ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
@@ -195,6 +195,14 @@ } } public <T> void setCacheMap(final String key, final Map<String, T> dataMap, long timeout) { if (dataMap != null) { redisTemplate.opsForHash().putAll(key, dataMap); redisTemplate.expire(key, timeout, TimeUnit.SECONDS); } } /** * 获得缓存的Map * ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
@@ -98,7 +98,7 @@ } private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) { log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath()); log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath() + "\n" + msg); return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED); } @@ -144,7 +144,7 @@ if(null == cacheMap){ cacheMap = new HashMap<>(); cacheMap.put(url, timestamp); redisService.setCacheMap(client, cacheMap); redisService.setCacheMap(client, cacheMap, 5L); }else{ Object o = cacheMap.get(url); if(null == o){ @@ -159,7 +159,7 @@ cacheMap.put(url, timestamp); } } redisService.setCacheMap(client, cacheMap); redisService.setCacheMap(client, cacheMap, 5L); } } @@ -179,14 +179,8 @@ if (claims == null) { throw new RuntimeException("令牌已过期或验证不正确!"); } // String userkey = JwtUtils.getUserKey(claims); // boolean islogin = redisService.hasKey(getTokenKey(userkey)); // if (!islogin) { // throw new RuntimeException("登录状态已过期"); // } String userid = JwtUtils.getUserId(claims); String username = JwtUtils.getUserName(claims); if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) { if (StringUtils.isEmpty(userid)) { throw new RuntimeException("令牌验证失败"); } } ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java
@@ -1,117 +1,128 @@ package com.ruoyi.account.filter; import com.alibaba.fastjson.JSON; import com.ruoyi.account.api.feignClient.AppUserClient; import com.ruoyi.account.api.model.TAppUser; import com.ruoyi.common.core.constant.TokenConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.utils.JwtUtils; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.system.api.domain.SysUser; import com.ruoyi.system.api.feignClient.SysUserClient; import io.jsonwebtoken.Claims; import org.apache.logging.log4j.core.config.Order; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Lazy; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.stereotype.Component; import javax.annotation.Resource; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; /** * @author zhibing.pu * @Date 2024/8/23 11:22 */ @Order(-200) @Component public class AuthFilter implements Filter { private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); @Lazy @Resource private AppUserClient appUserClient; @Lazy @Resource private SysUserClient sysUserClient; @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String token = getToken(request); Claims claims = JwtUtils.parseToken(token); String userid = JwtUtils.getUserId(claims); String userType = JwtUtils.getUserType(claims); //管理后台用户 if ("system".equals(userType)) { SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); if(null == sysUser || "2".equals(sysUser.getDelFlag())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if("1".equals(sysUser.getStatus())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); return; } } //小程序用户 if ("applet".equals(userType)) { TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData(); if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if(2 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); return; } } filterChain.doFilter(request, response); } private void unauthorizedResponse(HttpServletResponse response, String msg) { response.setStatus(HttpStatus.OK.value()); response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); PrintWriter writer = null; try { writer = response.getWriter(); } catch (IOException e) { throw new RuntimeException(e); } writer.println(JSON.toJSONString(R.fail(msg))); writer.flush(); writer.close(); } /** * 获取请求token */ private String getToken(HttpServletRequest request) { String token = request.getHeader(TokenConstants.AUTHENTICATION); // 如果前端设置了令牌前缀,则裁剪掉前缀 if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); } return token; } } //package com.ruoyi.account.filter; // //import com.alibaba.fastjson.JSON; //import com.ruoyi.account.api.feignClient.AppUserClient; //import com.ruoyi.account.api.model.TAppUser; //import com.ruoyi.account.service.TAppUserService; //import com.ruoyi.common.core.constant.TokenConstants; //import com.ruoyi.common.core.domain.R; //import com.ruoyi.common.core.utils.JwtUtils; //import com.ruoyi.common.core.utils.StringUtils; //import com.ruoyi.system.api.domain.SysUser; //import com.ruoyi.system.api.feignClient.SysUserClient; //import io.jsonwebtoken.Claims; //import org.apache.logging.log4j.core.config.Order; //import org.slf4j.Logger; //import org.slf4j.LoggerFactory; //import org.springframework.beans.factory.annotation.Autowired; //import org.springframework.context.annotation.Lazy; //import org.springframework.http.HttpHeaders; //import org.springframework.http.HttpStatus; //import org.springframework.http.MediaType; //import org.springframework.stereotype.Component; // //import javax.annotation.Resource; //import javax.servlet.