package com.qxueyou.scc.web;
|
|
import java.io.IOException;
|
|
import javax.servlet.Filter;
|
import javax.servlet.FilterChain;
|
import javax.servlet.FilterConfig;
|
import javax.servlet.ServletException;
|
import javax.servlet.ServletRequest;
|
import javax.servlet.ServletResponse;
|
import javax.servlet.annotation.WebFilter;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpSession;
|
|
import org.apache.commons.lang3.ArrayUtils;
|
import org.apache.logging.log4j.LogManager;
|
import org.apache.logging.log4j.Logger;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.boot.context.properties.EnableConfigurationProperties;
|
import org.springframework.data.redis.core.StringRedisTemplate;
|
|
import com.alibaba.druid.util.StringUtils;
|
import com.alibaba.fastjson.JSONObject;
|
import com.qxueyou.scc.base.model.Result;
|
import com.qxueyou.scc.base.model.UserInfoWrapper;
|
import com.qxueyou.scc.base.service.ILicenseService;
|
import com.qxueyou.scc.config.SccConfig;
|
import com.qxueyou.scc.sys.service.IAuthorizeService;
|
|
@WebFilter(urlPatterns = "/*", filterName = "authorizeFilter")
|
@EnableConfigurationProperties(SccConfig.class)
|
public class AuthorizeFilter implements Filter {
|
private final Logger log = LogManager.getLogger("AuthorizeFilter");
|
|
@Autowired
|
private IAuthorizeService authorizeService;
|
|
@Autowired
|
private SccConfig sccConfig;
|
|
@Autowired
|
ILicenseService licenseService;
|
|
@Autowired
|
private StringRedisTemplate stringRedisTemplate;
|
|
private String[] excludeUrls;
|
|
/**
|
* 非法请求返回结果
|
*/
|
private String forbidden = JSONObject.toJSONString(new Result(false,Result.CODE_FORBIDDEN));
|
|
private String forbiddenOfInvalidLicense = JSONObject.toJSONString(new Result(false,Result.CODE_FORBIDDEN,"license invalid"));
|
|
@Override
|
public void init(FilterConfig filterConfig) throws ServletException {
|
// 从配置文件中获取excludeUrls
|
String excludeUrl = sccConfig.getExcludeUrl();
|
|
if (!StringUtils.isEmpty(excludeUrl)) {
|
excludeUrls = excludeUrl.split(";");
|
String root = filterConfig.getServletContext().getContextPath();
|
for (int i = 0; i < excludeUrls.length; i++) {
|
excludeUrls[i] = excludeUrls[i].replace("\n", "").replace("\t", "").replace(" ", "");
|
excludeUrls[i] = root.concat(excludeUrls[i]);
|
}
|
}
|
|
log.debug("license info: valid:{0},companyName:{1},productName:{2},expiredDate{3}",
|
licenseService.isValid(),
|
licenseService.getCustomerName(),
|
licenseService.getProductName(),
|
licenseService.getExpiredDate()
|
);
|
}
|
|
@Override
|
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain)
|
throws IOException, ServletException {
|
|
HttpServletRequest httpRequest = (HttpServletRequest) request;
|
HttpServletResponse httpResponse = (HttpServletResponse) response;
|
|
String url = httpRequest.getRequestURI();
|
log.debug("request URI:" + url);
|
|
// 是否略过
|
if (ArrayUtils.isEmpty(excludeUrls) || isExclude(httpRequest)) {
|
filterChain.doFilter(httpRequest, httpResponse);
|
return;
|
}
|
|
//是否合法
|
// if(!licenseService.isValid()) {
|
// log.debug("license invalid");
|
//// forbiddenAsLicense(httpResponse);
|
//// return;
|
//// }
|
|
if (!addClientInfo(httpRequest)) {
|
log.debug("非法请求:" + httpRequest.getRequestURI());
|
forbidden(httpResponse);
|
return;
|
}
|
filterChain.doFilter(request, response);
|
}
|
|
private void forbidden(HttpServletResponse httpResponse) {
|
try {
|
httpResponse.getWriter().append(forbidden);
|
} catch (IOException e) {
|
log.error(e,e);
|
}
|
|
}
|
|
private void forbiddenAsLicense(HttpServletResponse httpResponse) {
|
try {
|
httpResponse.getWriter().append(forbiddenOfInvalidLicense);
|
} catch (IOException e) {
|
log.error(e,e);
|
}
|
|
}
|
|
|
|
/**
|
* 绑定客户端信息
|
*
|
* @param httpRequest
|
* @param cookieKey
|
* @return
|
*/
|
private boolean addClientInfo(HttpServletRequest httpRequest) {
|
HttpSession session = httpRequest.getSession(true);
|
UserInfoWrapper wrapper = (UserInfoWrapper) session.getAttribute(UserInfoWrapper.SESSION_USER_INFO_KEY);
|
|
if (wrapper == null) {
|
return false;
|
}
|
|
//获取用户对应的sessionId是否与保存在redis中的一致,如果不一致,如果不一致则跳转到登录页面
|
//String currOnlineSessinId = (String) stringRedisTemplate.opsForHash().get(UserInfoWrapper.REDIS_USER_ONLINE_MAP_KEY, wrapper.getInfo(UserInfoWrapper.INF_USER_ID));
|
|
//如果不存在,则返回
|
// if(!session.getId().equalsIgnoreCase(currOnlineSessinId)){
|
// session.invalidate();
|
// return false;
|
// }
|
|
authorizeService.addClientInfo(wrapper);
|
return true;
|
}
|
|
/**
|
* 是否过滤掉
|
*
|
* @param httpRequest
|
* @return
|
*/
|
private boolean isExclude(HttpServletRequest httpRequest) {
|
String url = httpRequest.getRequestURI();
|
for (String excludeUrl : excludeUrls) {
|
if (url.startsWith(excludeUrl)) {
|
return true;
|
}
|
}
|
return false;
|
}
|
|
|
@Override
|
public void destroy() {
|
System.out.println("destroy authorizeFilter");
|
}
|
|
}
|
