package com.whyc.filter;
|
|
import com.google.gson.Gson;
|
import com.google.gson.JsonObject;
|
import com.whyc.constant.SuperConstant;
|
import com.whyc.dto.Response;
|
import com.whyc.manager.JWTManager;
|
import lombok.extern.slf4j.Slf4j;
|
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
|
import org.apache.shiro.web.util.WebUtils;
|
import org.json.JSONObject;
|
import org.springframework.util.StringUtils;
|
|
import javax.servlet.ServletRequest;
|
import javax.servlet.ServletResponse;
|
|
/**
|
* 登录验证过滤器
|
*/
|
@Slf4j
|
public class JwtAuthcFilter extends FormAuthenticationFilter {
|
private JWTManager jwtManager;
|
|
public JwtAuthcFilter(JWTManager jwtManager) {
|
this.jwtManager = jwtManager;
|
}
|
|
@Override
|
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
|
log.debug("是否允许访问 方法执行了");
|
String jwt = WebUtils.toHttp(request).getHeader(SuperConstant.AUTHORIZATION);
|
if(!StringUtils.isEmpty(jwt)) {
|
boolean verifyToken = jwtManager.verifyToken(jwt,request);
|
if (verifyToken) {
|
return super.isAccessAllowed(request, response, mappedValue);
|
} else {
|
return false;
|
}
|
}
|
//不存在则走原始校验
|
return super.isAccessAllowed(request, response, mappedValue);
|
}
|
|
/**
|
* 访问拒绝时调用
|
* @param request
|
* @param response
|
* @return
|
* @throws Exception
|
*/
|
@Override
|
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
|
log.debug("访问被拒绝了");
|
String jwt = WebUtils.toHttp(request).getHeader(SuperConstant.AUTHORIZATION);
|
if(!StringUtils.isEmpty(jwt)){
|
Response myResponse = new Response().set(1,"未登录或者登录超时");
|
response.setCharacterEncoding("UTF-8");
|
response.setContentType("application/json;charset=utf-8");
|
Gson gson = new Gson();
|
response.getWriter().write(gson.toJson(myResponse));
|
return false;
|
}
|
return super.onAccessDenied(request, response);
|
}
|
}
|
