Skip to content

X
xyqb-user2
Commit ff1a2d14 authored by 技术部-任文超's avatar 技术部-任文超
Browse files
Options

重构RequestFilter,保持原有逻辑,并纠正带状态(依赖session)接口判定范围

parent 7119b76f
Hide whitespace changes
Inline Side-by-side
Showing with 27 additions and 25 deletions
src/main/java/cn/quantgroup/xyqb/filter/RequestFilter.java
View file @ ff1a2d14
...@@ -25,10 +25,13 @@ import java.util.Objects; ...@@ -25,10 +25,13 @@ import java.util.Objects;
@Component @Component
public class RequestFilter implements Filter { public class RequestFilter implements Filter {
private static final String[] ALLOWED_PATTERNS = { /**
"/wechat/**", "/config/**", "/api/**", "/query/**", "/user_detail/**", "/hello/**", "/innerapi/**", "/app/**", "/motan/**", "/user/**", "/lock/**", * 带状态
"/auth/info/login", "/platform/api/page/return_url", "/MP_verify_AWiagUn4kZiwmTt0.txt", "/tech/health/check" */
}; private static final String[] ALLOWED_PATTERNS = {"/auth/info/login", "/platform/api/page/next"};
/**
* 带状态请求鉴权失败时的响应信息
*/
private static final String UNAUTH_RESULT = JSONObject.toJSONString(JsonResult.buildErrorStateResult("登录失败", null)); private static final String UNAUTH_RESULT = JSONObject.toJSONString(JsonResult.buildErrorStateResult("登录失败", null));
@Autowired @Autowired
private ISessionService sessionService; private ISessionService sessionService;
...@@ -42,38 +45,37 @@ public class RequestFilter implements Filter { ...@@ -42,38 +45,37 @@ public class RequestFilter implements Filter {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse; HttpServletResponse response = (HttpServletResponse) servletResponse;
String requestPath = getRequestPath(request); // 带状态接口
SessionStruct sessionStruct; if(isMatch(request)){
if (!isMatch(requestPath)) { // 需获取session信息
//获取session信息,如果没有获取到session信息则返回错误信息 SessionStruct sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis();
sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis(); if(Objects.isNull(sessionStruct)) {
if (sessionStruct == null) { /* 如果没有获取到session信息则返回错误信息 */
response.setStatus(401); response.setStatus(401);
response.setHeader("Content-Type", "application/json;charset=utf-8"); response.setHeader("Content-Type", "application/json;charset=utf-8");
PrintWriter writer = response.getWriter(); PrintWriter writer = response.getWriter();
writer.print(UNAUTH_RESULT); writer.print(UNAUTH_RESULT);
writer.close(); writer.close();
return; return;
} }else{
try { /* 延续session生命期 */
filterChain.doFilter(request, response); try {
} finally { sessionService.persistSession(sessionStruct.getSid(), sessionStruct.getValues());
sessionStruct = XyqbSessionContextHolder.getXSessionFromRedis(); } finally {
if (sessionStruct != null) { XyqbSessionContextHolder.releaseSession();
try {
sessionService.persistSession(sessionStruct.getSid(), sessionStruct.getValues());
} finally {
XyqbSessionContextHolder.releaseSession();
}
} }
} }
} else {
filterChain.doFilter(request, response);
} }
filterChain.doFilter(request, response);
} }
private boolean isMatch(String path) { /**
* 判断是否带状态请求
* @param request
* @return
*/
private boolean isMatch(HttpServletRequest request) {
String path = getRequestPath(request);
for (String pattern : ALLOWED_PATTERNS) { for (String pattern : ALLOWED_PATTERNS) {
if (matcher.match(pattern, path)) { if (matcher.match(pattern, path)) {
return true; return true;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment