TokenAuthenticationFilter.java 文件源码

java
阅读 32 收藏 0 点赞 0 评论 0
项目:pingguopai 作者: 
@Override
public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {

    String authToken = tokenHelper.getToken(request);
    if (authToken != null && !skipPathRequest(request, pathsToSkip)) {
        // get username from token
        String username = null;
        try {
            username = tokenHelper.getUsernameFromToken(authToken);
            logger.info("[TokenAuthenticationFilter->doFilterInternal] authToken is {} and username is {}",
                        authToken,
                        username);
            if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
                User user = cacheHelper.getSessionUser("session_" + username);
                if (cacheHelper.getSessionUser("session_" + username) == null) {
                    throw new BadCredentialsException("回话失效,请重新登录");
                }
                    // get user
                UserDetails userDetails = (UserDetails) user;//userDetailsService.loadUserByUsername(username);
                // create authentication
                TokenBasedAuthentication authentication = new TokenBasedAuthentication(userDetails);
                authentication.setToken(authToken);
                SecurityContextHolder.getContext().setAuthentication(authentication);
            }
        } catch (Exception e) {
            logger.error("[TokenAuthenticationFilter->doFilterInternal] authToken is {} and username is {};" +
                    " error:",
                    authToken, username, e);
            SecurityContextHolder.getContext().setAuthentication(new AnonAuthentication());
        }
    } else {
        SecurityContextHolder.getContext().setAuthentication(new AnonAuthentication());
    }
    chain.doFilter(request, response);
}
您未登录,请先登录后再评论
评论列表
文章目录


问题


面经


文章

微信
公众号

扫码关注公众号