package com.panzhihua.zuul.filters;
|
|
import java.io.IOException;
|
import java.util.ArrayList;
|
import java.util.List;
|
import java.util.concurrent.TimeUnit;
|
|
import javax.servlet.*;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
|
import com.panzhihua.common.model.vos.sangeshenbian.SystemUserVo;
|
import com.panzhihua.common.model.vos.user.SysAppConfigVO;
|
import com.panzhihua.common.service.sangeshenbian.SystemUserService;
|
import com.panzhihua.common.utlis.*;
|
import org.springframework.context.ApplicationContext;
|
import org.springframework.data.redis.core.StringRedisTemplate;
|
import org.springframework.data.redis.core.ValueOperations;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.stereotype.Component;
|
import org.springframework.util.ObjectUtils;
|
import org.springframework.web.context.support.WebApplicationContextUtils;
|
|
import com.alibaba.fastjson.JSONArray;
|
import com.alibaba.fastjson.JSONObject;
|
import com.panzhihua.common.constants.*;
|
import com.panzhihua.common.model.vos.LoginUserInfoVO;
|
import com.panzhihua.common.model.vos.R;
|
import com.panzhihua.common.service.user.UserService;
|
|
import io.jsonwebtoken.Claims;
|
|
/**
|
* @program: springcloud_k8s_panzhihuazhihuishequ
|
* @description: token校验
|
* @author: huang.hongfa weixin hhf9596 qq 959656820
|
* @create: 2020-11-25 16:35
|
**/
|
@Component
|
public class JWTAuthenticationTokenFilter implements Filter {
|
private StringRedisTemplate stringRedisTemplate;
|
private UserService userService;
|
private SystemUserService systemUserService;
|
|
@Override
|
public void init(FilterConfig filterConfig) throws ServletException {
|
|
}
|
|
/**
|
* 用户是否登录校验
|
*
|
* @param servletRequest 请求
|
* @param servletResponse 返回
|
* @param filterChain 过滤器链条
|
* @throws IOException io
|
* @throws ServletException servlet
|
*/
|
@Override
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
|
throws IOException, ServletException {
|
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
ServletContext context = request.getServletContext();
|
ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
|
stringRedisTemplate = ctx.getBean(StringRedisTemplate.class);
|
ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();
|
userService = ctx.getBean(UserService.class);
|
systemUserService = ctx.getBean(SystemUserService.class);
|
String requestURI = request.getRequestURI();
|
boolean login = requestURI.contains("login");
|
boolean union = requestURI.contains("huacheng-union-applets");
|
boolean doc = requestURI.contains("doc.html");
|
boolean css = requestURI.contains(".css");
|
boolean js = requestURI.contains(".js");
|
boolean ui = requestURI.contains("/ui");
|
boolean swagger = requestURI.contains("swagger");
|
boolean ico = requestURI.contains(".ico");
|
boolean docs = requestURI.contains("-docs");
|
boolean error = requestURI.contains("error");
|
boolean useragreement = requestURI.contains("useragreement");
|
boolean refreshToken = requestURI.contains("refreshToken");
|
boolean logout = requestURI.contains("logout");
|
boolean wxPay = requestURI.contains("wxNotify");
|
boolean kaphtcha = requestURI.contains("kaphtcha");
|
boolean uuRepay = requestURI.contains("uuRepay");
|
boolean uuPush = requestURI.contains("uuPush");
|
boolean wsPush = requestURI.contains("wsPush");
|
boolean wxCgi = requestURI.contains("cgi");
|
boolean isShop = requestURI.contains("isShop");
|
boolean batteryActivityPayNotify = requestURI.contains("batteryActivityPayNotify");
|
boolean batteryPayNotify = requestURI.contains("batteryPayNotify");
|
boolean tfLogin = requestURI.contains("tfLogin");
|
boolean noToken = requestURI.contains("noToken");
|
boolean listadvertisement = requestURI.contains("listadvertisement");
|
boolean basicScreen = requestURI.contains("basicScreen");
|
boolean pageEasyPhotoAdminLC = requestURI.contains("pageEasyPhotoAdminLC");
|
boolean putmessage = requestURI.contains("putmessage");
|
boolean unionDoor = requestURI.contains("unionDoor");
