🎨 #12527

b8bbb494 · Liang Ding · 97237e50 · b8bbb494 · 97237e50 · b8bbb494
Commit b8bbb494 authored Sep 25, 2018 by Liang Ding
3 changed files
--- a/src/main/java/org/b3log/solo/SoloServletListener.java
+++ b/src/main/java/org/b3log/solo/SoloServletListener.java
@@ -153,15 +153,15 @@ public final class SoloServletListener extends AbstractServletListener {
        Requests.log(httpServletRequest, Level.DEBUG, LOGGER);
        final String requestURI = httpServletRequest.getRequestURI();
-        Stopwatchs.start("Request Initialized[requestURI=" + requestURI + "]");
+        Stopwatchs.start("Request Initialized [requestURI=" + requestURI + "]");
        if (Requests.searchEngineBotRequest(httpServletRequest)) {
-            LOGGER.log(Level.DEBUG, "Request made from a search engine[User-Agent={0}]", httpServletRequest.getHeader("User-Agent"));
+            LOGGER.log(Level.DEBUG, "Request made from a search engine [User-Agent={0}]", httpServletRequest.getHeader("User-Agent"));
            httpServletRequest.setAttribute(Keys.HttpRequest.IS_SEARCH_ENGINE_BOT, true);
        } else {
            // Gets the session of this request
            final HttpSession session = httpServletRequest.getSession();
-            LOGGER.log(Level.DEBUG, "Gets a session[id={0}, remoteAddr={1}, User-Agent={2}, isNew={3}]", session.getId(),
+            LOGGER.log(Level.DEBUG, "Gets a session [id={0}, remoteAddr={1}, User-Agent={2}, isNew={3}]", session.getId(),
                    httpServletRequest.getRemoteAddr(), httpServletRequest.getHeader("User-Agent"), session.isNew());
            // Online visitor count
            final StatisticMgmtService statisticMgmtService = beanManager.getReference(StatisticMgmtService.class);

--- a/src/main/java/org/b3log/solo/filter/AuthFilter.java
+++ b/src/main/java/org/b3log/solo/filter/AuthFilter.java
-/*
- * Solo - A small and beautiful blogging system written in Java.
- * Copyright (c) 2010-2018, b3log.org & hacpai.com
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <https://www.gnu.org/licenses/>.
- */
-package org.b3log.solo.filter;
-import org.b3log.latke.ioc.LatkeBeanManager;
-import org.b3log.latke.ioc.Lifecycle;
-import org.b3log.latke.logging.Level;
-import org.b3log.latke.logging.Logger;
-import org.b3log.latke.model.Role;
-import org.b3log.latke.model.User;
-import org.b3log.solo.service.UserMgmtService;
-import org.b3log.solo.service.UserQueryService;
-import org.json.JSONObject;
-import javax.servlet.*;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-/**
- * Authentication filter.
- *
- * @author <a href="http://88250.b3log.org">Liang Ding</a>
- * @version 1.0.0.5, Sep 21, 2017
- * @since 0.3.1
- */
-public final class AuthFilter implements Filter {
-    /**
-     * Logger.
-     */
-    private static final Logger LOGGER = Logger.getLogger(AuthFilter.class);
-    @Override
-    public void init(final FilterConfig filterConfig) {
-    }
-    /**
-     * If the specified request is NOT made by an authenticated user, sends error 403.
-     *
-     * @param request  the specified request
-     * @param response the specified response
-     * @param chain    filter chain
-     * @throws IOException      io exception
-     * @throws ServletException servlet exception
-     */
-    @Override
-    public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain)
-            throws IOException, ServletException {
-        final HttpServletResponse httpServletResponse = (HttpServletResponse) response;
-        final HttpServletRequest httpServletRequest = (HttpServletRequest) request;
-        final LatkeBeanManager beanManager = Lifecycle.getBeanManager();
-        final UserMgmtService userMgmtService = beanManager.getReference(UserMgmtService.class);
-        final UserQueryService userQueryService = beanManager.getReference(UserQueryService.class);
-        try {
-            userMgmtService.tryLogInWithCookie(httpServletRequest, httpServletResponse);
-            final JSONObject currentUser = userQueryService.getCurrentUser(httpServletRequest);
-            if (null == currentUser) {
-                httpServletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
-                return;
-            }
-            final String userRole = currentUser.optString(User.USER_ROLE);
-            if (Role.VISITOR_ROLE.equals(userRole)) {
-                httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
-                return;
-            }
-            chain.doFilter(request, response);
-        } catch (final IOException e) {
-            LOGGER.log(Level.ERROR, "Auth filter failed", e);
-            httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
-        }
-    }
-    @Override
-    public void destroy() {
-    }
-}
--- a/src/main/java/org/b3log/solo/filter/PermalinkFilter.java
+++ b/src/main/java/org/b3log/solo/filter/PermalinkFilter.java
@@ -63,7 +63,7 @@ public final class PermalinkFilter implements Filter {
    private static final Logger LOGGER = Logger.getLogger(PermalinkFilter.class);
    @Override
-    public void init(final FilterConfig filterConfig) throws ServletException {
+    public void init(final FilterConfig filterConfig) {
    }
    /**
@@ -82,14 +82,12 @@ public final class PermalinkFilter implements Filter {
        final HttpServletResponse httpServletResponse = (HttpServletResponse) response;
        final String requestURI = httpServletRequest.getRequestURI();
+        LOGGER.log(Level.DEBUG, "Request URI [{0}]", requestURI);
-        LOGGER.log(Level.DEBUG, "Request URI[{0}]", requestURI);
        final String contextPath = Latkes.getContextPath();
        final String permalink = StringUtils.substringAfter(requestURI, contextPath);
        if (PermalinkQueryService.invalidPermalinkFormat(permalink)) {
-            LOGGER.log(Level.DEBUG, "Skip filter request[URI={0}]", permalink);
+            LOGGER.log(Level.DEBUG, "Skip filter request [URI={0}]", permalink);
            chain.doFilter(request, response);
            return;
@@ -102,16 +100,14 @@ public final class PermalinkFilter implements Filter {
        try {
            final ArticleRepository articleRepository = beanManager.getReference(ArticleRepositoryImpl.class);
            article = articleRepository.getByPermalink(permalink);
            if (null == article) {
                final PageRepository pageRepository = beanManager.getReference(PageRepositoryImpl.class);
                page = pageRepository.getByPermalink(permalink);
            }
            if (null == page && null == article) {
-                LOGGER.log(Level.DEBUG, "Not found article/page with permalink[{0}]", permalink);
+                LOGGER.log(Level.DEBUG, "Not found article/page with permalink [{0}]", permalink);
                chain.doFilter(request, response);
                return;
@@ -125,14 +121,14 @@ public final class PermalinkFilter implements Filter {
        // If requests an article and the article need view passowrd, sends redirect to the password form
        final ArticleQueryService articleQueryService = beanManager.getReference(ArticleQueryService.class);
        if (null != article && articleQueryService.needViewPwd(httpServletRequest, article)) {
            try {
-                httpServletResponse.sendRedirect(
+                httpServletResponse.sendRedirect(Latkes.getServePath() + "/console/article-pwd?articleId=" + article.optString(Keys.OBJECT_ID));
-                        Latkes.getServePath() + "/console/article-pwd?articleId=" + article.optString(Keys.OBJECT_ID));
                return;
            } catch (final Exception e) {
                httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
                return;
            }
        }
@@ -152,8 +148,7 @@ public final class PermalinkFilter implements Filter {
     * @see DispatcherServlet#result(HTTPRequestContext)
     */
    private void dispatchToArticleOrPageProcessor(final ServletRequest request, final ServletResponse response,
-                                                  final JSONObject article, final JSONObject page)
+                                                  final JSONObject article, final JSONObject page) throws IOException {
-            throws IOException {
        final HTTPRequestContext context = new HTTPRequestContext();
        context.setRequest((HttpServletRequest) request);
        context.setResponse((HttpServletResponse) response);