編寫檢驗token過濾器

public class JwtVerifyFilter extends BasicAuthenticationFilter {private RsaKeyProperties prop;public JwtVerifyFilter(AuthenticationManager authenticationManager, RsaKeyProperties prop) {super(authenticationManager);this.prop = prop;}public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {String header = request.getHeader("Authorization");if (header == null || !header.startsWith("Bearer ")) {//如果攜帶錯誤的token，則給用戶提示請登錄！chain.doFilter(request, response);response.setContentType("application/json;charset=utf-8");response.setStatus(HttpServletResponse.SC_FORBIDDEN);PrintWriter out = response.getWriter();Map resultMap = new HashMap();resultMap.put("code", HttpServletResponse.SC_FORBIDDEN);resultMap.put("msg", "請登錄！");out.write(new ObjectMapper().writeValueAsString(resultMap));out.flush();out.close();} else {//如果攜帶了正確格式的token要先得到tokenString token = header.replace("Bearer ", "");//驗證tken是否正確Payload<SysUser> payload = JwtUtils.getInfoFromToken(token, prop.getPublicKey(), SysUser.class);SysUser user = payload.getUserInfo();if(user!=null){UsernamePasswordAuthenticationToken authResult = new UsernamePasswordAuthenticationToken(user.getUsername(), null, user.getAuthorities());SecurityContextHolder.getContext().setAuthentication(authResult);chain.doFilter(request, response);}}} }

總結(jié)

以上是生活随笔為你收集整理的SpringSecurity分布式整合之验证认证的过滤器的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。