From 9b4433fddf5b401edb0aace8a404ac733b122702 Mon Sep 17 00:00:00 2001
From: 田源 <tianyuan@vci-tech.com>
Date: 星期四, 03 四月 2025 14:35:02 +0800
Subject: [PATCH] 添加非密字段显示

---
 Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/interceptor/BasicInterceptor.java |  113 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 113 insertions(+), 0 deletions(-)

diff --git a/Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/interceptor/BasicInterceptor.java b/Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/interceptor/BasicInterceptor.java
new file mode 100644
index 0000000..4ed9614
--- /dev/null
+++ b/Source/BladeX-Tool/blade-core-secure/src/main/java/org/springblade/core/secure/interceptor/BasicInterceptor.java
@@ -0,0 +1,113 @@
+/*
+ *      Copyright (c) 2018-2028, Chill Zhuang All rights reserved.
+ *
+ *  Redistribution and use in source and binary forms, with or without
+ *  modification, are permitted provided that the following conditions are met:
+ *
+ *  Redistributions of source code must retain the above copyright notice,
+ *  this list of conditions and the following disclaimer.
+ *  Redistributions in binary form must reproduce the above copyright
+ *  notice, this list of conditions and the following disclaimer in the
+ *  documentation and/or other materials provided with the distribution.
+ *  Neither the name of the dreamlu.net developer nor the names of its
+ *  contributors may be used to endorse or promote products derived from
+ *  this software without specific prior written permission.
+ *  Author: Chill 搴勯獮 (smallchill@163.com)
+ */
+package org.springblade.core.secure.interceptor;
+
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springblade.core.secure.props.BasicSecure;
+import org.springblade.core.secure.provider.HttpMethod;
+import org.springblade.core.secure.provider.ResponseProvider;
+import org.springblade.core.secure.utils.SecureUtil;
+import org.springblade.core.tool.jackson.JsonUtil;
+import org.springblade.core.tool.utils.WebUtil;
+import org.springframework.lang.NonNull;
+import org.springframework.util.AntPathMatcher;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.List;
+
+import static org.springblade.core.secure.constant.SecureConstant.BASIC_REALM_HEADER_KEY;
+import static org.springblade.core.secure.constant.SecureConstant.BASIC_REALM_HEADER_VALUE;
+
+/**
+ * 鍩虹璁よ瘉鎷︽埅鍣ㄦ牎楠�
+ *
+ * @author Chill
+ */
+@Slf4j
+@AllArgsConstructor
+public class BasicInterceptor extends HandlerInterceptorAdapter {
+
+	/**
+	 * 琛ㄨ揪寮忓尮閰�
+	 */
+	private static final AntPathMatcher ANT_PATH_MATCHER = new AntPathMatcher();
+
+	/**
+	 * 鎺堟潈闆嗗悎
+	 */
+	private final List<BasicSecure> basicSecures;
+
+	@Override
+	public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) {
+		boolean check = basicSecures.stream().filter(basicSecure -> checkAuth(request, basicSecure)).findFirst().map(
+			authSecure -> checkBasic(authSecure.getUsername(), authSecure.getPassword())
+		).orElse(Boolean.TRUE);
+		if (!check) {
+			log.warn("鎺堟潈璁よ瘉澶辫触锛岃姹傛帴鍙ｏ細{}锛岃姹侷P锛歿}锛岃姹傚弬鏁帮細{}", request.getRequestURI(), WebUtil.getIP(request), JsonUtil.toJson(request.getParameterMap()));
+			response.setHeader(BASIC_REALM_HEADER_KEY, BASIC_REALM_HEADER_VALUE);
+			ResponseProvider.write(response);
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * 妫�娴嬫巿鏉�
+	 */
+	private boolean checkAuth(HttpServletRequest request, BasicSecure basicSecure) {
+		return checkMethod(request, basicSecure.getMethod()) && checkPath(request, basicSecure.getPattern());
+	}
+
+	/**
+	 * 妫�娴嬭姹傛柟娉�
+	 */
+	private boolean checkMethod(HttpServletRequest request, HttpMethod method) {
+		return method == HttpMethod.ALL || (
+			method != null && method == HttpMethod.of(request.getMethod())
+		);
+	}
+
+	/**
+	 * 妫�娴嬭矾寰勫尮閰�
+	 */
+	private boolean checkPath(HttpServletRequest request, String pattern) {
+		String servletPath = request.getServletPath();
+		String pathInfo = request.getPathInfo();
+		if (pathInfo != null && pathInfo.length() > 0) {
+			servletPath = servletPath + pathInfo;
+		}
+		return ANT_PATH_MATCHER.match(pattern, servletPath);
+	}
+
+	/**
+	 * 妫�娴嬭〃杈惧紡
+	 */
+	private boolean checkBasic(String username, String password) {
+		try {
+			String[] tokens = SecureUtil.extractAndDecodeHeader();
+			return username.equals(tokens[0]) && password.equals(tokens[1]);
+		} catch (Exception e) {
+			log.warn("鎺堟潈璁よ瘉澶辫触锛岄敊璇俊鎭細{}", e.getMessage());
+			return false;
+		}
+	}
+
+
+}

--
Gitblit v1.9.3