From 5adc2541559cfefe3f9794d4a42a705b1ce83172 Mon Sep 17 00:00:00 2001
From: jiangping <jp@doumee.com>
Date: 星期六, 11 五月 2024 10:49:58 +0800
Subject: [PATCH] 最新版本

---
 server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java |   63 ++++++++++++++++++++++++++-----
 1 files changed, 52 insertions(+), 11 deletions(-)

diff --git a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
index 9042b1f..f06ee51 100644
--- a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
+++ b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
@@ -1,18 +1,24 @@
 package com.doumee.config.cloudfilter;
 
 import com.alibaba.fastjson.JSONObject;
+import com.doumee.config.annotation.CloudRequiredPermission;
 import com.doumee.config.annotation.LoginNoRequired;
 import com.doumee.core.constants.ResponseStatus;
 import com.doumee.core.exception.BusinessException;
 import com.doumee.core.model.LoginUserInfo;
 import com.doumee.core.utils.Constants;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.UnauthorizedException;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.HandlerInterceptor;
 
+import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.util.Arrays;
+import java.util.Enumeration;
 
 public class LoginHandlerInterceptor implements HandlerInterceptor {
 
@@ -26,22 +32,55 @@
 
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
-        HandlerMethod handlerMethod = (HandlerMethod) handler;
-        Class<?> beanType = handlerMethod.getBeanType();
-        if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
-            //鑾峰彇token
-            String token = request.getHeader(Constants.HEADER_USER_TOKEN);  // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
-            if (StringUtils.isNotBlank(token)) {
-                checkLogin(request,response);
-            } else {
-                throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
+        if(handler instanceof HandlerMethod){
+            HandlerMethod handlerMethod = (HandlerMethod) handler;
+            Class<?> beanType = handlerMethod.getBeanType();
+            if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
+                //鑾峰彇token
+                Cookie[]  cookies =   request.getCookies();
+                String token = request.getHeader(Constants.HEADER_USER_TOKEN);  // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
+                if(StringUtils.isBlank(token)){
+                    for(Cookie c :cookies){
+                        if(StringUtils.equals(c.getName(),Constants.HEADER_USER_TOKEN)){
+                            token = c.getValue();
+                        }
+                    }
+                }
+                if (StringUtils.isNotBlank(token)) {
+                    LoginUserInfo user =   checkLogin(token);
+                    if (handlerMethod.hasMethodAnnotation(CloudRequiredPermission.class)) {
+                        CloudRequiredPermission p = handlerMethod.getMethodAnnotation(CloudRequiredPermission.class);
+                        if(p.value()!=null && p.value().length>0){
+                            boolean hasPermission = false;
+                            for(String s :p.value()){
+                                if(user.getPermissions()!=null){
+                                    for(String t :user.getPermissions()){
+                                        if(StringUtils.equals(t,s)){
+                                            hasPermission = true;
+                                            break;
+                                        }
+                                    }
+                                }
+                            }
+                            if(!hasPermission) {
+                                //娌℃湁鎿嶄綔鏉冮檺
+                                throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
+                            }
+                        }
+
+                    }
+                } else {
+                    throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
+                }
             }
+        }else{
+            throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
         }
+
         return true;
     }
 
-    private void checkLogin(HttpServletRequest request, HttpServletResponse response) {
-        String token = request.getHeader(Constants.HEADER_USER_TOKEN);
+    private LoginUserInfo checkLogin(String token) {
         if (token == null || token.isEmpty()) {
             throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
         }
@@ -53,6 +92,8 @@
         if(user ==null ){
             throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"鐢ㄦ埛鐧婚檰宸插け鏁堬紝璇烽噸鏂扮櫥闄嗭紒");
         }
+        //鏉冮檺鍒ゆ柇------------
+        return  user;
     }
 
     //    @Override

--
Gitblit v1.9.3