花城-智慧社区
parent: abc906e6 | 补丁 | 提交 | ignore whitespace
fengjin
2023-09-19 3c22474f0a1e7bfc2e32f0cf5f758f81dca89828 
修改Bug
1个文件已修改
79 ■■■■ 已修改文件
springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/JWTAuthenticationTokenFilter.java 79 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/JWTAuthenticationTokenFilter.java


@@ -10,7 +10,7 @@


import javax.servlet.http.HttpServletResponse;




import com.panzhihua.common.model.vos.user.SysAppConfigVO;


import com.panzhihua.common.utlis.StringUtils;


import com.panzhihua.common.utlis.*;


import org.springframework.context.ApplicationContext;


import org.springframework.data.redis.core.StringRedisTemplate;


import org.springframework.data.redis.core.ValueOperations;


@@ -27,9 +27,6 @@


import com.panzhihua.common.model.vos.LoginUserInfoVO;


import com.panzhihua.common.model.vos.R;


import com.panzhihua.common.service.user.UserService;


import com.panzhihua.common.utlis.AES;


import com.panzhihua.common.utlis.JWTTokenUtil;


import com.panzhihua.common.utlis.ResultUtil;




import io.jsonwebtoken.Claims;




@@ -52,22 +49,17 @@


    /**


     * 用户是否登录校验


     *


     * @param servletRequest


     *            请求


     * @param servletResponse


     *            返回


     * @param filterChain


     *            过滤器链条


     * @throws IOException


     *             io


     * @throws ServletException


     *             servlet


     * @param servletRequest  请求


     * @param servletResponse 返回


     * @param filterChain     过滤器链条


     * @throws IOException      io


     * @throws ServletException servlet


     */


    @Override


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)


        throws IOException, ServletException {


        HttpServletRequest request = (HttpServletRequest)servletRequest;


        HttpServletResponse response = (HttpServletResponse)servletResponse;


            throws IOException, ServletException {


        HttpServletRequest request = (HttpServletRequest) servletRequest;


        HttpServletResponse response = (HttpServletResponse) servletResponse;


        ServletContext context = request.getServletContext();


        ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);


        stringRedisTemplate = ctx.getBean(StringRedisTemplate.class);


@@ -75,6 +67,7 @@


        userService = ctx.getBean(UserService.class);


        String requestURI = request.getRequestURI();


        boolean login = requestURI.contains("login");


        boolean union = requestURI.contains("huacheng-union-applets");


        boolean doc = requestURI.contains("doc.html");


        boolean css = requestURI.contains(".css");


        boolean js = requestURI.contains(".js");


@@ -107,11 +100,23 @@


        // boolean infodynamic = !requestURI.contains("partybuilding/infodynamic");




        SafeboxRequestWrapper safeboxRequestWrapper = new SafeboxRequestWrapper(request);


        safeboxRequestWrapper.addHeader("appid",request.getHeader("appid"));


        safeboxRequestWrapper.addHeader("appid", request.getHeader("appid"));


        if (login || doc || css || js || ui || swagger || ico || docs || error || refreshToken || useragreement || wxPay


        // ||wxCgi||isShop||listadvertisement||noToken||bigscreen) {


            || wxCgi || isShop || listadvertisement || noToken||uuRepay||kaphtcha||uuPush||tfLogin||batteryActivityPayNotify


                ||batteryPayNotify|| wsPush || basicScreen||pageEasyPhotoAdminLC) {


                // ||wxCgi||isShop||listadvertisement||noToken||bigscreen) {


                || wxCgi || isShop || listadvertisement || noToken || uuRepay || kaphtcha || uuPush || tfLogin || batteryActivityPayNotify


                || batteryPayNotify || wsPush || basicScreen || pageEasyPhotoAdminLC || union) {


            if (union && !login ) {


                String token;


                String header = request.getHeader(Constant.AUTHORIZATION);


