httpServletRequest添加 修改 header,Interceptor 添加 修改header

2年前 (2022) 程序员胖胖胖虎阿
236 0 0

我这边的鉴权是在拦截器里做的,后面用户又加了渠道权限,我这边的想法是在用户表中加一个channels字段,然后channels在请求中放到header中传递。

上代码 

默认HttpServletRequest是没有修改Header值得方法, 不过我们可以自定义类继承HttpServletRequestWrapper

package com.hzsx.rent.business.web.util;

import lombok.extern.slf4j.Slf4j;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import java.util.*;


@Slf4j
public class HeaderMapRequestWrapper extends HttpServletRequestWrapper {
    /**
     * construct a wrapper for this request
     *
     * @param request
     */
    public HeaderMapRequestWrapper(HttpServletRequest request) {
        super(request);
    }

    private Map<String, String> headerMap = new HashMap<>();

    /**
     * add a header with given name and value
     *
     * @param name
     * @param value
     */
    public void addHeader(String name, String value) {
        headerMap.put(name, value);
    }

    @Override
    public String getHeader(String name) {
        log.info("getHeader --->{}",name);
        String headerValue = super.getHeader(name);
        if (headerMap.containsKey(name)) {
            headerValue = headerMap.get(name);
        }
        return headerValue;
    }

    /**
     * get the Header names
     */
    @Override
    public Enumeration<String> getHeaderNames() {
        List<String> names = Collections.list(super.getHeaderNames());
        for (String name : headerMap.keySet()) {
            names.add(name);
        }
        return Collections.enumeration(names);
    }

    @Override
    public Enumeration<String> getHeaders(String name) {
        log.info("getHeaders --->>>>>>{}",name);
        List<String> values = Collections.list(super.getHeaders(name));
        log.info("getHeaders --->>>>>>{}",values);
        if (headerMap.containsKey(name)) {
            log.info("getHeaders --->{}",headerMap.get(name));
            values = Arrays.asList(headerMap.get(name));
        }
        return Collections.enumeration(values);
    }
}

@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
    String token = request.getHeader("token");
    BackstageUserDto userDto = JSON.parseObject((String) RedisUtil.get(RedisKeyConstant.TOKEN_PREFIX + token), BackstageUserDto.class);
    String channels = userDto.getChannels();
    if (StringUtil.isNotEmpty(channels)) {
        String header = request.getHeader("Request");
        HeaderMapRequestWrapper requestWrapper = new HeaderMapRequestWrapper(request);
        requestWrapper.addHeader("Request", header + "No=" + channels);
        request = requestWrapper;

这是在拦截去器中做的,我认为在这里request就已经被替换掉了,但是事实证明不行。在接下来一个拦截器中接收到的参数还是原HttpServletRequest 请求头并没有呗添加进去

所有我这里定义一个filter,用@Order(Ordered.HIGHEST_PRECEDENCE + 101)注解设置这个filter紧接着拦截器去执行。

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain){
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    String token = request.getHeader("token");
    BackstageUserDto userDto = JSON.parseObject((String) RedisUtil.get(RedisKeyConstant.TOKEN_PREFIX + token), BackstageUserDto.class);
    String channels = userDto.getChannels();
    if (StringUtil.isNotEmpty(channels)) {
        String header = request.getHeader("Request");
        HeaderMapRequestWrapper requestWrapper = new HeaderMapRequestWrapper(request);
        requestWrapper.addHeader("Request", header + "&No=" + channels);
        try{
            filterChain.doFilter(requestWrapper, servletResponse);
        }catch (Exception e){
            e.printStackTrace();
            log.error("处理channels请求头异常");
        }
    }
}

这里用filterChain.doFilter替换就可以了

相关文章

暂无评论

暂无评论...