From dab5db84055a7f6a8fea3b61099d85d34ea7a706 Mon Sep 17 00:00:00 2001
From: jiangping <jp@doumee.com>
Date: 星期五, 10 五月 2024 16:22:25 +0800
Subject: [PATCH] 最新版本
---
server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java | 44 ++++++++++++++++++++++++++++++++++++++++----
1 files changed, 40 insertions(+), 4 deletions(-)
diff --git a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
index bc6bc2f..0228c3a 100644
--- a/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
+++ b/server/system_service/src/main/java/com/doumee/config/cloudfilter/LoginHandlerInterceptor.java
@@ -1,18 +1,24 @@
package com.doumee.config.cloudfilter;
import com.alibaba.fastjson.JSONObject;
+import com.doumee.config.annotation.CloudRequiredPermission;
import com.doumee.config.annotation.LoginNoRequired;
import com.doumee.core.constants.ResponseStatus;
import com.doumee.core.exception.BusinessException;
import com.doumee.core.model.LoginUserInfo;
import com.doumee.core.utils.Constants;
import org.apache.commons.lang3.StringUtils;
+import org.apache.shiro.authz.UnauthorizedException;
+import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
+import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import java.util.Arrays;
+import java.util.Enumeration;
public class LoginHandlerInterceptor implements HandlerInterceptor {
@@ -28,11 +34,40 @@
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
HandlerMethod handlerMethod = (HandlerMethod) handler;
Class<?> beanType = handlerMethod.getBeanType();
- if (!beanType.isAnnotationPresent(LoginNoRequired.class) || !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
+ if (!beanType.isAnnotationPresent(LoginNoRequired.class) && !handlerMethod.hasMethodAnnotation(LoginNoRequired.class)) {
//鑾峰彇token
+ Cookie[] cookies = request.getCookies();
String token = request.getHeader(Constants.HEADER_USER_TOKEN); // 浠� http 璇锋眰澶翠腑鍙栧嚭 token
+ if(StringUtils.isBlank(token)){
+ for(Cookie c :cookies){
+ if(StringUtils.equals(c.getName(),Constants.HEADER_USER_TOKEN)){
+ token = c.getValue();
+ }
+ }
+ }
if (StringUtils.isNotBlank(token)) {
- checkLogin(request,response);
+ LoginUserInfo user = checkLogin(token);
+ if (handlerMethod.hasMethodAnnotation(CloudRequiredPermission.class)) {
+ CloudRequiredPermission p = handlerMethod.getMethodAnnotation(CloudRequiredPermission.class);
+ if(p.value()!=null && p.value().length>0){
+ boolean hasPermission = false;
+ for(String s :p.value()){
+ if(user.getPermissions()!=null){
+ for(String t :user.getPermissions()){
+ if(StringUtils.equals(t,s)){
+ hasPermission = true;
+ break;
+ }
+ }
+ }
+ }
+ if(!hasPermission) {
+ //娌℃湁鎿嶄綔鏉冮檺
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"娌℃湁璇ユ搷浣滄潈闄�");
+ }
+ }
+
+ }
} else {
throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
@@ -40,8 +75,7 @@
return true;
}
- private void checkLogin(HttpServletRequest request, HttpServletResponse response) {
- String token = request.getHeader(Constants.HEADER_USER_TOKEN);
+ private LoginUserInfo checkLogin(String token) {
if (token == null || token.isEmpty()) {
throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"鏈櫥褰�");
}
@@ -53,6 +87,8 @@
if(user ==null ){
throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"鐢ㄦ埛鐧婚檰宸插け鏁堬紝璇烽噸鏂扮櫥闄嗭紒");
}
+ //鏉冮檺鍒ゆ柇------------
+ return user;
}
// @Override
--
Gitblit v1.9.3