优化JwtFilter注释

dolyw · Mar 18, 2019 · 2ceb663 · 2ceb663
1 parent 4969f95
commit 2ceb663
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 13 deletions.
diff --git a/src/main/java/com/wang/config/shiro/ShiroConfig.java b/src/main/java/com/wang/config/shiro/ShiroConfig.java
@@ -15,6 +15,7 @@
 
 import javax.servlet.Filter;
 import java.util.HashMap;
+import java.util.LinkedHashMap;
 import java.util.Map;
 
 /**
@@ -66,11 +67,11 @@ public ShiroFilterFactoryBean factory(DefaultWebSecurityManager securityManager)
         filterMap.put("jwt", new JwtFilter());
         factoryBean.setFilters(filterMap);
         factoryBean.setSecurityManager(securityManager);
-        // 自定义url规则
-        Map<String, String> filterRuleMap = new HashMap<>(16);
+        // 自定义url规则使用LinkedHashMap有序Map
+        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>(16);
         // 所有请求通过我们自己的JWTFilter
-        filterRuleMap.put("/**", "jwt");
-        factoryBean.setFilterChainDefinitionMap(filterRuleMap);
+        filterChainDefinitionMap.put("/**", "jwt");
+        factoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
         return factoryBean;
     }
 

diff --git a/src/main/java/com/wang/config/shiro/UserRealm.java b/src/main/java/com/wang/config/shiro/UserRealm.java
@@ -63,13 +63,17 @@ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal
         // 查询用户角色
         List<RoleDto> roleDtos = roleMapper.findRoleByUser(userDto);
         for (RoleDto roleDto : roleDtos) {
-            // 添加角色
-            simpleAuthorizationInfo.addRole(roleDto.getName());
-            // 根据用户角色查询权限
-            List<PermissionDto> permissionDtos = permissionMapper.findPermissionByRole(roleDto);
-            for (PermissionDto permissionDto : permissionDtos) {
-                // 添加权限
-                simpleAuthorizationInfo.addStringPermission(permissionDto.getPerCode());
+            if (roleDto != null) {
+                // 添加角色
+                simpleAuthorizationInfo.addRole(roleDto.getName());
+                // 根据用户角色查询权限
+                List<PermissionDto> permissionDtos = permissionMapper.findPermissionByRole(roleDto);
+                for (PermissionDto permissionDto : permissionDtos) {
+                    if (permissionDto != null) {
+                        // 添加权限
+                        simpleAuthorizationInfo.addStringPermission(permissionDto.getPerCode());
+                    }
+                }
             }
         }
         return simpleAuthorizationInfo;

diff --git a/src/main/java/com/wang/config/shiro/jwt/JwtFilter.java b/src/main/java/com/wang/config/shiro/jwt/JwtFilter.java
@@ -10,6 +10,7 @@
 import com.wang.util.common.JsonConvertUtil;
 import com.wang.util.common.PropertiesUtil;
 import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
+import org.apache.shiro.web.util.WebUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpStatus;
@@ -44,7 +45,7 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
      */
     @Override
     protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
-        // 判断用户是否想要登入
+        // 查看当前Header中是否携带Authorization属性(Token)，有的话就进行登录认证授权
         if (this.isLoginAttempt(request, response)) {
             try {
                 // 进行Shiro的登录UserRealm
@@ -81,6 +82,21 @@ protected boolean isAccessAllowed(ServletRequest request, ServletResponse respon
                 this.response401(request, response, msg);
                 return false;
             }
+        } else {
+            // 没有携带Token
+            HttpServletRequest httpRequest = WebUtils.toHttp(request);
+            // 获取当前请求类型
+            String httpMethod = httpRequest.getMethod();
+            // 获取当前请求URI
+            String requestURI = httpRequest.getRequestURI();
+            LOGGER.info("当前请求 {} Authorization属性(Token)为空 请求类型 {}", requestURI, httpMethod);
+
+            // mustLoginFlag = true 开启任何请求必须登录才可访问
+            Boolean mustLoginFlag = false;
+            if (mustLoginFlag) {
+                this.response401(request, response, "请先登录");
+                return false;
+            }
         }
         return true;
     }

diff --git a/src/main/java/com/wang/controller/UserController.java b/src/main/java/com/wang/controller/UserController.java
@@ -197,7 +197,7 @@ public ResponseBean info() {
         // 获取当前登录用户Id
         Integer id = userUtil.getUserId();
         // 获取当前登录用户Token
-        String Token = userUtil.getToken();
+        String token = userUtil.getToken();
         // 获取当前登录用户Account
         String account = userUtil.getAccount();
         return new ResponseBean(HttpStatus.OK.value(), "您已经登录了(You are already logged in)", userDto);