From c321cefb9f7f2d777d9aebdeb91f3ad00347a567 Mon Sep 17 00:00:00 2001 From: gulongcheng <474084054@qq.com> Date: Fri, 5 Dec 2025 10:27:44 +0800 Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95=E5=8F=82=E6=95=B0=E6=A0=A1?= =?UTF-8?q?=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/sdm/approve/filter/AuthFilter.java | 17 ++++++------- .../com/sdm/capability/filter/AuthFilter.java | 8 ++++--- .../sdm/common/common/ThreadLocalContext.java | 6 ++--- .../java/com/sdm/data/filter/AuthFilter.java | 24 +++++++------------ .../java/com/sdm/pbs/filter/AuthFilter.java | 17 ++++++------- .../sdm/performance/filter/AuthFilter.java | 17 ++++++------- .../com/sdm/project/filter/AuthFilter.java | 24 +++++++------------ .../com/sdm/system/filter/AuthFilter.java | 24 +++++++------------ .../java/com/sdm/task/filter/AuthFilter.java | 24 +++++++------------ 9 files changed, 71 insertions(+), 90 deletions(-) diff --git a/approve/src/main/java/com/sdm/approve/filter/AuthFilter.java b/approve/src/main/java/com/sdm/approve/filter/AuthFilter.java index ec696a1b..b384cd3b 100644 --- a/approve/src/main/java/com/sdm/approve/filter/AuthFilter.java +++ b/approve/src/main/java/com/sdm/approve/filter/AuthFilter.java @@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext; //import com.sdm.approve.service.UserService; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -25,14 +26,14 @@ public class AuthFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { if (servletRequest instanceof HttpServletRequest) { HttpServletRequest req = (HttpServletRequest) servletRequest; - String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber"); - ThreadLocalContext.getCommonHeader().setJobNumber(jobNumber); - ThreadLocalContext.getCommonHeader().setCompany(req.getHeader("company")); - ThreadLocalContext.getCommonHeader().setSessionId(req.getHeader("sessionId")); -// User user = userService.getUserByIdCode(idCode); -// if (user != null) { -// ThreadLocalContext.setUserContext(new UserContext(user)); -// } + if(!ThreadLocalContext.verifyRequest(req)) + { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); + return; + } } filterChain.doFilter(servletRequest, servletResponse); } diff --git a/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java b/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java index 419d4261..d64ed4e2 100644 --- a/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java +++ b/capability/src/main/java/com/sdm/capability/filter/AuthFilter.java @@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext; //import com.sdm.ability.service.UserService; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -26,14 +27,15 @@ public class AuthFilter implements Filter { HttpServletRequest req = (HttpServletRequest) servletRequest; if(!ThreadLocalContext.verifyRequest(req)) { - servletResponse.getWriter().write("请求信息验证失败"); + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); return; } - } filterChain.doFilter(servletRequest, servletResponse); } - @Override public void destroy() { Filter.super.destroy(); diff --git a/common/src/main/java/com/sdm/common/common/ThreadLocalContext.java b/common/src/main/java/com/sdm/common/common/ThreadLocalContext.java index 917d4f7d..7aad77b3 100644 --- a/common/src/main/java/com/sdm/common/common/ThreadLocalContext.java +++ b/common/src/main/java/com/sdm/common/common/ThreadLocalContext.java @@ -41,12 +41,12 @@ public class ThreadLocalContext { public static boolean verifyRequest(HttpServletRequest request) { - String jobNumber = StringUtils.isEmpty(request.getHeader("jobNumber")) ? "" : request.getHeader("jobNumber"); + String jobNumber = StringUtils.isEmpty(request.getHeader("jobNumber")) ? null : request.getHeader("jobNumber"); Long usrId = StringUtils.isEmpty(request.getHeader("userId")) ? null : Long.valueOf(request.getHeader("userId")); Long tenantId = StringUtils.isEmpty(request.getHeader("tenantId")) ? null : Long.valueOf(request.getHeader("tenantId")); String userName = StringUtils.isEmpty(request.getHeader("userName")) ? null : request.getHeader("userName"); -// if(usrId==null || tenantId==null || userName==null) -// return false; + if(usrId==null || tenantId==null) + return false; setJobNumber(jobNumber); setCompany(request.getHeader("company")); setSessionId(request.getHeader("sessionId")); diff --git a/data/src/main/java/com/sdm/data/filter/AuthFilter.java b/data/src/main/java/com/sdm/data/filter/AuthFilter.java index 45d73663..9e515b84 100644 --- a/data/src/main/java/com/sdm/data/filter/AuthFilter.java +++ b/data/src/main/java/com/sdm/data/filter/AuthFilter.java @@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext; //import com.sdm.data.service.UserService; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -25,21 +26,14 @@ public class AuthFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { if (servletRequest instanceof HttpServletRequest) { HttpServletRequest req = (HttpServletRequest) servletRequest; - String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber"); - Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId")); - Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId")); - String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName"); - ThreadLocalContext.setJobNumber(jobNumber); - ThreadLocalContext.setCompany(req.getHeader("company")); - ThreadLocalContext.setSessionId(req.getHeader("sessionId")); - ThreadLocalContext.setUserId(usrId); - ThreadLocalContext.setTenantId(tenantId); - ThreadLocalContext.setUserName(userName); - -// User user = userService.getUserByIdCode(idCode); -// if (user != null) { -// ThreadLocalContext.setUserContext(new UserContext(user)); -// } + if(!ThreadLocalContext.verifyRequest(req)) + { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); + return; + } } filterChain.doFilter(servletRequest, servletResponse); } diff --git a/pbs/src/main/java/com/sdm/pbs/filter/AuthFilter.java b/pbs/src/main/java/com/sdm/pbs/filter/AuthFilter.java index 9a4c3ebd..7de70294 100644 --- a/pbs/src/main/java/com/sdm/pbs/filter/AuthFilter.java +++ b/pbs/src/main/java/com/sdm/pbs/filter/AuthFilter.java @@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext; //import com.sdm.pbs.service.UserService; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -25,14 +26,14 @@ public class AuthFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { if (servletRequest instanceof HttpServletRequest) { HttpServletRequest req = (HttpServletRequest) servletRequest; - String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber"); - ThreadLocalContext.getCommonHeader().setJobNumber(jobNumber); - ThreadLocalContext.getCommonHeader().setCompany(req.getHeader("company")); - ThreadLocalContext.getCommonHeader().setSessionId(req.getHeader("sessionId")); -// User user = userService.getUserByIdCode(idCode); -// if (user != null) { -// ThreadLocalContext.setUserContext(new UserContext(user)); -// } + if(!ThreadLocalContext.verifyRequest(req)) + { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); + return; + } } filterChain.doFilter(servletRequest, servletResponse); } diff --git a/performance/src/main/java/com/sdm/performance/filter/AuthFilter.java b/performance/src/main/java/com/sdm/performance/filter/AuthFilter.java index 8213f902..fe97fa02 100644 --- a/performance/src/main/java/com/sdm/performance/filter/AuthFilter.java +++ b/performance/src/main/java/com/sdm/performance/filter/AuthFilter.java @@ -4,6 +4,7 @@ import com.sdm.common.common.ThreadLocalContext; //import com.sdm.performance.service.UserService; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -25,14 +26,14 @@ public class AuthFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { if (servletRequest instanceof HttpServletRequest) { HttpServletRequest req = (HttpServletRequest) servletRequest; - String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber"); - ThreadLocalContext.getCommonHeader().setJobNumber(jobNumber); - ThreadLocalContext.getCommonHeader().setCompany(req.getHeader("company")); - ThreadLocalContext.getCommonHeader().setSessionId(req.getHeader("sessionId")); -// User user = userService.getUserByIdCode(idCode); -// if (user != null) { -// ThreadLocalContext.setUserContext(new UserContext(user)); -// } + if(!ThreadLocalContext.verifyRequest(req)) + { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); + return; + } } filterChain.doFilter(servletRequest, servletResponse); } diff --git a/project/src/main/java/com/sdm/project/filter/AuthFilter.java b/project/src/main/java/com/sdm/project/filter/AuthFilter.java index d93a5dbb..d80e82c8 100644 --- a/project/src/main/java/com/sdm/project/filter/AuthFilter.java +++ b/project/src/main/java/com/sdm/project/filter/AuthFilter.java @@ -3,6 +3,7 @@ package com.sdm.project.filter; import com.sdm.common.common.ThreadLocalContext; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -23,21 +24,14 @@ public class AuthFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { if (servletRequest instanceof HttpServletRequest) { HttpServletRequest req = (HttpServletRequest) servletRequest; - String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber"); - Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId")); - Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId")); - String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName"); - ThreadLocalContext.setJobNumber(jobNumber); - ThreadLocalContext.setCompany(req.getHeader("company")); - ThreadLocalContext.setSessionId(req.getHeader("sessionId")); - ThreadLocalContext.setUserId(usrId); - ThreadLocalContext.setTenantId(tenantId); - ThreadLocalContext.setUserName(userName); - -// User user = userService.getUserByIdCode(idCode); -// if (user != null) { -// ThreadLocalContext.setUserContext(new UserContext(user)); -// } + if(!ThreadLocalContext.verifyRequest(req)) + { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); + return; + } } filterChain.doFilter(servletRequest, servletResponse); } diff --git a/system/src/main/java/com/sdm/system/filter/AuthFilter.java b/system/src/main/java/com/sdm/system/filter/AuthFilter.java index 35be5e51..325f5d3d 100644 --- a/system/src/main/java/com/sdm/system/filter/AuthFilter.java +++ b/system/src/main/java/com/sdm/system/filter/AuthFilter.java @@ -3,6 +3,7 @@ package com.sdm.system.filter; import com.sdm.common.common.ThreadLocalContext; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -23,21 +24,14 @@ public class AuthFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { if (servletRequest instanceof HttpServletRequest) { HttpServletRequest req = (HttpServletRequest) servletRequest; - String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber"); - Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId")); - Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId")); - String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName"); - ThreadLocalContext.setJobNumber(jobNumber); - ThreadLocalContext.setCompany(req.getHeader("company")); - ThreadLocalContext.setSessionId(req.getHeader("sessionId")); - ThreadLocalContext.setUserId(usrId); - ThreadLocalContext.setTenantId(tenantId); - ThreadLocalContext.setUserName(userName); - -// User user = userService.getUserByIdCode(idCode); -// if (user != null) { -// ThreadLocalContext.setUserContext(new UserContext(user)); -// } + if(!ThreadLocalContext.verifyRequest(req)) + { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); + return; + } } filterChain.doFilter(servletRequest, servletResponse); } diff --git a/task/src/main/java/com/sdm/task/filter/AuthFilter.java b/task/src/main/java/com/sdm/task/filter/AuthFilter.java index 7d2187af..c2a1423b 100644 --- a/task/src/main/java/com/sdm/task/filter/AuthFilter.java +++ b/task/src/main/java/com/sdm/task/filter/AuthFilter.java @@ -3,6 +3,7 @@ package com.sdm.task.filter; import com.sdm.common.common.ThreadLocalContext; import jakarta.servlet.*; import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -23,21 +24,14 @@ public class AuthFilter implements Filter { public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { if (servletRequest instanceof HttpServletRequest) { HttpServletRequest req = (HttpServletRequest) servletRequest; - String jobNumber = StringUtils.isEmpty(req.getHeader("jobNumber")) ? "" : req.getHeader("jobNumber"); - Long usrId = StringUtils.isEmpty(req.getHeader("userId")) ? null : Long.valueOf(req.getHeader("userId")); - Long tenantId = StringUtils.isEmpty(req.getHeader("tenantId")) ? null : Long.valueOf(req.getHeader("tenantId")); - String userName = StringUtils.isEmpty(req.getHeader("userName")) ? null : req.getHeader("userName"); - ThreadLocalContext.setJobNumber(jobNumber); - ThreadLocalContext.setCompany(req.getHeader("company")); - ThreadLocalContext.setSessionId(req.getHeader("sessionId")); - ThreadLocalContext.setUserId(usrId); - ThreadLocalContext.setTenantId(tenantId); - ThreadLocalContext.setUserName(userName); - -// User user = userService.getUserByIdCode(idCode); -// if (user != null) { -// ThreadLocalContext.setUserContext(new UserContext(user)); -// } + if(!ThreadLocalContext.verifyRequest(req)) + { + HttpServletResponse response = (HttpServletResponse) servletResponse; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); // 401 + response.setContentType("application/json;charset=UTF-8"); + response.getWriter().write("{\"code\":401,\"message\":\"未登录或认证信息缺失\"}"); + return; + } } filterChain.doFilter(servletRequest, servletResponse); }