From 7d348d54c93e1333951c6d20f8ead81d389cd262 Mon Sep 17 00:00:00 2001
From: puzhibing <393733352@qq.com>
Date: 星期一, 19 八月 2024 17:52:11 +0800
Subject: [PATCH] Merge branch 'master' of http://120.76.84.145:10101/gitblit/r/java/mx_charging_pile
---
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java | 192 ++++++++++++++++++++++++-----------------------
1 files changed, 98 insertions(+), 94 deletions(-)
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
index e829417..1b0eb25 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
@@ -36,102 +36,106 @@
/**
* 网关鉴权
- *
+ *
* @author ruoyi
*/
@Component
public class AuthFilter implements GlobalFilter, Ordered {
- private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
-
- // 排除过滤的 uri 地址,nacos自行添加
- @Autowired
- private IgnoreWhiteProperties ignoreWhite;
-
- @Autowired
- private RedisService redisService;
-
-
- @Override
- public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
- ServerHttpRequest request = exchange.getRequest();
- ServerHttpRequest.Builder mutate = request.mutate();
-
- String url = request.getURI().getPath();
- // 跳过不需要验证的路径
- if (StringUtils.matches(url, ignoreWhite.getWhites())) {
- return chain.filter(exchange);
- }
- String token = getToken(request);
- if (StringUtils.isEmpty(token)) {
- return unauthorizedResponse(exchange, "令牌不能为空");
- }
- Claims claims = JwtUtils.parseToken(token);
- if (claims == null) {
- return unauthorizedResponse(exchange, "令牌已过期或验证不正确!");
- }
- String userkey = JwtUtils.getUserKey(claims);
- boolean islogin = redisService.hasKey(getTokenKey(userkey));
- if (!islogin) {
- return unauthorizedResponse(exchange, "登录状态已过期");
- }
- String userid = JwtUtils.getUserId(claims);
- String username = JwtUtils.getUserName(claims);
- if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) {
- return unauthorizedResponse(exchange, "令牌验证失败");
- }
-
- // 设置用户信息到请求
- addHeader(mutate, SecurityConstants.USER_KEY, userkey);
- addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
- addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
- // 内部请求来源参数清除
- removeHeader(mutate, SecurityConstants.FROM_SOURCE);
- return chain.filter(exchange.mutate().request(mutate.build()).build());
- }
-
- private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value) {
- if (value == null) {
- return;
- }
- String valueStr = value.toString();
- String valueEncode = ServletUtils.urlEncode(valueStr);
- mutate.header(name, valueEncode);
- }
-
- private void removeHeader(ServerHttpRequest.Builder mutate, String name) {
- mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
- }
-
- private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) {
- log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
- return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
- }
-
- /**
- * 获取缓存key
- */
- private String getTokenKey(String token)
- {
- return CacheConstants.LOGIN_TOKEN_KEY + token;
- }
-
- /**
- * 获取请求token
- */
- private String getToken(ServerHttpRequest request) {
- String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION);
- // 如果前端设置了令牌前缀,则裁剪掉前缀
- if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
- {
- token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
- }
- return token;
- }
-
-
- @Override
- public int getOrder()
- {
- return -300;
- }
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ // 排除过滤的 uri 地址,nacos自行添加
+ @Autowired
+ private IgnoreWhiteProperties ignoreWhite;
+
+ @Autowired
+ private RedisService redisService;
+
+
+ @Override
+ public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
+ ServerHttpRequest request = exchange.getRequest();
+ ServerHttpRequest.Builder mutate = request.mutate();
+
+ String url = request.getURI().getPath();
+ // 跳过不需要验证的路径
+ if (StringUtils.matches(url, ignoreWhite.getWhites())) {
+ return chain.filter(exchange);
+ }
+ String token = getToken(request);
+ if (StringUtils.isEmpty(token)) {
+ return unauthorizedResponse(exchange, "令牌不能为空");
+ }
+ Claims claims = JwtUtils.parseToken(token);
+ if (claims == null) {
+ return unauthorizedResponse(exchange, "令牌已过期或验证不正确!");
+ }
+ String userkey = JwtUtils.getUserKey(claims);
+ boolean islogin = redisService.hasKey(getTokenKey(userkey));
+ if (!islogin) {
+ return unauthorizedResponse(exchange, "登录状态已过期");
+ }
+ String userid = JwtUtils.getUserId(claims);
+ String username = JwtUtils.getUserName(claims);
+ if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) {
+ return unauthorizedResponse(exchange, "令牌验证失败");
+ }
+
+ // 设置用户信息到请求
+ addHeader(mutate, SecurityConstants.USER_KEY, userkey);
+ addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
+ addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
+ // 内部请求来源参数清除
+ removeHeader(mutate, SecurityConstants.FROM_SOURCE);
+ return chain.filter(exchange.mutate().request(mutate.build()).build());
+ }
+
+ private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value) {
+ if (value == null) {
+ return;
+ }
+ String valueStr = value.toString();
+ String valueEncode = ServletUtils.urlEncode(valueStr);
+ mutate.header(name, valueEncode);
+ }
+
+ private void removeHeader(ServerHttpRequest.Builder mutate, String name) {
+ mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
+ }
+
+ private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) {
+ log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
+ return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
+ }
+
+ /**
+ * 获取缓存key
+ */
+ private String getTokenKey(String token) {
+ return CacheConstants.LOGIN_TOKEN_KEY + token;
+ }
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(ServerHttpRequest request) {
+ String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+ /**
+ * 防抖处理
+ */
+
+
+
+
+ @Override
+ public int getOrder() {
+ return -300;
+ }
}
\ No newline at end of file
--
Gitblit v1.7.1