花城-智慧社区
blame | 历史 | 原始文档
zhaozhengjie
2022-09-23 4caee77833d46a483a32ea664ae7f4c4d7bc1096 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

package com.dg.core.interceptor;


 


import com.dg.core.Constant;


import com.dg.core.annotation.Authorization;


import com.dg.core.db.gen.entity.SysUser;


import com.dg.core.manager.TokenManager;


import org.apache.catalina.connector.ResponseFacade;


import org.apache.commons.lang3.StringUtils;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.stereotype.Component;


import org.springframework.web.method.HandlerMethod;


import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;


 


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.lang.reflect.Method;


import java.nio.charset.StandardCharsets;


import java.text.SimpleDateFormat;


import java.time.ZoneId;


import java.util.Calendar;


import java.util.Date;


 


/**


 * 自定义拦截器,判断此次请求是否有权限


 */


/**


 * 自定义拦截器,判断此次请求是否有权限


 */


@Component


public class AuthorizationInterceptor extends HandlerInterceptorAdapter {


    @Autowired


    private TokenManager manager;


 


 


    @Autowired


    com.dg.core.service.ISysUserService IUserService;


 


    @Override


    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {


        //如果不是映射到方法直接通过


        if (!(handler instanceof HandlerMethod)) {


            return true;


        }


 


        HandlerMethod handlerMethod = (HandlerMethod) handler;


        Method method = handlerMethod.getMethod();


        Object bean = handlerMethod.getBean();


 


        //从header中得到token


        String token = request.getHeader(Constant.AUTHORIZATION);


        if (manager.checkToken(token)) {


            //如果token验证成功,权限检查通过,将token对应的用户id存在request中,便于之后注入


            request.setAttribute(Constant.CURRENT_USER_ID, manager.getUserId(token));


            SysUser ss = IUserService.getUserById(manager.getUserId(token));


 


            return true;


        }


 


        //如果验证token失败,并且方法或类注明了Authorization,返回401错误


        if (method.getAnnotation(Authorization.class) != null || bean.getClass().getAnnotation(Authorization.class) != null) {


            String reponse = "{\"result\": 449, \"message\": \"Overdue token\"}";


            response.setStatus(200);


            response.setCharacterEncoding(StandardCharsets.UTF_8.toString());


            ResponseFacade facade = (ResponseFacade) response;


            facade.setContentLength(reponse.getBytes(StandardCharsets.UTF_8).length);


            facade.getWriter().write(reponse);


            return false;


        }


        return true;


    }


}