代码提交

k94314517

2024-07-22 716ab46fb071ed48bc75d10fabed66bd8fcae6f1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
package com.doumee.config.Jwt;
 
import com.alibaba.fastjson.JSONObject;
import com.doumee.biz.system.SystemDictDataBiz;
import com.doumee.biz.zbom.model.zhongtai.ZTConstants;
import com.doumee.config.annotation.UserLoginRequired;
import com.doumee.config.annotation.LoginRequired;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.redis.RedisUtil;
import com.doumee.dao.business.model.Member;
import com.doumee.dao.business.model.Users;
import io.jsonwebtoken.JwtException;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Objects;
 
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
 
 
    @Autowired
    private JdbcTemplate dao;
 
    @Autowired
    private SystemDictDataBiz systemDictDataBiz;
 
    @Autowired
    private RedisTemplate<String,Object> redisTemplate;
 
    /**
     * 是否开发者
     */
    @Value("${debug_model}")
    private Boolean isDebug;
 
    /**
     * 添加拦截器
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //API接口JwtToken拦截器
        HandlerInterceptor TokenInterceptor = new HandlerInterceptor() {
            @Override
            public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
                // 如果不是映射到方法直接通过
                if (!(handler instanceof HandlerMethod)) {
                    return true;
                }
                HandlerMethod handlerMethod = (HandlerMethod) handler;
 
                Class<?> beanType = handlerMethod.getBeanType();
                Boolean checkFlag = false;
                if(!(
                    beanType.isAnnotationPresent(LoginRequired.class) || handlerMethod.hasMethodAnnotation(LoginRequired.class)
                            || beanType.isAnnotationPresent(UserLoginRequired.class) || handlerMethod.hasMethodAnnotation(UserLoginRequired.class))
                ){
                    return true;
                }
                // 有 @LoginRequired 注解，需要登录认证 客户端使用
                if (!checkFlag && (beanType.isAnnotationPresent(LoginRequired.class) || handlerMethod.hasMethodAnnotation(LoginRequired.class))) {
                    String token = request.getHeader(JwtTokenUtil.HEADER_KEY);
                    if(StringUtils.isBlank(token)){
                        throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
                    }
                    if (StringUtils.isNotBlank(token)) {
                        checkFlag = checkLogin(request,response,token);
                    }
                }
                if(!checkFlag && (beanType.isAnnotationPresent(UserLoginRequired.class) || handlerMethod.hasMethodAnnotation(UserLoginRequired.class))){
                    String token = request.getHeader(JwtTokenUtil.HEADER_KEY);
                    if(StringUtils.isBlank(token)){
                        throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
                    }
                    if (StringUtils.isNotBlank(token)) {
                        checkFlag = checkPersonnelLogin(request,response,token);
                    }
                }
                if(!checkFlag){
                    throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
                }
                return true;
            }
        };
        registry.addInterceptor(TokenInterceptor).addPathPatterns("/web/**");
    }
 
 
    public Boolean checkLogin(HttpServletRequest request, HttpServletResponse response,String token){
        try {
            String tokenRedis = (String) redisTemplate.opsForValue().get(ZTConstants.CUSTOMER+"_"+token);
            if(StringUtils.isBlank(tokenRedis)){
                return false;
            }
            Long memberId = getTokenId(token);
            Member member = dao.queryForObject(" select  *  from `member` where id  = ?  limit 1  ", new BeanPropertyRowMapper<>(Member.class),memberId);
            if(Objects.isNull(member)){
                throw new BusinessException(ResponseStatus.DATA_EMPTY);
            }
            if(Constants.equalsInteger(member.getIsdeleted(),Constants.ONE)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员");
            }
            if(!Constants.equalsInteger(member.getStatus(),Constants.ZERO)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员");
            }
            request.setAttribute(JwtTokenUtil.UserId_Name, memberId);
            request.setAttribute(JwtTokenUtil.UserType, ZTConstants.CUSTOMER);
            return true;
        } catch (IllegalArgumentException | JwtException e) {
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
    }
 
    public Boolean checkPersonnelLogin(HttpServletRequest request, HttpServletResponse response,String token){
        try {
            String tokenRedis = (String) redisTemplate.opsForValue().get(ZTConstants.BUSINESS+"_"+token);
            if(StringUtils.isBlank(tokenRedis)){
                return false;
            }
            Long userId = getTokenId(token);
            Users users = dao.queryForObject(" select  *  from `users` where id  = ?  limit 1  ", new BeanPropertyRowMapper<>(Users.class),userId);
            if(Objects.isNull(users)){
                throw new BusinessException(ResponseStatus.DATA_EMPTY);
            }
            if(Constants.equalsInteger(users.getIsdeleted(),Constants.ONE)){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员");
            }
            if(!StringUtils.equals(users.getStatus(),Constants.ONE+"")){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员");
            }
            request.setAttribute(JwtTokenUtil.UserId_Name, userId);
            request.setAttribute(JwtTokenUtil.UserType, ZTConstants.BUSINESS);
            return true;
        } catch (IllegalArgumentException | JwtException e) {
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
    }
 
    @Bean
    public RestTemplate getRestTemplate(){
        return new RestTemplate();
    }
 
    public Long getTokenId(String token){
        try {
            Integer lastIndex = token.lastIndexOf("_")+1;
            Long tokenId = Long.valueOf(token.substring(lastIndex));
            return tokenId;
        }catch (Exception e){
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }
    }
 
}