|
|
@ -2,11 +2,12 @@ |
|
|
package com.epmet.filter; |
|
|
package com.epmet.filter; |
|
|
|
|
|
|
|
|
import com.alibaba.fastjson.JSON; |
|
|
import com.alibaba.fastjson.JSON; |
|
|
|
|
|
import com.epmet.common.token.enums.ErrorCode; |
|
|
import com.epmet.commons.tools.constant.Constant; |
|
|
import com.epmet.commons.tools.constant.Constant; |
|
|
import com.epmet.commons.tools.exception.ErrorCode; |
|
|
|
|
|
import com.epmet.commons.tools.exception.RenException; |
|
|
import com.epmet.commons.tools.exception.RenException; |
|
|
import com.epmet.commons.tools.security.dto.TokenDto; |
|
|
import com.epmet.commons.tools.security.dto.TokenDto; |
|
|
import com.epmet.commons.tools.utils.CpUserDetailRedis; |
|
|
import com.epmet.commons.tools.utils.CpUserDetailRedis; |
|
|
|
|
|
import com.epmet.commons.tools.utils.Result; |
|
|
import com.epmet.jwt.JwtTokenUtils; |
|
|
import com.epmet.jwt.JwtTokenUtils; |
|
|
import io.jsonwebtoken.Claims; |
|
|
import io.jsonwebtoken.Claims; |
|
|
import org.apache.commons.lang3.StringUtils; |
|
|
import org.apache.commons.lang3.StringUtils; |
|
|
@ -68,7 +69,7 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA |
|
|
String requestUri = request.getPath().pathWithinApplication().value(); |
|
|
String requestUri = request.getPath().pathWithinApplication().value(); |
|
|
|
|
|
|
|
|
//请求放行,无需验证权限
|
|
|
//请求放行,无需验证权限
|
|
|
if (!pathMatcher(requestUri)) { |
|
|
if (pathMatcher(requestUri)) { |
|
|
return chain.filter(exchange); |
|
|
return chain.filter(exchange); |
|
|
} |
|
|
} |
|
|
logger.info("CpAuthGatewayFilterFactory当前requestUri=[" + requestUri + "]CpAuthGatewayFilterFactory拦截成功"); |
|
|
logger.info("CpAuthGatewayFilterFactory当前requestUri=[" + requestUri + "]CpAuthGatewayFilterFactory拦截成功"); |
|
|
@ -85,16 +86,23 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA |
|
|
logger.info("params token:" + token); |
|
|
logger.info("params token:" + token); |
|
|
} |
|
|
} |
|
|
if (StringUtils.isBlank(token)) { |
|
|
if (StringUtils.isBlank(token)) { |
|
|
return chain.filter(exchange); |
|
|
//return chain.filter(exchange);
|
|
|
|
|
|
//throw new RenException(com.epmet.common.token.enums.ErrorCode.ERR10005.getCode(), com.epmet.common.token.enums.ErrorCode.ERR10005.getMsg());
|
|
|
|
|
|
return response(exchange,new Result<>().error(ErrorCode.ERR10005.getCode(),ErrorCode.ERR10005.getMsg())); |
|
|
} |
|
|
} |
|
|
TokenDto user = this.getLoginUserInfo(token); |
|
|
try { |
|
|
//当前登录用户userId,添加到header中
|
|
|
//当前登录用户userId,添加到header中
|
|
|
if (user != null) { |
|
|
TokenDto user = this.getLoginUserInfo(token); |
|
|
String redisKey = user.getApp() + "-" + user.getClient() + "-" + user.getUserId(); |
|
|
if (user != null) { |
|
|
logger.info("redisKey=" + redisKey); |
|
|
String redisKey = user.getApp() + "-" + user.getClient() + "-" + user.getUserId(); |
|
|
ServerHttpRequest build = exchange.getRequest().mutate().header(Constant.APP_USER_KEY, redisKey).build(); |
|
|
logger.info("redisKey=" + redisKey); |
|
|
return chain.filter(exchange.mutate().request(build).build()); |
|
|
ServerHttpRequest build = exchange.getRequest().mutate().header(Constant.APP_USER_KEY, redisKey).build(); |
|
|
|
|
|
return chain.filter(exchange.mutate().request(build).build()); |
|
|
|
|
|
} |
|
|
|
|
|
}catch(RenException e){ |
|
|
|
|
|
return response(exchange,new Result<>().error(e.getCode(),e.getMsg())); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
return chain.filter(exchange); |
|
|
return chain.filter(exchange); |
|
|
}; |
|
|
}; |
|
|
} |
|
|
} |
|
|
@ -103,7 +111,7 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA |
|
|
//是否过期
|
|
|
//是否过期
|
|
|
Claims claims = jwtTokenUtils.getClaimByToken(token); |
|
|
Claims claims = jwtTokenUtils.getClaimByToken(token); |
|
|
if (claims == null || jwtTokenUtils.isTokenExpired(claims.getExpiration())) { |
|
|
if (claims == null || jwtTokenUtils.isTokenExpired(claims.getExpiration())) { |
|
|
throw new RenException(ErrorCode.UNAUTHORIZED); |
|
|
throw new RenException(ErrorCode.ERR401.getCode(),ErrorCode.ERR401.getMsg()); |
|
|
} |
|
|
} |
|
|
//获取用户ID
|
|
|
//获取用户ID
|
|
|
String app = (String) claims.get("app"); |
|
|
String app = (String) claims.get("app"); |
|
|
@ -112,11 +120,22 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA |
|
|
//查询Redis,如果没数据,则保持用户信息到Redis
|
|
|
//查询Redis,如果没数据,则保持用户信息到Redis
|
|
|
TokenDto tokenDto = cpUserDetailRedis.get(app, client, userId); |
|
|
TokenDto tokenDto = cpUserDetailRedis.get(app, client, userId); |
|
|
if (null == tokenDto) { |
|
|
if (null == tokenDto) { |
|
|
throw new RenException(ErrorCode.REGION_SUB_DELETE_ERROR, Constant.TOKEN_HEADER); |
|
|
//说明登录状态时效(超时)
|
|
|
|
|
|
throw new RenException(ErrorCode.ERR10006.getCode(),ErrorCode.ERR10006.getMsg()); |
|
|
|
|
|
}else{ |
|
|
|
|
|
//Redis中存在数据,取出token,进行比对
|
|
|
|
|
|
if(StringUtils.equals(tokenDto.getToken(),token)){ |
|
|
|
|
|
//用户携带token与Redis中一致
|
|
|
|
|
|
|
|
|
|
|
|
}else{ |
|
|
|
|
|
//用户携带token与Redis中不一致,说明当前用户此次会话失效,提示重新登陆
|
|
|
|
|
|
throw new RenException(ErrorCode.ERR10007.getCode(),ErrorCode.ERR10007.getMsg()); |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|
//过期时间
|
|
|
//过期时间,不延期
|
|
|
long expire = (claims.getExpiration().getTime() - System.currentTimeMillis()) / 1000; |
|
|
//long expire = (claims.getExpiration().getTime() - System.currentTimeMillis()) / 1000;
|
|
|
cpUserDetailRedis.set(tokenDto, expire); |
|
|
//cpUserDetailRedis.set(tokenDto, expire);
|
|
|
return tokenDto; |
|
|
return tokenDto; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
wangchao
6 years ago