peihaoyu/forest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🐛 编辑器上传文件使用 X-Upload-Token 请求头传递 token

Browse Source
This commit is contained in:
ronger 2022-10-30 19:15:54 +08:00
parent f06e370d83
commit 2260b36cfe
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/main/java/com/rymcu/forest/auth/JwtFilter.java
View File

@ -6,6 +6,7 @@ import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts; import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureException; import io.jsonwebtoken.SignatureException;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.authz.UnauthenticatedException; import org.apache.shiro.authz.UnauthenticatedException;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter; import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
@ -33,8 +34,12 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
*/ */
@Override @Override
protected boolean isLoginAttempt(ServletRequest request, ServletResponse response) { protected boolean isLoginAttempt(ServletRequest request, ServletResponse response) {
HttpServletRequest req = (HttpServletRequest) request; HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String authorization = req.getHeader(JwtConstants.AUTHORIZATION); String authorization = httpServletRequest.getHeader(JwtConstants.AUTHORIZATION);
if (StringUtils.isBlank(authorization)) {
// 编辑器上传文件使用 X-Upload-Token 请求头传递 token
authorization = httpServletRequest.getHeader(JwtConstants.UPLOAD_TOKEN);
}
return authorization != null; return authorization != null;
} }
@ -45,6 +50,10 @@ public class JwtFilter extends BasicHttpAuthenticationFilter {
protected boolean executeLogin(ServletRequest request, ServletResponse response) { protected boolean executeLogin(ServletRequest request, ServletResponse response) {
HttpServletRequest httpServletRequest = (HttpServletRequest) request; HttpServletRequest httpServletRequest = (HttpServletRequest) request;
String authorization = httpServletRequest.getHeader(JwtConstants.AUTHORIZATION); String authorization = httpServletRequest.getHeader(JwtConstants.AUTHORIZATION);
if (StringUtils.isBlank(authorization)) {
// 编辑器上传文件使用 X-Upload-Token 请求头传递 token
authorization = httpServletRequest.getHeader(JwtConstants.UPLOAD_TOKEN);
}
// 验证token // 验证token
Claims claims; Claims claims;
try { try {