Browse Source

Merge branch 'master' of zed/demo-request-filter into master

master
richie 5 years ago committed by Gogs
parent
commit
d60a16304d
  1. 3
      plugin.xml
  2. 42
      src/main/java/com/fr/plugin/demo/request/DemoGlobalRequestFilterBridge.java
  3. 3
      src/main/java/com/fr/plugin/demo/request/DemoRequestFilterBridge.java

3
plugin.xml

@ -5,10 +5,11 @@
<active>yes</active>
<version>1.0</version>
<env-version>10.0</env-version>
<jartime>2018-11-20</jartime>
<jartime>2019-06-18</jartime>
<vendor>author</vendor>
<description><![CDATA[Servlet过滤器示例插件。]]></description>
<change-notes><![CDATA[
[2019-11-04]仅用户名登录逻辑修改。<br/>
[2018-11-05]初始化插件。<br/>
]]></change-notes>
<extra-decision>

42
src/main/java/com/fr/plugin/demo/request/DemoGlobalRequestFilterBridge.java

@ -8,7 +8,9 @@ import com.fr.decision.webservice.utils.DecisionServiceConstants;
import com.fr.decision.webservice.v10.login.LoginService;
import com.fr.decision.webservice.v10.login.TokenResource;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.general.ComparatorUtils;
import com.fr.log.FineLoggerFactory;
import com.fr.security.JwtUtils;
import com.fr.stable.StringUtils;
import javax.servlet.FilterChain;
@ -32,24 +34,46 @@ public class DemoGlobalRequestFilterBridge extends AbstractGlobalRequestFilterPr
String username = NetworkHelper.getHTTPRequestParameter(req, "username");
try {
if (StringUtils.isNotEmpty(username)) {
FineLoggerFactory.getLogger().info("current username:" + username);
User user = UserService.getInstance().getUserByUserName(username);
FineLoggerFactory.getLogger().info("username:" + username);
//根据用户名找到对应用户
User user = UserService.getInstance().getUserByUserName(username); //第二步
//用户不存在抛异常
if (user == null) {
throw new UserNotExistException();
}
String oldToken = TokenResource.COOKIE.getToken(req);
if (oldToken == null) {
//尝试获取当前浏览器已有的token
String oldToken = TokenResource.COOKIE.getToken(req); //第三步
//token不存在说明第一次登录 || token过期了 || 用户名切换了 这3种情况都要进行重新登录
if (oldToken == null || !checkTokenValid(req, oldToken, username)) { //第四步
//10.0后台登录方法,生成一份新的token
String token = LoginService.getInstance().login(req, res, username);
//把token塞进请求内,这样请求放行之后,就可通过后台的登录校验
req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token);
filterChain.doFilter(req, res);
} else {
filterChain.doFilter(req, res);
}
} else {
filterChain.doFilter(req, res);
}
//放行请求
filterChain.doFilter(req, res);
} catch (Exception e) {
FineLoggerFactory.getLogger().error(e.getMessage(), e);
}
}
/**
* 校验token是否有效
*/
private boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) {
try {
//当前登录用户和token对应的用户名不同,需要重新生成token
if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) {
FineLoggerFactory.getLogger().info("username changed:" + currentUserName);
return false;
}
return LoginService.getInstance().isLogged(req);
} catch (Exception ignore) {
}
return false;
}
}

3
src/main/java/com/fr/plugin/demo/request/DemoRequestFilterBridge.java

@ -6,7 +6,6 @@ import com.fr.intelli.record.Original;
import com.fr.log.FineLoggerFactory;
import com.fr.record.analyzer.EnableMetrics;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@ -16,7 +15,7 @@ import java.io.IOException;
public class DemoRequestFilterBridge extends AbstractEmbedRequestFilterProvider {
@Override
@Focus(id="com.fr.plugin.demo.request.filter", text = "", source = Original.PLUGIN)
@Focus(id = "com.fr.plugin.demo.request.filter", text = "", source = Original.PLUGIN)
public void filter(HttpServletRequest req, HttpServletResponse res) throws IOException, ServletException {
FineLoggerFactory.getLogger().info("=========Test Filter========");
}

Loading…
Cancel
Save