花城-智慧社区
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
huanghongfa
2021-09-02 177249c76aeea0b4bf8d8816d4994e3b445b45ce 
 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/JWTAuthenticationTokenFilter.java


@@ -1,15 +1,14 @@


package com.panzhihua.zuul.filters;




import com.alibaba.fastjson.JSONArray;


import com.alibaba.fastjson.JSONObject;


import com.panzhihua.common.constants.*;


import com.panzhihua.common.model.vos.LoginUserInfoVO;


import com.panzhihua.common.model.vos.R;


import com.panzhihua.common.service.user.UserService;


import com.panzhihua.common.utlis.AES;


import com.panzhihua.common.utlis.JWTTokenUtil;


import com.panzhihua.common.utlis.ResultUtil;


import io.jsonwebtoken.Claims;


import java.io.IOException;


import java.util.ArrayList;


import java.util.List;


import java.util.concurrent.TimeUnit;




import javax.servlet.*;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;




import org.springframework.context.ApplicationContext;


import org.springframework.data.redis.core.StringRedisTemplate;


import org.springframework.data.redis.core.ValueOperations;


@@ -20,13 +19,17 @@


import org.springframework.util.ObjectUtils;


import org.springframework.web.context.support.WebApplicationContextUtils;




import javax.servlet.*;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.io.IOException;


import java.util.ArrayList;


import java.util.List;


import java.util.concurrent.TimeUnit;


import com.alibaba.fastjson.JSONArray;


import com.alibaba.fastjson.JSONObject;


import com.panzhihua.common.constants.*;


import com.panzhihua.common.model.vos.LoginUserInfoVO;


import com.panzhihua.common.model.vos.R;


import com.panzhihua.common.service.user.UserService;


import com.panzhihua.common.utlis.AES;


import com.panzhihua.common.utlis.JWTTokenUtil;


import com.panzhihua.common.utlis.ResultUtil;




import io.jsonwebtoken.Claims;




/**


 * @program: springcloud_k8s_panzhihuazhihuishequ


@@ -39,7 +42,6 @@


    private StringRedisTemplate stringRedisTemplate;


    private UserService userService;






    @Override


    public void init(FilterConfig filterConfig) throws ServletException {




@@ -48,21 +50,27 @@


    /**


     * 用户是否登录校验


     *


     * @param servletRequest  请求


     * @param servletResponse 返回


     * @param filterChain     过滤器链条


     * @throws IOException      io


     * @throws ServletException servlet


     * @param servletRequest


     *            请求


     * @param servletResponse


     *            返回


     * @param filterChain


     *            过滤器链条


     * @throws IOException


     *             io


     * @throws ServletException


     *             servlet


     */


    @Override


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {


        HttpServletRequest request = (HttpServletRequest) servletRequest;


        HttpServletResponse response = (HttpServletResponse) servletResponse;


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)


        throws IOException, ServletException {


        HttpServletRequest request = (HttpServletRequest)servletRequest;


        HttpServletResponse response = (HttpServletResponse)servletResponse;


        ServletContext context = request.getServletContext();


        ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);


        stringRedisTemplate=ctx.getBean(StringRedisTemplate.class);


        stringRedisTemplate = ctx.getBean(StringRedisTemplate.class);


        ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();


        userService=ctx.getBean(UserService.class);


        userService = ctx.getBean(UserService.class);


        String requestURI = request.getRequestURI();


        boolean login = requestURI.contains("login");


        boolean doc = requestURI.contains("doc.html");


@@ -81,17 +89,17 @@


        boolean isShop = requestURI.contains("isShop");


        boolean noToken = requestURI.contains("noToken");


        boolean listadvertisement = requestURI.contains("listadvertisement");


//        boolean bigscreen = requestURI.contains("/bigscreen/party");


//        boolean pageworkguide = !requestURI.contains("workguide/pageworkguide");


//        boolean detailworkguide = !requestURI.contains("workguide/detailworkguide");


//        boolean pagedynamic = !requestURI.contains("partybuilding/pagedynamic");


//        boolean infodynamic = !requestURI.contains("partybuilding/infodynamic");


        // boolean bigscreen = requestURI.contains("/bigscreen/party");


        // boolean pageworkguide = !requestURI.contains("workguide/pageworkguide");


        // boolean detailworkguide = !requestURI.contains("workguide/detailworkguide");


        // boolean pagedynamic = !requestURI.contains("partybuilding/pagedynamic");


        // boolean infodynamic = !requestURI.contains("partybuilding/infodynamic");




        SafeboxRequestWrapper safeboxRequestWrapper = new SafeboxRequestWrapper(request);


        if (login||doc||css||js||ui||swagger||ico||docs||error||refreshToken||useragreement||wxPay


//                ||wxCgi||isShop||listadvertisement||noToken||bigscreen) {


                ||wxCgi||isShop||listadvertisement||noToken) {


            //什么也不做


        if (login || doc || css || js || ui || swagger || ico || docs || error || refreshToken || useragreement || wxPay


        // ||wxCgi||isShop||listadvertisement||noToken||bigscreen) {


            || wxCgi || isShop || listadvertisement || noToken) {


            // 什么也不做


        } else {


            // 获取请求头中JWT的Token


            String tokenHeader = request.getHeader(TokenConstant.TOKEN_HEADER);


@@ -119,38 +127,38 @@


                    return;


                }


                String userId = claims.getSubject();


                int type = (Integer) claims.get("type");


                int type = (Integer)claims.get("type");


                if (ObjectUtils.isEmpty(userId)) {


                    ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token校验失败"));


                    return;


