package cn.stylefeng.rest.core.security;
|
|
import cn.hutool.core.util.StrUtil;
|
import cn.stylefeng.rest.core.security.base.BaseSecurityInterceptor;
|
import cn.stylefeng.roses.kernel.auth.api.PermissionServiceApi;
|
import cn.stylefeng.roses.kernel.auth.api.exception.AuthException;
|
import cn.stylefeng.roses.kernel.auth.api.exception.enums.AuthExceptionEnum;
|
import cn.stylefeng.roses.kernel.scanner.api.pojo.resource.ResourceDefinition;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.stereotype.Component;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
|
/**
|
* 权限校验的过滤器,用来校验用户有没有访问接口的权限
|
*
|
* @author fengshuonan
|
* @since 2020/12/15 22:46
|
*/
|
@Component
|
@Slf4j
|
public class PermissionSecurityInterceptor extends BaseSecurityInterceptor {
|
|
/**
|
* 资源权限校验API
|
*/
|
@Resource
|
private PermissionServiceApi permissionServiceApi;
|
|
@Override
|
public void filterAction(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, ResourceDefinition resourceDefinition, String token) {
|
|
// 1. 获取当前请求的路径
|
String requestURI = httpServletRequest.getRequestURI();
|
|
// 2. 如果需要鉴权
|
if (resourceDefinition.getRequiredPermissionFlag()) {
|
|
// token为空,返回用户校验失败
|
if (StrUtil.isEmpty(token)) {
|
throw new AuthException(AuthExceptionEnum.TOKEN_GET_ERROR);
|
}
|
|
// 3. 进行当前接口的权限校验
|
permissionServiceApi.checkPermission(token, requestURI);
|
}
|
}
|
|
}
|
