package com.doumee.config.Jwt; import com.alibaba.fastjson.JSONObject; import com.doumee.biz.system.SystemDictDataBiz; import com.doumee.config.annotation.UserLoginRequired; import com.doumee.config.annotation.LoginRequired; import com.doumee.core.constants.ResponseStatus; import com.doumee.core.exception.BusinessException; import com.doumee.core.utils.Constants; import com.doumee.core.utils.redis.RedisUtil; import com.doumee.dao.business.model.Member; import com.doumee.dao.business.model.Users; import io.jsonwebtoken.JwtException; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.jdbc.core.BeanPropertyRowMapper; import org.springframework.jdbc.core.JdbcTemplate; import org.springframework.web.client.RestTemplate; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.util.Objects; @Configuration public class WebMvcConfig implements WebMvcConfigurer { @Autowired private JdbcTemplate dao; @Autowired private SystemDictDataBiz systemDictDataBiz; @Autowired private RedisTemplate redisTemplate; /** * 添加拦截器 */ @Override public void addInterceptors(InterceptorRegistry registry) { //API接口JwtToken拦截器 HandlerInterceptor TokenInterceptor = new HandlerInterceptor() { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { // 如果不是映射到方法直接通过 if (!(handler instanceof HandlerMethod)) { return true; } HandlerMethod handlerMethod = (HandlerMethod) handler; Class beanType = handlerMethod.getBeanType(); // Method method = handlerMethod.getMethod(); // 有 @LoginRequired 注解,需要登录认证 客户端使用 if (beanType.isAnnotationPresent(LoginRequired.class) || handlerMethod.hasMethodAnnotation(LoginRequired.class)) { //获取token String token = request.getHeader(JwtTokenUtil.HEADER_KEY); // 从 http 请求头中取出 token if (StringUtils.isNotBlank(token)) { checkLogin(request,response); } else { throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); } // 有 @UserLoginRequired 注解,需要登录认证 内部人员使用 } else if(beanType.isAnnotationPresent(UserLoginRequired.class) || handlerMethod.hasMethodAnnotation(UserLoginRequired.class)){ //ERP 业务注解 String token = request.getHeader(JwtTokenUtil.HEADER_KEY); if (StringUtils.isNotBlank(token)) { checkPersonnelLogin(request,response); } else { throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); } } return true; } }; registry.addInterceptor(TokenInterceptor).addPathPatterns("/web/**"); } public Boolean checkLogin(HttpServletRequest request, HttpServletResponse response){ String token = request.getHeader(JwtTokenUtil.HEADER_KEY); try { //判断Token是否超时 boolean expiration = JwtTokenUtil.isTokenExpired(token); if (expiration) { throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); } //获取账号ID Long memberId = JwtTokenUtil.getJwtPayLoad(token).getUserId(); Integer userType = JwtTokenUtil.getJwtPayLoad(token).getUserType(); if(!Constants.equalsInteger(userType,Constants.ZERO)){ throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"无访问权限"); } Member member = dao.queryForObject(" select * from `member` where id = ? limit 1 ", new BeanPropertyRowMapper<>(Member.class),memberId ); if(Objects.isNull(member)){ throw new BusinessException(ResponseStatus.DATA_EMPTY); } if(Constants.equalsInteger(member.getIsdeleted(),Constants.ONE)){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员"); } if(!Constants.equalsInteger(member.getStatus(),Constants.ZERO)){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员"); } request.setAttribute(JwtTokenUtil.UserId_Name, memberId); request.setAttribute(JwtTokenUtil.UserType, Constants.CUSTOMER); return true; } catch (IllegalArgumentException | JwtException e) { throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); } } public Boolean checkPersonnelLogin(HttpServletRequest request, HttpServletResponse response){ String token = request.getHeader(JwtTokenUtil.HEADER_KEY); try { //判断Token是否超时 boolean expiration = JwtTokenUtil.isTokenExpired(token); if (expiration) { throw new BusinessException(ResponseStatus.TOKEN_EXCEED_TIME.getCode(),"长时间未操作,请重新登录"); } //获取账号ID Long userId = JwtTokenUtil.getJwtPayLoad(token).getUserId(); Integer userType = JwtTokenUtil.getJwtPayLoad(token).getUserType(); if(!Constants.equalsInteger(userType,Constants.ONE)){ throw new BusinessException(ResponseStatus.BAD_REQUEST.getCode(),"无访问权限"); } Users users = dao.queryForObject(" select * from `users` where id = ? limit 1 ", new BeanPropertyRowMapper<>(Users.class),userId); if(Objects.isNull(users)){ throw new BusinessException(ResponseStatus.DATA_EMPTY); } if(Constants.equalsInteger(users.getIsdeleted(),Constants.ONE)){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已删除,请联系管理员"); } if(!StringUtils.equals(users.getStatus(),Constants.ZERO+"")){ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"用户已禁用,请联系管理员"); } request.setAttribute(JwtTokenUtil.UserId_Name, userId); request.setAttribute(JwtTokenUtil.UserType, Constants.BUSINESS); return true; } catch (IllegalArgumentException | JwtException e) { throw new BusinessException(ResponseStatus.NO_LOGIN.getCode(),"未登录"); } } @Bean public RestTemplate getRestTemplate(){ return new RestTemplate(); } }