| | |
|---|
| | | package com.lf.server.interceptor; |
|---|
| | | |
|---|
| | | import com.alibaba.fastjson.JSON; |
|---|
| | | import com.lf.server.entity.all.HttpStatus; |
|---|
| | | import com.lf.server.entity.all.ResponseMsg; |
|---|
| | | import com.lf.server.entity.all.StaticData; |
|---|
| | | import com.lf.server.entity.sys.UsersEntity; |
|---|
| | | import com.lf.server.helper.StringHelper; |
|---|
| | | import com.lf.server.helper.WebHelper; |
|---|
| | | import com.lf.server.service.sys.TokenService; |
|---|
| | | import org.apache.commons.logging.Log; |
|---|
| | | import org.apache.commons.logging.LogFactory; |
|---|
| | | import org.springframework.context.annotation.Configuration; |
|---|
| | | import org.springframework.web.method.HandlerMethod; |
|---|
| | | import org.springframework.web.servlet.HandlerInterceptor; |
|---|
| | | |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 身份认证拦截器 |
|---|
| | | * @author WWW |
|---|
| | | */ |
|---|
| | | public class AuthInterceptor { |
|---|
| | | @Configuration |
|---|
| | | public class AuthInterceptor implements HandlerInterceptor { |
|---|
| | | private TokenService tokenService; |
|---|
| | | |
|---|
| | | private static final Log log = LogFactory.getLog(AuthInterceptor.class); |
|---|
| | | |
|---|
| | | private static final String NO_TOKEN = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.TOKEN_ERROR, "找不到令牌")); |
|---|
| | | |
|---|
| | | private static final String NO_LOGIN = JSON.toJSONString(new ResponseMsg<String>(HttpStatus.NO_LOGIN_ERROR, "用户未登录")); |
|---|
| | | |
|---|
| | | |
|---|
| | | public AuthInterceptor(TokenService tokenService) { |
|---|
| | | this.tokenService = tokenService; |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * Controller执行之前执行,如果返回值是true则代表放行,返回false则拦截 |
|---|
| | | * |
|---|
| | | * @param request |
|---|
| | | * @param response |
|---|
| | | * @param handler |
|---|
| | | * @return |
|---|
| | | */ |
|---|
| | | @Override |
|---|
| | | public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) { |
|---|
| | | try { |
|---|
| | | System.out.println(request.getRequestURI().toLowerCase() + "," + (handler instanceof HandlerMethod)); |
|---|
| | | |
|---|
| | | // 非方法,无需拦截 |
|---|
| | | if (!(handler instanceof HandlerMethod)) { |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 无需授权 |
|---|
| | | if (noNeedAuth(request)) { |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | String token = WebHelper.getToken(request); |
|---|
| | | if (StringHelper.isNull(token)) { |
|---|
| | | WebHelper.write2Page(response, NO_TOKEN); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | UsersEntity ue = tokenService.getCurrentUser(request); |
|---|
| | | if (ue == null) { |
|---|
| | | WebHelper.write2Page(response, NO_LOGIN); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | |
|---|
| | | // 权限校验 |
|---|
| | | |
|---|
| | | return true; |
|---|
| | | } catch (Exception ex) { |
|---|
| | | log.error(ex.getStackTrace()); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 无需授权 |
|---|
| | | * |
|---|
| | | * @param request |
|---|
| | | * @return |
|---|
| | | */ |
|---|
| | | private static boolean noNeedAuth(HttpServletRequest request) { |
|---|
| | | String uri = request.getRequestURI().toLowerCase(); |
|---|
| | | for (String page : StaticData.EXCLUDE_PATH) { |
|---|
| | | if (uri.contains(page)) { |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | } |
|---|