|
boolean getNewToken = requestURI.contains("getNewToken");
|
// boolean bigscreen = requestURI.contains("/bigscreen/party");
|
// boolean pageworkguide = !requestURI.contains("workguide/pageworkguide");
|
// boolean detailworkguide = !requestURI.contains("workguide/detailworkguide");
|
// boolean pagedynamic = !requestURI.contains("partybuilding/pagedynamic");
|
// boolean infodynamic = !requestURI.contains("partybuilding/infodynamic");
|
|
SafeboxRequestWrapper safeboxRequestWrapper = new SafeboxRequestWrapper(request);
|
safeboxRequestWrapper.addHeader("appid", request.getHeader("appid"));
|
if (login || doc || css || js || ui || swagger || ico || docs || error || refreshToken || useragreement || wxPay
|
// ||wxCgi||isShop||listadvertisement||noToken||bigscreen) {
|
|| wxCgi || isShop || listadvertisement || noToken || uuRepay || kaphtcha || uuPush || tfLogin || batteryActivityPayNotify
|
|| batteryPayNotify || wsPush || basicScreen || pageEasyPhotoAdminLC || union || putmessage || unionDoor || getNewToken)
|
{
|
if (union && !login ) {
|
String token;
|
String header = request.getHeader(Constant.AUTHORIZATION);
|
String[] tokens = request.getHeader(Constant.AUTHORIZATION).split(" ");
|
if (tokens.length >= 2) {
|
token = request.getHeader(Constant.AUTHORIZATION).split(" ")[1];
|
} else {
|
token = request.getHeader(Constant.AUTHORIZATION);
|
}
|
safeboxRequestWrapper.addHeader(Constant.UNION_AUTHORIZATION, token);
|
}
|
|
// 什么也不做
|
} else {
|
// 获取请求头中JWT的Token
|
String tokenHeader = request.getHeader(TokenConstant.TOKEN_HEADER);
|
if (null != tokenHeader && tokenHeader.startsWith(TokenConstant.TOKEN_PRE)) {
|
// token过期
|
String token = tokenHeader.replace(TokenConstant.TOKEN_PRE, "");
|
Boolean hasKey = stringRedisTemplate.hasKey(UserConstants.LOGOUT_TOKEN + token);
|
if (hasKey) {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "用户已经登出"));
|
return;
|
}
|
Boolean expired = JWTTokenUtil.isTokenExpired(token);
|
if (expired) {
|
if (logout) {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "登出成功"));
|
} else {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token过期"));
|
}
|
return;
|
}
|
// token解析
|
Claims claims = JWTTokenUtil.getClaimsFromToken(token);
|
if (ObjectUtils.isEmpty(claims)) {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token校验失败"));
|
return;
|
}
|
String userId = claims.getSubject();
|
int type = (Integer) claims.get("type");
|
if (ObjectUtils.isEmpty(userId)) {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token校验失败"));
|
return;
|
}
|
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
|
List<SimpleGrantedAuthority> authorities1 = new ArrayList<>();
|
if (1 == type) {// 小程序用户统一角色
|
String roleAppletKey = SecurityConstants.ROLE_APPLETS_USER + userId;
|
if (stringRedisTemplate.hasKey(roleAppletKey)) {
|
String roles = valueOperations.get(roleAppletKey);
|
authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
|
} else {
|
authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS));
|
String userKey = UserConstants.LOGIN_USER_INFO + userId;
|
Boolean hasKeyLoginUserInfo = stringRedisTemplate.hasKey(userKey);
|
if (hasKeyLoginUserInfo) {
|
String userInfo = valueOperations.get(userKey);
|
LoginUserInfoVO loginUserInfoVO = JSONObject.parseObject(userInfo, LoginUserInfoVO.class);
|
// 判断用户是否已实名制
|
if (loginUserInfoVO.getIsRealNamed() != null && loginUserInfoVO.getIsRealNamed()) {
|
authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS_REAL_NAMED));
|
}
|
} else {
|
// 查询登陆用户信息
|
R<LoginUserInfoVO> r = userService.getUserInfoByUserId(userId);
|
if (!R.isOk(r)) {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.ERROR, "登录用户信息查询失败"));
|
return;
|
}
|
LoginUserInfoVO data = r.getData();
|
// 判断用户是否已实名制
|
if (data.getIsRealNamed() != null && data.getIsRealNamed()) {
|
authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS_REAL_NAMED));
|
}
|
}
|
valueOperations.set(roleAppletKey, JSONArray.toJSONString(authorities), 24, TimeUnit.HOURS);
