# security-filter **Repository Path**: wangzihaogitee/security-filter ## Basic Information - **Project Name**: security-filter - **Description**: 不需要复杂配置的登录用户拦截器 - **Primary Language**: Java - **License**: Apache-2.0 - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2022-02-25 - **Last Updated**: 2025-08-22 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # security-filter #### 介绍 不需要复杂配置的用户登录拦截器.解决了dubbo-filter中嵌套调用dubbo查询问题 #### 软件架构 软件架构说明 #### 安装教程 1. 添加maven依赖, 在pom.xml中加入 [![Maven Central](https://img.shields.io/maven-central/v/com.github.wangzihaogithub/security-filter.svg?label=Maven%20Central)](https://search.maven.org/search?q=g:com.github.wangzihaogithub%20AND%20a:security-filter) com.github.wangzihaogithub security-filter 1.1.14 2. 实现业务逻辑 @Component @Slf4j public class HrSecurityAccessFilter extends WebSecurityAccessFilter { private final LocalCacheService cacheService = new LocalCacheService(); @Autowired private CustomerLoginTokenService customerLoginTokenService; @Autowired private CustomerUserService customerUserService; public HrSecurityAccessFilter() { super(Collections.singletonList("access_token")); } @Override protected boolean isAccessSuccess(HrAccessUser user) { return Objects.equals(user.getStatus(), CustomerUserStatusEnum.NORMAL.getKey()) && Optional.ofNullable(user.getCustomer()).map(Customer::getEnableFlag).orElse(true); } @Override protected Integer selectUserId(HttpServletRequest request, String accessToken) { CustomerLoginToken po = customerLoginTokenService.queryCustomerLoginTokenByToken(accessToken, CustomerLoginTokenScopeEnum.HR.getKey()); if (po == null) { return null; } return po.getCustomerUserId(); } @Override protected HrAccessUser selectUser(HttpServletRequest request, Integer userId, String accessToken) { CustomerUserDetailResp resp = cacheService.getIfSet("U" + userId, () -> { return customerUserService.queryDetailById(userId); }, 20); if (resp == null) { return null; } return HrAccessUser.convert(request, accessToken, resp); } } 3. 注册Filter路由 /** * 只能是customer_user表的用户访问口。 {@link com.ig.hr.common.HrAccessUser} */ @Bean public FilterRegistrationBean hrSecurityFilter(HrSecurityAccessFilter filter) { FilterRegistrationBean registration = new FilterRegistrationBean<>(); registration.setFilter(filter); registration.addUrlPatterns("/api/*", "/statistics/*"); return registration; } #### 使用说明 // 操作当前用户 T : AccessUserUtil.getAccessUser() Object : AccessUserUtil.getAccessUserValue(attrName) boolean :AccessUserUtil.existAccessUser() AccessUserUtil.setCurrentThreadAccessUser(accessUser); AccessUserUtil.removeCurrentThreadAccessUser(); AccessUserUtil.runOnAccessUser(accessUser, runnable) // 异步传递 CompletableFuture> future = new AccessUserCompletableFuture<>(RpcContext.getContext().getCompletableFuture()); // 自带dubbo拦截器,支持dubbo传递当前用户,使用者可以自行注册到dubbo的/META-INF/services里 // implements org.apache.dubbo.rpc.Filter com.github.securityfilter.DubboAccessUserFilter // 自带servlet拦截器,使用者可以实现并自行注册到tomcat里 // implements javax.servlet.Filter com.github.securityfilter.WebSecurityAccessFilter