公网跨域测试

e216ecce · zengtianlai3 · c68f08a2 · e216ecce
Commit e216ecce authored Jun 11, 2022 by zengtianlai3
Show whitespace changes
Inline Side-by-side

Showing with 36 additions and 28 deletions

JwtFilter.java license/src/main/java/iot/sixiang/license/jwt/JwtFilter.java +36 -28

No files found.
--- a/license/src/main/java/iot/sixiang/license/jwt/JwtFilter.java
+++ b/license/src/main/java/iot/sixiang/license/jwt/JwtFilter.java
@@ -14,9 +14,10 @@ import java.io.IOException;
 import java.util.Map;
 @Slf4j
-@WebFilter(filterName = "jwtFilter", urlPatterns = "/iot_license/*")
+@WebFilter(filterName = "jwtFilter", urlPatterns = "/*")
 public class JwtFilter implements Filter {
+    private static final String url1 = "/login";
+    private static final String url2 = "/resource";
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
@@ -28,28 +29,37 @@ public class JwtFilter implements Filter {
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        final HttpServletRequest request = (HttpServletRequest) servletRequest;
        final HttpServletResponse response = (HttpServletResponse) servletResponse;
        response.setContentType("text/html; charset=utf-8");
-        //获取header里的token
+        response.setHeader("Access-Control-Allow-Origin", "*");
-        String token = request.getHeader("authorization");
+        response.addHeader("Access-Control-Allow-Credentials", "true");
-        //除了 OPTIONS请求以外, 其它请求应该被JWT检查
+        response.addHeader("Access-Control-Allow-Methods", "GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH");
        if ("OPTIONS".equals(request.getMethod())) {
            response.setStatus(HttpServletResponse.SC_OK);
+        }
+        String token = request.getHeader("authorization");
+        boolean check = true;
+        String uri = request.getRequestURI();
+        if (uri.contains(url1) || uri.contains(url2)) {
+            check = false;
+        }
+        if (!check) {
            filterChain.doFilter(request, response);
-        } else {
+            return;
+        }
        if (token == null) {
            String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息不能为空"));
            response.getWriter().write(resultStr);
            return;
-            }
+        } else {
-        }
            DecodedJWT jwt = JwtUtil.verifyToken(token);
-        if(jwt==null){
+            if (jwt == null) {
                String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
                response.getWriter().write(resultStr);
                return;
-        }else{
+            } else {
                Map<String, Claim> userData = jwt.getClaims();
                if (userData == null) {
                    String resultStr = JSON.toJSONString(ResResult.fail().msg("认证信息非法"));
@@ -62,11 +72,9 @@ public class JwtFilter implements Filter {
                //拦截器 拿到用户信息，放到request中
                request.setAttribute("userName", userName);
                request.setAttribute("password", password);
-            filterChain.doFilter(servletRequest, servletResponse);
+                filterChain.doFilter(request, response);
+            }
        }
    }
    @Override