package com.doumee.config.jwt; import com.alibaba.fastjson.JSONObject; import com.doumee.core.annotation.LoginRequired; import com.doumee.core.constants.Constants; import com.doumee.core.constants.ResponseStatus; import com.doumee.core.exception.BusinessException; import com.doumee.dao.business.model.Member; import io.jsonwebtoken.JwtException; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.web.client.RestTemplate; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.Objects; @Configuration public class WebMvcConfig implements WebMvcConfigurer { @Autowired private JdbcTemplate dao; @Resource private JwtTokenUtil jwtTokenUtil; /** * 添加拦截器 */ @Override public void addInterceptors(InterceptorRegistry registry) { //API接口JwtToken拦截器 HandlerInterceptor TokenInterceptor = new HandlerInterceptor() { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 如果不是映射到方法直接通过 if (!(handler instanceof HandlerMethod)) { return true; } HandlerMethod handlerMethod = (HandlerMethod) handler; Class beanType = handlerMethod.getBeanType(); // 有 @LoginRequired 注解,需要登录认证 if (beanType.isAnnotationPresent(LoginRequired.class)) { //获取token String token = request.getHeader(JwtTokenUtil.HEADER_KEY); // 从 http 请求头中取出 token if (StringUtils.isNotBlank(token)) { checkLogin(request,response); } else { throw new BusinessException(ResponseStatus.BE_OVERDUE.getCode(),"未登录"); } }else if (handlerMethod.hasMethodAnnotation(LoginRequired.class)){ //获取token String token = request.getHeader(JwtTokenUtil.HEADER_KEY); // 从 http 请求头中取出 token if (StringUtils.isNotBlank(token)) { checkLogin(request,response); } else { throw new BusinessException(ResponseStatus.BE_OVERDUE.getCode(),"未登录"); } } return true; } }; registry.addInterceptor(TokenInterceptor).addPathPatterns("/web/**"); } public Boolean checkLogin(HttpServletRequest request, HttpServletResponse response){ String token = request.getHeader(JwtTokenUtil.HEADER_KEY); try { Member member = jwtTokenUtil.getUserInfoByToken(token); if(Objects.isNull(member)){ throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); } Integer isDeleted = dao.queryForObject(" select COALESCE(DELETED,1) from member where id = ?", Integer.class, member.getId()); if(isDeleted.equals(Constants.ONE)){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员"); } Integer count = dao.queryForObject("select count(1) from member where id = ?", Integer.class, member.getId()); if (count != null && count > 0) { // jwtTokenUtil.refreshToken(token,member); request.setAttribute(JwtTokenUtil.MEMBER_INFO, JSONObject.toJSONString(member)); request.setAttribute(JwtTokenUtil.MEMBER_ID, member.getId()); return true; }else{ throw new BusinessException(ResponseStatus.BE_OVERDUE.getCode(),"用户信息出错"); } } catch (IllegalArgumentException | JwtException e) { throw new BusinessException(ResponseStatus.BE_OVERDUE.getCode(),"未登录"); } } @Bean public RestTemplate getRestTemplate(){ return new RestTemplate(); } }