18019465682
commit
4ae506d772
|
|
@ -0,0 +1,123 @@
|
|||
package com.letoy.edu.config.auth;
|
||||
|
||||
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import com.letoy.edu.service.MyDetailsUserService;
|
||||
import com.letoy.edu.service.auth.AuthUser;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.web.authentication.*;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 拦截器
|
||||
*/
|
||||
@Component
|
||||
public class MyThirdPartLoginFilter extends OncePerRequestFilter {
|
||||
|
||||
private AuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
|
||||
private AuthenticationFailureHandler failureHandler = new SimpleUrlAuthenticationFailureHandler();
|
||||
private AuthenticationManager authenticationManager;
|
||||
|
||||
|
||||
public void setAuthenticationSuccessHandler(AuthenticationSuccessHandler successHandler) {
|
||||
Assert.notNull(successHandler, "successHandler cannot be null");
|
||||
this.successHandler = successHandler;
|
||||
}
|
||||
|
||||
public void setAuthenticationFailureHandler(AuthenticationFailureHandler failureHandler) {
|
||||
Assert.notNull(failureHandler, "failureHandler cannot be null");
|
||||
this.failureHandler = failureHandler;
|
||||
}
|
||||
|
||||
protected AuthenticationSuccessHandler getSuccessHandler() {
|
||||
return this.successHandler;
|
||||
}
|
||||
|
||||
protected AuthenticationFailureHandler getFailureHandler() {
|
||||
return this.failureHandler;
|
||||
}
|
||||
|
||||
protected AuthenticationManager getAuthenticationManager() {
|
||||
return this.authenticationManager;
|
||||
}
|
||||
|
||||
public void setAuthenticationManager(AuthenticationManager authenticationManager) {
|
||||
this.authenticationManager = authenticationManager;
|
||||
}
|
||||
|
||||
@Resource
|
||||
MyDetailsUserService myDetailsUserService;
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
FilterChain chain) throws ServletException, IOException {
|
||||
if (!"/thirdPart/login".equals(request.getRequestURI())) {
|
||||
chain.doFilter(request, response);
|
||||
} else {
|
||||
System.out.println("email验证模块");
|
||||
|
||||
ObjectMapper mapper = new ObjectMapper();
|
||||
Map<String, String> authenticationBean = null;
|
||||
try (InputStream is = request.getInputStream()) {
|
||||
authenticationBean = mapper.readValue(is, Map.class);
|
||||
} catch (IOException e) {
|
||||
//将异常放到自定义的异常类中
|
||||
System.out.println(e.getMessage());
|
||||
}
|
||||
System.out.println("当前登录的邮箱是:" + authenticationBean.get("token"));
|
||||
System.out.println("当前登录的类型:" + authenticationBean.get("type"));
|
||||
String email = authenticationBean.get("email");
|
||||
// System.out.println("headerToken = " + headerToken);
|
||||
// System.out.println("request getMethod = " + request.getMethod());
|
||||
|
||||
//通过令牌获取用户名称
|
||||
AuthUser authUser = myDetailsUserService.loginByEmail(email);
|
||||
String username = authUser.getUsername();
|
||||
System.out.println("Token_username = " + username);
|
||||
|
||||
//判断用户不为空,且SecurityContextHolder授权信息还是空的
|
||||
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
|
||||
//通过用户信息得到UserDetails
|
||||
UserDetails userDetails = authUser;
|
||||
System.out.println(userDetails);
|
||||
//验证令牌有效性
|
||||
|
||||
// 将用户信息存入 authentication,方便后续校验
|
||||
UsernamePasswordAuthenticationToken authentication =
|
||||
new UsernamePasswordAuthenticationToken(
|
||||
userDetails,
|
||||
null,
|
||||
userDetails.getAuthorities()
|
||||
);
|
||||
//
|
||||
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
|
||||
// 将 authentication 存入 ThreadLocal,方便后续获取用户信息
|
||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
|
||||
}
|
||||
ObjectMapper mapper2 = new ObjectMapper();
|
||||
HashMap resMap = new HashMap();
|
||||
resMap.put("token","fasdfsdg");
|
||||
String data = mapper2.writeValueAsString("退出成功");
|
||||
JSONAuthentication.WriteJSONS(request, response, resMap);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -44,6 +44,9 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
|||
@Resource
|
||||
MyEmailLoginFilter myEmailLoginFilter;
|
||||
|
||||
@Resource
|
||||
MyThirdPartLoginFilter myThirdPartLoginFilter;
|
||||
|
||||
@Resource
|
||||
MyAccessDeniedHandler myAccessDeniedHandler;
|
||||
//登出处理器
|
||||
|
|
@ -133,6 +136,8 @@ public class WebSecurityConfigurer extends WebSecurityConfigurerAdapter {
|
|||
//第5步:拦截token,并检测。在 UsernamePasswordAuthenticationFilter 之前添加 JwtAuthenticationTokenFilter
|
||||
http.addFilterBefore(myOncePerRequestFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
http.addFilterBefore(myEmailLoginFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
http.addFilterBefore(myThirdPartLoginFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
|
||||
//第6步:处理异常情况:认证失败和权限不足
|
||||
http.exceptionHandling().authenticationEntryPoint(myAuthenticationEntryPoint).accessDeniedHandler(myAccessDeniedHandler);
|
||||
|
|
|
|||
Loading…
Reference in New Issue