package com.lf.server.interceptor;
|
|
import com.alibaba.fastjson.JSON;
|
import com.lf.server.entity.all.*;
|
import com.lf.server.entity.sys.UserEntity;
|
import com.lf.server.helper.StringHelper;
|
import com.lf.server.helper.WebHelper;
|
import com.lf.server.service.sys.TokenService;
|
import org.apache.commons.logging.Log;
|
import org.apache.commons.logging.LogFactory;
|
import org.springframework.context.annotation.Configuration;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.HandlerInterceptor;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.util.List;
|
|
/**
|
* 身份认证拦截器
|
* @author WWW
|
*/
|
@Configuration
|
public class AuthInterceptor implements HandlerInterceptor {
|
private TokenService tokenService;
|
|
private static final Log log = LogFactory.getLog(AuthInterceptor.class);
|
|
private static final String NO_TOKEN = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.TOKEN_ERROR, "找不到令牌"));
|
|
private static final String NO_LOGIN = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.NO_LOGIN_ERROR, "用户未登录"));
|
|
private static final String USER_LOCK = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.USER_LOCK_ERROR, "用户ID已禁用"));
|
|
private static final String NO_AUTH = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.NO_AUTH_ERROR, "无权限访问"));
|
|
public AuthInterceptor(TokenService tokenService) {
|
this.tokenService = tokenService;
|
}
|
|
/**
|
* Controller执行之前执行,如果返回值是true则代表放行,返回false则拦截
|
*/
|
@Override
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
|
// noinspection AlibabaRemoveCommentedCode
|
try {
|
// 非方法 或 无需授权,无需拦截
|
if (!(handler instanceof HandlerMethod) || noNeedAuth(request)) {
|
return true;
|
}
|
|
String token = WebHelper.getToken(request);
|
if (StringHelper.isNull(token)) {
|
return WebHelper.write2Page(response, NO_TOKEN);
|
}
|
|
UserEntity ue = tokenService.getCurrentUser(request);
|
if (ue == null) {
|
return WebHelper.write2Page(response, NO_LOGIN);
|
}
|
|
if (tokenService.isUidDisable(ue)) {
|
return WebHelper.write2Page(response, USER_LOCK);
|
}
|
|
// 权限校验
|
if (!checkPerms(ue, request)) {
|
System.out.println("无权限访问:" + request.getRequestURI().toLowerCase());
|
return WebHelper.write2Page(response, NO_AUTH);
|
}
|
|
return true;
|
} catch (Exception ex) {
|
log.error(ex.getMessage(), ex);
|
return false;
|
}
|
}
|
|
/**
|
* 无需授权
|
*/
|
private static boolean noNeedAuth(HttpServletRequest request) {
|
String uri = request.getRequestURI().toLowerCase();
|
for (String page : StaticData.EXCLUDE_PATH) {
|
if (uri.contains(page)) {
|
return true;
|
}
|
}
|
|
return false;
|
}
|
|
/**
|
* 检查权限
|
*/
|
private boolean checkPerms(UserEntity ue, HttpServletRequest request) {
|
List<String> list = tokenService.permsService.selectPerms(ue.getUid());
|
if (list == null || list.size() == 0) {
|
return false;
|
}
|
|
String url = request.getRequestURI();
|
for (String perm : list) {
|
if (url.startsWith(perm)) {
|
return true;
|
}
|
}
|
|
return false;
|
}
|
}
|
