如何前后端分离的架构中使用Shiro框架

时间:2025-04-02 15:30:33
public class AuthenticFilter extends AuthenticatingFilter { public final static String TOKEN="token"; @Override protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) throws Exception { String token=getRequestToken((HttpServletRequest) request); if(StringUtils.isBlank(token)){ return null; } return new AuthenticToken(token); } @Override protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception { String token=getRequestToken((HttpServletRequest) request); if(StringUtils.isBlank(token)){ HttpServletResponse httpReponse= (HttpServletResponse) response; httpReponse.setHeader("Access-Control-Allow-Credentials","true"); httpReponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getHeader("Origin")); httpReponse.getWriter().print(JSON.toJSONString(ResponseVo.error(HttpStatus.SC_UNAUTHORIZED,"invalid token"))); return false; } return executeLogin(request,response); } @Override protected boolean onLoginFailure(AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) { HttpServletResponse httpResponse= (HttpServletResponse) response; httpResponse.setContentType("application/json;charset=utf-8"); httpResponse.setHeader("Access-Control-Allow-Credentials", "true"); httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getHeader("Origin")); try { Throwable throwable=e.getCause(); //() ResponseVo responseVo=ResponseVo.error(HttpStatus.SC_UNAUTHORIZED,null); httpResponse.getWriter().print(JSON.toJSON(responseVo)); } catch (IOException e1) { e1.printStackTrace(); } return false; } @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) { if(RequestMethod.OPTIONS.name().equals(((HttpServletRequest) request).getMethod())){ return true; } return false; } private String getRequestToken(HttpServletRequest request){ String token=request.getHeader(TOKEN); if(StringUtils.isBlank(token)){ token=request.getParameter(TOKEN); } return token; } }

相关文章