package com.zbkj.admin.filter;
|
|
import cn.hutool.core.util.ObjectUtil;
|
import com.zbkj.common.vo.LoginUserVo;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
import org.springframework.web.filter.OncePerRequestFilter;
|
|
import javax.annotation.Resource;
|
import javax.servlet.FilterChain;
|
import javax.servlet.ServletException;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.io.IOException;
|
|
/**
|
* token过滤器 验证token有效性
|
*/
|
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
|
@Resource
|
private TokenComponent tokenComponent;
|
|
@Override
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
LoginUserVo loginUser = tokenComponent.getLoginUser(request);
|
// if (ObjectUtil.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
|
if (ObjectUtil.isNotNull(loginUser)) {
|
tokenComponent.verifyToken(loginUser);
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
|
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
// 将authentication信息放入到上下文对象中
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
}
|
filterChain.doFilter(request, response);
|
}
|
}
|
