battery_gwm.git

New file
			@@ -0,0 +1,75 @@
			package com.whyc.filter;

			import com.whyc.constant.YamlProperties;
			import com.whyc.pojo.User;

			import javax.servlet.*;
			import javax.servlet.annotation.WebFilter;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.IOException;

			/**
			* 权限验证
			*/
			@WebFilter
			public class AccessFilter implements Filter {
			@Override
			public void init(FilterConfig filterConfig) throws ServletException {

			}

			@Override
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {

			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;

			String requestURI = request.getRequestURI();
			String servletPath = request.getServletPath();


			if(YamlProperties.profileType.equals("prod")) {
			//用户需要登录
			User user = (User) request.getSession().getAttribute("user");
			//无需登录可以调用接口放行
			if (!requestURI.contains(".") && !servletPath.equals("/") &&
			(!
			(
			//登录页面接口
			requestURI.contains("login/login")
			\|\| requestURI.contains("loginByRSA")
			//WebSocket-账号其他主机登录
			\|\| requestURI.contains("loginCheck")
			//options请求
			\|\| request.getMethod().toUpperCase().equals("OPTIONS")
			))) {
			if (user == null) {
			//越权访问
			response.setStatus(401);
			response.setContentType("text/html;charset=utf-8");
			response.getWriter().write("非法请求，身份未验证");
			return;
			}
			}
			}

			filterChain.doFilter(servletRequest, servletResponse);
			}

			private int count(String target,char charValue){
			int count = 0;
			for (char ch : target.toCharArray()){
			if(charValue == ch){
			count++;
			}
			}
			return count;
			}


			@Override
			public void destroy() {

			}
			}