提交修改

2025-12-24 18:23:05 +08:00 · 2023-03-23 13:01:11 +08:00
parent 6c2d474b18
commit df96fd4dc7
12 changed files with 95 additions and 294 deletions
--- a/servers/boe-server-all/src/main/java/com/xboe/system/filter/AuthenticationFilter.java
+++ b/servers/boe-server-all/src/main/java/com/xboe/system/filter/AuthenticationFilter.java
@@ -1,168 +0,0 @@
-package com.xboe.system.filter;
-
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import com.xboe.core.CurrentUser;
-import com.xboe.core.JsonResponse;
-import com.xboe.core.api.TokenProxy;
-import com.xboe.standard.BaseConstant;
-import com.xboe.system.user.entity.User;
-import com.xboe.system.user.service.IUserService;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.core.annotation.Order;
-import org.springframework.stereotype.Component;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.Map;
-
-/**
- * 认证过滤器
- */
-@Component
-@Order(100)
-public class AuthenticationFilter extends OncePerRequestFilter {
-
-//	private static String urls="/xboe";
-
-//	@Autowired(required = false)
-//	ICurrentUserStorage storage;
-//
-//	@Autowired(required = false)
-//	private IApiUrlSecurityFilter urlFilters;
-
-	@Autowired
-	IUserService userService;
-	
-//	@Autowired
-//	IAuthorizationToken authorizationToken;
-
-//	@Override
-//	public void destroy() {
-//
-//	}
-	
-	private void error(HttpServletResponse response,int code,String message) throws IOException {
-		ObjectMapper mapper = new ObjectMapper();
-		mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
-		JsonResponse<String> rr = new JsonResponse<String>();
-		rr.setStatus(code);
-		rr.setMessage(message);
-		String json = mapper.writeValueAsString(rr);
-		response.setCharacterEncoding("UTF-8");
-		response.setContentType("application/json; charset=utf-8");
-		response.getWriter().write(json);
-		response.flushBuffer();
-	}
-
-	@Override
-	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)throws ServletException, IOException {
-		String url = request.getServletPath();
-		//当前先写固定的url判断
-		//以下是针对于url规划的判断，这里简写
-		if(url.startsWith("/inner/data")  || url.startsWith("/xboe/account/captcha") || url.startsWith("/xboe/account/login") || url.startsWith("/xboe/account/boelogin") || url.startsWith("/xboe/account/mobile-login") || url.startsWith("/xboe/account/logout") || url.startsWith("/xboe/system/captcha") || url.startsWith("/xboe/system/logout") || url.startsWith("/xboe/system/login") || url.startsWith("/xboe/sys/user/sync-all")){
-			filterChain.doFilter(request, response);
-			return;
-		}
-		if(!url.startsWith("/xboe/") && !url.startsWith("/api/")){
-			filterChain.doFilter(request, response);
-		}else {
-			String token = TokenProxy.getToken(request);
-			//System.out.println("token="+token);
-			if(StringUtils.isBlank(token)){
-				error(response,401,"您还未登录，请重新登录");
-				return;
-			}
-			//检查token的格式
-			
-			Map<String, String> tokenData;
-			try {
-				//System.out.println("token");
-				//System.out.println(token);
-				tokenData = TokenProxy.instance().readToken(token);
-				if(tokenData==null) {
-					error(response,401,"您还未登录或登录已超时，请重新登录");
-					return;	
-				}
-
-				CurrentUser cuser=convertByMap(tokenData);
-
-				//先从tokenData中读取，如果没有再到存储中读取，如果都没有，就返回未登录的错误
-				//当前没有在本地做存储，所以这里不再做处理
-//				if(cuser==null) {
-//					if(storage!=null) {
-//						cuser=storage.read(request,token);
-//					}
-//				}
-				if(cuser==null) {
-					// 判断token中获取的值是否当前系统的，不是则告诉前端来获取
-					if(tokenData.containsKey("uId")) {
-						error(response,302,"token 错误");
-						return;
-					}
-					error(response,401,"请重新登录");
-					return;
-				}
-//				String levelStr=tokenData.get("alevel");
-//				if(levelStr!=null) {
-//					request.setAttribute(XaskConstant.KEY_CURRENT_API_LEVEL,Integer.valueOf(levelStr));
-//				}else {
-//					request.setAttribute(XaskConstant.KEY_CURRENT_API_LEVEL,0);
-//				}
-				request.setAttribute(BaseConstant.KEY_CURRENT_LOGIN_USER,cuser);
-			
-				filterChain.doFilter(request, response);
-			} catch (Exception e) {
-//				e.printStackTrace();
-				error(response,401,"请重新登录");
-				return;
-			}
-		}
-	}
-	
-	private CurrentUser convertByMap(Map<String, String> data) {
-		if(!data.containsKey("aid")) {
-			//修改为新的接口，通过uId获取
-			if(data.containsKey("uId")) {
-				User user = userService.get(data.get("uId"));
-				if(user != null){
-					CurrentUser cuser=new CurrentUser();
-					cuser.setAccountId(user.getId());
-					cuser.setName(user.getName());
-					cuser.setCode(user.getUserNo());
-					cuser.setDepartId(user.getDepartId());
-					return cuser;
-				}else {
-					return null;
-				}
-			}
-//			if(data.containsKey("userId")) {
-//				User user = userService.getBySysId(data.get("userId"));
-//				if(user != null){
-//					CurrentUser cuser=new CurrentUser();
-//					cuser.setAccountId(user.getId());
-//					cuser.setName(user.getName());
-//					cuser.setCode(user.getUserNo());
-//					cuser.setDepartId(user.getDepartId());
-//					return cuser;
-//				}else {
-//					return null;
-//				}
-//			}
-			return null;
-		}
-		//此处用于本地登录的情况，直接从token中获取，不需要再查询一次了
-		CurrentUser cuser=new CurrentUser();
-		cuser.setAccountId(data.get("aid"));
-		cuser.setName(data.get("name"));
-		cuser.setCode(data.get("userNo"));
-//		cuser.setOrgId(data.get("orgId"));
-		cuser.setDepartId(data.get("departId"));
-		return cuser;
-	}
-}