productDev/zbomyoujia.git

package com.doumee.config.Jwt;
 
import com.alibaba.fastjson.JSONObject;
import com.doumee.biz.system.SystemDictDataBiz;
import com.doumee.biz.zbom.model.zhongtai.ZTConstants;
import com.doumee.config.annotation.UserLoginRequired;
import com.doumee.config.annotation.LoginRequired;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.redis.RedisUtil;
import com.doumee.dao.business.model.Member;
import com.doumee.dao.business.model.Users;
import io.jsonwebtoken.JwtException;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;
 
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
 
 
    @Autowired
    private JdbcTemplate dao;
 
    @Autowired
    private SystemDictDataBiz systemDictDataBiz;
 
    @Autowired
    private RedisTemplate<String,Object> redisTemplate;
 
    /**
     * 是否开发者
     */
    @Value("${debug_model}")
    private Boolean isDebug;
 
    /**
     * 添加拦截器
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //API接口JwtToken拦截器
        HandlerInterceptor TokenInterceptor = new HandlerInterceptor() {
            @Override
            public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
                // 如果不是映射到方法直接通过
                if (!(handler instanceof HandlerMethod)) {
                    return true;
                }
                HandlerMethod handlerMethod = (HandlerMethod) handler;
 
                Class<?> beanType = handlerMethod.getBeanType();
                Boolean checkFlag = false;
                // 有 @LoginRequired 注解，需要登录认证 客户端使用
                if ((beanType.isAnnotationPresent(LoginRequired.class) || handlerMethod.hasMethodAnnotation(LoginRequired.class))) {
                    String token = request.getHeader(JwtTokenUtil.HEADER_KEY);
                    if(StringUtils.isBlank(token)){
                        throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
                    }
                    if (StringUtils.isNotBlank(token)) {
                        checkFlag = checkLogin(request,response,token);
                    }
                    // 有 @UserLoginRequired 注解，需要登录认证 内部人员使用
                }
                if(beanType.isAnnotationPresent(UserLoginRequired.class) || handlerMethod.hasMethodAnnotation(UserLoginRequired.class)){
                    String token = request.getHeader(JwtTokenUtil.HEADER_KEY);
                    if(StringUtils.isBlank(token)){
                        throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
                    }
                    if (StringUtils.isNotBlank(token)) {
                        checkFlag = checkPersonnelLogin(request,response,token);
                    }
                }
                return true;
            }
        };
        registry.addInterceptor(TokenInterceptor).addPathPatterns("/web/**");
    }
 
 
    public Boolean checkLogin(HttpServletRequest request, HttpServletResponse response,String token){
        try {
            String tokenRedis = (String) redisTemplate.opsForValue().get(ZTConstants.CUSTOMER+"_"+token);
            if(StringUtils.isNotBlank(tokenRedis)){
                if(!tokenRedis.equals(token)){
                    throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录");
                }
            }else{
                throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录");
            }
            Long memberId = getTokenId(token);
            Member member = dao.queryForObject(" select  *  from `member` where id  = ?  limit 1  ", new BeanPropertyRowMapper<>(Member.class),memberId);
            if(Objects.isNull(member)){
                throw new BusinessException(ResponseStatus.DATA_EMPTY);
            }
            if(Constants.equalsInteger(member.getIsdeleted(),Constants.ONE)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员");
            }
            if(!Constants.equalsInteger(member.getStatus(),Constants.ZERO)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员");
            }
            request.setAttribute(JwtTokenUtil.UserId_Name, memberId);
            request.setAttribute(JwtTokenUtil.UserType, ZTConstants.CUSTOMER);
            return true;
        } catch (IllegalArgumentException | JwtException e) {
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
    }
 
    public Boolean checkPersonnelLogin(HttpServletRequest request, HttpServletResponse response,String token){
        try {
            String tokenRedis = (String) redisTemplate.opsForValue().get(ZTConstants.BUSINESS+"_"+token);
            if(StringUtils.isNotBlank(tokenRedis)){
                if(!tokenRedis.equals(token)){
                    throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录");
                }
            }else{
                throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录");
            }
            Long userId = getTokenId(token);
            Users users = dao.queryForObject(" select  *  from `users` where id  = ?  limit 1  ", new BeanPropertyRowMapper<>(Users.class),userId);
            if(Objects.isNull(users)){
                throw new BusinessException(ResponseStatus.DATA_EMPTY);
            }
            if(Constants.equalsInteger(users.getIsdeleted(),Constants.ONE)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员");
            }
            if(!StringUtils.equals(users.getStatus(),Constants.ONE+"")){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员");
            }
            request.setAttribute(JwtTokenUtil.UserId_Name, userId);
            request.setAttribute(JwtTokenUtil.UserType, ZTConstants.BUSINESS);
            return true;
        } catch (IllegalArgumentException | JwtException e) {
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
    }
 
    @Bean
    public RestTemplate getRestTemplate(){
        return new RestTemplate();
    }
 
    public Long getTokenId(String token){
        try {
            Integer lastIndex = token.lastIndexOf("_")+1;
            Long tokenId = Long.valueOf(token.substring(0,lastIndex));
            return tokenId;
        }catch (Exception e){
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
    }
 
}