                }


                List<SimpleGrantedAuthority> authorities = new ArrayList<>();


                List<SimpleGrantedAuthority> authorities1 = new ArrayList<>();


                if (1 == type) {//小程序用户统一角色


                    String roleAppletKey = SecurityConstants.ROLE_APPLETS_USER +userId;


                    if(stringRedisTemplate.hasKey(roleAppletKey)){


                if (1 == type) {// 小程序用户统一角色


                    String roleAppletKey = SecurityConstants.ROLE_APPLETS_USER + userId;


                    if (stringRedisTemplate.hasKey(roleAppletKey)) {


                        String roles = valueOperations.get(roleAppletKey);


                        authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);


                    }else {


                    } else {


                        authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS));


                        String userKey = UserConstants.LOGIN_USER_INFO + userId;


                        Boolean hasKeyLoginUserInfo = stringRedisTemplate.hasKey(userKey);


                        if (hasKeyLoginUserInfo) {


                            String userInfo = valueOperations.get(userKey);


                            LoginUserInfoVO loginUserInfoVO = JSONObject.parseObject(userInfo, LoginUserInfoVO.class);


                            //判断用户是否已实名制


                            // 判断用户是否已实名制


                            if (loginUserInfoVO.getIsRealNamed() != null && loginUserInfoVO.getIsRealNamed()) {


                                authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS_REAL_NAMED));


                            }


                        }else{


                            //查询登陆用户信息


                        } else {


                            // 查询登陆用户信息


                            R<LoginUserInfoVO> r = userService.getUserInfoByUserId(userId);


                            if (!R.isOk(r)) {


                                ResultUtil.responseJson(response, R.fail(HttpStatus.ERROR, "登录用户信息查询失败"));


                                return;


                            }


                            LoginUserInfoVO data = r.getData();


                            //判断用户是否已实名制


                            // 判断用户是否已实名制


                            if (data.getIsRealNamed() != null && data.getIsRealNamed()) {


                                authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS_REAL_NAMED));


                            }


@@ -165,7 +173,7 @@


                        authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);


                    } else {


                        R<List<String>> r = userService.getUserRoles(userId);


                        List<String> data =(List<String>)r.getData();


                        List<String> data = r.getData();


                        if (!ObjectUtils.isEmpty(data)) {


                            data.forEach(s -> {


                                authorities1.add(new SimpleGrantedAuthority(s));


@@ -175,18 +183,19 @@


                        }


                    }


                }


                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userId, userId, authorities);//主要使用权限 账户 密码 不重要


                UsernamePasswordAuthenticationToken authentication =


                    new UsernamePasswordAuthenticationToken(userId, userId, authorities);// 主要使用权限 账户 密码 不重要


                SecurityContextHolder.getContext().setAuthentication(authentication);


                safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_LOGOUT,tokenHeader);


                //登录用户的所有信息


                safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_LOGOUT, tokenHeader);


                // 登录用户的所有信息


                String userKey = UserConstants.LOGIN_USER_INFO + userId;


                Boolean hasKeyLoginUserInfo = stringRedisTemplate.hasKey(userKey);


                if(hasKeyLoginUserInfo){


                if (hasKeyLoginUserInfo) {


                    String userInfo = valueOperations.get(userKey);


                    byte[] encrypt = AES.encrypt(userInfo, Constants.AES_KEY);


                    String hexStr = AES.parseByte2HexStr(encrypt);


                    safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_USERINFO, hexStr);


                }else{


                } else {


                    R<LoginUserInfoVO> r = userService.getUserInfoByUserId(userId);


                    if (!R.isOk(r)) {


                        ResultUtil.responseJson(response, R.fail(HttpStatus.ERROR, "登录用户信息查询失败"));


@@ -194,13 +203,13 @@


                    }


                    LoginUserInfoVO data = r.getData();


                    String userInfo = JSONObject.toJSONString(data);


                    valueOperations.set(userKey,userInfo,24,TimeUnit.HOURS);


                    valueOperations.set(userKey, userInfo, 24, TimeUnit.HOURS);


                    byte[] encrypt = AES.encrypt(userInfo, Constants.AES_KEY);


                    String hexStr = AES.parseByte2HexStr(encrypt);


                    safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_USERINFO,hexStr );


                    safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_USERINFO, hexStr);


                }


            } else {


                //小程序无需登录也可访问地址列表


                // 小程序无需登录也可访问地址列表


                List<String> noLoginUrl = new ArrayList<>();


                noLoginUrl.add("/api/applets/community/detaildynamic");


                noLoginUrl.add("/api/applets/community/detailactivity");


@@ -235,19 +244,20 @@


                noLoginUrl.add("/api/applets/partybuilding/pageactivity");


                noLoginUrl.add("/api/applets/community/pagevolunteer");


                noLoginUrl.add("/api/applets/community/volunteer");


                if(noLoginUrl.contains(requestURI)){


                if (noLoginUrl.contains(requestURI)) {


                    List<SimpleGrantedAuthority> authorities = new ArrayList<>();


                    authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS));


                    UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(null, null, authorities);


                    UsernamePasswordAuthenticationToken authentication =


                        new UsernamePasswordAuthenticationToken(null, null, authorities);


                    SecurityContextHolder.getContext().setAuthentication(authentication);


                }else {


                } else {


                    ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token校验失败"));


                    return;


                }


            }


        }


        filterChain.doFilter(safeboxRequestWrapper,response);


        }


        filterChain.doFilter(safeboxRequestWrapper, response);


    }




    @Override


    public void destroy() {