资源访问请求过滤

请求资源访问过滤

 

 

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115

package com.feng.config;   import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.configurationprocessor.json.JSONException; import org.springframework.boot.configurationprocessor.json.JSONObject; import org.springframework.http.HttpEntity; import org.springframework.http.HttpHeaders; import org.springframework.http.MediaType; import org.springframework.stereotype.Component; import org.springframework.util.StringUtils; import org.springframework.web.client.RestTemplate; import org.springframework.web.filter.OncePerRequestFilter; import org.springframework.web.servlet.resource.ResourceResolver;   import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.awt.*; import java.io.IOException; import java.nio.charset.Charset; import java.util.*; import java.util.function.Supplier;   /**  * @Desc：资源访问请求过滤  * @Date：2022/3/1  * @Version 1.0  */ @Slf4j @Component public class ResourceAccessFilter extends OncePerRequestFilter {       private static final MediaType MEDIA_TYPE = new MediaType("application", "json", Charset.forName("UTF-8"));     public static final String SUCCESS = "success";     public static final String CODE = "code";     public static final String LIST_BY_PARAM = "/xxx/listByParam";     public static final String SAVE = "/xxx/save";       @Value("${url}")     private String url;       /**      * 过滤逻辑      * @param request      * @param response      * @param chain      * @throws ServletException      * @throws IOException      */     @Override     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws ServletException, IOException {         logger.info("");         String requestURI = request.getRequestURI();           //只拦截指定请求路径 || 没有跳转系统编号，说明是本系统请求，不做拦截         String systemName;         if (!(LIST_BY_PARAM.equals(requestURI) || SAVE.equals(requestURI))                 || StringUtils.isEmpty(request.getParameter("systemName"))){             chain.doFilter(request, response);             return;         }           String operateUser = request.getParameter("operateUser");         String cookie = request.getHeader("Cookie");           HttpEntity httpEntity = this.constructEntity(cookie);         LinkedHashMap<String, String> retMsgMap = this.sendBreakRuleCount(httpEntity);         logger.info("httpPost return retMsgMap is :{}", retMsgMap);           if (retMsgMap == null){             response.sendError(HttpServletResponse.SC_UNAUTHORIZED, retMsgMap.get("message"));             return;         }         if (!Objects.equals(SUCCESS, retMsgMap.get(CODE))){             response.sendError(HttpServletResponse.SC_UNAUTHORIZED, retMsgMap.get("message"));             return;         }           chain.doFilter(request, response);           //此处校验会出现同一个浏览器登录多个用户， 获取到username不一致（改用的session未失效）         if (retMsgMap.containsKey("username") && Objects.equals(operateUser, retMsgMap.get("username"))){             chain.doFilter(request, response);         } else {             response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "wrong login user");         }     }       private HttpEntity<Map<String, Objects>> constructEntity(String cookie){         HttpHeaders headers = new HttpHeaders();         headers.setContentType(MEDIA_TYPE);         headers.setAccept(Collections.singletonList(MEDIA_TYPE));         headers.set("Cookie", cookie);         Map<String, Objects> paramMap = new HashMap<>();         return new HttpEntity<>(paramMap, headers);     }       private LinkedHashMap<String, String> sendBreakRuleCount(HttpEntity httpEntity){         return (LinkedHashMap<String, String>) this.getData(() -> new RestTemplate().postForObject(url, httpEntity, Msg.class));       }       public static <T> T getData(Supplier<Msg<T>> supplier){         Msg<T> t = supplier.get();         if (IErrCode.CODE_SUCCESS.equals(t.getCode())){             return t.getData();         } else {             throw new BizException(t.getCode(), t.getMessage());         }       }   }

 

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78

package com.feng.config;   import java.io.Serializable;   /**  * @Desc：  * @Date：2022/3/1  * @Version 1.0  */ public class Msg<T> implements Serializable {       private String code;     private String message = null;     private T data = null;       public static String OK = IErrCode.CODE_SUCCESS;       public Msg() {     }       public Msg(String code) {         this.code = code;     }       public Msg(String code, String message) {         this.code = code;         this.message = message;     }       public static <E> Msg<E> ok(E data){         Msg<E> msg = new Msg<>(OK);         msg.setData(data);         return msg;     }       public static <E> Msg<E> err(IErrCode code){         Msg<E> msg = new Msg<>(code.getCode());         msg.message = code.getMessage();         return msg;     }       public static <E> Msg<E> err(IErrCode code, E data){         Msg<E> msg = new Msg<>(code.getCode());         msg.message = code.getMessage();         msg.setData(data);         return msg;     }       public static <E> Msg<E> err(String code, String message){         Msg<E> msg = new Msg<>(code);         msg.message = message;         return msg;     }       public String getCode() {         return code;     }       public void setCode(String code) {         this.code = code;     }       public String getMessage() {         return message;     }       public void setMessage(String message) {         this.message = message;     }       public T getData() {         return data;     }       public void setData(T data) {         this.data = data;     } }

 

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

package com.feng.config;   /**  * @Desc：  * @Date：2022/3/1  * @Version 1.0  */ public interface IErrCode {       /**      * 成功      */     String CODE_SUCCESS = "200";     /**      * 业务异常      */     String CODE_BIZ_ERR = "400";     /**      * 系统异常      */     String CODE_SYSTEM_ERR = "500";       String getCode();     String getMessage();     }

 

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50

package com.feng.config;   /**  * @Desc：  * @Date：2022/3/1  * @Version 1.0  */ public class BizException extends RuntimeException {       private String code;     private String message;       public BizException(String message) {         this(IErrCode.CODE_BIZ_ERR, message)     }       public BizException(IErrCode iErrCode) {         this(iErrCode.getCode(), iErrCode.getMessage())     }       public BizException(String code, String message) {         this.code = code;         this.message = message;     }       @Override     public String toString() {         return "BizException{" +                 "code='" + code + '\'' +                 ", message='" + message + '\'' +                 '}';     }       public String getCode() {         return code;     }       public void setCode(String code) {         this.code = code;     }       @Override     public String getMessage() {         return message;     }       public void setMessage(String message) {         this.message = message;     } }