You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
79 lines
3.2 KiB
79 lines
3.2 KiB
package com.fr.plugin.demo.request; |
|
|
|
import com.fr.data.NetworkHelper; |
|
import com.fr.decision.authority.data.User; |
|
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider; |
|
import com.fr.decision.webservice.exception.user.UserNotExistException; |
|
import com.fr.decision.webservice.utils.DecisionServiceConstants; |
|
import com.fr.decision.webservice.v10.login.LoginService; |
|
import com.fr.decision.webservice.v10.login.TokenResource; |
|
import com.fr.decision.webservice.v10.user.UserService; |
|
import com.fr.general.ComparatorUtils; |
|
import com.fr.log.FineLoggerFactory; |
|
import com.fr.security.JwtUtils; |
|
import com.fr.stable.StringUtils; |
|
|
|
import javax.servlet.FilterChain; |
|
import javax.servlet.http.HttpServletRequest; |
|
import javax.servlet.http.HttpServletResponse; |
|
|
|
public class DemoGlobalRequestFilterBridge extends AbstractGlobalRequestFilterProvider { |
|
@Override |
|
public String filterName() { |
|
return "MyFilter"; |
|
} |
|
|
|
@Override |
|
public String[] urlPatterns() { |
|
return new String[]{"/decision"}; |
|
} |
|
|
|
@Override |
|
public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) { |
|
|
|
String username = NetworkHelper.getHTTPRequestParameter(req, "username"); |
|
try { |
|
if (StringUtils.isNotEmpty(username)) { |
|
FineLoggerFactory.getLogger().info("username:" + username); |
|
//根据用户名找到对应用户 |
|
User user = UserService.getInstance().getUserByUserName(username); //第二步 |
|
//用户不存在抛异常 |
|
if (user == null) { |
|
throw new UserNotExistException(); |
|
} |
|
//尝试获取当前浏览器已有的token |
|
String oldToken = TokenResource.COOKIE.getToken(req); //第三步 |
|
//token不存在说明第一次登录 || token过期了 || 用户名切换了 这3种情况都要进行重新登录 |
|
if (oldToken == null || !checkTokenValid(req, oldToken, username)) { //第四步 |
|
//10.0后台登录方法,生成一份新的token |
|
String token = LoginService.getInstance().login(req, res, username); |
|
//把token塞进请求内,这样请求放行之后,就可通过后台的登录校验 |
|
req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token); |
|
} |
|
} |
|
//放行请求 |
|
filterChain.doFilter(req, res); |
|
} catch (Exception e) { |
|
FineLoggerFactory.getLogger().error(e.getMessage(), e); |
|
} |
|
} |
|
|
|
|
|
/** |
|
* 校验token是否有效 |
|
*/ |
|
private boolean checkTokenValid(HttpServletRequest req, String token, String currentUserName) { |
|
try { |
|
//当前登录用户和token对应的用户名不同,需要重新生成token |
|
if (!ComparatorUtils.equals(currentUserName, JwtUtils.parseJWT(token).getSubject())) { |
|
FineLoggerFactory.getLogger().info("username changed:" + currentUserName); |
|
return false; |
|
} |
|
|
|
return LoginService.getInstance().isLogged(req); |
|
} catch (Exception ignore) { |
|
} |
|
|
|
return false; |
|
} |
|
}
|
|
|