                String[] tokens = request.getHeader(Constant.AUTHORIZATION).split(" ");


                if (tokens.length >= 2) {


                    token = request.getHeader(Constant.AUTHORIZATION).split(" ")[1];


                } else {


                    token = request.getHeader(Constant.AUTHORIZATION);


                }


                safeboxRequestWrapper.addHeader(Constant.UNION_AUTHORIZATION, token);


            }




            // 什么也不做


        } else {


            // 获取请求头中JWT的Token


@@ -140,7 +145,7 @@


                    return;


                }


                String userId = claims.getSubject();


                int type = (Integer)claims.get("type");


                int type = (Integer) claims.get("type");


                if (ObjectUtils.isEmpty(userId)) {


                    ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token校验失败"));


                    return;


@@ -197,7 +202,7 @@


                    }


                }


                UsernamePasswordAuthenticationToken authentication =


                    new UsernamePasswordAuthenticationToken(userId, userId, authorities);// 主要使用权限 账户 密码 不重要


                        new UsernamePasswordAuthenticationToken(userId, userId, authorities);// 主要使用权限 账户 密码 不重要


                SecurityContextHolder.getContext().setAuthentication(authentication);


                safeboxRequestWrapper.addHeader(TokenConstant.TOKEN_LOGOUT, tokenHeader);


                // 登录用户的所有信息


@@ -335,23 +340,23 @@


                noLoginUrl.add("/api/communitybackstage/comBatteryCommodityOrder/syncCloseOrder");


                noLoginUrl.add("/api/applets/uu/getQRCode");


                noLoginUrl.add("/api/huacheng-applets/uu/getQRCode");


                noLoginUrl.add("/api/huacheng-union-applets/unionInspection/query");


                noLoginUrl.add("/api/huacheng-union-applets/unionInspection/add");


                noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorLaborDynamic/page");


                noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorLaborDynamic/{id}");


                noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorSite/page");


                noLoginUrl.add("/api/huacheng-union-applets/unionInspection/{id}");


                noLoginUrl.add("/api/huacheng-union-applets/unionReport/add");


                noLoginUrl.add("/api/huacheng-union-applets/unionReport/query");


                noLoginUrl.add("/api/huacheng-union-applets/unionUser/authentication");


                response.setHeader("Access-Control-Allow-Origin", "*");


                response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");


                response.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");


//                noLoginUrl.add("/api/huacheng-union-applets/unionInspection/query");


//                noLoginUrl.add("/api/huacheng-union-applets/unionInspection/add");


//                noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorLaborDynamic/page");


//                noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorLaborDynamic/{id}");


//                noLoginUrl.add("/api/huacheng-union-applets/unionOutdoorSite/page");


//                noLoginUrl.add("/api/huacheng-union-applets/unionInspection/{id}");


//                noLoginUrl.add("/api/huacheng-union-applets/unionReport/add");


//                noLoginUrl.add("/api/huacheng-union-applets/unionReport/query");


//                noLoginUrl.add("/api/huacheng-union-applets/unionUser/authentication");


//                response.setHeader("Access-Control-Allow-Origin", "*");


//                response.setHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");


//                response.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");


                if (noLoginUrl.contains(requestURI)) {


                    List<SimpleGrantedAuthority> authorities = new ArrayList<>();


                    authorities.add(new SimpleGrantedAuthority(SecurityConstants.ROLE_APPLETS));


                    UsernamePasswordAuthenticationToken authentication =


                        new UsernamePasswordAuthenticationToken(null, null, authorities);


                            new UsernamePasswordAuthenticationToken(null, null, authorities);


                    SecurityContextHolder.getContext().setAuthentication(authentication);


                } else {


                    ResultUtil.responseJson(response, R.fail(HttpStatus.UNAUTHORIZED, "token校验失败"));


@@ -359,7 +364,7 @@


                }


            }


        }


        response.addHeader("Access-Control-Allow-Origin","*");


//        response.addHeader("Access-Control-Allow-Origin","*");


        filterChain.doFilter(safeboxRequestWrapper, response);


    }