LoginWebFiter.java 9.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235
  1. package com.webflux.launchadmin.config;
  2. import cn.hutool.json.JSONObject;
  3. import cn.hutool.json.JSONUtil;
  4. import com.webflux.launchadmin.context.UserContext;
  5. import com.webflux.launchadmin.context.XxlSsoUser;
  6. import com.webflux.launchcommon.utils.RL;
  7. import lombok.SneakyThrows;
  8. import lombok.extern.slf4j.Slf4j;
  9. import org.apache.http.HttpEntity;
  10. import org.apache.http.client.methods.CloseableHttpResponse;
  11. import org.apache.http.client.methods.HttpGet;
  12. import org.apache.http.impl.client.CloseableHttpClient;
  13. import org.apache.http.impl.client.HttpClients;
  14. import org.apache.http.util.EntityUtils;
  15. import org.springframework.beans.factory.annotation.Autowired;
  16. import org.springframework.beans.factory.annotation.Value;
  17. import org.springframework.core.io.buffer.DataBuffer;
  18. import org.springframework.data.redis.core.ReactiveRedisTemplate;
  19. import org.springframework.http.*;
  20. import org.springframework.http.server.RequestPath;
  21. import org.springframework.http.server.reactive.ServerHttpRequest;
  22. import org.springframework.http.server.reactive.ServerHttpResponse;
  23. import org.springframework.stereotype.Component;
  24. import org.springframework.util.MultiValueMap;
  25. import org.springframework.web.cors.reactive.CorsUtils;
  26. import org.springframework.web.server.ServerWebExchange;
  27. import org.springframework.web.server.WebFilter;
  28. import org.springframework.web.server.WebFilterChain;
  29. import reactor.core.publisher.Mono;
  30. import java.io.IOException;
  31. import java.util.Objects;
  32. import java.util.Optional;
  33. import java.util.stream.Stream;
  34. @Component
  35. @Slf4j
  36. public class LoginWebFiter implements WebFilter {
  37. // @Autowired
  38. // private ReactiveRedisTemplate<String,Object> reactiveRedisTemplate;
  39. @Value("${xxl.sso.excluded.paths}")
  40. private String xxlSsoExcludedPaths;
  41. @Value("${xxl.sso.excluded.start}")
  42. private String xxlSsoExcludedstart;
  43. @Value("${xxl.sso.server}")
  44. private String loginPageUrl;
  45. @SneakyThrows
  46. @Override
  47. public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
  48. ServerHttpRequest request = exchange.getRequest();
  49. ServerHttpResponse response = exchange.getResponse();
  50. RequestPath path = request.getPath();
  51. //.跨域
  52. if (CorsUtils.isCorsRequest(request)) {
  53. HttpHeaders headers = response.getHeaders();
  54. //解决跨域的问题
  55. headers.add("Access-Control-Allow-Origin", "*");
  56. headers.add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
  57. headers.add("Access-Control-Allow-Headers", "*");
  58. headers.add("Access-Control-Max-Age", "3600");
  59. headers.add("Access-Control-Allow-Credentials", "false");
  60. }
  61. //预检请求
  62. if (request.getMethod().equals(HttpMethod.OPTIONS.name())) {
  63. response.setStatusCode(HttpStatus.OK);
  64. return response.setComplete();
  65. }
  66. String string = path.toString();
  67. String[] split = xxlSsoExcludedPaths.split(",");
  68. String[] split1 = xxlSsoExcludedstart.split(",");
  69. Optional<String> first = Stream.of(split).filter(string::equals).findFirst();
  70. Optional<String> first1 = Stream.of(split1).filter(string::contains).findFirst();
  71. if (first.isEmpty() && first1.isEmpty()) {
  72. //验证权限
  73. try {
  74. String sessionid = getSessionid(exchange);
  75. BaseContextHandler.setSessionId(sessionid);
  76. Boolean user = getUser(getSessionid(exchange));
  77. if (!user) {
  78. return notLogin(exchange);
  79. }
  80. }catch (Exception e){
  81. //日志
  82. log.error("LoginWebFiter getUserInfo E:"+ e.getMessage());
  83. }
  84. }
  85. Mono<Void> filter = chain.filter(exchange); //放行
  86. //流一旦经过某个操作就会变成新流
  87. Mono<Void> voidMono = filter.doOnError(err -> {
  88. System.out.println("目标方法异常以后...");
  89. }) // 目标方法发生异常后做事
  90. .doFinally(signalType -> {
  91. System.out.println("目标方法执行以后...");
  92. });// 目标方法执行之后
  93. //上面执行不花时间。
  94. return voidMono; //看清楚返回的是谁!!!
