From 7e7a275c0c4a07f5d27ec082538c25b838505998 Mon Sep 17 00:00:00 2001
From: lyfO_o <764716047@qq.com>
Date: 星期一, 27 六月 2022 18:24:48 +0800
Subject: [PATCH] up

---
 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java |  302 ++++++++++++++++++++++++-------------------------
 1 files changed, 147 insertions(+), 155 deletions(-)

diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
index c9bd858..874b46f 100644
--- a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
@@ -1,155 +1,147 @@
-//package com.gkhy.safePlatform.config.security;
-//
-//import com.alibaba.fastjson.JSONArray;
-//import com.alibaba.fastjson.JSONObject;
-//import com.gkhy.safePlatform.account.model.cache.CacheUser;
-//import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
-//import com.gkhy.safePlatform.commons.config.token.TokenConfig;
-//import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
-//import com.gkhy.safePlatform.commons.enums.ResultCodes;
-//import com.gkhy.safePlatform.commons.exception.BusinessException;
-//import com.gkhy.safePlatform.commons.utils.RedisUtils;
-//import com.gkhy.safePlatform.commons.utils.StringUtils;
-//import com.gkhy.safePlatform.commons.vo.ResultVO;
-//import org.apache.dubbo.config.annotation.DubboReference;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-//import org.springframework.security.core.GrantedAuthority;
-//import org.springframework.security.core.authority.SimpleGrantedAuthority;
-//import org.springframework.security.core.context.SecurityContextHolder;
-//import org.springframework.stereotype.Component;
-//import org.springframework.web.filter.OncePerRequestFilter;
-//
-//import javax.servlet.FilterChain;
-//import javax.servlet.ServletException;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import java.io.IOException;
-//import java.io.PrintWriter;
-//import java.util.ArrayList;
-//import java.util.List;
-//
-///**
-//* @Description: token登录过滤器
-//*/
-//@Component
-//public class TokenAuthenticationFilter extends OncePerRequestFilter  {
-//
-//    @Autowired
-//    private TokenConfig tokenConfig;
-//    @Autowired
-//    private RedisUtils redisUtil;
-//    @DubboReference(check = false)
-//    private NameService nameService;
-//
-//
-//
-//    @Override
-//    protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {
-//
-//        try {
-//            //获取当前认证成功用户权限信息
-//            UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
-//            if (authRequest != null) {
-//                SecurityContextHolder.getContext().setAuthentication(authRequest);
-//            }
-//            // 执行下一个 filter 过滤器链
-//            chain.doFilter(req, resp);
-//        } catch (BusinessException e) {
-//            // 返回异常
-//            this.writeJSON(req, resp, new ResultVO<>(e.getError()));
-//        } catch (Exception e) {
-//            e.printStackTrace();
-//            this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
-//        }
-//
-//
-//    }
-//
-//
-//    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
-//        // header获取token
-//        String authToken = req.getHeader(tokenConfig.getHeader());
-//        String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());
-//
-//        if(authToken != null) {
-//            // header 传入 userId
-//            if (StringUtils.isBlank(loginUserId)) {
-//                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
-//            }
-//            // 登录成功时,会将权限数据存入redis
-//            // 这里是验证获取权限信息
-//            // 1.从redis中获取对应该用户的权限信息
-//            String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
-//            Object o = redisUtil.get(accessTokenKey);
-//            // 2.token是否存在
-//            if (o == null) {
-//                // 是否存在
-//                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
-//            }else{
-//                Long userId = Long.valueOf(loginUserId);
-//                CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class);
-//                assert userId.equals(cacheUser.getUserId());
-//                if ( !authToken.equals(cacheUser.getAccessToken())) {
-//                    throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
-//                }
-//
-//                // 3.redis获取权限
-//                String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
-//                Object oo = redisUtil.get(authoritiesKey);
-//                List<GrantedAuthority> authorities;
-//                // 4.redis中是否存在
-//                if (oo != null) {
-//                    // 5.存在
-//                    String json = oo.toString();
-//                    authorities = JSONArray.parseArray(json, GrantedAuthority.class);
-//                }else {
-//                    authorities = new ArrayList<>();
-//                    // 6.不存在=>数据库查询
-//                    List<String> roleCodes = nameService.getUserRoleCodeByUserId(userId);
-//                    // role
-//                    for (String roleCode : roleCodes) {
-//                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("ROLE_" + roleCode);
-//                        authorities.add(simpleGrantedAuthority);
-//                    }
-//
-//                    // permission
-//                    List<String> permissions = nameService.getUserPermissionByUserId(userId);
-//                    for (String permission : permissions) {
-//                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
-//                        authorities.add(simpleGrantedAuthority);
-//                    }
