You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
100 lines
4.5 KiB
100 lines
4.5 KiB
package com.fr.plugin; |
|
|
|
import com.fr.data.NetworkHelper; |
|
import com.fr.decision.authority.data.User; |
|
import com.fr.decision.fun.impl.AbstractEmbedRequestFilterProvider; |
|
import com.fr.decision.mobile.terminal.TerminalHandler; |
|
import com.fr.decision.webservice.bean.authentication.LoginClientBean; |
|
import com.fr.decision.webservice.exception.general.ServerTimeoutException; |
|
import com.fr.decision.webservice.exception.login.LoginInfoNotAvailableException; |
|
import com.fr.decision.webservice.exception.login.UserPwdErrorException; |
|
import com.fr.decision.webservice.exception.user.UserNotAvailableException; |
|
import com.fr.decision.webservice.utils.DecisionServiceConstants; |
|
import com.fr.decision.webservice.utils.DecisionStatusService; |
|
import com.fr.decision.webservice.v10.login.LoginService; |
|
import com.fr.decision.webservice.v10.login.TokenResource; |
|
import com.fr.decision.webservice.v10.user.UserService; |
|
import com.fr.general.ComparatorUtils; |
|
import com.fr.log.FineLoggerFactory; |
|
import com.fr.plugin.transform.ExecuteFunctionRecord; |
|
import com.fr.plugin.transform.FunctionRecorder; |
|
import com.fr.security.JwtUtils; |
|
import com.fr.stable.StringUtils; |
|
import com.fr.web.utils.WebUtils; |
|
|
|
import javax.servlet.ServletException; |
|
import javax.servlet.http.HttpServletRequest; |
|
import javax.servlet.http.HttpServletResponse; |
|
import java.io.IOException; |
|
import java.util.Base64; |
|
|
|
@FunctionRecorder |
|
public class MyEmbedRequestFilter extends AbstractEmbedRequestFilterProvider { |
|
@Override |
|
@ExecuteFunctionRecord |
|
public void filter(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException { |
|
if(!isLogged(httpServletRequest)){ |
|
//第一步获取token |
|
String my_token = httpServletRequest.getParameter("my_token"); |
|
//第二步判断是否是否为空 |
|
if (StringUtils.isNotBlank(my_token)) { |
|
try { |
|
String userName =new String( Base64.getUrlDecoder().decode(my_token)); |
|
UserService userService = UserService.getInstance(); |
|
//第三步检查用户是否存在 |
|
User user = userService.getUserByUserName(userName); |
|
if (user != null) { |
|
//第四步登录并设置Token到请求中 |
|
String token = LoginService.getInstance().login(httpServletRequest, httpServletResponse, userName); |
|
httpServletRequest.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME,token); |
|
} |
|
FineLoggerFactory.getLogger().info("{} login success from my filter",userName); |
|
}catch (Exception e){ |
|
e.printStackTrace(); |
|
} |
|
|
|
} |
|
} |
|
} |
|
// private boolean isLogin(HttpServletRequest request){ |
|
// return LoginService.getInstance().isLogged(request); |
|
// } |
|
|
|
public LoginClientBean loginStatusValid(String token, TerminalHandler terminal) throws Exception { |
|
if (StringUtils.isEmpty(token)) { |
|
throw new LoginInfoNotAvailableException("Token is empty!"); |
|
} else if (!JwtUtils.checkJWTExpired(token)) { |
|
throw new ServerTimeoutException(); |
|
} else { |
|
String loginUserName = JwtUtils.parseJWT(token).getSubject(); |
|
LoginClientBean clientBean = (LoginClientBean) DecisionStatusService.loginStatusService().get(token); |
|
if (clientBean != null) { |
|
String username = clientBean.getUsername(); |
|
User user = UserService.getInstance().getUserByUserName(username); |
|
if (user != null && ComparatorUtils.equals(loginUserName, username)) { |
|
if (user.isEnable()) { |
|
return clientBean; |
|
} else { |
|
throw new UserNotAvailableException(); |
|
} |
|
} else { |
|
throw new UserPwdErrorException(); |
|
} |
|
} else { |
|
throw new LoginInfoNotAvailableException("Login info is null! username: " + loginUserName); |
|
} |
|
} |
|
} |
|
public boolean isLogged(HttpServletRequest req) { |
|
boolean logged = true; |
|
|
|
try { |
|
String token = TokenResource.COOKIE.getToken(req); |
|
this.loginStatusValid(token, TerminalHandler.getTerminal(req, NetworkHelper.getDevice(req))); |
|
} catch (Exception var4) { |
|
logged = false; |
|
} |
|
|
|
return logged; |
|
} |
|
}
|
|
|