Skip to content

S
smart_gov_platform
Commit 3e5c7a8b authored by 赵啸非's avatar 赵啸非
Browse files
Options

提交配置校验

parent e3a2b723
Hide whitespace changes
Inline Side-by-side
Showing with 36 additions and 33 deletions
base-manager/src/main/java/com/mortals/xhx/base/framework/filter/SameSiteCookieFilter.java
View file @ 3e5c7a8b
package com.mortals.xhx.base.framework.filter;
import cn.hutool.core.util.StrUtil;
import cn.hutool.http.HttpStatus;
import cn.hutool.core.util.URLUtil;
import com.mortals.framework.service.ICacheService;
import com.mortals.xhx.common.key.RedisKey;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.context.annotation.Profile;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.net.URI;
import java.net.URL;
import java.util.List;
@Slf4j
//@Component
@Component
@Profile({"yanyuan", "test"})
public class SameSiteCookieFilter implements Filter {
@Autowired
private ICacheService cacheService;
@Value("${token.database:0}")
private Integer portalDb;
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletResponse httpResponse = (HttpServletResponse) response;
Cookie[] cookies = ((HttpServletRequest) request).getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
cookie.setHttpOnly(true);
cookie.setSecure(true);
cookie.setPath("/");
cookie.setMaxAge(3600);
httpResponse.addCookie(cookie);
RedisTemplate<String, String> redisTemplate = cacheService.selectDbRedisTemplate(portalDb);
String trustedReferer =redisTemplate.opsForValue().get(RedisKey.KEY_REFERERS_CACHE);
List<String> allowedOrigins = StrUtil.split(trustedReferer, ",");
// Set allowedOrigins= new HashSet(Arrays.asList(allowDomain));
String originHeader=((HttpServletRequest) request).getHeader("Origin");
if(!ObjectUtils.isEmpty(originHeader)){
URI host = URLUtil.getHost(new URL(originHeader));
String origin = host.getHost();
if (allowedOrigins.contains(origin)){
httpResponse.setHeader("Access-Control-Allow-Origin", originHeader);
httpResponse.setContentType("application/json;charset=UTF-8");
httpResponse.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
httpResponse.setHeader("Access-Control-Max-Age", "3600");
httpResponse.setHeader("Access-Control-Allow-Headers", "Content-Type,authorization,authtoken");
// 如果要把Cookie发到服务器,需要指定Access-Control-Allow-Credentials字段为true
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
httpResponse.setHeader("Access-Control-Expose-Headers", "*");
}
}
//cors
/* String referer = httpRequest.getHeader("Referer");
if(ObjectUtils.isEmpty(referer)){
chain.doFilter(request, response);
}else{
referer=StrUtil.removeSuffix(referer,"/");
List<String> trustReferers = StrUtil.split(trustedReferer, ",");
if(ObjectUtils.isEmpty(trustReferers)){
chain.doFilter(request, response);
}else{
if(trustReferers.contains(referer)) {
chain.doFilter(request, response);
}else {
httpResponse.setStatus(HttpStatus.HTTP_BAD_REQUEST);
}
}
}*/
chain.doFilter(request, response);
}
......
base-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthUserInterceptor.java
View file @ 3e5c7a8b
......@@ -50,9 +50,6 @@ public class AuthUserInterceptor extends BaseInterceptor {
@Autowired
private ICacheService cacheService;
@Value("${trustedReferer:''}")
private String trustedReferer;
@Value("${token.database:0}")
private Integer portalDb;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment