You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
67 lines
2.8 KiB
67 lines
2.8 KiB
package com.stone.conf.filter;
|
|
|
|
import cn.hutool.core.util.StrUtil;
|
|
import com.alibaba.fastjson.JSONObject;
|
|
import com.stone.api.enums.ResultCode;
|
|
import com.stone.conf.redis.RedisHelper;
|
|
import org.apache.shiro.SecurityUtils;
|
|
import org.apache.shiro.subject.Subject;
|
|
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
|
|
import org.apache.shiro.web.util.WebUtils;
|
|
import org.springframework.boot.web.servlet.FilterRegistrationBean;
|
|
import org.springframework.context.annotation.Bean;
|
|
|
|
import javax.servlet.ServletRequest;
|
|
import javax.servlet.ServletResponse;
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import javax.servlet.http.HttpServletResponse;
|
|
import java.io.PrintWriter;
|
|
|
|
/**
|
|
* 对没有登录的请求进行拦截, 全部返回json信息.
|
|
* 覆盖掉shiro原本的跳转login.jsp的拦截方式
|
|
*/
|
|
public class AjaxPermissionsAuthorizationFilter extends FormAuthenticationFilter {
|
|
|
|
@Override
|
|
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) {
|
|
if ("OPTIONS".equals(WebUtils.toHttp(request).getMethod())) {
|
|
return true;
|
|
}
|
|
String token = WebUtils.toHttp(request).getHeader("Authorization");
|
|
if (StrUtil.isEmpty(token) || (StrUtil.isNotEmpty(token) && !RedisHelper.exists(token))) {
|
|
JSONObject jsonObject = new JSONObject();
|
|
jsonObject.put("returnCode", 20011);
|
|
jsonObject.put("returnMsg", "用户未登录");
|
|
PrintWriter out = null;
|
|
HttpServletResponse res = (HttpServletResponse) response;
|
|
// 接下来的几句话是个坑,一定要加上,跨域访问才可以正常退出。
|
|
res.setHeader("Access-Control-Allow-Origin", ((HttpServletRequest) request).getHeader("Origin"));
|
|
res.setHeader("Access-Control-Allow-Headers", "Content-Type, Authorization");
|
|
res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
|
|
res.setHeader("Access-Control-Allow-Credentials", "true");
|
|
try {
|
|
res.setCharacterEncoding("UTF-8");
|
|
res.setContentType("application/json");
|
|
out = response.getWriter();
|
|
out.println(jsonObject);
|
|
} catch (Exception ignored) {
|
|
} finally {
|
|
if (out != null) {
|
|
out.flush();
|
|
out.close();
|
|
}
|
|
}
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
@Bean
|
|
public FilterRegistrationBean<AjaxPermissionsAuthorizationFilter> registration(AjaxPermissionsAuthorizationFilter filter) {
|
|
FilterRegistrationBean<AjaxPermissionsAuthorizationFilter> registration = new FilterRegistrationBean<>(filter);
|
|
registration.setEnabled(false);
|
|
return registration;
|
|
}
|
|
|
|
}
|
|
|