shiro 集成 JWT 自动获取token对应的用户信息
import java.io.IOException; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.SimplePrincipalCollection; import org.apache.shiro.util.ThreadContext; import org.apache.shiro.web.subject.WebSubject; import org.apache.shiro.web.subject.WebSubject.Builder; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.filter.OncePerRequestFilter; import net.shopxx.entity.User; import net.shopxx.service.UserService; /** * 过滤请求头部信息,如果有,就自动登录 * http://blog.csdn.net/qi923701/article/details/75007813 * @author wutao * @date 2017年11月11日 下午3:09:51 */ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { private static final Logger logger = LoggerFactory.getLogger(JwtAuthenticationTokenFilter.class); @Autowired private UserService userService; @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException { String tokenHeader = request.getHeader(JwtTokenUtil.AUTH_TOKEN);//从头部获取JWT字符串信息 if(logger.isDebugEnabled()) { logger.debug("=========>tokenHeader {}", tokenHeader); } if(StringUtils.isNotBlank(tokenHeader)) { Long userId = JwtTokenUtil.getUserIdFromToken(tokenHeader);//解码JWT,获得userid if(userId!=null) { if (logger.isDebugEnabled()) { logger.debug("getUserIdFromToken userId {}", userId); } User auser=userService.find(userId);//根据userID获取用户信息 if(auser!=null) { PrincipalCollection principals = new SimplePrincipalCollection(auser, "authorizingRealm");//拼装shiro用户信息 Builder builder = new WebSubject.Builder(request, response); builder.principals(principals); builder.authenticated(true); WebSubject subject = builder.buildWebSubject(); ThreadContext.bind(subject);//塞入容器,统一调用 } } } chain.doFilter(request, response); } }
public @ResponseBody Map<String ,Object> complete(@CurrentUser User auser){ if(auser==null) { logger.debug("=======auser==null======"); return null; } Long userId=auser.getId(); logger.debug("======userId {}=====",userId); }