From 39ddb6cdeefad6489e79cd49dfa94fdaf359dcdc Mon Sep 17 00:00:00 2001
From: liukangdong <898885815@qq.com>
Date: 星期一, 20 五月 2024 16:57:10 +0800
Subject: [PATCH] Merge branch 'master' of http://139.186.142.91:10010/r/productDev/dmvisit
---
server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java | 182 ++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 171 insertions(+), 11 deletions(-)
diff --git a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
index 9042b1f..bc48e9f 100644
--- a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
+++ b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
@@ -1,18 +1,29 @@
package com.doumee.config.cloudfilter;
import com.alibaba.fastjson.JSONObject;
+import com.doumee.config.annotation.CloudRequiredPermission;
import com.doumee.config.annotation.LoginNoRequired;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.UnauthorizedException;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.util.ContentCachingRequestWrapper;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.*;
public class LoginHandlerInterceptor implements HandlerInterceptor {
@@ -26,22 +37,90 @@
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
- HandlerMethod handlerMethod = (HandlerMethod) handler;
- Class<?> beanType = handlerMethod.getBeanType();
- if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
- //鑾峰彇token
- String token = request.getHeader(Constants.HEADER_USER_TOKEN); // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
- if (StringUtils.isNotBlank(token)) {
- checkLogin(request,response);
- } else {
- throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
+ if(handler instanceof HandlerMethod){
+ HandlerMethod handlerMethod = (HandlerMethod) handler;
+ Class<?> beanType = handlerMethod.getBeanType();
+ if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
+ //鑾峰彇token
+ Cookie[] cookies = request.getCookies();
+ String token = request.getHeader(Constants.HEADER_USER_TOKEN); // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
+ if(StringUtils.isBlank(token)){
+ for(Cookie c :cookies){
+ if(StringUtils.equals(c.getName(),Constants.HEADER_USER_TOKEN)){
+ token = c.getValue();
+ }
+ }
+ }
+ if (StringUtils.isNotBlank(token)) {
+ LoginUserInfo user = checkLogin(token);
+ if (handlerMethod.hasMethodAnnotation(CloudRequiredPermission.class)) {
+ CloudRequiredPermission p = handlerMethod.getMethodAnnotation(CloudRequiredPermission.class);
+ if(p.value()!=null && p.value().length>0){
+ boolean hasPermission = false;
+ for(String s :p.value()){
+ if(user.getPermissions()!=null){
+ for(String t :user.getPermissions()){
+ if(StringUtils.equals(t,s)){
+ hasPermission = true;
+ break;
+ }
+ }
+ }
+ }
+ if(!hasPermission) {
+ //娌℃湁鎿嶄綔鏉冮檺
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
+ }
+ }
+
+ }
+ /*try {
+ CustomHttpServletRequestWrapper requestWrapper = (CustomHttpServletRequestWrapper)request;
+ String body = requestWrapper.getBody();
+ JSONObject object = JSONObject.parseObject(body);
+ if(object!=null){
+ object.put("loginUserinfo",user);
+ requestWrapper.setBody( JSONObject.toJSONString(object));
+ }
+ }catch (Exception e){
+ e.printStackTrace();
+ }*/
+ } else {
+ throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
+ }
}
+ }else{
+ throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
+
return true;
}
