import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.annotation.Resource;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Date;
import java.util.List;
import java.util.Map;
@Configuration
public class TokenFilter extends OncePerRequestFilter {
@Resource
LoginService loginService;
@Autowired
ResourceProtectedPath resourceProtectedPath;
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {
Boolean isMatch = UrlPatternUtil.matches("/wx/**", request.getServletPath());
if (!isMatch) {
chain.doFilter(request, response);
return;
}
HttpServletRequest httpRequest = (HttpServletRequest) request;
final String accessToken = getAccessToken(httpRequest);
Map token = loginService.getToken(accessToken);
if (BaseUtil.isEmpty(token)) {
ResponseDto responseDto = new ResponseDto();
responseDto.fail(1018, "无效的token=" + accessToken);
WebUtils.writeJSON(response, responseDto);
}
if (BaseUtil.isNotEmpty(token)) {
Date invalidTime = (Date) token.get("invalidTime");
Date now = DateUtil.now();
if (now.getTime() > invalidTime.getTime()) {
ResponseDto responseDto = new ResponseDto();
responseDto.fail(1015, "token已失效,请重新登录");
WebUtils.writeJSON(response, responseDto);
return;
}
}
TokenHolder.set(token);
chain.doFilter(request, response);
TokenHolder.remove();
}
public static String getAccessToken(HttpServletRequest httpRequest) {
Cookie cookie = CookieUtil.getCookie(httpRequest, "token");
if (cookie != null) {
return cookie.getValue();
}
final String authorization = httpRequest.getHeader("token");
if (authorization != null) {
return authorization.trim();
}
return httpRequest.getParameter("token");
}
}
