From 29d76f8a034cb2bbeccee258e97f66f2e2d87451 Mon Sep 17 00:00:00 2001
From: jiangping <jp@doumee.com>
Date: 星期四, 10 十月 2024 14:57:39 +0800
Subject: [PATCH] 最新版本
---
server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java | 187 ++++++++++++++++++++++++++++++++++++++--------
1 files changed, 155 insertions(+), 32 deletions(-)
diff --git a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
index 0228c3a..49e4f25 100644
--- a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
+++ b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
@@ -13,12 +13,17 @@
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.util.ContentCachingRequestWrapper;
+import javax.servlet.ServletInputStream;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
-import java.util.Arrays;
-import java.util.Enumeration;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.*;
public class LoginHandlerInterceptor implements HandlerInterceptor {
@@ -32,47 +37,86 @@
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
- HandlerMethod handlerMethod = (HandlerMethod) handler;
- Class<?> beanType = handlerMethod.getBeanType();
- if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
- //鑾峰彇token
- Cookie[] cookies = request.getCookies();
- String token = request.getHeader(Constants.HEADER_USER_TOKEN); // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
- if(StringUtils.isBlank(token)){
- for(Cookie c :cookies){
- if(StringUtils.equals(c.getName(),Constants.HEADER_USER_TOKEN)){
- token = c.getValue();
+ if(handler instanceof HandlerMethod){
+ HandlerMethod handlerMethod = (HandlerMethod) handler;
+ Class<?> beanType = handlerMethod.getBeanType();
+ if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
+ //鑾峰彇token
+ Cookie[] cookies = request.getCookies();
+ String token = request.getHeader(Constants.HEADER_USER_TOKEN); // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
+ if(StringUtils.isBlank(token)){
+ for(Cookie c :cookies){
+ if(StringUtils.equals(c.getName(),Constants.HEADER_USER_TOKEN)){
+ token = c.getValue();
+ }
}
}
- }
- if (StringUtils.isNotBlank(token)) {
- LoginUserInfo user = checkLogin(token);
- if (handlerMethod.hasMethodAnnotation(CloudRequiredPermission.class)) {
- CloudRequiredPermission p = handlerMethod.getMethodAnnotation(CloudRequiredPermission.class);
- if(p.value()!=null && p.value().length>0){
- boolean hasPermission = false;
- for(String s :p.value()){
- if(user.getPermissions()!=null){
- for(String t :user.getPermissions()){
- if(StringUtils.equals(t,s)){
- hasPermission = true;
- break;
+ if (StringUtils.isNotBlank(token)) {
+ LoginUserInfo user = checkLogin(token);
+ if (handlerMethod.hasMethodAnnotation(CloudRequiredPermission.class)) {
+ CloudRequiredPermission p = handlerMethod.getMethodAnnotation(CloudRequiredPermission.class);
+ if(p.value()!=null && p.value().length>0){
+ boolean hasPermission = false;
+ for(String s :p.value()){
+ if(user.getPermissions()!=null){
+ for(String t :user.getPermissions()){
+ if(StringUtils.equals(t,s)){
+ hasPermission = true;
+ break;
+ }
}
}
}
+ if(!hasPermission) {
+ //娌℃湁鎿嶄綔鏉冮檺
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
+ }
}
- if(!hasPermission) {
- //娌℃湁鎿嶄綔鏉冮檺
- throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
- }
- }
+ }
+ /* try {
+ CustomHttpServletRequestWrapper requestWrapper = (CustomHttpServletRequestWrapper)request;
+ String body = requestWrapper.getBody();
