修复bug

jiangping

2024-06-07 84d1c713f5275b77083efdd00e616f3181f64d37

 server/dmvisit_service/src/main/java/com/doumee/config/Jwt/WebMvcConfig.java

@@ -1,14 +1,21 @@
package com.doumee.config.Jwt;

import com.doumee.biz.system.SystemDictDataBiz;
import com.doumee.config.annotation.ErpLoginRequired;
import com.doumee.config.annotation.LoginRequired;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.redis.RedisUtil;
import com.doumee.dao.business.model.Member;
import io.jsonwebtoken.JwtException;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.method.HandlerMethod;
@@ -19,6 +26,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
import java.util.Objects;

@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@@ -26,6 +34,12 @@

    @Autowired
    private JdbcTemplate dao;

    @Autowired
    private SystemDictDataBiz systemDictDataBiz;

    @Autowired
    private RedisTemplate<String,Object> redisTemplate;

    /**
     * 添加拦截器
@@ -47,7 +61,7 @@
//                Method method = handlerMethod.getMethod();

                // 有 @LoginRequired 注解，需要登录认证
                if (beanType.isAnnotationPresent(LoginRequired.class)) {
                if (beanType.isAnnotationPresent(LoginRequired.class) || handlerMethod.hasMethodAnnotation(LoginRequired.class)) {
                    //获取token
                    String token = request.getHeader(JwtTokenUtil.HEADER_KEY);  // 从 http 请求头中取出 token
                    if (StringUtils.isNotBlank(token)) {
@@ -55,19 +69,24 @@
                    } else {
                        throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
                    }
                }else if (handlerMethod.hasMethodAnnotation(LoginRequired.class)){
                    //获取token
                    String token = request.getHeader(JwtTokenUtil.HEADER_KEY);  // 从 http 请求头中取出 token
                    if (StringUtils.isNotBlank(token)) {
                        checkLogin(request,response);
                    } else {
                        throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
                } else if(beanType.isAnnotationPresent(ErpLoginRequired.class) || handlerMethod.hasMethodAnnotation(ErpLoginRequired.class)){
                    try {
                        //ERP 业务注解
                        String token = request.getHeader(JwtTokenUtil.HEADER_KEY);
                        String redisToken = RedisUtil.getObject(redisTemplate,Constants.RedisKeys.ERP_TOKEN,String.class);
                        if(StringUtils.isBlank(redisToken)||!token.equals(redisToken)){
                            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"授权已失效");
                        }
                        request.setAttribute(JwtTokenUtil.HEADER_KEY,token);
                    } catch (IllegalArgumentException | JwtException e) {
                        throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"授权已失效");
                    }
//                    request.setAttribute("token", token);
                }
                return true;
            }
        };
        registry.addInterceptor(TokenInterceptor).addPathPatterns("/web/**");
        registry.addInterceptor(TokenInterceptor).addPathPatterns("/web/**","/visitbiz/**");
    }


@@ -81,22 +100,20 @@
                throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录");
            }
            //获取账号ID
            Integer memberId = JwtTokenUtil.getJwtPayLoad(token).getMemberId();
            Integer isDeleted = dao.queryForObject(" select COALESCE(DELETED,1)  from `system_user` where id  = ?", Integer.class, memberId);
            if(isDeleted== Constants.ONE){
            String memberId = JwtTokenUtil.getJwtPayLoad(token).getMemberId();
            Member member = dao.queryForObject(" select  *  from `member` where id  = ?  limit 1  ", new BeanPropertyRowMapper<>(Member.class),memberId );
            if(Objects.isNull(member)){
                throw new BusinessException(ResponseStatus.DATA_EMPTY);
            }
            if(member.getIsdeleted()== Constants.ONE){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员");
            }
            Integer isForbidden = dao.queryForObject(" select COALESCE(STATUS,1)  from `system_user` where id  = ?", Integer.class, memberId);
            if(isForbidden== Constants.ONE){
            if(member.getStatus() != Constants.ZERO){
                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员");
            }
            Integer count = dao.queryForObject("select count(1) from `system_user` where id  = ?", Integer.class, memberId);
            if (count != null && count > 0) {
                request.setAttribute(JwtTokenUtil.UserId_Name, memberId);
                return true;
            }else{
                throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"用户信息出错");
            }
            request.setAttribute(JwtTokenUtil.UserId_Name, memberId);
            request.setAttribute(JwtTokenUtil.MEMBER, member);
            return true;
        } catch (IllegalArgumentException | JwtException e) {
            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录");
        }