package com.gkhy.exam.framework.security.filter; import com.gkhy.exam.common.utils.StringUtils; import com.gkhy.exam.framework.web.service.TokenService; import com.gkhy.exam.framework.web.service.UserDetailServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; @Component public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { @Autowired private TokenService tokenService; @Autowired private UserDetailServiceImpl userDetailService; @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { String token=request.getHeader(TokenService.HEADER); if(StringUtils.isNotEmpty(token)){ String username=tokenService.getUserNameFromToken(token); if(StringUtils.isNotEmpty(username)){ UserDetails userDetails=userDetailService.loadUserByUsername(username); if(tokenService.validateToken(token,userDetails)){ UsernamePasswordAuthenticationToken authenticationToken=new UsernamePasswordAuthenticationToken(userDetails,null,userDetails.getAuthorities()); authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); SecurityContextHolder.getContext().setAuthentication(authenticationToken); } } } filterChain.doFilter(request,response); } }