|
}
|
} else if(21 == type){
|
//三个身边
|
String key = SecurityConstants.ROLE_USER + "sangeshenbian:" + userId;
|
Boolean aBoolean = stringRedisTemplate.hasKey(key);
|
R<SystemUserVo> r = systemUserService.getUserById(userId);
|
if (aBoolean) {
|
String roles = valueOperations.get(key);
|
authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
|
} else {
|
SystemUserVo data = r.getData();
|
if (!ObjectUtils.isEmpty(data)) {
|
authorities.add(new SimpleGrantedAuthority(data.getSystemRoleId().toString()));
|
valueOperations.set(key, JSONArray.toJSONString(authorities), 24, TimeUnit.HOURS);
|
}
|
}
|
|
UsernamePasswordAuthenticationToken authentication =
|
new UsernamePasswordAuthenticationToken(userId, userId, authorities);// 主要使用权限 账户 密码 不重要
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_LOGOUT, tokenHeader);
|
// 登录用户的所有信息
|
String userKey = UserConstants.LOGIN_USER_INFO + "sangeshenbian:" + userId;
|
Boolean hasKeyLoginUserInfo = stringRedisTemplate.hasKey(userKey);
|
if (hasKeyLoginUserInfo) {
|
String userInfo = valueOperations.get(userKey);
|
byte[] encrypt = AES.encrypt(userInfo, Constants.AES_KEY);
|
String hexStr = AES.parseByte2HexStr(encrypt);
|
safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_USERINFO, hexStr);
|
} else {
|
if (!R.isOk(r)) {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.ERROR, "登录用户信息查询失败"));
|
return;
|
}
|
SystemUserVo data = r.getData();
|
String userInfo = JSONObject.toJSONString(data);
|
valueOperations.set(userKey, userInfo, 24, TimeUnit.HOURS);
|
byte[] encrypt = AES.encrypt(userInfo, Constants.AES_KEY);
|
String hexStr = AES.parseByte2HexStr(encrypt);
|
safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_USERINFO, hexStr);
|
}
|
|
} else {
|
String key = SecurityConstants.ROLE_USER + userId;
|
Boolean aBoolean = stringRedisTemplate.hasKey(key);
|
if (aBoolean) {
|
String roles = valueOperations.get(key);
|
authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
|
} else {
|
R<List<String>> r = userService.getUserRoles(userId);
|
List<String> data = r.getData();
|
if (!ObjectUtils.isEmpty(data)) {
|
data.forEach(s -> {
|
authorities1.add(new SimpleGrantedAuthority(s));
|
});
|
authorities = authorities1;
|
valueOperations.set(key, JSONArray.toJSONString(authorities), 24, TimeUnit.HOURS);
|
}
|
}
|
|
UsernamePasswordAuthenticationToken authentication =
|
new UsernamePasswordAuthenticationToken(userId, userId, authorities);// 主要使用权限 账户 密码 不重要
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_LOGOUT, tokenHeader);
|
// 登录用户的所有信息
|
String userKey = UserConstants.LOGIN_USER_INFO + userId;
|
Boolean hasKeyLoginUserInfo = stringRedisTemplate.hasKey(userKey);
|
if (hasKeyLoginUserInfo) {
|
String userInfo = valueOperations.get(userKey);
|
byte[] encrypt = AES.encrypt(userInfo, Constants.AES_KEY);
|
String hexStr = AES.parseByte2HexStr(encrypt);
|
safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_USERINFO, hexStr);
|
} else {
|
R<LoginUserInfoVO> r = userService.getUserInfoByUserId(userId);
|
if (!R.isOk(r)) {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.ERROR, "登录用户信息查询失败"));
|
return;
|
}
|
LoginUserInfoVO data = r.getData();
|
String userInfo = JSONObject.toJSONString(data);
|
valueOperations.set(userKey, userInfo, 24, TimeUnit.HOURS);
|
byte[] encrypt = AES.encrypt(userInfo, Constants.AES_KEY);
|
String hexStr = AES.parseByte2HexStr(encrypt);
|
safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_USERINFO, hexStr);
|
}
|
}
|
|
} else {
|
// 小程序无需登录也可访问地址列表
|
List<String> noLoginUrl = new ArrayList<>();
|
noLoginUrl.add("/api/applets/community/detaildynamic");
|
noLoginUrl.add("/api/applets/community/detailactivity");
|
noLoginUrl.add("/api/applets/community/pagedynamic");
|
noLoginUrl.add("/api/applets/community/pageactivity");
|
noLoginUrl.add("/api/applets/community/listactivitysign");
|
noLoginUrl.add("/api/applets/common/uploadimages");
|
noLoginUrl.add("/api/applets/workguide/pageworkguide");
|
