随笔- 78 文章- 0 评论- 1 阅读- 13200

JwtAuthenticationTokenFilter

1.com.oep.backend.serviceImpl.utils.UserDetailsImpl2024-02-09 2.com.oep.backend.serviceImpl.UserDetailsServiceImpl2024-02-09 3.src.backend.utils.JwtUtil2024-02-09

4.JwtAuthenticationTokenFilter2024-02-12

 package com.oep.backend.config.filter;
 
//  实现config.filter.JwtAuthenticationTokenFilter类，用来验证jwt token，如果验证成功，则将User信息注入上下文中
 
import com.oep.backend.mapper.AccountMapper;
import com.oep.backend.pojo.Account;
import com.oep.backend.serviceImpl.utils.UserDetailsImpl;
import com.oep.backend.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import org.jetbrains.annotations.NotNull;  //  没有这个包的话要自己去导入
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.filter.OncePerRequestFilter;
 
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
 
@Component
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
    @Autowired
    private AccountMapper userMapper;
 
    @Override
    protected void doFilterInternal(HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain) throws ServletException, IOException {
        String token = request.getHeader("Authorization");
 
        if (!StringUtils.hasText(token) || !token.startsWith("Bearer ")) {
            filterChain.doFilter(request, response);
            return;
        }
 
        token = token.substring(7);
 
        String userid;
        try {
            Claims claims = JwtUtil.parseJWT(token);
            userid = claims.getSubject();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
 
        Account account = userMapper.selectById(Integer.parseInt(userid));
 
        if (account == null) {
            throw new RuntimeException("用户名未登录");
        }
 
        UserDetailsImpl loginUser = new UserDetailsImpl(account);
        UsernamePasswordAuthenticationToken authenticationToken =
                new UsernamePasswordAuthenticationToken(loginUser, null, null);
 
        SecurityContextHolder.getContext().setAuthentication(authenticationToken);
 
        filterChain.doFilter(request, response);
    }
}

posted @ 2024-02-12 21:45 徐徐丶阅读(319) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

相关博文：

· SecurityConfiguration

· AuthGlobalFilter

· 10. Spring security

· SpringSecurity使用JWT

· SpringBoot集成Jwt（详细步骤+图解）

阅读排行：
· 震惊！C++程序真的从main开始吗？99%的程序员都答错了
· 别再用vector＜bool＞了！Google高级工程师：这可能是STL最大的设计失误
· 单元测试从入门到精通
· 【硬核科普】Trae如何「偷看」你的代码？零基础破解AI编程运行原理
· 上周热点回顾（3.3-3.9）

公告

昵称：徐徐丶
园龄： 1年2个月
粉丝： 0
关注： 0

+加关注

2025年3月

日

一

二

三

四

五

六

合集

随笔档案

阅读排行榜

评论排行榜

1. 关于post、get、put、delete的区别(1)

twinkler

JwtAuthenticationTokenFilter

公告

搜索

常用链接

合集

随笔档案

阅读排行榜

评论排行榜

最新评论

	package com.oep.backend.config.filter;

	// 实现config.filter.JwtAuthenticationTokenFilter类，用来验证jwt token，如果验证成功，则将User信息注入上下文中

	import com.oep.backend.mapper.AccountMapper;
	import com.oep.backend.pojo.Account;
	import com.oep.backend.serviceImpl.utils.UserDetailsImpl;
	import com.oep.backend.utils.JwtUtil;
	import io.jsonwebtoken.Claims;
	import org.jetbrains.annotations.NotNull; // 没有这个包的话要自己去导入
	import org.springframework.beans.factory.annotation.Autowired;
	import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
	import org.springframework.security.core.context.SecurityContextHolder;
	import org.springframework.stereotype.Component;
	import org.springframework.util.StringUtils;
	import org.springframework.web.filter.OncePerRequestFilter;

	import javax.servlet.FilterChain;
	import javax.servlet.ServletException;
	import javax.servlet.http.HttpServletRequest;
	import javax.servlet.http.HttpServletResponse;
	import java.io.IOException;

	@Component
	public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
	@Autowired
	private AccountMapper userMapper;

	@Override
	protected void doFilterInternal(HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain) throws ServletException, IOException {
	String token = request.getHeader("Authorization");

	if (!StringUtils.hasText(token) \|\| !token.startsWith("Bearer ")) {
	filterChain.doFilter(request, response);
	return;
	}

	token = token.substring(7);

	String userid;
	try {
	Claims claims = JwtUtil.parseJWT(token);
	userid = claims.getSubject();
	} catch (Exception e) {
	throw new RuntimeException(e);
	}

	Account account = userMapper.selectById(Integer.parseInt(userid));

	if (account == null) {
	throw new RuntimeException("用户名未登录");
	}

	UserDetailsImpl loginUser = new UserDetailsImpl(account);
	UsernamePasswordAuthenticationToken authenticationToken =
	new UsernamePasswordAuthenticationToken(loginUser, null, null);

	SecurityContextHolder.getContext().setAuthentication(authenticationToken);

	filterChain.doFilter(request, response);
	}
	}