|
|
@@ -51,17 +51,17 @@ public class TokenFilter implements Filter {
|
|
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain)
|
|
|
throws IOException, ServletException {
|
|
|
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
|
|
- HttpServletResponse response = (HttpServletResponse) servletResponse;
|
|
|
|
|
|
//移动端设备请求必须带“设备编号”参数
|
|
|
- String deviceId = request.getHeader(Constants.PARAM_DEVICE_ID);
|
|
|
+ /*String deviceId = request.getHeader(Constants.PARAM_DEVICE_ID);
|
|
|
if (StringUtils.isBlank(deviceId)) {
|
|
|
Result result = new Result().error("[APP] deviceId must be not empty.");
|
|
|
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
|
|
|
this.render(response, result.toString());
|
|
|
return;
|
|
|
- }
|
|
|
+ }*/
|
|
|
|
|
|
- CustomHttpServletRequest customRequest = this.initCustomRequest(request, deviceId);
|
|
|
+ CustomHttpServletRequest customRequest = this.initCustomRequest(request);
|
|
|
if (customRequest != null) {
|
|
|
filterChain.doFilter(customRequest, servletResponse);
|
|
|
return;
|
|
|
@@ -69,10 +69,11 @@ public class TokenFilter implements Filter {
|
|
|
filterChain.doFilter(servletRequest, servletResponse);
|
|
|
}
|
|
|
|
|
|
- private CustomHttpServletRequest initCustomRequest(HttpServletRequest request, String deviceId) {
|
|
|
+ private CustomHttpServletRequest initCustomRequest(HttpServletRequest request) {
|
|
|
String key = request.getHeader(Constants.PARAM_KEY);
|
|
|
- if (StringUtils.isBlank(key)) {
|
|
|
- //key为空,则不用过滤处理
|
|
|
+ String appToken = request.getHeader(Constants.PARAM_TOKEN);
|
|
|
+ if (StringUtils.isBlank(key) || StringUtils.isBlank(appToken)) {
|
|
|
+ //key,token为空,则不用过滤处理
|
|
|
return null;
|
|
|
}
|
|
|
|
|
|
@@ -83,22 +84,17 @@ public class TokenFilter implements Filter {
|
|
|
return null;
|
|
|
}
|
|
|
|
|
|
+ //同一个账号不同移动端设备,支持互踢
|
|
|
+ if (!appToken.equals(loginInfo.getAppToken())) {
|
|
|
+ //Token参数值无效
|
|
|
+ return null;
|
|
|
+ }
|
|
|
+
|
|
|
//处理已登录信息
|
|
|
CustomHttpServletRequest customRequest = new CustomHttpServletRequest(request);
|
|
|
if (!this.filterAccessUrl(request.getServletPath())) {
|
|
|
- /* 同一个账号不同移动端设备,支持互踢 */
|
|
|
- if (deviceId.equals(loginInfo.getDeviceId())) {
|
|
|
- //设备编号相同
|
|
|
- if (loginInfo.hasExpired(PLATFORM_SESSION_EXPIRE_TIME)) {
|
|
|
- //判断原始的login token是否在有效时间内,若已超过有效时间,则自动登录续期
|
|
|
- this.reLogin(loginInfo);
|
|
|
- }
|
|
|
- } else {
|
|
|
- //设备编号不同且Token在有效时间内,则互踢
|
|
|
- if (!loginInfo.hasExpired(PLATFORM_SESSION_EXPIRE_TIME)) {
|
|
|
- return null;
|
|
|
- }
|
|
|
- loginInfo.setDeviceId(deviceId);
|
|
|
+ if (loginInfo.hasExpired(PLATFORM_SESSION_EXPIRE_TIME)) {
|
|
|
+ //判断原始的login token是否在有效时间内,若已超过有效时间,则自动登录续期
|
|
|
this.reLogin(loginInfo);
|
|
|
}
|
|
|
}
|
deason