demo
/
example
3
4
Fork 8
Code Issues 3 Pull Requests Releases Wiki Activity
帆软帮助文档代码合集。
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
141 Commits
7 Branches
0 Tags
308 MiB
 
Branch: release/10.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'release/10.0'
${ noResults }
example/src/main/java/com/fr/FrFilter.java

111 lines
4.1 KiB
Raw Permalink Blame History

package com.fr;
import com.fr.data.NetworkHelper;
import com.fr.decision.mobile.terminal.TerminalHandler;
import com.fr.decision.webservice.utils.DecisionServiceConstants;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.general.ComparatorUtils;
import com.fr.log.FineLoggerFactory;
import com.fr.security.JwtUtils;
import com.fr.stable.StringUtils;
import com.fr.stable.web.Device;
import org.jasig.cas.client.validation.Assertion;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* Created by Zed on 2018/9/11.
*/
public class FrFilter implements Filter {
public FrFilter() {
}
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
FineLoggerFactory.getLogger().info("fr cas login");
HttpServletRequest req = (HttpServletRequest) servletRequest;
HttpServletResponse res = (HttpServletResponse) servletResponse;
HttpSession session = req.getSession(true);
FineLoggerFactory.getLogger().info("URL:" + req.getRequestURI());
String username;
//获取cas传递过来的username
Object object = req.getSession().getAttribute("_const_cas_assertion_");
if (object != null) {
Assertion assertion = (Assertion) object;
username = assertion.getPrincipal().getName();
} else {
username = (String) session.getAttribute("edu.yale.its.tp.cas.client.filter.user");
}
try {
//用户名为空,登录请求有问题,直接报错
if (StringUtils.isNotEmpty(username)) {
FineLoggerFactory.getLogger().info("username:" + username);
//获取请求携带的token
Object oldToken = session.getAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME);
//token不存在,或者token过期了,走后台登录方法
if (oldToken == null || !checkTokenValid(req, (String) oldToken, username)) {
login(req, res, session, username);
filterChain.doFilter(req, res);
} else {
//放行
filterChain.doFilter(req, res);
FineLoggerFactory.getLogger().info("no need");
}
} else {
throw new Exception("username is empty");
}
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
}
}
/**
* 后台登录方法
*/
private void login(HttpServletRequest req, HttpServletResponse res, HttpSession session, String username) throws Exception {
String token = LoginService.getInstance().login(req, res, username);
req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
FineLoggerFactory.getLogger().info("fr FrFilter is over with username is ###" + username);
}
/**
* 校验token是否有效
*/
private boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) {
try {
//当前登录用户和token对应的用户名不同,需要重新生成token
if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) {
FineLoggerFactory.getLogger().info("username changed:" + currentUserName);
return false;
}
Device device = NetworkHelper.getDevice(req);
LoginService.getInstance().loginStatusValid(token, TerminalHandler.getTerminal(req, device));
return true;
} catch (Exception ignore) {
}
return false;
}
@Override
public void destroy() {
}
}