| | |
|---|
| | | package com.doumee.config.Jwt; |
|---|
| | | |
|---|
| | | import com.alibaba.fastjson.JSONObject; |
|---|
| | | import com.doumee.config.annotation.LoginRequired; |
|---|
| | | import com.doumee.config.annotation.LoginShopRequired; |
|---|
| | | import com.doumee.core.constants.ResponseStatus; |
|---|
| | | import com.doumee.core.exception.BusinessException; |
|---|
| | | import com.doumee.core.utils.Constants; |
|---|
| | | import com.doumee.dao.business.model.Member; |
|---|
| | | import com.doumee.dao.business.model.Shop; |
|---|
| | | import io.jsonwebtoken.JwtException; |
|---|
| | | import org.apache.commons.lang3.StringUtils; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | import org.springframework.context.annotation.Configuration; |
|---|
| | | import org.springframework.data.redis.core.RedisTemplate; |
|---|
| | | import org.springframework.jdbc.core.JdbcTemplate; |
|---|
| | | import org.springframework.web.client.RestTemplate; |
|---|
| | | import org.springframework.web.method.HandlerMethod; |
|---|
| | |
|---|
| | | |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | import java.lang.reflect.Method; |
|---|
| | | import java.util.Objects; |
|---|
| | | |
|---|
| | | @Configuration |
|---|
| | | public class WebMvcConfig implements WebMvcConfigurer { |
|---|
| | |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private JdbcTemplate dao; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private RedisTemplate<String,Object> redisTemplate; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 添加拦截器 |
|---|
| | |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | }; |
|---|
| | |
|---|
| | | public Boolean checkMemberLogin(HttpServletRequest request, HttpServletResponse response){ |
|---|
| | | String token = request.getHeader(JwtTokenUtil.HEADER_KEY); |
|---|
| | | try { |
|---|
| | | //判断Token是否超时 |
|---|
| | | boolean expiration = JwtTokenUtil.isTokenExpired(token); |
|---|
| | | if (expiration) { |
|---|
| | | if(!token.startsWith(Constants.ZERO+"")){ |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | //获取账号ID |
|---|
| | | String memberIdInfo = JwtTokenUtil.getJwtPayLoad(token).getMemberId(); |
|---|
| | | if(StringUtils.isBlank(memberIdInfo)||!memberIdInfo.startsWith(Constants.MEMBER_PREFIX)){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"用户信息出错"); |
|---|
| | | String tokenRedis = (String) redisTemplate.opsForValue().get(token); |
|---|
| | | if(StringUtils.isBlank(tokenRedis)){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
| | | } |
|---|
| | | Integer memberId = Integer.valueOf(memberIdInfo.replace(Constants.MEMBER_PREFIX,"")); |
|---|
| | | Member member = JSONObject.parseObject(tokenRedis, Member.class); |
|---|
| | | if(Objects.isNull(member)||StringUtils.isBlank(member.getOpenId())){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
| | | } |
|---|
| | | String openid = member.getOpenId(); |
|---|
| | | Integer memberId = getTokenId(token); |
|---|
| | | Integer isDeleted = dao.queryForObject(" select COALESCE(ISDELETED,0) from Member where id = ?", Integer.class, memberId); |
|---|
| | | if(isDeleted== Constants.ONE){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员"); |
|---|
| | | } |
|---|
| | | Integer isForbidden = dao.queryForObject(" select COALESCE(STATUS,0) from Member where id = ?", Integer.class, memberId); |
|---|
| | | if(isForbidden== Constants.ONE){ |
|---|
| | | if(isForbidden == Constants.ONE){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员"); |
|---|
| | | } |
|---|
| | | if(isForbidden == Constants.TWO){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已注销,请联系管理员"); |
|---|
| | | } |
|---|
| | | String dbOpenid = dao.queryForObject(" select ifnull(open_id,'') from Member where id = ?", String.class, memberId); |
|---|
| | | if(StringUtils.isBlank(dbOpenid)||!openid.equals(dbOpenid)){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"已过期,请重新登录"); |
|---|
| | | } |
|---|
| | | Integer count = dao.queryForObject("select count(1) from Member where id = ?", Integer.class, memberId); |
|---|
| | | if (count != null && count > 0) { |
|---|
| | |
|---|
| | | public Boolean checkShopLogin(HttpServletRequest request, HttpServletResponse response){ |
|---|
| | | String token = request.getHeader(JwtTokenUtil.HEADER_KEY); |
|---|
| | | try { |
|---|
| | | //判断Token是否超时 |
|---|
| | | boolean expiration = JwtTokenUtil.isTokenExpired(token); |
|---|
| | | if (expiration) { |
|---|
| | | if(!token.startsWith(Constants.ONE+"")){ |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | //获取账号ID |
|---|
| | | String shopInfo = JwtTokenUtil.getJwtPayLoad(token).getMemberId(); |
|---|
| | | if(StringUtils.isBlank(shopInfo)||!shopInfo.startsWith(Constants.SHOP_PREFIX)){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"用户信息出错"); |
|---|
| | | String tokenRedis = (String) redisTemplate.opsForValue().get(token); |
|---|
| | | if(StringUtils.isBlank(tokenRedis)){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
| | | } |
|---|
| | | Integer shopId = Integer.valueOf(shopInfo.replace(Constants.SHOP_PREFIX,"")); |
|---|
| | | Shop shop = JSONObject.parseObject(tokenRedis, Shop.class); |
|---|
| | | if(Objects.isNull(shop)||StringUtils.isBlank(shop.getOpenId())){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
| | | } |
|---|
| | | String openid = shop.getOpenId(); |
|---|
| | | Integer shopId = getTokenId(token); |
|---|
| | | Integer isDeleted = dao.queryForObject(" select COALESCE(ISDELETED,0) from shop where id = ?", Integer.class, shopId); |
|---|
| | | if(isDeleted== Constants.ONE){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员"); |
|---|
| | |
|---|
| | | Integer isForbidden = dao.queryForObject(" select COALESCE(STATUS,0) from shop where id = ?", Integer.class, shopId); |
|---|
| | | if(isForbidden== Constants.ONE){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员"); |
|---|
| | | } |
|---|
| | | String dbOpenid = dao.queryForObject(" select ifnull(open_id,'') from shop where id = ?", String.class, shopId); |
|---|
| | | if(StringUtils.isBlank(dbOpenid)||!openid.equals(dbOpenid)){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"已过期,请重新登录"); |
|---|
| | | } |
|---|
| | | Integer count = dao.queryForObject("select count(1) from shop where id = ?", Integer.class, shopId); |
|---|
| | | if (count != null && count > 0) { |
|---|
| | |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | public Integer getTokenId(String token){ |
|---|
| | | try { |
|---|
| | | Integer lastIndex = token.lastIndexOf("_")+1; |
|---|
| | | Integer tokenId = Integer.valueOf(token.substring(lastIndex)); |
|---|
| | | return tokenId; |
|---|
| | | }catch (Exception e){ |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | |
|---|
| | | @Bean |
|---|
| | | public RestTemplate getRestTemplate(){ |
|---|
