Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
I
ioc_sixiang_license
Project
Project
Details
Activity
Releases
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
zengtianlai3
ioc_sixiang_license
Commits
03c44fd8
Commit
03c44fd8
authored
Aug 16, 2022
by
AfirSraftGarrier
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'for-yx' of
http://120.77.240.215:9701/tianlai3/ioc_sixiang_license
into for-yx
parents
1ded2b7a
0d1e7daa
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
12 additions
and
11 deletions
+12
-11
JwtFilter.java
license/src/main/java/iot/sixiang/license/jwt/JwtFilter.java
+12
-11
No files found.
license/src/main/java/iot/sixiang/license/jwt/JwtFilter.java
View file @
03c44fd8
...
...
@@ -4,6 +4,7 @@ import com.auth0.jwt.interfaces.Claim;
import
com.auth0.jwt.interfaces.DecodedJWT
;
import
iot.sixiang.license.xss.XssUtil
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.util.StringUtils
;
import
javax.servlet.*
;
...
...
@@ -34,9 +35,9 @@ public class JwtFilter implements Filter {
public
void
doFilter
(
ServletRequest
servletRequest
,
ServletResponse
servletResponse
,
FilterChain
filterChain
)
throws
IOException
,
ServletException
{
final
HttpServletRequest
request
=
(
HttpServletRequest
)
servletRequest
;
final
HttpServletResponse
response
=
(
HttpServletResponse
)
servletResponse
;
response
.
setHeader
(
"Set-Cookie"
,
"cookiename=cookievalue; path=/; Domain=domainvaule; Max-age=seconds; HttpOnly"
);
response
.
setHeader
(
"Set-Cookie"
,
"cookiename=cookievalue; path=/; Domain=domainvaule; Max-age=seconds; HttpOnly"
);
response
.
setContentType
(
"text/html; charset=utf-8"
);
if
(
"OPTIONS"
.
equals
(
request
.
getMethod
())
||
"HEAD
"
.
equals
(
request
.
getMethod
()))
{
if
(
!
"GET"
.
equals
(
request
.
getMethod
())
&&
!
"POST
"
.
equals
(
request
.
getMethod
()))
{
response
.
setStatus
(
HttpServletResponse
.
SC_METHOD_NOT_ALLOWED
);
ServletOutputStream
outputStream
=
response
.
getOutputStream
();
outputStream
.
write
(
new
String
(
"不安全的请求"
.
getBytes
(),
StandardCharsets
.
UTF_8
).
getBytes
());
...
...
@@ -48,7 +49,7 @@ public class JwtFilter implements Filter {
boolean
check
=
true
;
String
uri
=
request
.
getRequestURI
();
if
(
uri
.
contains
(
url1
)||
uri
.
contains
(
url2
)
||
uri
.
contains
(
url3
)
||
uri
.
contains
(
url4
)
||
uri
.
contains
(
url7
)
||
uri
.
contains
(
url8
))
{
if
(
uri
.
contains
(
url1
)
||
uri
.
contains
(
url2
)
||
uri
.
contains
(
url3
)
||
uri
.
contains
(
url4
)
||
uri
.
contains
(
url7
)
||
uri
.
contains
(
url8
))
{
if
(
uri
.
contains
(
url1
))
{
uri
=
XssUtil
.
checkXSS
(
uri
);
UserUtils
.
setUri
(
uri
);
...
...
@@ -61,18 +62,18 @@ public class JwtFilter implements Filter {
}
if
(
StringUtils
.
isEmpty
(
token
))
{
request
.
setAttribute
(
"msg"
,
"认证信息不能为空"
);
request
.
getRequestDispatcher
(
"/fail"
).
forward
(
request
,
response
);
request
.
setAttribute
(
"msg"
,
"认证信息不能为空"
);
request
.
getRequestDispatcher
(
"/
iot_license/
fail"
).
forward
(
request
,
response
);
}
else
{
DecodedJWT
jwt
=
JwtUtil
.
verifyToken
(
token
);
if
(
jwt
==
null
)
{
request
.
setAttribute
(
"msg"
,
"认证信息非法"
);
request
.
getRequestDispatcher
(
"/fail"
).
forward
(
request
,
response
);
request
.
setAttribute
(
"msg"
,
"认证信息非法"
);
request
.
getRequestDispatcher
(
"/
iot_license/
fail"
).
forward
(
request
,
response
);
}
else
{
Map
<
String
,
Claim
>
userData
=
jwt
.
getClaims
();
if
(
userData
==
null
)
{
request
.
setAttribute
(
"msg"
,
"认证信息非法"
);
request
.
getRequestDispatcher
(
"/fail"
).
forward
(
request
,
response
);
request
.
setAttribute
(
"msg"
,
"认证信息非法"
);
request
.
getRequestDispatcher
(
"/
iot_license/
fail"
).
forward
(
request
,
response
);
return
;
}
String
userId
=
userData
.
get
(
"userId"
).
asString
();
...
...
@@ -88,8 +89,8 @@ public class JwtFilter implements Filter {
}
else
{
UserUtils
.
removeToken
(
userId
);
UserUtils
.
removeTokenExp
(
userId
);
request
.
setAttribute
(
"msg"
,
"token已失效"
);
request
.
getRequestDispatcher
(
"/fail"
).
forward
(
request
,
response
);
request
.
setAttribute
(
"msg"
,
"token已失效"
);
request
.
getRequestDispatcher
(
"/
iot_license/
fail"
).
forward
(
request
,
response
);
}
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment