From c0f4b90b5b6a45f044a694b5e3837cabfdcbf3aa Mon Sep 17 00:00:00 2001
From: k94314517 <8417338+k94314517@user.noreply.gitee.com>
Date: 星期三, 07 五月 2025 18:57:17 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'
---
server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java | 198 ++++++++++++++++++++++++++++++++++++++++++-------
1 files changed, 168 insertions(+), 30 deletions(-)
diff --git a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
index 8fb8aee..16072d0 100644
--- a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
+++ b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
@@ -1,70 +1,128 @@
package com.doumee.config.cloudfilter;
import com.alibaba.fastjson.JSONObject;
+import com.doumee.config.annotation.CloudRequiredPermission;
import com.doumee.config.annotation.LoginNoRequired;
+import com.doumee.config.jwt.JwtProperties;
+import com.doumee.config.jwt.JwtTokenUtil;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
-import com.doumee.core.model.LoginUserInfo;
+import com.doumee.service.business.third.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import org.apache.commons.lang3.StringUtils;
-import org.apache.shiro.authz.UnauthorizedException;
-import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
+import javax.annotation.Resource;
+import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.*;
+import java.util.concurrent.TimeUnit;
public class LoginHandlerInterceptor implements HandlerInterceptor {
private RedisTemplate<String,Object> stringRedisTemplate;
+ private long expireTime;
// 鐢变簬璇ョ被鏈氦缁檚pring绠$悊锛屽洜姝や笉鑳戒娇鐢ㄨ嚜鍔ㄨ閰嶇殑鏂瑰紡鑾峰彇RedisTemplate瀵硅薄
- public LoginHandlerInterceptor(RedisTemplate<String,Object> stringRedisTemplate) {
+ public LoginHandlerInterceptor(RedisTemplate<String,Object> stringRedisTemplate,long expireTime) {
+ this.expireTime = expireTime;
this.stringRedisTemplate = stringRedisTemplate;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
- HandlerMethod handlerMethod = (HandlerMethod) handler;
- Class<?> beanType = handlerMethod.getBeanType();
- if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
- //鑾峰彇token
- String token = request.getHeader(Constants.HEADER_USER_TOKEN); // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
- if (StringUtils.isNotBlank(token)) {
- LoginUserInfo user = checkLogin(request,response);
- if (!handlerMethod.hasMethodAnnotation(RequiresPermissions.class)) {
- RequiresPermissions p = handlerMethod.getMethodAnnotation(RequiresPermissions.class);
- if(p.value()!=null && p.value().length>0){
- boolean hasPermission = false;
- for(String s :p.value()){
- if(user.getPermissions()!=null){
- for(String t :user.getPermissions()){
- if(StringUtils.equals(t,s)){
- hasPermission = true;
- break;
+ if(handler instanceof HandlerMethod){
+ HandlerMethod handlerMethod = (HandlerMethod) handler;
+ Class<?> beanType = handlerMethod.getBeanType();
+ if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
+ //鑾峰彇token
+ Cookie[] cookies = request.getCookies();
+ String token = request.getHeader(Constants.HEADER_USER_TOKEN); // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
+ if(StringUtils.isBlank(token)){
+ for(Cookie c :cookies){
+ if(StringUtils.equals(c.getName(),Constants.HEADER_USER_TOKEN)){
+ token = c.getValue();
+ }
+ }
+ }
+ if (StringUtils.isNotBlank(token)) {
+ LoginUserInfo user = checkLogin(token);
+ if (handlerMethod.hasMethodAnnotation(CloudRequiredPermission.class)) {
+ CloudRequiredPermission p = handlerMethod.getMethodAnnotation(CloudRequiredPermission.class);
+ if(p.value()!=null && p.value().length>0){
+ boolean hasPermission = false;
+ for(String s :p.value()){
+ if(user.getPermissions()!=null){
+ for(String t :user.getPermissions()){
+ if(StringUtils.equals(t,s)){
+ hasPermission = true;
+ break;
+ }
}
}
}
+ if(!hasPermission) {
+ //娌℃湁鎿嶄綔鏉冮檺
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
+ }
}
- if(!hasPermission) {
- //娌℃湁鎿嶄綔鏉冮檺
- throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
- }
- }
+ }
+ /* try {
+ CustomHttpServletRequestWrapper requestWrapper = (CustomHttpServletRequestWrapper)request;
+ String body = requestWrapper.getBody();
+ JSONObject object = JSONObject.parseObject(body);
+ if(object!=null){
+ object.put("loginUserinfo",user);
+ requestWrapper.setBody( JSONObject.toJSONString(object));
+ }
+ }catch (Exception e){
+ }*/
+ } else {
+ throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),request.getRequestURI()+"鏈櫥褰曪紝TOKEN缂哄け");
}
- } else {
- throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
+ }else{
+ throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),request.getRequestURI()+"鏈櫥褰�");
}
+
return true;
}
- private LoginUserInfo checkLogin(HttpServletRequest request, HttpServletResponse response) {
- String token = request.getHeader(Constants.HEADER_USER_TOKEN);
+ private String getRequestBody(HttpServletRequest request) {
+ // 瀹炵幇浠巖equest鑾峰彇璇锋眰浣撶殑閫昏緫
+ String body = null;
+ ServletInputStream inputStream = null;
+ try {
+ inputStream = request.getInputStream();
+ String charset = request.getCharacterEncoding(); // 鍙兘涓簄ull
+ if (charset == null) {
+ charset = "UTF-8"; // 榛樿缂栫爜
+ }
+ BufferedReader reader = new BufferedReader(new InputStreamReader(inputStream, charset));
+ StringBuilder stringBuilder = new StringBuilder();
+ String line = null;
+ while ((line = reader.readLine()) != null) {
+ stringBuilder.append(line + "\n");
+ }
+ body = stringBuilder.toString();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+
+ return body;
+ }
+
+ private LoginUserInfo checkLogin(String token) {
if (token == null || token.isEmpty()) {
throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
@@ -76,12 +134,92 @@
if(user ==null ){
throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"鐢ㄦ埛鐧婚檰宸插け鏁堬紝璇烽噸鏂扮櫥闄嗭紒");
}
+ stringRedisTemplate.expire(Constants.REDIS_TOKEN_KEY+token,this.expireTime, TimeUnit.MILLISECONDS);
//鏉冮檺鍒ゆ柇------------
return user;
}
+
+
// @Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
// UserContext.removeUser();
}
+
+ class RSARequestWrapper extends HttpServletRequestWrapper {
+ private Map<String, String[]> params = new HashMap<>();
+ /**
+ * 蹇呴』瑕佸疄鐜扮殑鏋勯�犳柟娉�
+ * @param request
+ */
+ public RSARequestWrapper(HttpServletRequest request) {
+ super(request);
+ //灏嗗弬鏁拌〃锛岃祴浜堢粰褰撳墠鐨凪ap浠ヤ究浜庢寔鏈塺equest涓殑鍙傛暟
+ this.params.putAll(request.getParameterMap());
+ }
+ /**
+ * 閲嶈浇鏋勯�犳柟娉�
+ * @param request
+ * @param extendParams
+ */
+ public RSARequestWrapper(HttpServletRequest request, Map<String, Object> extendParams) {
+ this(request);
+ //杩欓噷灏嗘墿灞曞弬鏁板啓鍏ュ弬鏁拌〃
+ addAllParameters(extendParams);
+ }
+ /**
+ * 鍦ㄨ幏鍙栨墍鏈夌殑鍙傛暟鍚�,蹇呴』閲嶅啓姝ゆ柟娉曪紝鍚﹀垯瀵硅薄涓弬鏁板�兼槧灏勪笉涓�
+ * @return
+ */
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ @Override
+ public Enumeration<String> getParameterNames() {
+ return new Vector(params.keySet()).elements();
+ }
+ /**
+ * 澧炲姞澶氫釜鍙傛暟
+ * @param otherParams 澧炲姞鐨勫涓弬鏁�
+ */
+ public void addAllParameters(Map<String, Object> otherParams) {
+ for (Map.Entry<String, Object> entry : otherParams.entrySet()) {
+ addParameter(entry.getKey(), entry.getValue());
+ }
+ }
+ /**
+ * 澧炲姞鍙傛暟
+ * getParameterMap()涓殑绫诲瀷鏄�<String,String[]>绫诲瀷鐨勶紝鎵�浠ヨ繖閲岃灏嗗叾value杞负String[]绫诲瀷
+ * @param name 鍙傛暟鍚�
+ * @param value 鍙傛暟鍊�
+ */
+ public void addParameter(String name, Object value) {
+ if (value != null) {
+ if (value instanceof String[]) {
+ params.put(name, (String[]) value);
+ } else if (value instanceof String) {
+ params.put(name, new String[]{(String) value});
+ } else {
+ params.put(name, new String[]{String.valueOf(value)});
+ }
+ }
+ }
+ @Override
+ public String[] getParameterValues(String name) {
+ String[] access_token_user_id = params.get("access_token_user_id");
+ String[] values = params.get(name);//getValue(name);
+ if (values == null || access_token_user_id==null){
+ return null;
+ }
+ return values;
+ }
+
+ @Override
+ public String getParameter(String name) {
+ String[] access_token_user_id = params.get("access_token_user_id");
+ String[] values = params.get(name);//getValue(name);
+ if (values == null || access_token_user_id==null){
+ return null;
+ }
+ return values[0];
+ }
+ }
}
\ No newline at end of file
--
Gitblit v1.9.3