Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
package config
import grails.util.Holders
import org.springframework.web.filter.GenericFilterBean
import javax.servlet.FilterChain
import javax.servlet.ServletException
import javax.servlet.ServletRequest
import javax.servlet.ServletResponse
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
class ConfigFilter extends GenericFilterBean {
List urisToFilter
@Override
void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpServletRequest = request as HttpServletRequest
HttpServletResponse httpServletResponse = response as HttpServletResponse
def actualUri = httpServletRequest.requestURI - httpServletRequest.contextPath
def token = request.getHeader("Authorization")
if (urisToFilter.any { actualUri.startsWith(it)}) {
if (token != Holders.config.get("config.token")) {
httpServletResponse.setStatus(HttpServletResponse.SC_FORBIDDEN)
httpServletResponse.contentType = "application/json"
httpServletResponse.characterEncoding = "UTF-8"
httpServletResponse.addHeader "Cache-Control", "no-store"
httpServletResponse.addHeader "Pragma", "no-cache"
httpServletResponse << """{"code": "403", "message": "Not Authorized"}"""
} else {
chain.doFilter(request, response)
}
} else {
chain.doFilter(request, response)
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment