestWrapper = new RequestWrapper(request); |
|
|
|
|
|
|
|
// 确保请求体只被读取一次 |
|
|
|
boolean hasRequestBody = "POST".equals(request.getMethod()); |
|
|
|
boolean hasRequestBody = "POST".equals(requestWrapper.getMethod()); |
|
|
|
System.out.println(hasRequestBody); |
|
|
|
if (hasRequestBody) { |
|
|
|
// 获取输入流 |
|
|
|
try (InputStream inputStream = request.getInputStream()) { |
|
|
|
// 使用Jackson ObjectMapper解析JSON |
|
|
|
ObjectMapper objectMapper = new ObjectMapper(); |
|
|
|
TokenPayload tokenPayload = objectMapper.readValue(inputStream, TokenPayload.class); |
|
|
|
|
|
|
|
// 检查tokenPayload中是否存在token属性,并且这个属性不为空 |
|
|
|
String token = tokenPayload.getToken(); |
|
|
|
if (StringUtils.hasText(token)) { |
|
|
|
try { |
|
|
|
UserDetails userDetails = JWTUtil.getUserDetailsList(token, Admin.class); |
|
|
|
if (!ObjectUtils.isEmpty(userDetails)) { |
|
|
|
// 将这个用户注册到Security中 |
|
|
|
UsernamePasswordAuthenticationToken authenticationToken |
|
|
|
= new UsernamePasswordAuthenticationToken( |
|
|
|
userDetails, null, |
|
|
|
userDetails.getAuthorities()); |
|
|
|
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); |
|
|
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken); |
|
|
|
} |
|
|
|
} catch (Exception e) { |
|
|
|
e.printStackTrace(); |
|
|
|
// Token无效,可以在这里添加相应的处理逻辑,例如返回401状态码等 |
|
|
|
InputStream inputStream = requestWrapper.getInputStream(); |
|
|
|
// 使用Jackson ObjectMapper解析JSON |
|
|
|
ObjectMapper objectMapper = new ObjectMapper(); |
|
|
|
TokenPayload tokenPayload = objectMapper.readValue(inputStream, TokenPayload.class); |
|
|
|
System.out.println(tokenPayload + "/*/*/*/*/*/*/*"); |
|
|
|
// 检查tokenPayload中是否存在token属性,并且这个属性不为空 |
|
|
|
String token = tokenPayload.getToken(); |
|
|
|
System.out.println(token + "*-*-*-*-*-*-*"); |
|
|
|
if (StringUtils.hasText(token)) { |
|
|
|
try { |
|
|
|
System.out.println(token + "*-*-*-*-*-*-*"); |
|
|
|
UserDetails userDetails = JWTUtil.getUserDetailsList(token, Admin.class); |
|
|
|
if (!ObjectUtils.isEmpty(userDetails)) { |
|
|
|
// 将这个用户注册到Security中 |
|
|
|
UsernamePasswordAuthenticationToken authenticationToken |
|
|
|
= new UsernamePasswordAuthenticationToken( |
|
|
|
userDetails, null, |
|
|
|
userDetails.getAuthorities()); |
|
|
|
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(requestWrapper)); |
|
|
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken); |
|
|
|
} |
|
|
|
} catch (Exception e) { |
|
|
|
e.printStackTrace(); |
|
|
|
// Token无效,可以在这里添加相应的处理逻辑,例如返回401状态码等 |
|
|
|
} |
|
|
|
} |
|
|
|
System.out.println(token + "*-*-*-*-*-*"); |
|
|
|
} |
|
|
|
// 过滤器放行 |
|
|
|
filterChain.doFilter(request, response); |
|
|
|
filterChain.doFilter(requestWrapper, response); // 注意这里使用requestWrapper |
|
|
|
} |
|
|
|
} |
|
|
|
} |