- private void checkLogin(HttpServletRequest request, HttpServletResponse response) {
- String token = request.getHeader(Constants.HEADER_USER_TOKEN);
+ private String getRequestBody(HttpServletRequest request) {
+ // 瀹炵幇浠巖equest鑾峰彇璇锋眰浣撶殑閫昏緫
+ String body = null;
+ ServletInputStream inputStream = null;
+ try {
+ inputStream = request.getInputStream();
+ String charset = request.getCharacterEncoding(); // 鍙兘涓簄ull
+ if (charset == null) {
+ charset = "UTF-8"; // 榛樿缂栫爜
+ }
+ BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream, charset));
+ StringBuilder stringBuilder = new StringBuilder();
+ String line = null;
+ while ((line = reader.readLine()) != null) {
+ stringBuilder.append(line + "\n");
+ }
+ body = stringBuilder.toString();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+
+ return body;
+ }
+
+ private LoginUserInfo checkLogin(String token) {
if (token == null || token.isEmpty()) {
throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
@@ -53,10 +132,91 @@
if(user ==null ){
throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"鐢ㄦ埛鐧婚檰宸插け鏁堬紝璇烽噸鏂扮櫥闄嗭紒");
}
+ //鏉冮檺鍒ゆ柇------------
+ return user;
}
+
+
// @Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
// UserContext.removeUser();
}
+
+ class RSARequestWrapper extends HttpServletRequestWrapper {
+ private Map<String, String[]> params = new HashMap<>();
+ /**
+ * 蹇呴』瑕佸疄鐜扮殑鏋勯�犳柟娉�
+ * @param request
+ */
+ public RSARequestWrapper(HttpServletRequest request) {
+ super(request);
+ //灏嗗弬鏁拌〃锛岃祴浜堢粰褰撳墠鐨凪ap浠ヤ究浜庢寔鏈塺equest涓殑鍙傛暟
+ this.params.putAll(request.getParameterMap());
+ }
+ /**
+ * 閲嶈浇鏋勯�犳柟娉�
+ * @param request
+ * @param extendParams
+ */
+ public RSARequestWrapper(HttpServletRequest request, Map<String, Object> extendParams) {
+ this(request);
+ //杩欓噷灏嗘墿灞曞弬鏁板啓鍏ュ弬鏁拌〃
+ addAllParameters(extendParams);
+ }
+ /**
+ * 鍦ㄨ幏鍙栨墍鏈夌殑鍙傛暟鍚�,蹇呴』閲嶅啓姝ゆ柟娉曪紝鍚﹀垯瀵硅薄涓弬鏁板�兼槧灏勪笉涓�
+ * @return
+ */
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ @Override
+ public Enumeration<String> getParameterNames() {
+ return new Vector(params.keySet()).elements();
+ }
+ /**
+ * 澧炲姞澶氫釜鍙傛暟
+ * @param otherParams 澧炲姞鐨勫涓弬鏁�
+ */
+ public void addAllParameters(Map<String, Object> otherParams) {
+ for (Map.Entry<String, Object> entry : otherParams.entrySet()) {
+ addParameter(entry.getKey(), entry.getValue());
+ }
+ }
+ /**
+ * 澧炲姞鍙傛暟
+ * getParameterMap()涓殑绫诲瀷鏄�<String,String[]>绫诲瀷鐨勶紝鎵�浠ヨ繖閲岃灏嗗叾value杞负String[]绫诲瀷
+ * @param name 鍙傛暟鍚�
+ * @param value 鍙傛暟鍊�
+ */
+ public void addParameter(String name, Object value) {
+ if (value != null) {
+ if (value instanceof String[]) {
+ params.put(name, (String[]) value);
+ } else if (value instanceof String) {
+ params.put(name, new String[]{(String) value});
+ } else {
+ params.put(name, new String[]{String.valueOf(value)});
+ }
+ }
+ }
+ @Override
+ public String[] getParameterValues(String name) {
+ String[] access_token_user_id = params.get("access_token_user_id");
+ String[] values = params.get(name);//getValue(name);
+ if (values == null || access_token_user_id==null){
+ return null;
+ }
+ return values;
+ }
+
+ @Override
+ public String getParameter(String name) {
+ String[] access_token_user_id = params.get("access_token_user_id");
+ String[] values = params.get(name);//getValue(name);
+ if (values == null || access_token_user_id==null){
+ return null;
+ }
+ return values[0];
+ }
+ }
}
\ No newline at end of file
--
Gitblit v1.9.3