登录参数校验
This commit is contained in:
@@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext;
|
||||
//import com.sdm.approve.service.UserService;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -25,14 +26,14 @@ public class AuthFilter implements Filter {
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
if (servletRequest instanceof HttpServletRequest) {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber");
|
||||
ThreadLocalContext.getCommonHeader().setJobNumber(jobNumber);
|
||||
ThreadLocalContext.getCommonHeader().setCompany(req.getHeader("company"));
|
||||
ThreadLocalContext.getCommonHeader().setSessionId(req.getHeader("sessionId"));
|
||||
// User user = userService.getUserByIdCode(idCode);
|
||||
// if (user != null) {
|
||||
// ThreadLocalContext.setUserContext(new UserContext(user));
|
||||
// }
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext;
|
||||
//import com.sdm.ability.service.UserService;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -26,14 +27,15 @@ public class AuthFilter implements Filter {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
servletResponse.getWriter().write("请求信息验证失败");
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void destroy() {
|
||||
Filter.super.destroy();
|
||||
|
||||
@@ -41,12 +41,12 @@ public class ThreadLocalContext {
|
||||
|
||||
public static boolean verifyRequest(HttpServletRequest request)
|
||||
{
|
||||
String jobNumber = StringUtils.isEmpty(request.getHeader("jobNumber")) ? "" : request.getHeader("jobNumber");
|
||||
String jobNumber = StringUtils.isEmpty(request.getHeader("jobNumber")) ? null : request.getHeader("jobNumber");
|
||||
Long usrId = StringUtils.isEmpty(request.getHeader("userId")) ? null : Long.valueOf(request.getHeader("userId"));
|
||||
Long tenantId = StringUtils.isEmpty(request.getHeader("tenantId")) ? null : Long.valueOf(request.getHeader("tenantId"));
|
||||
String userName = StringUtils.isEmpty(request.getHeader("userName")) ? null : request.getHeader("userName");
|
||||
// if(usrId==null || tenantId==null || userName==null)
|
||||
// return false;
|
||||
if(usrId==null || tenantId==null)
|
||||
return false;
|
||||
setJobNumber(jobNumber);
|
||||
setCompany(request.getHeader("company"));
|
||||
setSessionId(request.getHeader("sessionId"));
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext;
|
||||
//import com.sdm.data.service.UserService;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -25,21 +26,14 @@ public class AuthFilter implements Filter {
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
if (servletRequest instanceof HttpServletRequest) {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber");
|
||||
Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId"));
|
||||
Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId"));
|
||||
String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName");
|
||||
ThreadLocalContext.setJobNumber(jobNumber);
|
||||
ThreadLocalContext.setCompany(req.getHeader("company"));
|
||||
ThreadLocalContext.setSessionId(req.getHeader("sessionId"));
|
||||
ThreadLocalContext.setUserId(usrId);
|
||||
ThreadLocalContext.setTenantId(tenantId);
|
||||
ThreadLocalContext.setUserName(userName);
|
||||
|
||||
// User user = userService.getUserByIdCode(idCode);
|
||||
// if (user != null) {
|
||||
// ThreadLocalContext.setUserContext(new UserContext(user));
|
||||
// }
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext;
|
||||
//import com.sdm.pbs.service.UserService;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -25,14 +26,14 @@ public class AuthFilter implements Filter {
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
if (servletRequest instanceof HttpServletRequest) {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber");
|
||||
ThreadLocalContext.getCommonHeader().setJobNumber(jobNumber);
|
||||
ThreadLocalContext.getCommonHeader().setCompany(req.getHeader("company"));
|
||||
ThreadLocalContext.getCommonHeader().setSessionId(req.getHeader("sessionId"));
|
||||
// User user = userService.getUserByIdCode(idCode);
|
||||
// if (user != null) {
|
||||
// ThreadLocalContext.setUserContext(new UserContext(user));
|
||||
// }
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
@@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext;
|
||||
//import com.sdm.performance.service.UserService;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -25,14 +26,14 @@ public class AuthFilter implements Filter {
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
if (servletRequest instanceof HttpServletRequest) {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber");
|
||||
ThreadLocalContext.getCommonHeader().setJobNumber(jobNumber);
|
||||
ThreadLocalContext.getCommonHeader().setCompany(req.getHeader("company"));
|
||||
ThreadLocalContext.getCommonHeader().setSessionId(req.getHeader("sessionId"));
|
||||
// User user = userService.getUserByIdCode(idCode);
|
||||
// if (user != null) {
|
||||
// ThreadLocalContext.setUserContext(new UserContext(user));
|
||||
// }
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ package com.sdm.project.filter;
|
||||
import com.sdm.common.common.ThreadLocalContext;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -23,21 +24,14 @@ public class AuthFilter implements Filter {
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
if (servletRequest instanceof HttpServletRequest) {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber");
|
||||
Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId"));
|
||||
Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId"));
|
||||
String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName");
|
||||
ThreadLocalContext.setJobNumber(jobNumber);
|
||||
ThreadLocalContext.setCompany(req.getHeader("company"));
|
||||
ThreadLocalContext.setSessionId(req.getHeader("sessionId"));
|
||||
ThreadLocalContext.setUserId(usrId);
|
||||
ThreadLocalContext.setTenantId(tenantId);
|
||||
ThreadLocalContext.setUserName(userName);
|
||||
|
||||
// User user = userService.getUserByIdCode(idCode);
|
||||
// if (user != null) {
|
||||
// ThreadLocalContext.setUserContext(new UserContext(user));
|
||||
// }
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ package com.sdm.system.filter;
|
||||
import com.sdm.common.common.ThreadLocalContext;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -23,21 +24,14 @@ public class AuthFilter implements Filter {
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
if (servletRequest instanceof HttpServletRequest) {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber");
|
||||
Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId"));
|
||||
Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId"));
|
||||
String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName");
|
||||
ThreadLocalContext.setJobNumber(jobNumber);
|
||||
ThreadLocalContext.setCompany(req.getHeader("company"));
|
||||
ThreadLocalContext.setSessionId(req.getHeader("sessionId"));
|
||||
ThreadLocalContext.setUserId(usrId);
|
||||
ThreadLocalContext.setTenantId(tenantId);
|
||||
ThreadLocalContext.setUserName(userName);
|
||||
|
||||
// User user = userService.getUserByIdCode(idCode);
|
||||
// if (user != null) {
|
||||
// ThreadLocalContext.setUserContext(new UserContext(user));
|
||||
// }
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
@@ -3,6 +3,7 @@ package com.sdm.task.filter;
|
||||
import com.sdm.common.common.ThreadLocalContext;
|
||||
import jakarta.servlet.*;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
@@ -23,21 +24,14 @@ public class AuthFilter implements Filter {
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
if (servletRequest instanceof HttpServletRequest) {
|
||||
HttpServletRequest req = (HttpServletRequest) servletRequest;
|
||||
String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber");
|
||||
Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId"));
|
||||
Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId"));
|
||||
String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName");
|
||||
ThreadLocalContext.setJobNumber(jobNumber);
|
||||
ThreadLocalContext.setCompany(req.getHeader("company"));
|
||||
ThreadLocalContext.setSessionId(req.getHeader("sessionId"));
|
||||
ThreadLocalContext.setUserId(usrId);
|
||||
ThreadLocalContext.setTenantId(tenantId);
|
||||
ThreadLocalContext.setUserName(userName);
|
||||
|
||||
// User user = userService.getUserByIdCode(idCode);
|
||||
// if (user != null) {
|
||||
// ThreadLocalContext.setUserContext(new UserContext(user));
|
||||
// }
|
||||
if(!ThreadLocalContext.verifyRequest(req))
|
||||
{
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}");
|
||||
return;
|
||||
}
|
||||
}
|
||||
filterChain.doFilter(servletRequest, servletResponse);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user