花城-智慧社区
blame | 历史 | 原始文档
mitao
2025-02-21 31573d6180d15ef65ed0df9c2732495f40b12663 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83

package com.panzhihua.service_equipment.resolvers;


 


import com.panzhihua.common.redis.TokenManager;


import com.panzhihua.common.utlis.Constant;


import com.panzhihua.service_equipment.annotation.Authorization;


import lombok.extern.slf4j.Slf4j;


import org.apache.catalina.connector.ResponseFacade;


import org.springframework.stereotype.Component;


import org.springframework.web.method.HandlerMethod;


import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;


 


import javax.annotation.Resource;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.lang.reflect.Method;


import java.nio.charset.StandardCharsets;


 


 


/**


 * 自定义拦截器,判断此次请求是否有权限


 */


 


/**


 * 自定义拦截器,判断此次请求是否有权限


 */


@Component


@Slf4j


public class AuthorizationInterceptor extends HandlerInterceptorAdapter {


 


 


    @Resource


    private TokenManager manager;


 


 


 


    @Override


    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {


        //如果不是映射到方法直接通过


        if (!(handler instanceof HandlerMethod)) {


            return true;


        }


 


        HandlerMethod handlerMethod = (HandlerMethod) handler;


        Method method = handlerMethod.getMethod();


        Object bean = handlerMethod.getBean();


        String token;


        //从header中得到token


        String header = request.getHeader(Constant.UNION_AUTHORIZATION);


        request.getHeader(Constant.AUTHORIZATION);


        if (header != null) {


            String[] tokens = request.getHeader(Constant.UNION_AUTHORIZATION).split(" ");


            if (tokens.length >= 2) {


                token = request.getHeader(Constant.UNION_AUTHORIZATION).split(" ")[1];


            } else {


                token = request.getHeader(Constant.UNION_AUTHORIZATION);


            }


        } else {


            token = request.getHeader(Constant.UNION_AUTHORIZATION);


        }


        if (manager.checkToken(token)) {


            //如果token验证成功,权限检查通过,将token对应的用户id存在request中,便于之后注入


            request.setAttribute(Constant.CURRENT_USER_ID, manager.getUserId(token));


//            SysUser ss = IUserService.selectData(manager.getUserId(token)+"");


            return true;


        }


        log.info("token{}",token);


//        if(!StringUtils.isEmpty(token))


//        {


        //如果验证token失败,并且方法或类注明了Authorization,返回401错误


        if (method.getAnnotation(Authorization.class) != null ||


                bean.getClass().getAnnotation(Authorization.class) != null) {


            String reponse = "{\"result\": 449, \"message\": \"Overdue token\"}";


            response.setStatus(200);


            response.setCharacterEncoding(StandardCharsets.UTF_8.toString());


            ResponseFacade facade = (ResponseFacade) response;


            facade.setContentLength(reponse.getBytes(StandardCharsets.UTF_8).length);


            facade.getWriter().write(reponse);


            return false;


        }


//        }


        return true;


    }


}