我有两种通过电话号码和用户名密码验证用户身份的方法,我尝试在过滤器中使用这两种方法,我应该使用 If 和 Else 还是有更好的方法?我已经尝试了下面的代码,尽管它不起作用。
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
try {
String jwt = getJwtFromRequest(request);
if (StringUtils.hasText(jwt) && tokenProvider.validateToken(jwt)) {
Long userId = tokenProvider.getUserIdFromJWT(jwt);
UserDetails userDetails = customUserDetailsService.loadUserById(userId);
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
} else if (StringUtils.hasText(jwt) && jwtTokenHandler.validateToken(jwt)) {
String phoneNumber = jwtTokenHandler.validatePhone(jwt) ;
UserDetails userDetailsUser = customUserDetailsService.loadUserPhone(phoneNumber);
UsernamePasswordAuthenticationToken authenticationMobile = new UsernamePasswordAuthenticationToken(userDetailsUser, null, userDetailsUser.getAuthorities());
authenticationMobile.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authenticationMobile);
}
} catch (Exception ex) {
logger.error("Could not set user authentication in security context", ex);
}
filterChain.doFilter(request, response);
}
最佳答案
我个人会使用两个过滤器 BasicAuthFilter 和 PhoneAuthFilter,但如果您想快速重构现有过滤器,这里有一个建议
protected void doFilterInternal(HttpServletRequest request,
HttpServletResponse response,
FilterChain filterChain)
throws ServletException,
IOException {
try {
String jwt = getJwtFromRequest(request);
if (StringUtils.hasText(jwt)) {
UserDetails userDetails = null;
if (tokenProvider.validateToken(jwt)) {
Long userId = tokenProvider.getUserIdFromJWT(jwt);
userDetails = customUserDetailsService.loadUserById(userId);
} else if (tokenProvider.validatePhone(jwt)) {
String phoneNumber = jwtTokenHandler.validatePhone(jwt);
userDetails = customUserDetailsService.loadUserPhone(phoneNumber);
}
if (userDetails != null) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
authenticationMobile.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authenticationMobile);
}
}
} catch (Exception ex) {
logger.error("Could not set user authentication in security context", ex);
}
filterChain.doFilter(request, response);
}
关于java - 如何使用 If else 语句 java 进行身份验证过滤器,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/55941420/