refactor: 网关增加过滤器

This commit is contained in:
CaptainB 2023-02-03 19:04:14 +08:00
parent 800d8839a2
commit 6c3bf896d7
3 changed files with 83 additions and 5 deletions

View File

@ -0,0 +1,72 @@
package io.metersphere.gateway.filter;
import io.metersphere.commons.utils.ShiroUtils;
import jakarta.annotation.PostConstruct;
import jakarta.annotation.Resource;
import org.springdoc.core.properties.SwaggerUiConfigProperties;
import org.springframework.core.Ordered;
import org.springframework.http.HttpStatus;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ResponseStatusException;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import org.springframework.web.util.pattern.PathPattern;
import org.springframework.web.util.pattern.PathPatternParser;
import reactor.core.publisher.Mono;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
@Component
public class LoginFilter implements WebFilter, Ordered {
private PathPattern basePattern;
private final List<PathPattern> excludePatterns = new ArrayList<>();
@Resource
private SwaggerUiConfigProperties swaggerUiConfigProperties;
@PostConstruct
public void init() {
basePattern = new PathPatternParser().parse("/**");
// 网关首页
excludePatterns.add(new PathPatternParser().parse("/"));
// 各模块首页
swaggerUiConfigProperties.getUrls().forEach(v -> excludePatterns.add(new PathPatternParser().parse("/" + v.getName())));
ShiroUtils.loadBaseFilterChain()
.forEach((url, v) -> {
excludePatterns.add(new PathPatternParser().parse(url));
excludePatterns.add(new PathPatternParser().parse("/*" + url));
});
}
@Override
public Mono<Void> filter(final ServerWebExchange serverWebExchange, final WebFilterChain webFilterChain) {
ServerHttpRequest request = serverWebExchange.getRequest();
if (basePattern.matches(request.getPath().pathWithinApplication())
&& !excludePatterns.stream()
.anyMatch(pathPattern -> pathPattern.matches(request.getPath().pathWithinApplication()))
) {
return serverWebExchange.getSession()
.doOnNext(session -> Optional.ofNullable(session.getAttribute("user"))
.orElseThrow(() -> new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Not found session, Please Login again."))
)
.then(webFilterChain.filter(serverWebExchange));
} else {
return webFilterChain.filter(serverWebExchange);
}
}
@Override
public int getOrder() {
return Ordered.HIGHEST_PRECEDENCE;
}
}

View File

@ -26,6 +26,7 @@ import org.springframework.context.annotation.DependsOn;
import jakarta.servlet.DispatcherType;
import jakarta.servlet.Filter;
import java.util.*;
public class ShiroConfig {
@ -42,9 +43,9 @@ public class ShiroConfig {
shiroFilterFactoryBean.getFilters().put("csrf", new CsrfFilter());
Map<String, String> filterChainDefinitionMap = shiroFilterFactoryBean.getFilterChainDefinitionMap();
ShiroUtils.loadBaseFilterChain(filterChainDefinitionMap);
filterChainDefinitionMap.putAll(ShiroUtils.loadBaseFilterChain());
ShiroUtils.ignoreCsrfFilter(filterChainDefinitionMap);
filterChainDefinitionMap.putAll(ShiroUtils.ignoreCsrfFilter());
filterChainDefinitionMap.put("/**", "apikey, csrf, authc");
return shiroFilterFactoryBean;

View File

@ -1,11 +1,12 @@
package io.metersphere.commons.utils;
import java.util.HashMap;
import java.util.Map;
public class ShiroUtils {
public static void loadBaseFilterChain(Map<String, String> filterChainDefinitionMap) {
public static Map<String, String> loadBaseFilterChain() {
Map<String, String> filterChainDefinitionMap = new HashMap<>();
filterChainDefinitionMap.put("/resource/md/get/**", "anon");
filterChainDefinitionMap.put("/resource/ui/get/**", "anon");
filterChainDefinitionMap.put("/platform/plugin/resource/**", "anon");
@ -82,11 +83,15 @@ public class ShiroUtils {
filterChainDefinitionMap.put("/performance/update/cache", "anon");
// websocket
filterChainDefinitionMap.put("/websocket/**", "csrf");
return filterChainDefinitionMap;
}
public static void ignoreCsrfFilter(Map<String, String> filterChainDefinitionMap) {
public static Map<String, String> ignoreCsrfFilter() {
Map<String, String> filterChainDefinitionMap = new HashMap<>();
filterChainDefinitionMap.put("/", "apikey, authc"); // 跳转到 / 不用校验 csrf
filterChainDefinitionMap.put("/language", "apikey, authc");// 跳转到 /language 不用校验 csrf
filterChainDefinitionMap.put("/mock", "apikey, authc"); // 跳转到 /mock接口 不用校验 csrf
return filterChainDefinitionMap;
}
}