noLoginUrl.add("/api/applets/workguide/detailworkguide");
|
noLoginUrl.add("/api/applets/workguide/list");
|
noLoginUrl.add("/api/applets/workguide/list/classify");
|
noLoginUrl.add("/api/applets/partybuilding/pagedynamic");
|
noLoginUrl.add("/api/applets/partybuilding/infodynamic");
|
noLoginUrl.add("/api/applets/convenient/business/area/page");
|
noLoginUrl.add("/api/applets/convenient/business/get");
|
noLoginUrl.add("/api/applets/pagehouse");
|
noLoginUrl.add("/api/applets/house");
|
noLoginUrl.add("/api/applets/index/agreement");
|
noLoginUrl.add("/api/applets/index/pageeasyphoto");
|
noLoginUrl.add("/api/applets/index/getEasyPhotoActivity");
|
noLoginUrl.add("/api/applets/index/detaileasyphoto");
|
noLoginUrl.add("/api/applets/index/pagecomacteasyphotocomment");
|
noLoginUrl.add("/api/applets/index/pagemicrowish");
|
noLoginUrl.add("/api/applets/index/microwish");
|
noLoginUrl.add("/api/applets/index/easyphoto/classify/list");
|
noLoginUrl.add("/api/applets/index/getUserReward");
|
noLoginUrl.add("/api/applets/pagediscuss");
|
noLoginUrl.add("/api/applets/discuss");
|
noLoginUrl.add("/api/applets/pagediscusscomment");
|
noLoginUrl.add("/api/applets/neighbor/pageApp");
|
noLoginUrl.add("/api/applets/neighbor/detail");
|
noLoginUrl.add("/api/applets/neighbor/forward");
|
noLoginUrl.add("/api/applets/partybuilding/pageserviceteam");
|
noLoginUrl.add("/api/applets/partybuilding/pagepartycommittee");
|
noLoginUrl.add("/api/applets/partybuilding/pageactivity");
|
noLoginUrl.add("/api/applets/community/pagevolunteer");
|
noLoginUrl.add("/api/applets/community/volunteer");
|
noLoginUrl.add("/api/applets/discuss/increase-view-num");
|
noLoginUrl.add("/api/applets/community/evaluate/page");
|
noLoginUrl.add("/api/applets/convenient/service-category/suitable");
|
noLoginUrl.add("/api/applets/convenient/merchant/popular");
|
noLoginUrl.add("/api/applets/convenient/merchant/classify");
|
noLoginUrl.add("/api/applets/convenient/merchant/detail");
|
noLoginUrl.add("/api/applets/convenient/product/list");
|
noLoginUrl.add("/api/applets/convenient/product/detail");
|
noLoginUrl.add("/api/applets/convenient/merchant/search");
|
noLoginUrl.add("/api/applets/convenient/product/search");
|
noLoginUrl.add("/api/applets/convenient/merchant/incr-consult");
|
noLoginUrl.add("/api/applets/convenient/merchant/incr-view");
|
noLoginUrl.add("/api/applets/convenient/product/incr-view");
|
noLoginUrl.add("/api/shopbackstage/convenient/upload/file");
|
noLoginUrl.add("/api/shopbackstage/convenient/upload/files");
|
noLoginUrl.add("/api/applets/warehouse/donates/page");
|
noLoginUrl.add("/api/applets/warehouse/donates/get");
|
noLoginUrl.add("/api/applets/property/publicity/page");
|
noLoginUrl.add("/api/applets/property/publicity/get");
|
noLoginUrl.add("/api/applets/property/publicity/list/village");
|
noLoginUrl.add("/api/applets/property/publicity/incr-view");
|
noLoginUrl.add("/api/applets/renting/houses/get");
|
noLoginUrl.add("/api/applets/renting/houses/nearby");
|
noLoginUrl.add("/api/applets/renting/houses/houseList");
|
noLoginUrl.add("/api/applets/renting/houses/getConfig");
|
noLoginUrl.add("/api/applets/comActRaffle/queryAll");
|
noLoginUrl.add("/api/huacheng-communitybackstage/screen/comprehensive/street/list");
|
noLoginUrl.add("/api/huacheng-communitybackstage/screen/comprehensive/population");
|
noLoginUrl.add("/api/huacheng-communitybackstage/screen/getWestScreenStatics");
|
noLoginUrl.add("/api/huacheng-communitybackstage/screen/comprehensive/governance");
|
noLoginUrl.add("/api/huacheng-communitybackstage/screen/comprehensive/partydyn");
|
noLoginUrl.add("/api/huacheng-communitybackstage/screen/comprehensive/pagedynamic");
|
noLoginUrl.add("/api/huacheng-communitybackstage/screen/get/community/password");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/autonomyDynamic");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/propertyDynamic");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/partyData");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/peopleInfo");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/countryard");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/basicData");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/specialPeople");
