| | |
|---|
| | | package com.ruoyi.framework.security.filter; |
|---|
| | | |
|---|
| | | import java.io.IOException; |
|---|
| | | import javax.servlet.FilterChain; |
|---|
| | | import javax.servlet.ServletException; |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | |
|---|
| | | import com.ruoyi.common.core.domain.entity.SysUser; |
|---|
| | | import com.ruoyi.common.core.domain.model.LoginUser; |
|---|
| | | import com.ruoyi.common.core.domain.model.LoginUserApplet; |
|---|
| | | import com.ruoyi.common.core.redis.RedisCache; |
|---|
| | | import com.ruoyi.common.utils.SecurityUtils; |
|---|
| | | import com.ruoyi.common.utils.StringUtils; |
|---|
| | | import com.ruoyi.framework.web.service.TokenService; |
|---|
| | | import com.ruoyi.system.service.ISysUserService; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
|---|
| | | import org.springframework.security.core.context.SecurityContextHolder; |
|---|
| | | import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; |
|---|
| | | import org.springframework.stereotype.Component; |
|---|
| | | import org.springframework.web.filter.OncePerRequestFilter; |
|---|
| | | import com.ruoyi.common.core.domain.model.LoginUser; |
|---|
| | | import com.ruoyi.common.utils.SecurityUtils; |
|---|
| | | import com.ruoyi.common.utils.StringUtils; |
|---|
| | | import com.ruoyi.framework.web.service.TokenService; |
|---|
| | | |
|---|
| | | import javax.servlet.FilterChain; |
|---|
| | | import javax.servlet.ServletException; |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | import java.io.IOException; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * token过滤器 验证token有效性 |
|---|
| | |
|---|
| | | { |
|---|
| | | @Autowired |
|---|
| | | private TokenService tokenService; |
|---|
| | | @Autowired |
|---|
| | | private RedisCache redisCache; |
|---|
| | | @Autowired |
|---|
| | | private ISysUserService sysUserService; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) |
|---|
| | |
|---|
| | | StringUtils.isNotNull(applet)) |
|---|
| | | { |
|---|
| | | if (StringUtils.isNotNull(loginUser)){ |
|---|
| | | Long userId = loginUser.getUserId(); |
|---|
| | | SysUser sysUser = sysUserService.selectUserById(userId); |
|---|
| | | if (StringUtils.isNull(sysUser)){ |
|---|
| | | redisCache.deleteObject(tokenService.getTokenKey(loginUser.getToken())); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | if("1".equals(sysUser.getStatus())){ |
|---|
| | | redisCache.deleteObject(tokenService.getTokenKey(loginUser.getToken())); |
|---|
| | | return; |
|---|
| | | } |
|---|
| | | tokenService.verifyToken(loginUser); |
|---|
| | | UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities()); |
|---|
| | | authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); |
|---|
