Examples with ValidateToken - com.free.framework.plateform.csrf.annotation.ValidateToken

Example 1 with ValidateToken

use of com.free.framework.plateform.csrf.annotation.ValidateToken in project free-framework by a601942905git.

the class CsrfTokenInterceptor method preHandle.

/**
 * request请求处理之前
 * @param request
 * @param response
 * @param handler
 * @return
 * @throws Exception
 */
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
    // 此处一定要对类型判断,次handler并非一定是HandlerMethod
    if (handler instanceof HandlerMethod) {
        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Method method = handlerMethod.getMethod();
        ValidateToken validateToken = method.getAnnotation(ValidateToken.class);
        if (null != validateToken && validateToken.vlidate()) {
            String requestToken = request.getParameter(CSRF_TOKEN);
            boolean validateTokenFlag = validateToken(requestToken);
            log.info("CsrfToken验证结果======>" + validateTokenFlag);
            // 验证失败
            if (!validateTokenFlag) {
                return false;
            }
            // 验证通过移除csrfToken
            WebContextUtils.removeSessionAttribute(CSRF_TOKEN);
        }
    }
    return true;
}

Also used : HandlerMethod(org.springframework.web.method.HandlerMethod) Method(java.lang.reflect.Method) HandlerMethod(org.springframework.web.method.HandlerMethod) ValidateToken(com.free.framework.plateform.csrf.annotation.ValidateToken)

Aggregations

ValidateToken (com.free.framework.plateform.csrf.annotation.ValidateToken)1 Method (java.lang.reflect.Method)1 HandlerMethod (org.springframework.web.method.HandlerMethod)1