sx/map
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

das项目结构修改

Browse Source
This commit is contained in:
chenhaojie 2024-06-21 14:15:39 +08:00
parent a760caa483
commit 2811f33980
4 changed files with 32 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java
View File

@ -18,6 +18,8 @@ import java.io.BufferedReader;
import java.io.ByteArrayInputStream; import java.io.ByteArrayInputStream;
import java.io.IOException; import java.io.IOException;
import java.io.InputStreamReader; import java.io.InputStreamReader;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Optional; import java.util.Optional;
public class DecryptingOncePerRequestFilter extends OncePerRequestFilter { public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
@ -40,13 +42,20 @@ public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
if ("POST".equals(method) && StringUtils.isNotBlank(contentType) && contentType.contains("application/json")) { if ("POST".equals(method) && StringUtils.isNotBlank(contentType) && contentType.contains("application/json")) {
// 读取加密的请求体数据 // 读取加密的请求体数据
String encryptedData = readRequestBody(request); String encryptedData = readRequestBody(request);
// token解密
String token = request.getHeader("token");
if (StringUtils.isNotBlank(token)) {
token = AESUtil.decrypt(aeskey, token, iv);
} else {
throw new RuntimeException("token不能为空");
}
if (StringUtils.isNotBlank(encryptedData)) { if (StringUtils.isNotBlank(encryptedData)) {
encryptedData = AESUtil.decrypt(aeskey, encryptedData, iv); encryptedData = AESUtil.decrypt(aeskey, encryptedData, iv);
// 使用自定义的请求包装器替换原始请求 // 使用自定义的请求包装器替换原始请求
filterChain.doFilter(new DecryptingHttpServletRequestWrapper(request, encryptedData), response); filterChain.doFilter(new DecryptingHttpServletRequestWrapper(request, encryptedData, token), response);
} else { } else {
filterChain.doFilter(request, response); filterChain.doFilter(new TokenUpdatingHttpServletRequestWrapper(request, token), response);
} }
} else { } else {
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
@ -69,12 +78,15 @@ public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
// 自定义的请求包装器 // 自定义的请求包装器
static class DecryptingHttpServletRequestWrapper extends HttpServletRequestWrapper { static class DecryptingHttpServletRequestWrapper extends HttpServletRequestWrapper {
private final String decryptedData; private final String decryptedData;
private final String newTokenValue;
public DecryptingHttpServletRequestWrapper(HttpServletRequest request, String decryptedData) { public DecryptingHttpServletRequestWrapper(HttpServletRequest request, String decryptedData, String newTokenValue) {
super(request); super(request);
this.decryptedData = decryptedData; this.decryptedData = decryptedData;
this.newTokenValue = newTokenValue;
} }
@Override @Override
public ServletInputStream getInputStream() throws IOException { public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais = new ByteArrayInputStream(decryptedData.getBytes("UTF-8")); final ByteArrayInputStream bais = new ByteArrayInputStream(decryptedData.getBytes("UTF-8"));
@ -105,6 +117,22 @@ public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
public BufferedReader getReader() throws IOException { public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream())); return new BufferedReader(new InputStreamReader(getInputStream()));
} }
@Override
public String getHeader(String name) {
if ("token".equalsIgnoreCase(name)) {
return newTokenValue; // 返回新的token值
}
return super.getHeader(name); // 对于其他header委托给父类处理
}
@Override
public Enumeration<String> getHeaders(String name) {
if ("token".equalsIgnoreCase(name)) {
return Collections.enumeration(Collections.singletonList(newTokenValue)); // 返回包含新token值的枚举
}
return super.getHeaders(name); // 对于其他header委托给父类处理
}
} }
} }

2
das/src/main/java/com/das/common/interceptor/FilterConfig.java
View File

@ -28,7 +28,7 @@ public class FilterConfig {
FilterRegistrationBean registrationBean = new FilterRegistrationBean(); FilterRegistrationBean registrationBean = new FilterRegistrationBean();
//注册过滤器 //注册过滤器
registrationBean.setFilter(new DecryptingOncePerRequestFilter(aesProperties.getKey(), adminRedisTemplate)); registrationBean.setFilter(new DecryptingOncePerRequestFilter(aesProperties.getKey(), adminRedisTemplate));
registrationBean.addUrlPatterns("/api/auth/login"); // 设置过滤器应用的URL模式 registrationBean.addUrlPatterns("/api/auth/*"); // 设置过滤器应用的URL模式
registrationBean.setOrder(2); // 设置过滤器的顺序 registrationBean.setOrder(2); // 设置过滤器的顺序
return registrationBean; return registrationBean;
} }

52
das/src/main/java/com/das/common/interceptor/TokenOncePerRequestFilter.java
View File

@ -1,52 +0,0 @@
package com.das.common.interceptor;
import com.das.common.utils.AESUtil;
import com.das.common.utils.AdminRedisTemplate;
import io.micrometer.common.util.StringUtils;
import jakarta.servlet.FilterChain;
import jakarta.servlet.ReadListener;
import jakarta.servlet.ServletException;
import jakarta.servlet.ServletInputStream;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletRequestWrapper;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.web.filter.OncePerRequestFilter;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
public class TokenOncePerRequestFilter extends OncePerRequestFilter {
private String aeskey;
private AdminRedisTemplate adminRedisTemplate;
public TokenOncePerRequestFilter(String aeskey, AdminRedisTemplate adminRedisTemplate) {
this.aeskey = aeskey;
this.adminRedisTemplate = adminRedisTemplate;
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
String iv = request.getHeader("v");
// token解密
String token = request.getHeader("token");
if (StringUtils.isNotBlank(token)) {
token = AESUtil.decrypt(aeskey, token, iv);
if (adminRedisTemplate.exists(token)) {
filterChain.doFilter(new TokenUpdatingHttpServletRequestWrapper(request, token), response);
} else {
throw new RuntimeException("token已失效");
}
} else {
throw new RuntimeException("token为空");
}
}
}

33
das/src/main/java/com/das/common/interceptor/WebFilterConfig.java
View File

@ -1,33 +0,0 @@
package com.das.common.interceptor;
import com.das.common.config.AesProperties;
import com.das.common.utils.AdminRedisTemplate;
import jakarta.annotation.Resource;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* @author
* @Description token过滤器配置
*/
@Configuration
public class WebFilterConfig {
@Resource
private AesProperties aesProperties;
@Resource
private AdminRedisTemplate adminRedisTemplate;
@Bean
public FilterRegistrationBean tokenFilterRegistration() {
FilterRegistrationBean registrationBean = new FilterRegistrationBean();
//注册过滤器
registrationBean.setFilter(new TokenOncePerRequestFilter(aesProperties.getKey(), adminRedisTemplate));
registrationBean.addUrlPatterns("/api/auth/logout"); // 设置过滤器应用的URL模式
registrationBean.setOrder(1); // 设置过滤器的顺序
return registrationBean;
}
}