+ JSONObject object = JSONObject.parseObject(body);
+ if(object!=null){
+ object.put("loginUserinfo",user);
+ requestWrapper.setBody( JSONObject.toJSONString(object));
+ }
+ }catch (Exception e){
+ }*/
+ } else {
+ throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
- } else {
- throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
+ }else{
+ throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
+
return true;
+ }
+
+ private String getRequestBody(HttpServletRequest request) {
+ // 瀹炵幇浠巖equest鑾峰彇璇锋眰浣撶殑閫昏緫
+ String body = null;
+ ServletInputStream inputStream = null;
+ try {
+ inputStream = request.getInputStream();
+ String charset = request.getCharacterEncoding(); // 鍙兘涓簄ull
+ if (charset == null) {
+ charset = "UTF-8"; // 榛樿缂栫爜
+ }
+ BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream, charset));
+ StringBuilder stringBuilder = new StringBuilder();
+ String line = null;
+ while ((line = reader.readLine()) != null) {
+ stringBuilder.append(line + "\n");
+ }
+ body = stringBuilder.toString();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+
+ return body;
}
private LoginUserInfo checkLogin(String token) {
@@ -91,8 +135,87 @@
return user;
}
+
+
// @Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
// UserContext.removeUser();
}
+
+ class RSARequestWrapper extends HttpServletRequestWrapper {
+ private Map<String, String[]> params = new HashMap<>();
+ /**
+ * 蹇呴』瑕佸疄鐜扮殑鏋勯�犳柟娉�
+ * @param request
+ */
+ public RSARequestWrapper(HttpServletRequest request) {
+ super(request);
+ //灏嗗弬鏁拌〃锛岃祴浜堢粰褰撳墠鐨凪ap浠ヤ究浜庢寔鏈塺equest涓殑鍙傛暟
+ this.params.putAll(request.getParameterMap());
+ }
+ /**
+ * 閲嶈浇鏋勯�犳柟娉�
+ * @param request
+ * @param extendParams
+ */
+ public RSARequestWrapper(HttpServletRequest request, Map<String, Object> extendParams) {
+ this(request);
+ //杩欓噷灏嗘墿灞曞弬鏁板啓鍏ュ弬鏁拌〃
+ addAllParameters(extendParams);
+ }
+ /**
+ * 鍦ㄨ幏鍙栨墍鏈夌殑鍙傛暟鍚�,蹇呴』閲嶅啓姝ゆ柟娉曪紝鍚﹀垯瀵硅薄涓弬鏁板�兼槧灏勪笉涓�
+ * @return
+ */
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ @Override
+ public Enumeration<String> getParameterNames() {
+ return new Vector(params.keySet()).elements();
+ }
+ /**
+ * 澧炲姞澶氫釜鍙傛暟
+ * @param otherParams 澧炲姞鐨勫涓弬鏁�
+ */
+ public void addAllParameters(Map<String, Object> otherParams) {
+ for (Map.Entry<String, Object> entry : otherParams.entrySet()) {
+ addParameter(entry.getKey(), entry.getValue());
+ }
+ }
+ /**
+ * 澧炲姞鍙傛暟
+ * getParameterMap()涓殑绫诲瀷鏄�<String,String[]>绫诲瀷鐨勶紝鎵�浠ヨ繖閲岃灏嗗叾value杞负String[]绫诲瀷
+ * @param name 鍙傛暟鍚�
+ * @param value 鍙傛暟鍊�
+ */
+ public void addParameter(String name, Object value) {
+ if (value != null) {
+ if (value instanceof String[]) {
+ params.put(name, (String[]) value);
+ } else if (value instanceof String) {
+ params.put(name, new String[]{(String) value});
+ } else {
+ params.put(name, new String[]{String.valueOf(value)});
+ }
+ }
+ }
+ @Override
+ public String[] getParameterValues(String name) {
+ String[] access_token_user_id = params.get("access_token_user_id");
+ String[] values = params.get(name);//getValue(name);
+ if (values == null || access_token_user_id==null){
+ return null;
+ }
+ return values;
+ }
+
+ @Override
+ public String getParameter(String name) {
+ String[] access_token_user_id = params.get("access_token_user_id");
+ String[] values = params.get(name);//getValue(name);
+ if (values == null || access_token_user_id==null){
+ return null;
+ }
+ return values[0];
+ }
+ }
}
\ No newline at end of file
--
Gitblit v1.9.3