package com.dg.core.interceptor;
|
|
import com.dg.core.Constant;
|
import com.dg.core.annotation.Authorization;
|
import com.dg.core.db.gen.entity.SysUser;
|
import com.dg.core.manager.TokenManager;
|
import org.apache.catalina.connector.ResponseFacade;
|
import org.apache.commons.lang3.StringUtils;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.lang.reflect.Method;
|
import java.nio.charset.StandardCharsets;
|
import java.text.SimpleDateFormat;
|
import java.time.ZoneId;
|
import java.util.Calendar;
|
import java.util.Date;
|
|
/**
|
* 自定义拦截器,判断此次请求是否有权限
|
*/
|
/**
|
* 自定义拦截器,判断此次请求是否有权限
|
*/
|
@Component
|
public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
|
@Autowired
|
private TokenManager manager;
|
|
@Autowired
|
com.dg.core.service.ISysUserService IUserService;
|
|
@Override
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
//如果不是映射到方法直接通过
|
if (!(handler instanceof HandlerMethod)) {
|
return true;
|
}
|
|
HandlerMethod handlerMethod = (HandlerMethod) handler;
|
Method method = handlerMethod.getMethod();
|
Object bean = handlerMethod.getBean();
|
|
//从header中得到token
|
String token = request.getHeader(Constant.AUTHORIZATION);
|
//花城token
|
String HCtoken = request.getHeader(Constant.HCAUTHORIZATION);
|
|
if(StringUtils.isEmpty(token))
|
{
|
//花城e+ token
|
if (manager.checkHCToken(HCtoken)) {
|
//如果token验证成功,权限检查通过,将token对应的用户id存在request中,便于之后注入
|
request.setAttribute(Constant.CURRENT_USER_ID, manager.getHCUserId(HCtoken));
|
// SysUser ss = IUserService.selectData(manager.getHCUserId(HCtoken)+"");
|
return true;
|
}
|
|
}
|
else
|
{
|
if (manager.checkToken(token)) {
|
//如果token验证成功,权限检查通过,将token对应的用户id存在request中,便于之后注入
|
request.setAttribute(Constant.CURRENT_USER_ID, manager.getUserId(token));
|
// SysUser ss = IUserService.selectData(manager.getUserId(token)+"");
|
return true;
|
}
|
}
|
|
if(!StringUtils.isEmpty(token))
|
{
|
//如果验证token失败,并且方法或类注明了Authorization,返回401错误
|
if (method.getAnnotation(Authorization.class) != null ||
|
bean.getClass().getAnnotation(Authorization.class) != null)
|
{
|
String reponse = "{\"result\": 449, \"message\": \"Overdue token\"}";
|
response.setStatus(200);
|
response.setCharacterEncoding(StandardCharsets.UTF_8.toString());
|
ResponseFacade facade = (ResponseFacade) response;
|
facade.setContentLength(reponse.getBytes(StandardCharsets.UTF_8).length);
|
facade.getWriter().write(reponse);
|
return false;
|
}
|
}
|
return true;
|
}
|
}
|
