|
@@ -1,5 +1,6 @@
|
|
|
package com.koobietech.eas.security.filter;
|
|
package com.koobietech.eas.security.filter;
|
|
|
|
|
|
|
|
|
|
+import com.koobietech.eas.common.exception.EasException;
|
|
|
import com.koobietech.eas.common.pojo.JwtUserDto;
|
|
import com.koobietech.eas.common.pojo.JwtUserDto;
|
|
|
import com.koobietech.eas.common.utils.JwtManager;
|
|
import com.koobietech.eas.common.utils.JwtManager;
|
|
|
import com.koobietech.eas.dao.adminLoginPojo.Permission;
|
|
import com.koobietech.eas.dao.adminLoginPojo.Permission;
|
|
@@ -40,34 +41,40 @@ public class EasSecurityFilter extends OncePerRequestFilter {
|
|
|
//判断token是否存在
|
|
//判断token是否存在
|
|
|
if (StringUtils.hasText(token)) {
|
|
if (StringUtils.hasText(token)) {
|
|
|
//解析token成JwtUserDto
|
|
//解析token成JwtUserDto
|
|
|
- JwtUserDto jwtUserDto = jwtManager.decodeJwt(token);
|
|
|
|
|
- //判断token是否有效
|
|
|
|
|
- UserDetail userDetail = loginRedisService.checkToken(jwtUserDto);
|
|
|
|
|
|
|
+ JwtUserDto jwtUserDto = null;
|
|
|
|
|
+ try {
|
|
|
|
|
+ //过滤器 允许 Token 不正确, 后面Security 会拦截处理
|
|
|
|
|
+ jwtUserDto = jwtManager.decodeJwt(token);
|
|
|
|
|
+ } catch ( EasException e) {}
|
|
|
|
|
+ if ( Objects.nonNull(jwtUserDto) ) {
|
|
|
|
|
+ //判断token是否有效
|
|
|
|
|
+ UserDetail userDetail = loginRedisService.checkToken(jwtUserDto);
|
|
|
|
|
|
|
|
- // 获取当前的 SecurityContext 对象,用于保存当前用户的安全上下文信息
|
|
|
|
|
- SecurityContext context = SecurityContextHolder.getContext();
|
|
|
|
|
|
|
+ // 获取当前的 SecurityContext 对象,用于保存当前用户的安全上下文信息
|
|
|
|
|
+ SecurityContext context = SecurityContextHolder.getContext();
|
|
|
|
|
|
|
|
- if (Objects.nonNull(userDetail)) {
|
|
|
|
|
- // 如果获取到了有效的用户对象
|
|
|
|
|
|
|
+ if (Objects.nonNull(userDetail)) {
|
|
|
|
|
+ // 如果获取到了有效的用户对象
|
|
|
|
|
|
|
|
- // 获取用户的权限列表
|
|
|
|
|
- List<Permission> permission = userDetail.getPermissions();
|
|
|
|
|
|
|
+ // 获取用户的权限列表
|
|
|
|
|
+ List<Permission> permission = userDetail.getPermissions();
|
|
|
|
|
|
|
|
- // 创建一个 ArrayList 集合,用于存储用户权限对应的 SimpleGrantedAuthority 权限对象
|
|
|
|
|
- ArrayList<SimpleGrantedAuthority> objects = new ArrayList<>();
|
|
|
|
|
|
|
+ // 创建一个 ArrayList 集合,用于存储用户权限对应的 SimpleGrantedAuthority 权限对象
|
|
|
|
|
+ ArrayList<SimpleGrantedAuthority> objects = new ArrayList<>();
|
|
|
|
|
|
|
|
- // 遍历用户的权限列表
|
|
|
|
|
- for (Permission adminPermission : permission) {
|
|
|
|
|
- // 创建一个 SimpleGrantedAuthority 权限对象,并添加到集合中
|
|
|
|
|
- SimpleGrantedAuthority authority = new SimpleGrantedAuthority(adminPermission.getDescription());
|
|
|
|
|
- objects.add(authority);
|
|
|
|
|
- }
|
|
|
|
|
|
|
+ // 遍历用户的权限列表
|
|
|
|
|
+ for (Permission adminPermission : permission) {
|
|
|
|
|
+ // 创建一个 SimpleGrantedAuthority 权限对象,并添加到集合中
|
|
|
|
|
+ SimpleGrantedAuthority authority = new SimpleGrantedAuthority(adminPermission.getDescription());
|
|
|
|
|
+ objects.add(authority);
|
|
|
|
|
+ }
|
|
|
|
|
|
|
|
- // 使用用户的用户名、空凭证参数和权限对象集合创建一个 UsernamePasswordAuthenticationToken 身份验证令牌
|
|
|
|
|
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userDetail.getUsername(), null, objects);
|
|
|
|
|
|
|
+ // 使用用户的用户名、空凭证参数和权限对象集合创建一个 UsernamePasswordAuthenticationToken 身份验证令牌
|
|
|
|
|
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(userDetail.getUsername(), null, objects);
|
|
|
|
|
|
|
|
- // 将身份验证令牌设置到当前的 SecurityContext 中
|
|
|
|
|
- context.setAuthentication(authenticationToken);
|
|
|
|
|
|
|
+ // 将身份验证令牌设置到当前的 SecurityContext 中
|
|
|
|
|
+ context.setAuthentication(authenticationToken);
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
filterChain.doFilter(request, response);
|
|
filterChain.doFilter(request, response);
|
