Update TokenFilter.java

木子李·De 3 years ago
parent 066b0173aa
commit 36cc3c7f82

@ -7,14 +7,18 @@ import com.anji.plus.gaea.cache.CacheHelper;
import com.anji.plus.gaea.utils.JwtBean; import com.anji.plus.gaea.utils.JwtBean;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.Ordered; import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order; import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import javax.annotation.PostConstruct;
import javax.servlet.*; import javax.servlet.*;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.util.List;
import java.util.regex.Pattern;
/** /**
* *
@ -28,11 +32,44 @@ public class TokenFilter implements Filter {
@Autowired @Autowired
private JwtBean jwtBean; private JwtBean jwtBean;
/**跳过token验证和权限验证的url清单*/
@Value("#{'${customer.skip-authenticate-urls}'.split(',')}")
private List<String> skipAuthenticateUrls;
private Pattern SKIP_AUTHENTICATE_PATTERN;
@Override @Override
public void init(FilterConfig filterConfig) throws ServletException { public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig); Filter.super.init(filterConfig);
} }
/**
* @param skipUrlList
* @return
*/
private Pattern fitByList(List<String> skipUrlList){
if(skipUrlList == null || skipUrlList.size() == 0){
return Pattern.compile(".*().*");
}
StringBuffer patternString = new StringBuffer();
patternString.append(".*(");
skipUrlList.stream().forEach(url ->{
patternString.append(url.trim());
patternString.append("|");
});
if(skipUrlList.size()>0){
patternString.deleteCharAt(patternString.length()-1);
}
patternString.append(").*");
return Pattern.compile(patternString.toString());
}
@PostConstruct
private void postConstruct() {
SKIP_AUTHENTICATE_PATTERN = fitByList(skipAuthenticateUrls);
}
@Override @Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletRequest request = (HttpServletRequest) servletRequest;
@ -43,10 +80,13 @@ public class TokenFilter implements Filter {
response.sendRedirect("/index.html"); response.sendRedirect("/index.html");
return; return;
} }
if (!uri.startsWith("/login")
&& !uri.startsWith("/static") // 不需要token验证和权限验证的url直接放行
&& !uri.startsWith("/file/download/") boolean skipAuthenticate = SKIP_AUTHENTICATE_PATTERN.matcher(uri).matches();
&& !uri.contains("index.html")) { if(skipAuthenticate){
filterChain.doFilter(request, response);
return;
}
//获取token //获取token
String authorization = request.getHeader("Authorization"); String authorization = request.getHeader("Authorization");
@ -66,7 +106,6 @@ public class TokenFilter implements Filter {
//延长有效期 //延长有效期
cacheHelper.stringSetExpire(username, authorization, 3600); cacheHelper.stringSetExpire(username, authorization, 3600);
//在线体验版本 //在线体验版本
if (username.equals("guest") if (username.equals("guest")
&& !uri.endsWith("/dataSet/testTransform") && !uri.endsWith("/dataSet/testTransform")
@ -85,7 +124,6 @@ public class TokenFilter implements Filter {
return; return;
} }
} }
}
//执行 //执行
filterChain.doFilter(request, response); filterChain.doFilter(request, response);

Loading…
Cancel
Save