| | |
|---|
| | | |
|---|
| | | import com.alibaba.fastjson.JSONObject; |
|---|
| | | import com.doumee.biz.system.SystemDictDataBiz; |
|---|
| | | import com.doumee.biz.zbom.model.zhongtai.ZTConstants; |
|---|
| | | import com.doumee.config.annotation.UserLoginRequired; |
|---|
| | | import com.doumee.config.annotation.LoginRequired; |
|---|
| | | import com.doumee.core.constants.ResponseStatus; |
|---|
| | |
|---|
| | | import io.jsonwebtoken.JwtException; |
|---|
| | | import org.apache.commons.lang3.StringUtils; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.beans.factory.annotation.Value; |
|---|
| | | import org.springframework.context.annotation.Bean; |
|---|
| | | import org.springframework.context.annotation.Configuration; |
|---|
| | | import org.springframework.data.redis.core.RedisTemplate; |
|---|
| | |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private RedisTemplate<String,Object> redisTemplate; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 是否开发者 |
|---|
| | | */ |
|---|
| | | @Value("${debug_model}") |
|---|
| | | private Boolean isDebug; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 添加拦截器 |
|---|
| | |
|---|
| | | public Boolean checkLogin(HttpServletRequest request, HttpServletResponse response){ |
|---|
| | | String token = request.getHeader(JwtTokenUtil.HEADER_KEY); |
|---|
| | | try { |
|---|
| | | //判断Token是否超时 |
|---|
| | | boolean expiration = JwtTokenUtil.isTokenExpired(token); |
|---|
| | | if (expiration) { |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | //获取账号ID |
|---|
| | | Long memberId = JwtTokenUtil.getJwtPayLoad(token).getUserId(); |
|---|
| | | Integer userType = JwtTokenUtil.getJwtPayLoad(token).getUserType(); |
|---|
| | | if(!Constants.equalsInteger(userType,Constants.ZERO)){ |
|---|
| | | throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"无访问权限"); |
|---|
| | | String tokenRedis = (String) redisTemplate.opsForValue().get(ZTConstants.CUSTOMER+"_"+memberId); |
|---|
| | | if(StringUtils.isNotBlank(tokenRedis)){ |
|---|
| | | if(!tokenRedis.equals(token)){ |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | }else{ |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | Member member = dao.queryForObject(" select * from `member` where id = ? limit 1 ", new BeanPropertyRowMapper<>(Member.class),memberId ); |
|---|
| | | if(Objects.isNull(member)){ |
|---|
| | |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员"); |
|---|
| | | } |
|---|
| | | request.setAttribute(JwtTokenUtil.UserId_Name, memberId); |
|---|
| | | request.setAttribute(JwtTokenUtil.UserType, Constants.CUSTOMER); |
|---|
| | | request.setAttribute(JwtTokenUtil.UserType, ZTConstants.CUSTOMER); |
|---|
| | | return true; |
|---|
| | | } catch (IllegalArgumentException | JwtException e) { |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
| | |
|---|
| | | public Boolean checkPersonnelLogin(HttpServletRequest request, HttpServletResponse response){ |
|---|
| | | String token = request.getHeader(JwtTokenUtil.HEADER_KEY); |
|---|
| | | try { |
|---|
| | | //判断Token是否超时 |
|---|
| | | boolean expiration = JwtTokenUtil.isTokenExpired(token); |
|---|
| | | if (expiration) { |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | //获取账号ID |
|---|
| | | Long userId = JwtTokenUtil.getJwtPayLoad(token).getUserId(); |
|---|
| | | Integer userType = JwtTokenUtil.getJwtPayLoad(token).getUserType(); |
|---|
| | | if(!Constants.equalsInteger(userType,Constants.ONE)){ |
|---|
| | | throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"无访问权限"); |
|---|
| | | String tokenRedis = (String) redisTemplate.opsForValue().get(ZTConstants.BUSINESS+"_"+userId); |
|---|
| | | if(StringUtils.isNotBlank(tokenRedis)){ |
|---|
| | | if(!tokenRedis.equals(token)){ |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | }else{ |
|---|
| | | throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); |
|---|
| | | } |
|---|
| | | Users users = dao.queryForObject(" select * from `users` where id = ? limit 1 ", new BeanPropertyRowMapper<>(Users.class),userId); |
|---|
| | | if(Objects.isNull(users)){ |
|---|
| | |
|---|
| | | if(Constants.equalsInteger(users.getIsdeleted(),Constants.ONE)){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员"); |
|---|
| | | } |
|---|
| | | if(!StringUtils.equals(users.getStatus(),Constants.ZERO+"")){ |
|---|
| | | if(!StringUtils.equals(users.getStatus(),Constants.ONE+"")){ |
|---|
| | | throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员"); |
|---|
| | | } |
|---|
| | | request.setAttribute(JwtTokenUtil.UserId_Name, userId); |
|---|
| | | request.setAttribute(JwtTokenUtil.UserType, Constants.BUSINESS); |
|---|
| | | request.setAttribute(JwtTokenUtil.UserType, ZTConstants.BUSINESS); |
|---|
| | | return true; |
|---|
| | | } catch (IllegalArgumentException | JwtException e) { |
|---|
| | | throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); |
|---|
