重构RequestFilter，保持原有逻辑，并纠正带状态（依赖session）接口判定范围

ff1a2d14 · 技术部-任文超 · 7119b76f · ff1a2d14
Commit ff1a2d14 authored May 10, 2018 by 技术部-任文超
Hide whitespace changes
Inline Side-by-side

Showing with 27 additions and 25 deletions

RequestFilter.java src/main/java/cn/quantgroup/xyqb/filter/RequestFilter.java +27 -25

No files found.
--- a/src/main/java/cn/quantgroup/xyqb/filter/RequestFilter.java
+++ b/src/main/java/cn/quantgroup/xyqb/filter/RequestFilter.java
@@ -25,10 +25,13 @@ import java.util.Objects;
 @Component
 public class RequestFilter implements Filter {

-  private static final String[] ALLOWED_PATTERNS = {
-      "/wechat/**", "/config/**", "/api/**", "/query/**", "/user_detail/**", "/hello/**", "/innerapi/**", "/app/**", "/motan/**", "/user/**", "/lock/**",
-      "/auth/info/login", "/platform/api/page/return_url", "/MP_verify_AWiagUn4kZiwmTt0.txt", "/tech/health/check"
-  };
+  /**
+   * 带状态
+   */
+  private static final String[] ALLOWED_PATTERNS = {"/auth/info/login", "/platform/api/page/next"};
+  /**
+   * 带状态请求鉴权失败时的响应信息
+   */
  private static final String UNAUTH_RESULT = JSONObject.toJSONString(JsonResult.buildErrorStateResult("登录失败", null));
  @Autowired
  private ISessionService sessionService;
@@ -42,38 +45,37 @@ public class RequestFilter implements Filter {
  public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;
-    String requestPath = getRequestPath(request);
-    SessionStruct sessionStruct;
-    if (!isMatch(requestPath)) {
-      //获取session信息,如果没有获取到session信息则返回错误信息
-      sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis();
-      if (sessionStruct == null) {
+    // 带状态接口
+    if(isMatch(request)){
+      // 需获取session信息
+      SessionStruct sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis();
+      if(Objects.isNull(sessionStruct)) {
+        /* 如果没有获取到session信息则返回错误信息 */
        response.setStatus(401);
        response.setHeader("Content-Type", "application/json;charset=utf-8");
        PrintWriter writer = response.getWriter();
        writer.print(UNAUTH_RESULT);
        writer.close();
        return;
-      }
-      try {
-        filterChain.doFilter(request, response);
-      } finally {
-        sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis();
-        if (sessionStruct != null) {
-          try {
-            sessionService.persistSession(sessionStruct.getSid(), sessionStruct.getValues());
-          } finally {
-            XyqbSessionContextHolder.releaseSession();
-          }
+      }else{
+        /* 延续session生命期 */
+        try {
+          sessionService.persistSession(sessionStruct.getSid(), sessionStruct.getValues());
+        } finally {
+          XyqbSessionContextHolder.releaseSession();
        }
      }
-    } else {
-      filterChain.doFilter(request, response);
    }
-
+    filterChain.doFilter(request, response);
  }

-  private boolean isMatch(String path) {
+  /**
+   * 判断是否带状态请求
+   * @param request
+   * @return
+   */
+  private boolean isMatch(HttpServletRequest request) {
+    String path = getRequestPath(request);
    for (String pattern : ALLOWED_PATTERNS) {
      if (matcher.match(pattern, path)) {
        return true;