blame | history | patch | commit | commitdiff | ignore whitespace
Helius
2020-07-07 23cc7fd834acb4a1f985f77acbcd006e36e18c81 
 src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java


@@ -4,10 +4,12 @@


import cn.hutool.crypto.asymmetric.KeyType;


import cn.hutool.crypto.asymmetric.RSA;


import com.alibaba.fastjson.JSONObject;


import com.xcong.excoin.common.LoginUserUtils;


import com.xcong.excoin.common.contants.AppContants;


import com.xcong.excoin.common.system.bean.LoginUserBean;


import com.xcong.excoin.configurations.properties.ApplicationProperties;


import com.xcong.excoin.configurations.properties.SecurityProperties;


import com.xcong.excoin.modules.member.entity.MemberEntity;


import com.xcong.excoin.utils.RedisUtils;


import com.xcong.excoin.utils.SpringContextHolder;


import lombok.extern.slf4j.Slf4j;


@@ -42,15 +44,21 @@


    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {


        HttpServletRequest request = (HttpServletRequest) servletRequest;


        String token = resolveToken(request);


        log.info("token--->{}", token);


        if (StrUtil.isNotBlank(token)) {


            String loginStr = (String) redisUtils.get(AppContants.APP_LOGIN_PREFIX + token);


            log.info("login user --> {}", loginStr);


            String redisKey = "";


            // 根据user-agent判断pc端还是app端


            if (LoginUserUtils.isBrowser(request)) {


                redisKey = AppContants.PC_LOGIN_PREFIX + token;


            } else {


                redisKey = AppContants.APP_LOGIN_PREFIX + token;


            }




            String loginStr = (String) redisUtils.get(redisKey);


            if (StrUtil.isNotBlank(loginStr)) {


                LoginUserBean loginUser = JSONObject.parseObject(loginStr, LoginUserBean.class);


                Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser.getMemberEntity(), token, new ArrayList<>());


                MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class);


                Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>());


                SecurityContextHolder.getContext().setAuthentication(authentication);


                redisUtils.expire(AppContants.APP_LOGIN_PREFIX + token, 300000);


                redisUtils.expire(redisKey, 300000);


            } else {


                SecurityContextHolder.clearContext();


            }


@@ -70,13 +78,12 @@


    private String resolveToken(HttpServletRequest request) {


        try {


            // TODO debug模式下写死用户


            String bearerToken = "";


            if (applicationProperties.isDebug()) {


                bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo=";


            } else {


                bearerToken = request.getHeader(AppContants.TOKEN_HEADER);


            }


            log.info("bearerToken --->{}", bearerToken);


            String bearerToken = request.getHeader(AppContants.TOKEN_HEADER);


//            if (applicationProperties.isDebug()) {


//                bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo=";


//            } else {


//                bearerToken = request.getHeader(AppContants.TOKEN_HEADER);


//            }


            if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(AppContants.TOKEN_START_WITH)) {


                // 去掉令牌前缀


                String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");