我正在使用undertow作爲我的HTTP庫,並且希望驗證每個請求的JWT令牌和HTTP方法。我不想在每個HttpHandler
中執行驗證。這是做到這一點的正確方法嗎?從抽象類中的回調調用抽象方法
Handler.java
public abstract class Handler implements HttpHandler {
private HttpString[] methods;
Handler(HttpString... methods) {
this.methods = methods;
}
@Override
public void handleRequest(HttpServerExchange httpServerExchange) throws Exception {
// verifying HTTP method
boolean verified = false;
for (HttpString method : methods) {
if (httpServerExchange.getRequestMethod().equals(method)) {
verified = true;
break;
}
}
if (!verified) {
// return http 405, cause: invalid HTTP method
httpServerExchange.setStatusCode(StatusCodes.METHOD_NOT_ALLOWED);
httpServerExchange.getResponseSender().send(Variables.Response.EMPTY);
}
// verifying JWT token
String jwt = httpServerExchange.getRequestHeaders().get("jwt", 0);
JWT.verifyToken(jwt)
.addListener(token -> {
if (token != null) {
handleVerifiedRequest(httpServerExchange, token);
} else {
// return http 400, cause: JWT invalid
httpServerExchange.setStatusCode(StatusCodes.UNAUTHORIZED);
httpServerExchange.getResponseSender().send(Variables.Errors.INVALID_JWT);
}
});
}
public abstract void handleVerifiedRequest(HttpServerExchange httpServerExchange, String Token);
}
HelloHandler.java
public class HelloHandler extends Handler {
public HelloHandler(HttpString... methods) {
super(methods);
}
@Override
public void handleVerifiedRequest(HttpServerExchange httpServerExchange, String Token) {
// .. do something
}
}
看起來你的解決方案有任何問題。 – aiguy
@aiguy很酷,謝謝!這是第一次實現抽象類..:D – tom12e
使用這種方法將阻止你鏈接其他處理程序。我建議你堅持使用Undertow API(HttpHandler和exchange附件)。如果你有興趣,我可以在實際的答案中詳細說明。 – aramaki