das项目结构修改
This commit is contained in:
chenhaojie
parent
a760caa483
commit
2811f33980
@ -18,6 +18,8 @@ import java.io.BufferedReader;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStreamReader;
|
||||
import java.util.Collections;
|
||||
import java.util.Enumeration;
|
||||
import java.util.Optional;
|
||||
|
||||
public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
|
||||
@ -40,13 +42,20 @@ public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
|
||||
if ("POST".equals(method) && StringUtils.isNotBlank(contentType) && contentType.contains("application/json")) {
|
||||
// 读取加密的请求体数据
|
||||
String encryptedData = readRequestBody(request);
|
||||
// token解密
|
||||
String token = request.getHeader("token");
|
||||
if (StringUtils.isNotBlank(token)) {
|
||||
token = AESUtil.decrypt(aeskey, token, iv);
|
||||
} else {
|
||||
throw new RuntimeException("token不能为空");
|
||||
}
|
||||
if (StringUtils.isNotBlank(encryptedData)) {
|
||||
encryptedData = AESUtil.decrypt(aeskey, encryptedData, iv);
|
||||
|
||||
// 使用自定义的请求包装器替换原始请求
|
||||
filterChain.doFilter(new DecryptingHttpServletRequestWrapper(request, encryptedData), response);
|
||||
filterChain.doFilter(new DecryptingHttpServletRequestWrapper(request, encryptedData, token), response);
|
||||
} else {
|
||||
filterChain.doFilter(request, response);
|
||||
filterChain.doFilter(new TokenUpdatingHttpServletRequestWrapper(request, token), response);
|
||||
}
|
||||
} else {
|
||||
filterChain.doFilter(request, response);
|
||||
@ -69,12 +78,15 @@ public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
|
||||
// 自定义的请求包装器
|
||||
static class DecryptingHttpServletRequestWrapper extends HttpServletRequestWrapper {
|
||||
private final String decryptedData;
|
||||
private final String newTokenValue;
|
||||
|
||||
public DecryptingHttpServletRequestWrapper(HttpServletRequest request, String decryptedData) {
|
||||
public DecryptingHttpServletRequestWrapper(HttpServletRequest request, String decryptedData, String newTokenValue) {
|
||||
super(request);
|
||||
this.decryptedData = decryptedData;
|
||||
this.newTokenValue = newTokenValue;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public ServletInputStream getInputStream() throws IOException {
|
||||
final ByteArrayInputStream bais = new ByteArrayInputStream(decryptedData.getBytes("UTF-8"));
|
||||
@ -105,6 +117,22 @@ public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
|
||||
public BufferedReader getReader() throws IOException {
|
||||
return new BufferedReader(new InputStreamReader(getInputStream()));
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getHeader(String name) {
|
||||
if ("token".equalsIgnoreCase(name)) {
|
||||
return newTokenValue; // 返回新的token值
|
||||
}
|
||||
return super.getHeader(name); // 对于其他header,委托给父类处理
|
||||
}
|
||||
|
||||
@Override
|
||||
public Enumeration<String> getHeaders(String name) {
|
||||
if ("token".equalsIgnoreCase(name)) {
|
||||
return Collections.enumeration(Collections.singletonList(newTokenValue)); // 返回包含新token值的枚举
|
||||
}
|
||||
return super.getHeaders(name); // 对于其他header,委托给父类处理
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -28,7 +28,7 @@ public class FilterConfig {
|
||||
FilterRegistrationBean registrationBean = new FilterRegistrationBean();
|
||||
//注册过滤器
|
||||
registrationBean.setFilter(new DecryptingOncePerRequestFilter(aesProperties.getKey(), adminRedisTemplate));
|
||||
registrationBean.addUrlPatterns("/api/auth/login"); // 设置过滤器应用的URL模式
|
||||
registrationBean.addUrlPatterns("/api/auth/*"); // 设置过滤器应用的URL模式
|
||||
registrationBean.setOrder(2); // 设置过滤器的顺序
|
||||
return registrationBean;
|
||||
}
|
||||
|
||||
@ -1,52 +0,0 @@
|
||||
package com.das.common.interceptor;
|
||||
|
||||
|
||||
import com.das.common.utils.AESUtil;
|
||||
import com.das.common.utils.AdminRedisTemplate;
|
||||
import io.micrometer.common.util.StringUtils;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ReadListener;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.ServletInputStream;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletRequestWrapper;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import java.io.BufferedReader;
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStreamReader;
|
||||
|
||||
public class TokenOncePerRequestFilter extends OncePerRequestFilter {
|
||||
private String aeskey;
|
||||
|
||||
private AdminRedisTemplate adminRedisTemplate;
|
||||
public TokenOncePerRequestFilter(String aeskey, AdminRedisTemplate adminRedisTemplate) {
|
||||
this.aeskey = aeskey;
|
||||
this.adminRedisTemplate = adminRedisTemplate;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
|
||||
throws ServletException, IOException {
|
||||
|
||||
String iv = request.getHeader("v");
|
||||
// token解密
|
||||
String token = request.getHeader("token");
|
||||
if (StringUtils.isNotBlank(token)) {
|
||||
token = AESUtil.decrypt(aeskey, token, iv);
|
||||
if (adminRedisTemplate.exists(token)) {
|
||||
filterChain.doFilter(new TokenUpdatingHttpServletRequestWrapper(request, token), response);
|
||||
} else {
|
||||
throw new RuntimeException("token已失效");
|
||||
}
|
||||
} else {
|
||||
throw new RuntimeException("token为空");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
@ -1,33 +0,0 @@
|
||||
package com.das.common.interceptor;
|
||||
|
||||
|
||||
import com.das.common.config.AesProperties;
|
||||
import com.das.common.utils.AdminRedisTemplate;
|
||||
import jakarta.annotation.Resource;
|
||||
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
/**
|
||||
* @author
|
||||
* @Description token过滤器配置
|
||||
*/
|
||||
@Configuration
|
||||
public class WebFilterConfig {
|
||||
|
||||
@Resource
|
||||
private AesProperties aesProperties;
|
||||
|
||||
@Resource
|
||||
private AdminRedisTemplate adminRedisTemplate;
|
||||
|
||||
@Bean
|
||||
public FilterRegistrationBean tokenFilterRegistration() {
|
||||
FilterRegistrationBean registrationBean = new FilterRegistrationBean();
|
||||
//注册过滤器
|
||||
registrationBean.setFilter(new TokenOncePerRequestFilter(aesProperties.getKey(), adminRedisTemplate));
|
||||
registrationBean.addUrlPatterns("/api/auth/logout"); // 设置过滤器应用的URL模式
|
||||
registrationBean.setOrder(1); // 设置过滤器的顺序
|
||||
return registrationBean;
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user