package com.jilongda.common.security.filter;
|
|
import com.jilongda.common.basic.ApiResult;
|
import com.jilongda.common.security.SecurityUtils;
|
import com.jilongda.common.utils.ResponseUtils;
|
import com.jilongda.common.exception.ServiceException;
|
import com.jilongda.common.exception.TokenException;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.web.filter.OncePerRequestFilter;
|
|
import javax.servlet.FilterChain;
|
import javax.servlet.ServletException;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.io.IOException;
|
|
|
/**
|
* 登录认证检查过滤器
|
*
|
* @author xiaochen
|
* @date Jun 29, 2020
|
* <p>
|
* OncePerRequestFilter是在一次外部请求中只过滤一次。对于服务器内部之间的forward等请求,不会再次执行过滤方法。
|
* <p>
|
* 文档参见:https://www.jianshu.com/p/b2aa7dd346a2
|
*/
|
@Slf4j
|
public class AuthenticationFilter extends OncePerRequestFilter {
|
private final SecurityUtils securityUtils;
|
|
public AuthenticationFilter(SecurityUtils securityUtils) {
|
this.securityUtils = securityUtils;
|
}
|
|
@Override
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
|
// 全局异常无法捕捉过滤器异常,需在此处做处理
|
try {
|
|
|
|
|
securityUtils.checkAuthentication(request);
|
chain.doFilter(request, response);
|
} catch (Exception e) {
|
// 如果是业务异常,需返回状态码
|
if (e instanceof ServiceException) {
|
ServiceException e1 = (ServiceException) e;
|
ResponseUtils.renderJson(response, ApiResult.failed(e1.getCode(), e.getMessage()));
|
} else if (e instanceof TokenException) {
|
TokenException e1 = (TokenException) e;
|
ResponseUtils.renderJson(response, ApiResult.failed(e1.getCode(), e.getMessage()));
|
} else {
|
ResponseUtils.renderJson(response, ApiResult.failed(e.getMessage()));
|
}
|
return;
|
}
|
}
|
|
}
|
