绿满筐商城java服务
blame | 历史 | 原始文档
zhanghua
2025-06-11 2ca169c85f61256fb5185c078dba1bfef2be5066 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

package cn.lili.security;


 


import cn.hutool.core.util.StrUtil;


import cn.lili.cache.Cache;


import cn.lili.cache.CachePrefix;


import cn.lili.common.security.AuthUser;


import cn.lili.common.security.enums.SecurityEnum;


import cn.lili.common.security.enums.UserEnums;


import cn.lili.common.security.token.SecretKeyUtil;


import cn.lili.common.utils.ResponseUtil;


import com.google.gson.Gson;


import io.jsonwebtoken.Claims;


import io.jsonwebtoken.ExpiredJwtException;


import io.jsonwebtoken.Jwts;


import lombok.extern.slf4j.Slf4j;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.security.authentication.AuthenticationManager;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.GrantedAuthority;


import org.springframework.security.core.authority.SimpleGrantedAuthority;


import org.springframework.security.core.context.SecurityContextHolder;


import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;


 


import javax.servlet.FilterChain;


import javax.servlet.ServletException;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.io.IOException;


import java.util.ArrayList;


import java.util.List;


 


 


/**


 * 认证结果过滤器


 *


 * @author Chopper


 * @version v4.1


 * @since 2020/11/17 3:37 下午


 * @since


 */


@Slf4j


public class BuyerAuthenticationFilter extends BasicAuthenticationFilter {


 


 


    /**


     * 缓存


     */


    @Autowired


    private Cache cache;


 


    /**


     * 自定义构造器


     *


     * @param authenticationManager


     * @param cache


     */


    public BuyerAuthenticationFilter(AuthenticationManager authenticationManager,


                                     Cache cache) {


        super(authenticationManager);


        this.cache = cache;


    }


 


    @Override


    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {


 


        //从header中获取jwt


        String jwt = request.getHeader(SecurityEnum.HEADER_TOKEN.getValue());


        try {


            //如果没有token 则return


            if (StrUtil.isBlank(jwt)) {


                chain.doFilter(request, response);


                return;


            }


            //获取用户信息,存入context


            UsernamePasswordAuthenticationToken authentication = getAuthentication(jwt, response);


            SecurityContextHolder.getContext().setAuthentication(authentication);


        } catch (Exception e) {


            log.error("BuyerAuthenticationFilter-> member authentication exception:", e);


        }


        chain.doFilter(request, response);


    }


 


    /**


     * 解析用户


     *


     * @param jwt


     * @param response


     * @return


     */


    private UsernamePasswordAuthenticationToken getAuthentication(String jwt, HttpServletResponse response) {


 


        try {


            Claims claims


                    = Jwts.parser()


                    .setSigningKey(SecretKeyUtil.generalKeyByDecoders())


                    .parseClaimsJws(jwt).getBody();


            //获取存储在claims中的用户信息


            String json = claims.get(SecurityEnum.USER_CONTEXT.getValue()).toString();


            AuthUser authUser = new Gson().fromJson(json, AuthUser.class);


 


            //校验redis中是否有权限


            if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER, authUser.getId()) + jwt) ||


                    cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)) {


                //构造返回信息


                List<GrantedAuthority> auths = new ArrayList<>();


                auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name()));


                UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(authUser.getUsername(), null, auths);


                authentication.setDetails(authUser);


                return authentication;


            }


            ResponseUtil.output(response, 403, ResponseUtil.resultMap(false, 403, "登录已失效,请重新登录"));


            return null;


        } catch (ExpiredJwtException e) {


            log.debug("user analysis exception:", e);


        } catch (Exception e) {


            log.error("user analysis exception:", e);


        }


        return null;


    }


 


}