package com.ruoyi.system.filter;
|
|
import com.alibaba.fastjson.JSON;
|
import com.ruoyi.account.api.feignClient.AppUserClient;
|
import com.ruoyi.account.api.model.TAppUser;
|
import com.ruoyi.common.core.constant.TokenConstants;
|
import com.ruoyi.common.core.domain.R;
|
import com.ruoyi.common.core.utils.StringUtils;
|
import com.ruoyi.system.api.domain.SysUser;
|
import com.ruoyi.system.api.feignClient.SysUserClient;
|
import com.ruoyi.system.service.ISysUserService;
|
import org.apache.logging.log4j.core.config.Order;
|
import org.slf4j.Logger;
|
import org.slf4j.LoggerFactory;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpStatus;
|
import org.springframework.http.MediaType;
|
import org.springframework.stereotype.Component;
|
|
import javax.annotation.Resource;
|
import javax.servlet.*;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.io.IOException;
|
import java.io.PrintWriter;
|
|
/**
|
* @author zhibing.pu
|
* @Date 2024/8/23 11:22
|
*/
|
@Order(-200)
|
@Component
|
public class AuthFilter implements Filter {
|
private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
|
|
@Lazy
|
@Resource
|
private AppUserClient appUserClient;
|
|
@Lazy
|
@Resource
|
private ISysUserService sysUserService;
|
|
@Autowired
|
private IgnoreWhiteProperties ignoreWhite;
|
|
|
@Override
|
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
// 跳过不需要验证的路径
|
String url = request.getRequestURI();
|
if (StringUtils.matches(url, ignoreWhite.getWhites())) {
|
filterChain.doFilter(request, response);
|
return;
|
}
|
String userid = request.getHeader("user_id");
|
if(StringUtils.isEmpty(userid)){
|
filterChain.doFilter(request, response);
|
return;
|
}
|
String userType = request.getHeader("user_type");
|
//管理后台用户
|
if ("system".equals(userType)) {
|
SysUser sysUser = sysUserService.getById(userid);
|
if(null == sysUser || "2".equals(sysUser.getDelFlag())){
|
log.error("[账户异常处理]请求账户id:{}", userid);
|
unauthorizedResponse(response,"无效的账户");
|
return;
|
}
|
if("1".equals(sysUser.getStatus())){
|
log.error("[账户异常处理]请求账户id:{}", userid);
|
unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
|
return;
|
}
|
}
|
//小程序用户
|
if ("applet".equals(userType)) {
|
TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
|
if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
|
log.error("[账户异常处理]请求账户id:{}", userid);
|
unauthorizedResponse(response,"无效的账户");
|
return;
|
}
|
if(2 == appUser.getStatus()){
|
log.error("[账户异常处理]请求账户id:{}", userid);
|
unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
|
return;
|
}
|
}
|
filterChain.doFilter(request, response);
|
}
|
|
|
|
private void unauthorizedResponse(HttpServletResponse response, String msg) {
|
response.setStatus(HttpStatus.OK.value());
|
response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
|
PrintWriter writer = null;
|
try {
|
writer = response.getWriter();
|
} catch (IOException e) {
|
throw new RuntimeException(e);
|
}
|
writer.println(JSON.toJSONString(R.fail(msg)));
|
writer.flush();
|
writer.close();
|
}
|
|
|
|
/**
|
* 获取请求token
|
*/
|
private String getToken(HttpServletRequest request) {
|
String token = request.getHeader(TokenConstants.AUTHENTICATION);
|
// 如果前端设置了令牌前缀,则裁剪掉前缀
|
if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
|
token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
|
}
|
return token;
|
}
|
|
|
}
|