-//                }
-//
-//                // security对象中存入登陆者信息
-//                return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);
-//
-//            }
-//
-//
-//
-//
-//
-//
-//        }
-//        return null;
-//    }
-//
-//
-//
-//    protected void writeJSON(HttpServletRequest req,
-//                             HttpServletResponse resp,
-//                             ResultVO resultVO) throws IOException {
-//        // 设置编码格式
-//        resp.setContentType("text/json;charset=utf-8");
-//        // 处理跨域问题
-//        resp.setHeader("Access-Control-Allow-Origin", "*");
-//        resp.setHeader("Access-Control-Allow-Methods", "POST, GET");
-//
-//        //输出JSON
-//        PrintWriter out = resp.getWriter();
-//        out.write(JSONObject.toJSONString(resultVO));
-//        out.flush();
-//        out.close();
-//    }
-//}
+package com.gkhy.safePlatform.config.security;
+
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
+import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
+import com.gkhy.safePlatform.commons.co.CacheUser;
+import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
+import com.gkhy.safePlatform.commons.enums.ResultCodes;
+import com.gkhy.safePlatform.commons.exception.BusinessException;
+import com.gkhy.safePlatform.commons.utils.StringUtils;
+import com.gkhy.safePlatform.commons.vo.ResultVO;
+import org.apache.dubbo.config.annotation.DubboReference;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+* @Description: token登录过滤器
+*/
+@Component
+public class TokenAuthenticationFilter extends OncePerRequestFilter  {
+
+    @Autowired
+    private TokenConfig tokenConfig;
+    @DubboReference(check = false)
+    private UserAccountService userAccountService;
+
+
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {
+
+        try {
+            //获取当前认证成功用户权限信息
+            UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
+            if (authRequest != null) {
+                SecurityContextHolder.getContext().setAuthentication(authRequest);
+            }
+            // 执行下一个 filter 过滤器链
+            chain.doFilter(req, resp);
+        } catch (BusinessException e) {
+            // 返回异常
+            this.writeJSON(req, resp, new ResultVO<>(e.getError()));
+        } catch (Exception e) {
+            e.printStackTrace();
+            this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
+        }
+
+
+    }
+
+
+    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
+        // header获取token
+        String authToken = req.getHeader(tokenConfig.getHeader());
+        String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());
+
+        if(authToken != null) {
+            // header 传入 userId
+            if (StringUtils.isBlank(loginUserId)) {
+                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
+            }
+            // 登录成功时,会将权限数据存入redis
+            // 这里是验证获取权限信息
+            // 1.从redis中获取对应该用户的权限信息
+            String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
+            String o = userAccountService.getValueByKeyFromRedis(accessTokenKey);
+            // 2.token是否存在
+            if (o == null) {
+                // 是否存在
+                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
+            }else{
+                Long userId = Long.valueOf(loginUserId);
+                CacheUser cacheUser = JSONObject.parseObject(o, CacheUser.class);
+                assert userId.equals(cacheUser.getUserId());
+                if ( !authToken.equals(cacheUser.getAccessToken())) {
+                    throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
+                }
+
+                // 3.redis获取权限
+                String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
+                String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey);
+                List<GrantedAuthority> authorities;
+                // 4.redis中是否存在
+                if (oo != null) {
+                    // 5.存在
+                    authorities = JSONArray.parseArray(oo, GrantedAuthority.class);
+                }else {
+                    authorities = new ArrayList<>();
+                    // 6.不存在=>数据库查询
+                    String roleCode = userAccountService.getUserRoleCodeByUserId(userId);
+                    // role
+                    authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode));
+
+                    // permission
+                    List<String> permissions = userAccountService.getUserPermissionByUserId(userId);
+                    for (String permission : permissions) {
+                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
+                        authorities.add(simpleGrantedAuthority);
+                    }
+                }
+
+                // security对象中存入登陆者信息
+                return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);
+
+            }
+
+
+
+
+
+
+        }
+        return null;
+    }
+
+
+
+    protected void writeJSON(HttpServletRequest req,
+                             HttpServletResponse resp,
+                             ResultVO resultVO) throws IOException {
+        // 设置编码格式
+        resp.setContentType("text/json;charset=utf-8");
+        // 处理跨域问题
+        resp.setHeader("Access-Control-Allow-Origin", "*");
+        resp.setHeader("Access-Control-Allow-Methods", "POST, GET");
+
+        //输出JSON
+        PrintWriter out = resp.getWriter();
+        out.write(JSONObject.toJSONString(resultVO));
+        out.flush();
+        out.close();
+    }
+}

--
Gitblit v1.9.2