Commit e216ecce authored by zengtianlai3's avatar zengtianlai3

公网跨域测试

parent c68f08a2
......@@ -14,9 +14,10 @@ import java.io.IOException;
import java.util.Map;
@Slf4j
@WebFilter(filterName = "jwtFilter", urlPatterns = "/iot_license/*")
@WebFilter(filterName = "jwtFilter", urlPatterns = "/*")
public class JwtFilter implements Filter {
private static final String url1 = "/login";
private static final String url2 = "/resource";
@Override
public void init(FilterConfig filterConfig) throws ServletException {
......@@ -28,45 +29,52 @@ public class JwtFilter implements Filter {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse;
response.setContentType("text/html; charset=utf-8");
//获取header里的token
String token = request.getHeader("authorization");
//除了 OPTIONS请求以外, 其它请求应该被JWT检查
response.setHeader("Access-Control-Allow-Origin", "*");
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH");
if ("OPTIONS".equals(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK);
}
String token = request.getHeader("authorization");
boolean check = true;
String uri = request.getRequestURI();
if (uri.contains(url1) || uri.contains(url2)) {
check = false;
}
if (!check) {
filterChain.doFilter(request, response);
} else {
if (token == null) {
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息不能为空"));
response.getWriter().write(resultStr);
return;
}
return;
}
DecodedJWT jwt = JwtUtil.verifyToken(token);
if(jwt==null){
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
if (token == null) {
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息不能为空"));
response.getWriter().write(resultStr);
return;
}else{
Map<String, Claim> userData = jwt.getClaims();
if (userData == null) {
} else {
DecodedJWT jwt = JwtUtil.verifyToken(token);
if (jwt == null) {
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
response.getWriter().write(resultStr);
return;
} else {
Map<String, Claim> userData = jwt.getClaims();
if (userData == null) {
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
response.getWriter().write(resultStr);
return;
}
String userName = userData.get("userName").asString();
String password = userData.get("password").asString();
//拦截器 拿到用户信息,放到request中
request.setAttribute("userName", userName);
request.setAttribute("password", password);
filterChain.doFilter(request, response);
}
String userName = userData.get("userName").asString();
String password = userData.get("password").asString();
//拦截器 拿到用户信息,放到request中
request.setAttribute("userName", userName);
request.setAttribute("password", password);
filterChain.doFilter(servletRequest, servletResponse);
}
}
@Override
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment