package org.jeecg.config.filter;
|
|
import lombok.extern.slf4j.Slf4j;
|
import org.jeecg.common.api.CommonAPI;
|
import org.jeecg.common.util.RedisUtil;
|
import org.jeecg.common.util.SpringContextUtils;
|
import org.jeecg.common.util.TokenUtils;
|
import org.jeecg.common.util.oConvertUtils;
|
|
import javax.servlet.*;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.io.IOException;
|
|
/**
|
* websocket 前端将token放到子协议里传入 与后端建立连接时需要用到http协议,此处用于校验token的有效性
|
* @Author taoYan
|
* @Date 2022/4/21 17:01
|
**/
|
@Slf4j
|
public class WebsocketFilter implements Filter {
|
|
private static final String TOKEN_KEY = "Sec-WebSocket-Protocol";
|
|
private static CommonAPI commonApi;
|
|
private static RedisUtil redisUtil;
|
|
@Override
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
if (commonApi == null) {
|
commonApi = SpringContextUtils.getBean(CommonAPI.class);
|
}
|
if (redisUtil == null) {
|
redisUtil = SpringContextUtils.getBean(RedisUtil.class);
|
}
|
HttpServletRequest request = (HttpServletRequest)servletRequest;
|
String token = request.getHeader(TOKEN_KEY);
|
|
log.debug("Websocket连接 Token安全校验,Path = {},token:{}", request.getRequestURI(), token);
|
|
try {
|
TokenUtils.verifyToken(token, commonApi, redisUtil);
|
} catch (Exception exception) {
|
//log.error("Websocket连接 Token安全校验失败,IP:{}, Token:{}, Path = {},异常:{}", oConvertUtils.getIpAddrByRequest(request), token, request.getRequestURI(), exception.getMessage());
|
log.debug("Websocket连接 Token安全校验失败,IP:{}, Token:{}, Path = {},异常:{}", oConvertUtils.getIpAddrByRequest(request), token, request.getRequestURI(), exception.getMessage());
|
return;
|
}
|
HttpServletResponse response = (HttpServletResponse)servletResponse;
|
response.setHeader(TOKEN_KEY, token);
|
filterChain.doFilter(servletRequest, servletResponse);
|
}
|
|
}
|