  95. }
  96. private Mono<Void> notLogin(ServerWebExchange exchange) {
  97. ServerHttpResponse response = exchange.getResponse();
  98. response.setStatusCode( org.springframework.http.HttpStatus.NOT_IMPLEMENTED);
  99. response.getHeaders().add(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_VALUE);
  100. RL result =new RL();
  101. result.setCode(501);
  102. result.setLoginPageUrl(loginPageUrl);
  103. result.setMsg("sso not login.");
  104. DataBuffer dataBuffer = response.bufferFactory().wrap(JSONUtil.toJsonStr(result).getBytes());
  105. return response.writeWith(Mono.just(dataBuffer));
  106. }
  107. private static String getSessionid(ServerWebExchange exchange) {
  108. MultiValueMap<String, HttpCookie> cookies = exchange.getRequest().getCookies();
  109. if (!cookies.containsKey("xxl_sso_sessionid")) {
  110. return null;
  111. }
  112. String xxl_sso_sessionid = cookies.get("xxl_sso_sessionid").toString();
  113. if (Objects.isNull(xxl_sso_sessionid)) {
  114. return null;
  115. }
  116. return xxl_sso_sessionid.replace("[","").replace("]","");
  117. }
  118. public Boolean getUser(String cookie) throws IOException {
  119. if (Objects.isNull(cookie)) {
  120. log.error("111111111");
  121. return false;
  122. }
  123. if(UserContext.cMap.containsKey(cookie)){
  124. XxlSsoUser xxlSsoUser = UserContext.cMap.get(cookie);
  125. BaseContextHandler.setUserId(xxlSsoUser.getUserid());
  126. BaseContextHandler.setUserName(xxlSsoUser.getUsername());
  127. return true;
  128. }
  129. CloseableHttpClient httpclient = HttpClients.createDefault();
  130. //https://kuaitou.mokamrp.com/api/system/qwlb/getAdminInfo
  131. HttpGet httpget = new HttpGet("https://kuaitou.mokamrp.com/api/system/admin/getAdminInfo");
  132. httpget.setHeader("Cookie",cookie);
  133. CloseableHttpResponse response = httpclient.execute(httpget);
  134. try {
  135. HttpEntity entity = response.getEntity();
  136. String result = EntityUtils.toString(entity);
  137. EntityUtils.consume(entity);
  138. log.error("3");
  139. if (Objects.nonNull(result)) {
  140. log.error("4");
  141. JSONObject jsonObject = JSONUtil.parseObj(result);
  142. if (jsonObject.containsKey("code") && jsonObject.get("code", Integer.class) == 200) {
  143. log.error("5");
  144. if(jsonObject.containsKey("data")){
  145. log.error("7");
  146. XxlSsoUser data = jsonObject.get("data", XxlSsoUser.class);
  147. BaseContextHandler.setUserId(data.getUserid());
  148. BaseContextHandler.setUserName(data.getUsername());
  149. UserContext.cMap.put(cookie,data);
  150. System.out.println(data);
  151. return true;
  152. }
  153. }else if(jsonObject.containsKey("code") && jsonObject.get("code", Integer.class) == 501){
  154. log.error("7.1");
  155. return false;
  156. }else {
  157. return true;
  158. }
  159. }
  160. log.error("8");
  161. } catch (Exception e) {
  162. return true;
  163. } finally {
  164. response.close();
  165. }
  166. log.error("2222222222222");
  167. return true;
  168. }
  169. // public static String parseStoreKey(String sessionId) {
  170. // if (sessionId != null && sessionId.indexOf("_") > -1) {
  171. // String[] sessionIdArr = sessionId.split("_");
  172. // if (sessionIdArr.length == 2 && sessionIdArr[0] != null && sessionIdArr[0].trim().length() > 0) {
  173. // String userId = sessionIdArr[0].trim();
  174. // return userId;
  175. // }
  176. // }
  177. //
  178. // return null;
  179. // }
  180. // private static String xxl0(ServerWebExchange exchange) {
  181. //
  182. // MultiValueMap<String, HttpCookie> cookies = exchange.getRequest().getCookies();
  183. // if (!cookies.containsKey("xxl_sso_sessionid")) {
  184. // return null;
  185. // }
  186. // String xxl_sso_sessionid = cookies.get("xxl_sso_sessionid").toString();
  187. // if (Objects.isNull(xxl_sso_sessionid)) {
  188. // return null;
  189. // }
  190. // String xxl_sso_sessionid1 = xxl_sso_sessionid.replace("[","");
  191. // String xxl_sso_sessionid2 =xxl_sso_sessionid1.replace("]","");
  192. //
  193. // String[] split = xxl_sso_sessionid2.split("=");
  194. // if(Objects.isNull(split[1])){
  195. // return null;
  196. // }
  197. // String value = split[1];
  198. // String s = parseStoreKey(value);
  199. // return redisKey(s);
  200. // }
  201. // private static String redisKey(String sessionId) {
  202. // return "xxl_sso_sessionid".concat("#").concat(sessionId);
  203. // }
  204. //
  205. //
  206. //
  207. // public Boolean xxl1(ServerWebExchange exchange){
  208. // String key = xxl0(exchange);
  209. // if (Objects.isNull(key)) {
  210. // return false;
  211. // }
  212. // Mono<Object> objectMono = reactiveRedisTemplate.opsForValue().get(key);
  213. // // Optional<Object> o = objectMono.blockOptional();
  214. // return false;
  215. //
  216. // }
  217. //
  218. // private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) {
  219. // return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
  220. // }
  221. }