|
noLoginUrl.add("/api/huacheng-communitybackstage/pudaScreen/activity");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/verifyCode");
|
noLoginUrl.add("/api/shopbackstage/mcsOrder/wxNotify");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/bindPhone");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/bind/verifyCode");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/config/all");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/merchant/get");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/index/topData");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/information/pageH5");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/game/pageH5");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/game/get");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/info/get");
|
noLoginUrl.add("/api/shopbackstage/microcommercialstreet/merchant/pageH5");
|
noLoginUrl.add("/api/applets/fms/teamType/list");
|
noLoginUrl.add("/api/applets/fms/team/page");
|
noLoginUrl.add("/api/applets/fms/classroom/page");
|
noLoginUrl.add("/api/applets/fms/classroom/detail");
|
noLoginUrl.add("/api/applets/fms/event/page");
|
noLoginUrl.add("/api/applets/fms/event/detail");
|
noLoginUrl.add("/api/applets/fms/service/page");
|
noLoginUrl.add("/api/applets/fms/service/detail");
|
noLoginUrl.add("/api/applets/comActSocialOrgHatchAudit/process");
|
noLoginUrl.add("/api/applets/comActSocialProject/queryAll");
|
noLoginUrl.add("/api/applets/comActSocialProjectPublicity/queryAll");
|
noLoginUrl.add("/api/applets/comActSocialOrg/queryAll");
|
noLoginUrl.add("/api/applets/comactsocialworker");
|
noLoginUrl.add("/api/applets/enterprise/detail");
|
noLoginUrl.add("/api/applets/enterprise/page");
|
noLoginUrl.add("/api/applets/dpc/detail");
|
noLoginUrl.add("/api/applets/dpc/page");
|
noLoginUrl.add("/api/applets/wx/batteryPayNotify");
|
noLoginUrl.add("/api/applets/wx/batteryActivityPayNotify");
|
noLoginUrl.add("/api/communitybackstage/comBatteryCommodityOrder/syncCloseOrder");
|
noLoginUrl.add("/api/applets/uu/getQRCode");
|
noLoginUrl.add("/api/huacheng-applets/uu/getQRCode");
|
noLoginUrl.add("/api/applets/unionDoor/openDoorByPhone");
|
noLoginUrl.add("/api/huacheng-applets/unionDoor/openDoorByPhone");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionInspection/query");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionInspection/add");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorLaborDynamic/page");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorLaborDynamic/{id}");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorSite/page");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionInspection/{id}");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionReport/add");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionReport/query");
|
// noLoginUrl.add("/api/huacheng-union-applets/unionUser/authentication");
|
// response.setHeader("Access-Control-Allow-Origin", "*");
|
// response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
|
// response.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
|
if (noLoginUrl.contains(requestURI)) {
|
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
|
authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS));
|
UsernamePasswordAuthenticationToken authentication =
|
new UsernamePasswordAuthenticationToken(null, null, authorities);
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
} else {
|
ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token校验失败"));
|
return;
|
}
|
}
|
}
|
// response.addHeader("Access-Control-Allow-Origin","*");
|
filterChain.doFilter(safeboxRequestWrapper, response);
|
}
|
|
@Override
|
public void destroy() {
|
|
}
|
}
|
