Commit e216ecce authored by zengtianlai3's avatar zengtianlai3

公网跨域测试

parent c68f08a2
...@@ -14,9 +14,10 @@ import java.io.IOException; ...@@ -14,9 +14,10 @@ import java.io.IOException;
import java.util.Map; import java.util.Map;
@Slf4j @Slf4j
@WebFilter(filterName = "jwtFilter", urlPatterns = "/iot_license/*") @WebFilter(filterName = "jwtFilter", urlPatterns = "/*")
public class JwtFilter implements Filter { public class JwtFilter implements Filter {
private static final String url1 = "/login";
private static final String url2 = "/resource";
@Override @Override
public void init(FilterConfig filterConfig) throws ServletException { public void init(FilterConfig filterConfig) throws ServletException {
...@@ -28,28 +29,37 @@ public class JwtFilter implements Filter { ...@@ -28,28 +29,37 @@ public class JwtFilter implements Filter {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
final HttpServletRequest request = (HttpServletRequest) servletRequest; final HttpServletRequest request = (HttpServletRequest) servletRequest;
final HttpServletResponse response = (HttpServletResponse) servletResponse; final HttpServletResponse response = (HttpServletResponse) servletResponse;
response.setContentType("text/html; charset=utf-8"); response.setContentType("text/html; charset=utf-8");
//获取header里的token response.setHeader("Access-Control-Allow-Origin", "*");
String token = request.getHeader("authorization"); response.addHeader("Access-Control-Allow-Credentials", "true");
//除了 OPTIONS请求以外, 其它请求应该被JWT检查 response.addHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH");
if ("OPTIONS".equals(request.getMethod())) { if ("OPTIONS".equals(request.getMethod())) {
response.setStatus(HttpServletResponse.SC_OK); response.setStatus(HttpServletResponse.SC_OK);
}
String token = request.getHeader("authorization");
boolean check = true;
String uri = request.getRequestURI();
if (uri.contains(url1) || uri.contains(url2)) {
check = false;
}
if (!check) {
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
} else { return;
}
if (token == null) { if (token == null) {
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息不能为空")); String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息不能为空"));
response.getWriter().write(resultStr); response.getWriter().write(resultStr);
return; return;
} } else {
}
DecodedJWT jwt = JwtUtil.verifyToken(token); DecodedJWT jwt = JwtUtil.verifyToken(token);
if(jwt==null){ if (jwt == null) {
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法")); String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
response.getWriter().write(resultStr); response.getWriter().write(resultStr);
return; return;
}else{ } else {
Map<String, Claim> userData = jwt.getClaims(); Map<String, Claim> userData = jwt.getClaims();
if (userData == null) { if (userData == null) {
String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法")); String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
...@@ -62,11 +72,9 @@ public class JwtFilter implements Filter { ...@@ -62,11 +72,9 @@ public class JwtFilter implements Filter {
//拦截器 拿到用户信息,放到request中 //拦截器 拿到用户信息,放到request中
request.setAttribute("userName", userName); request.setAttribute("userName", userName);
request.setAttribute("password", password); request.setAttribute("password", password);
filterChain.doFilter(servletRequest, servletResponse); filterChain.doFilter(request, response);
}
} }
} }
@Override @Override
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment