P2022036_Service.git

			@@ -14,6 +14,7 @@

			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.util.List;

			/**
			* 身份认证拦截器
			@@ -31,22 +32,19 @@

			private static final String USER_LOCK = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.USER_LOCK_ERROR, "用户ID已禁用"));

			private static final String NO_AUTH = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.NO_AUTH_ERROR, "无权限访问"));

			public AuthInterceptor(TokenService tokenService) {
			this.tokenService = tokenService;
			}

			/**
			* Controller执行之前执行，如果返回值是true则代表放行，返回false则拦截
			*
			* @param request
			* @param response
			* @param handler
			* @return
			*/
			@Override
			public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
			// noinspection AlibabaRemoveCommentedCode
			try {
			System.out.println(request.getRequestURI().toLowerCase() + ", " + (handler instanceof HandlerMethod));
			// 非方法或无需授权，无需拦截
			if (!(handler instanceof HandlerMethod) \|\| noNeedAuth(request)) {
			return true;
			@@ -66,8 +64,10 @@
			return WebHelper.write2Page(response, USER_LOCK);
			}

			// noinspection AlibabaRemoveCommentedCode
			// 权限校验
			//if (!checkPerms(ue, request)) {
			// return WebHelper.write2Page(response, NO_AUTH);
			//}

			return true;
			} catch (Exception ex) {
			@@ -78,9 +78,6 @@

			/**
			* 无需授权
			*
			* @param request
			* @return
			*/
			private static boolean noNeedAuth(HttpServletRequest request) {
			String uri = request.getRequestURI().toLowerCase();
			@@ -92,4 +89,23 @@

			return false;
			}

			/**
			* 检查权限
			*/
			private boolean checkPerms(UserEntity ue, HttpServletRequest request) {
			List<String> list = tokenService.permsService.selectPerms(ue.getUid());
			if (list == null \|\| list.size() == 0) {
			return false;
			}

			String url = request.getRequestURI();
			for (String perm : list) {
			if (url.startsWith(perm)) {
			return true;
			}
			}

			return false;
			}
			}