jhs.git - Gitblit

			@@ -4,6 +4,7 @@
			import com.terra.common.entity.all.HttpStatus;
			import com.terra.common.entity.all.ResponseMsg;
			import com.terra.common.entity.all.StaticData;
			import com.terra.common.entity.lf.TokenPo;
			import com.terra.common.entity.lf.UserPo;
			import com.terra.common.helper.StringHelper;
			import com.terra.common.helper.WebHelper;
			@@ -14,7 +15,6 @@
			import org.springframework.web.method.HandlerMethod;
			import org.springframework.web.servlet.HandlerInterceptor;

			import javax.annotation.Resource;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.util.List;
			@@ -25,7 +25,7 @@
			*/
			@Configuration
			public class AuthInterceptor implements HandlerInterceptor {
			private CommonService commonService;
			private final CommonService commonService;

			private static final Log log = LogFactory.getLog(AuthInterceptor.class);

			@@ -66,7 +66,7 @@
			}

			// 3.获取用户令牌
			UserPo ue = commonService.getUserByToken(token); //new UserPo(); //sysService.tokenService.getUserByToken(token);
			UserPo ue = commonService.getUserByToken(token);
			if (null == ue) {
			return WebHelper.writeStr2Page(response, NO_LOGIN);
			}
			@@ -83,21 +83,21 @@
			}

			// 6.admin跳过权限检测
			if (StaticData.ADMIN.equals(ue.getUid())) {
			return true;
			//if (StaticData.ADMIN.equals(ue.getUid())) {
			// return true;
			//}

			// 7.检查用户ID是否禁用
			if (commonService.isUidDisable(ue)) {
			return WebHelper.writeStr2Page(response, USER_LOCK);
			}

			// 7.检查白名单和IP一致性
			// 8.检查白名单和IP一致性
			if (!checkWhiteList(ip, request)) {
			if (!checkIpSource(ip, token)) {
			return WebHelper.writeStr2Page(response, ILLEGAL_TOKEN);
			}
			}

			// 8.检查用户ID是否禁用
			//if (sysService.tokenService.isUidDisable(ue)) {
			// return WebHelper.writeStr2Page(response, USER_LOCK);
			//}

			// 9.权限校验
			if (!checkPerms(ue, request)) {
			@@ -127,31 +127,22 @@
			}

			/**
			* 检查权限
			* 检查白名单
			*/
			private boolean checkPerms(UserPo ue, HttpServletRequest request) {
			return true;
			private boolean checkWhiteList(String ip, HttpServletRequest request) {
			List<String> whiteList = commonService.selectIpList(2);
			if (whiteList == null \|\| whiteList.isEmpty()) {
			return false;
			}

			// List<String> list = null; //sysService.permsService.selectPerms(ue.getUid());
			// if (list == null \|\| list.size() == 0) {
			// return false;
			// }
			//
			// String url = request.getRequestURI();
			// for (String perm : list) {
			// if (url.contains(perm)) {
			// return true;
			// }
			// }
			//
			// return false;
			return whiteList.contains(ip);
			}

			/**
			* 检查黑名单
			*/
			private boolean checkBlackList(String ip, HttpServletRequest request) {
			List<String> blackList = null; // sysService.blacklistService.selectIpList(1);
			List<String> blackList = commonService.selectIpList(1);
			if (blackList == null \|\| blackList.isEmpty()) {
			return true;
			}
			@@ -163,25 +154,30 @@
			}

			/**
			* 检查白名单
			*/
			private boolean checkWhiteList(String ip, HttpServletRequest request) {
			List<String> whiteList = null; // sysService.blacklistService.selectIpList(2);
			if (whiteList == null \|\| whiteList.isEmpty()) {
			return false;
			}

			return whiteList.contains(ip);
			}

			/**
			* 检查IP一致性：固定令牌不检查
			*/
			private boolean checkIpSource(String ip, String token) {
			//TokenEntity te = sysService.tokenService.getEntityByToken(token);
			TokenPo te = commonService.getTokenPo(token);

			//return StaticData.I1 == te.getType() \|\| te.getIp().equals(ip);
			return StaticData.I1 == te.getType() \|\| te.getIp().equals(ip);
			}

			return true;
			/**
			* 检查权限
			*/
			private boolean checkPerms(UserPo ue, HttpServletRequest request) {
			List<String> list = commonService.selectPerms(ue.getUid());
			if (list == null \|\| list.size() == 0) {
			return false;
			}

			String url = request.getRequestURI();
			for (String perm : list) {
			if (url.contains(perm)) {
			return true;
			}
			}

			return false;
			}
			}