安全拦截器增加了cookie信息拦截

mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java

@@ -1,11 +1,14 @@
 package com.chinaunicom.mall.ebtp.cloud.security.starter.filter;
 
+import static com.chinaunicom.mall.ebtp.cloud.security.starter.common.Constants.COOKIE_TOKEN_CODE;
+
 import java.io.IOException;
 import java.util.Collections;
 import java.util.List;
 import java.util.Objects;
 import java.util.Optional;
 import java.util.stream.Collectors;
+import java.util.stream.Stream;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
@@ -60,17 +63,31 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
 		// 检查请求头是否包含 Bearer 前缀
 		if (StringUtils.startsWith(header, Constants.TOKEN_PREFIX)) {
-			// 移除header的前缀，提取出token字串
+			setAuthentication(currentRoleCode, RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, ""));// 移除header的前缀，提取出token字串
-			String authToken = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, "");
+		}
+		// 检查cookie
+		else {
+			Optional.ofNullable(request.getCookies()).ifPresent(cookies -> {
+				Stream.of(cookies).filter(item -> StringUtils.equals(item.getName(), COOKIE_TOKEN_CODE)).findFirst()
+						.ifPresent(cookie -> setAuthentication(currentRoleCode, cookie.getValue()));
+			});
+		}
+		filterChain.doFilter(request, response);
+	}
 
+	/**
+	 * 设置认证用户信息
+	 * 
+	 * @param currentRoleCode
+	 * @param authToken
+	 */
+	private void setAuthentication(final String currentRoleCode, final String authToken) {
 		try {// 通过token读取用户信息 (新增用户当前角色字段: 2021-03-05)
 			SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken, currentRoleCode));
 		} catch (Exception e) {
 			log.error(e.getMessage());
 		}
 	}
-		filterChain.doFilter(request, response);
-	}
 
 	/**
 	 * 调用山分的认证中心接口，获取该token的绑定信息