• Home
• com.github.wjw465150
• scheduled-task-spring-boot-starter
• 2.1.8
• source code
• TaskAuthFilter.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.cloud.task.filter.TaskAuthFilter Maven / Gradle / Ivy

package com.cloud.task.filter;

import java.io.IOException;
import java.util.Base64;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;

import com.cloud.task.constant.TaskConstants;
import com.cloud.task.model.AuthProperties;

/**
 * 认证过滤器.
 */
@Configuration
@WebFilter(filterName = "authFilter", urlPatterns = {"/", "/api/*", "/logout", "*.html"})
public class TaskAuthFilter implements Filter {
    private final Logger log = LoggerFactory.getLogger(this.getClass());
    
    @Autowired
    private AuthProperties authProperties;

    private static final String AUTH_PREFIX = "Basic ";

    private static final String ADMIN_IDENTIFY = "admin";

    @Override
    public void init(final FilterConfig filterConfig) throws ServletException {
        log.info("AuthFilter init.");
    }

    @Override
    public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
        throws IOException, ServletException {
        HttpServletRequest httpRequest = (HttpServletRequest)request;
        HttpServletResponse httpResponse = (HttpServletResponse)response;
        String authorization = httpRequest.getHeader(TaskConstants.AUTHORIZATION);
        if (null == authorization || authorization.length() <= AUTH_PREFIX.length()) {
            needAuthenticate(httpResponse);
            return;
        }

        // 浏览器会话关闭前主动登出
        if (TaskConstants.LOGOUT.equals(((HttpServletRequest) request).getRequestURI())) {
            httpResponse.setStatus(401);
            return;
        }

        authorization = authorization.substring(AUTH_PREFIX.length());
        if (!(authProperties.getUsername() + ":" + authProperties.getPassword())
            .equals(new String(Base64.getDecoder().decode(authorization)))) {
            needAuthenticate(httpResponse);
            return;
        }

        authenticateSuccess(httpResponse);
        chain.doFilter(httpRequest, httpResponse);
    }

    private void authenticateSuccess(final HttpServletResponse response) {
        response.setStatus(200);
        response.setHeader("Pragma", "No-cache");
        response.setHeader("Cache-Control", "no-store");
        response.setDateHeader("Expires", 0);
        response.setHeader("identify", ADMIN_IDENTIFY);
    }

    private void needAuthenticate(final HttpServletResponse response) {
        response.setStatus(401);
        response.setHeader("Cache-Control", "no-store");
        response.setDateHeader("Expires", 0);
        response.setHeader("WWW-authenticate", AUTH_PREFIX + "Realm=\"Elastic Job Console Auth\"");
    }

    @Override
    public void destroy() {
        log.info("AuthFilter destroyed.");
    }
}