From 1b0e88e27fde9156e648eed464505f8052af63ed Mon Sep 17 00:00:00 2001
From: CeDo <cedoogle@gmail.com>
Date: 星期三, 12 五月 2021 09:46:43 +0800
Subject: [PATCH] bugfixed:token检查
---
springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/AppletAuthenticationFilter.java | 96 ++++++++++++++++++++++++-----------------------
1 files changed, 49 insertions(+), 47 deletions(-)
diff --git a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/AppletAuthenticationFilter.java b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/AppletAuthenticationFilter.java
index 59e2e1d..d0f73c5 100644
--- a/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/AppletAuthenticationFilter.java
+++ b/springcloud_k8s_panzhihuazhihuishequ/zuul/src/main/java/com/panzhihua/zuul/filters/AppletAuthenticationFilter.java
@@ -65,61 +65,63 @@
// token解析
Claims claims = JWTTokenUtil.getClaimsFromToken(token);
- String username = claims.getSubject();
- int type = (Integer) claims.get("type");
- if (1 == type) {//小程序用户统一角色
- String requestURI = request.getRequestURI();
- String requestMethod = request.getMethod().toLowerCase();
+ if(claims!=null) {//检查token有效
+ String username = claims.getSubject();
+ int type = (Integer) claims.get("type");
+ if (1 == type) {//小程序用户统一角色
+ String requestURI = request.getRequestURI();
+ String requestMethod = request.getMethod().toLowerCase();
- ServletContext context = request.getServletContext();
- ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
- stringRedisTemplate = ctx.getBean(StringRedisTemplate.class);
- ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();
- String appletUserRoleKey = SecurityConstants.ROLE_APPLETS_USER + username;
- Boolean userHasRole = stringRedisTemplate.hasKey(appletUserRoleKey);
+ ServletContext context = request.getServletContext();
+ ApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
+ stringRedisTemplate = ctx.getBean(StringRedisTemplate.class);
+ ValueOperations<String, String> valueOperations = stringRedisTemplate.opsForValue();
+ String appletUserRoleKey = SecurityConstants.ROLE_APPLETS_USER + username;
+ Boolean userHasRole = stringRedisTemplate.hasKey(appletUserRoleKey);
- boolean needCheck = false;
- List<String> checkedUrl = realNamedConfig.getVerify();
- checkedUrl = checkedUrl!=null?checkedUrl:new ArrayList<>();
- for (int i = 0; i < checkedUrl.size(); i++) {
- String url = checkedUrl.get(i);
- if (url.toLowerCase().startsWith(requestMethod) && url.endsWith(requestURI)) {
- needCheck = true;
- } else {
- continue;
- }
- }
- if (needCheck) {
- if (userHasRole) {
- boolean userHashRight = false;
- try {
- String roles = valueOperations.get(appletUserRoleKey);
- List<SimpleGrantedAuthority> authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
- if (authorities != null && authorities.size() > 0) {
- AtomicBoolean userHasRightRole = new AtomicBoolean(false);
- authorities.forEach(authority -> {
- if (authority.getAuthority().equals(SecurityConstants.ROLE_APPLETS_REAL_NAMED)) {
- userHasRightRole.set(true);
- }
- });
- if (userHasRightRole.get()) {
- //用户包含“已实名”角色,则放行 什么也不做
- userHashRight = true;
- }
- }
- } catch (Exception e) {
- userHashRight = false;
+ boolean needCheck = false;
+ List<String> checkedUrl = realNamedConfig.getVerify();
+ checkedUrl = checkedUrl != null ? checkedUrl : new ArrayList<>();
+ for (int i = 0; i < checkedUrl.size(); i++) {
+ String url = checkedUrl.get(i);
+ if (url.toLowerCase().startsWith(requestMethod) && url.endsWith(requestURI)) {
+ needCheck = true;
+ } else {
+ continue;
}
+ }
+ if (needCheck) {
+ if (userHasRole) {
+ boolean userHashRight = false;
+ try {
+ String roles = valueOperations.get(appletUserRoleKey);
+ List<SimpleGrantedAuthority> authorities = JSONArray.parseArray(roles, SimpleGrantedAuthority.class);
+ if (authorities != null && authorities.size() > 0) {
+ AtomicBoolean userHasRightRole = new AtomicBoolean(false);
+ authorities.forEach(authority -> {
+ if (authority.getAuthority().equals(SecurityConstants.ROLE_APPLETS_REAL_NAMED)) {
+ userHasRightRole.set(true);
+ }
+ });
+ if (userHasRightRole.get()) {
+ //用户包含“已实名”角色,则放行 什么也不做
+ userHashRight = true;
+ }
+ }
+ } catch (Exception e) {
+ userHashRight = false;
+ }
- if (!userHashRight) {
+ if (!userHashRight) {
+ ResultUtil.responseJson(response, R.fail(HttpStatus.FORBIDDEN, "用户未实名"));
+ return;
+ }
+ } else {
ResultUtil.responseJson(response, R.fail(HttpStatus.FORBIDDEN, "用户未实名"));
return;
}
- }else{
- ResultUtil.responseJson(response, R.fail(HttpStatus.FORBIDDEN, "用户未实名"));
- return;
- }
+ }
}
}
}
--
Gitblit v1.7.1