*; //import javax.servlet.http.HttpServletRequest; //import javax.servlet.http.HttpServletResponse; //import java.io.IOException; //import java.io.PrintWriter; // ///** // * @author zhibing.pu // * @Date 2024/8/23 11:22 // */ //@Order(-200) //@Component //public class AuthFilter implements Filter { // private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); // @Lazy // @Resource // private TAppUserService appUserService; // // @Lazy // @Resource // private SysUserClient sysUserClient; // // @Lazy // @Autowired // private IgnoreWhiteProperties ignoreWhite; // // // @Override // public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { // HttpServletRequest request = (HttpServletRequest) servletRequest; // HttpServletResponse response = (HttpServletResponse) servletResponse; // String url = request.getRequestURI(); // // 跳过不需要验证的路径 // if (StringUtils.matches(url, ignoreWhite.getWhites())) { // filterChain.doFilter(request, response); // return; // } // String token = getToken(request); // Claims claims = JwtUtils.parseToken(token); // String userid = JwtUtils.getUserId(claims); // String userType = JwtUtils.getUserType(claims); // //管理后台用户 // if ("system".equals(userType)) { // SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); // if(null == sysUser || "2".equals(sysUser.getDelFlag())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if("1".equals(sysUser.getStatus())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); // return; // } // } // //小程序用户 // if ("applet".equals(userType)) { // TAppUser appUser = appUserService.getById(userid); // if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if(2 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); // return; // } // } // filterChain.doFilter(request, response); // } // // // // private void unauthorizedResponse(HttpServletResponse response, String msg) { // response.setStatus(HttpStatus.OK.value()); // response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); // PrintWriter writer = null; // try { // writer = response.getWriter(); // } catch (IOException e) { // throw new RuntimeException(e); // } // writer.println(JSON.toJSONString(R.fail(msg))); // writer.flush(); // writer.close(); // } // // // // /** // * 获取请求token // */ // private String getToken(HttpServletRequest request) { // String token = request.getHeader(TokenConstants.AUTHENTICATION); // // 如果前端设置了令牌前缀,则裁剪掉前缀 // if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { // token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); // } // return token; // } // // //} ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/IgnoreWhiteProperties.java
New file @@ -0,0 +1,31 @@ package com.ruoyi.account.filter; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.cloud.context.config.annotation.RefreshScope; import org.springframework.context.annotation.Configuration; import java.util.ArrayList; import java.util.List; /** * 放行白名单配置 * * @author ruoyi */ @Configuration @RefreshScope @ConfigurationProperties(prefix = "security.ignore") public class IgnoreWhiteProperties { /** * 放行白名单配置,网关不校验此处的白名单 */ private List<String> whites = new ArrayList<>(); public List<String> getWhites() { return whites; } public void setWhites(List<String> whites) { this.whites = whites; } } ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java
@@ -1,118 +1,118 @@ package com.ruoyi.chargingPile.filter; import com.alibaba.fastjson.JSON; import com.ruoyi.account.api.feignClient.AppUserClient; import com.ruoyi.account.api.model.TAppUser; import com.ruoyi.common.core.constant.TokenConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.utils.JwtUtils; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.system.api.domain.SysUser; import com.ruoyi.system.api.feignClient.SysUserClient; import io.jsonwebtoken.Claims; import org.apache.logging.log4j.core.config.Order; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Lazy; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.stereotype.Component; import javax.annotation.Resource; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; /** * @author zhibing.pu * @Date 2024/8/23 11:22 */ @Order(-200) @Component public class AuthFilter implements Filter { private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); @Lazy @Resource private AppUserClient appUserClient; @Lazy @Resource private SysUserClient sysUserClient; @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String token = getToken(request); Claims claims = JwtUtils.parseToken(token); String userid = JwtUtils.getUserId(claims); String userType = JwtUtils.getUserType(claims); //管理后台用户 if ("system".equals(userType)) { SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); if(null == sysUser || "2".equals(sysUser.getDelFlag())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if("1".equals(sysUser.getStatus())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); return; } } //小程序用户 if ("applet".equals(userType)) { TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData(); if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if(2 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); return; } } filterChain.doFilter(request, response); } private void unauthorizedResponse(HttpServletResponse response, String msg) { response.setStatus(HttpStatus.OK.value()); response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); PrintWriter writer = null; try { writer = response.getWriter(); } catch (IOException e) { throw new RuntimeException(e); } writer.println(JSON.toJSONString(R.fail(msg))); writer.flush(); writer.close(); } /** * 获取请求token */ private String getToken(HttpServletRequest request) { String token = request.getHeader(TokenConstants.AUTHENTICATION); // 如果前端设置了令牌前缀,则裁剪掉前缀 if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); } return token; } } //package com.ruoyi.chargingPile.filter; // //import com.alibaba.fastjson.JSON; //import com.ruoyi.account.api.feignClient.AppUserClient; //import com.ruoyi.account.api.model.TAppUser; //import com.ruoyi.common.core.constant.TokenConstants; //import com.ruoyi.common.core.domain.R; //import com.ruoyi.common.core.utils.JwtUtils; //import com.ruoyi.common.core.utils.StringUtils; //import com.ruoyi.system.api.domain.SysUser; //import com.ruoyi.system.api.feignClient.SysUserClient; //import io.jsonwebtoken.Claims; //import org.apache.logging.log4j.core.config.Order; //import org.slf4j.Logger; //import org.slf4j.LoggerFactory; //import org.springframework.context.annotation.Lazy; //import org.springframework.http.HttpHeaders; //import org.springframework.http.HttpStatus; //import org.springframework.http.MediaType; //import org.springframework.stereotype.Component; // //import javax.annotation.Resource; //import javax.servlet.*; //import javax.servlet.http.HttpServletRequest; //import javax.servlet.http.HttpServletResponse; //import java.io.IOException; //import java.io.PrintWriter; //import java.io.UnsupportedEncodingException; // ///** // * @author zhibing.pu // * @Date 2024/8/23 11:22 // */ //@Order(-200) //@Component //public class AuthFilter implements Filter { // private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); // // @Lazy // @Resource // private AppUserClient appUserClient; // // @Lazy // @Resource // private SysUserClient sysUserClient; // // // @Override // public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { // HttpServletRequest request = (HttpServletRequest) servletRequest; // HttpServletResponse response = (HttpServletResponse) servletResponse; // String token = getToken(request); // Claims claims = JwtUtils.parseToken(token); // String userid = JwtUtils.getUserId(claims); // String userType = JwtUtils.getUserType(claims); // //管理后台用户 // if ("system".equals(userType)) { // SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); // if(null == sysUser || "2".equals(sysUser.getDelFlag())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if("1".equals(sysUser.getStatus())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); // return; // } // } // //小程序用户 // if ("applet".equals(userType)) { // TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData(); // if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if(2 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); // return; // } // } // filterChain.doFilter(request, response); // } // // // // private void unauthorizedResponse(HttpServletResponse response, String msg) { // response.setStatus(HttpStatus.OK.value()); // response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); // PrintWriter writer = null; // try { // writer = response.getWriter(); // } catch (IOException e) { // throw new RuntimeException(e); // } // writer.println(JSON.toJSONString(R.fail(msg))); // writer.flush(); // writer.close(); // } // // // // /** // * 获取请求token // */ // private String getToken(HttpServletRequest request) { // String token = request.getHeader(TokenConstants.AUTHENTICATION); // // 如果前端设置了令牌前缀,则裁剪掉前缀 // if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { // token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); // } // return token; // } // // //} ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java
@@ -1,117 +1,117 @@ package com.ruoyi.order.filter; import com.alibaba.fastjson.JSON; import com.ruoyi.account.api.feignClient.AppUserClient; import com.ruoyi.account.api.model.TAppUser; import com.ruoyi.common.core.constant.TokenConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.utils.JwtUtils; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.system.api.domain.SysUser; import com.ruoyi.system.api.feignClient.SysUserClient; import io.jsonwebtoken.Claims; import org.apache.logging.log4j.core.config.Order; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Lazy; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.stereotype.Component; import javax.annotation.Resource; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; /** * @author zhibing.pu * @Date 2024/8/23 11:22 */ @Order(-200) @Component public class AuthFilter implements Filter { private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); @Lazy @Resource private AppUserClient appUserClient; @Lazy @Resource private SysUserClient sysUserClient; @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String token = getToken(request); Claims claims = JwtUtils.parseToken(token); String userid = JwtUtils.getUserId(claims); String userType = JwtUtils.getUserType(claims); //管理后台用户 if ("system".equals(userType)) { SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); if(null == sysUser || "2".equals(sysUser.getDelFlag())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if("1".equals(sysUser.getStatus())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); return; } } //小程序用户 if ("applet".equals(userType)) { TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData(); if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if(2 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); return; } } filterChain.doFilter(request, response); } private void unauthorizedResponse(HttpServletResponse response, String msg) { response.setStatus(HttpStatus.OK.value()); response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); PrintWriter writer = null; try { writer = response.getWriter(); } catch (IOException e) { throw new RuntimeException(e); } writer.println(JSON.toJSONString(R.fail(msg))); writer.flush(); writer.close(); } /** * 获取请求token */ private String getToken(HttpServletRequest request) { String token = request.getHeader(TokenConstants.AUTHENTICATION); // 如果前端设置了令牌前缀,则裁剪掉前缀 if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); } return token; } } //package com.ruoyi.order.filter; // //import com.alibaba.fastjson.JSON; //import com.ruoyi.account.api.feignClient.AppUserClient; //import com.ruoyi.account.api.model.TAppUser; //import com.ruoyi.common.core.constant.TokenConstants; //import com.ruoyi.common.core.domain.R; //import com.ruoyi.common.core.utils.JwtUtils; //import com.ruoyi.common.core.utils.StringUtils; //import com.ruoyi.system.api.domain.SysUser; //import com.ruoyi.system.api.feignClient.SysUserClient; //import io.jsonwebtoken.Claims; //import org.apache.logging.log4j.core.config.Order; //import org.slf4j.Logger; //import org.slf4j.LoggerFactory; //import org.springframework.context.annotation.Lazy; //import org.springframework.http.HttpHeaders; //import org.springframework.http.HttpStatus; //import org.springframework.http.MediaType; //import org.springframework.stereotype.Component; // //import javax.annotation.Resource; //import javax.servlet.*; //import javax.servlet.http.HttpServletRequest; //import javax.servlet.http.HttpServletResponse; //import java.io.IOException; //import java.io.PrintWriter; // ///** // * @author zhibing.pu // * @Date 2024/8/23 11:22 // */ //@Order(-200) //@Component //public class AuthFilter implements Filter { // private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); // // @Lazy // @Resource // private AppUserClient appUserClient; // // @Lazy // @Resource // private SysUserClient sysUserClient; // // // @Override // public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { // HttpServletRequest request = (HttpServletRequest) servletRequest; // HttpServletResponse response = (HttpServletResponse) servletResponse; // String token = getToken(request); // Claims claims = JwtUtils.parseToken(token); // String userid = JwtUtils.getUserId(claims); // String userType = JwtUtils.getUserType(claims); // //管理后台用户 // if ("system".equals(userType)) { // SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); // if(null == sysUser || "2".equals(sysUser.getDelFlag())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if("1".equals(sysUser.getStatus())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); // return; // } // } // //小程序用户 // if ("applet".equals(userType)) { // TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData(); // if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if(2 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); // return; // } // } // filterChain.doFilter(request, response); // } // // // // private void unauthorizedResponse(HttpServletResponse response, String msg) { // response.setStatus(HttpStatus.OK.value()); // response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); // PrintWriter writer = null; // try { // writer = response.getWriter(); // } catch (IOException e) { // throw new RuntimeException(e); // } // writer.println(JSON.toJSONString(R.fail(msg))); // writer.flush(); // writer.close(); // } // // // // /** // * 获取请求token // */ // private String getToken(HttpServletRequest request) { // String token = request.getHeader(TokenConstants.AUTHENTICATION); // // 如果前端设置了令牌前缀,则裁剪掉前缀 // if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { // token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); // } // return token; // } // // //} ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TVipController.java
@@ -130,7 +130,7 @@ .last("LIMIT 1"))); case 2: return R.ok(vipService.getOne(Wrappers.lambdaQuery(TVip.class) .eq(TVip::getReveal,1) .eq(TVip::getReveal,1).eq(TVip::getType,1) .orderByAsc(TVip::getMonthlyCard) .last("LIMIT 1"))); default: ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java
@@ -1,117 +1,117 @@ package com.ruoyi.other.filter; import com.alibaba.fastjson.JSON; import com.ruoyi.account.api.feignClient.AppUserClient; import com.ruoyi.account.api.model.TAppUser; import com.ruoyi.common.core.constant.TokenConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.utils.JwtUtils; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.system.api.domain.SysUser; import com.ruoyi.system.api.feignClient.SysUserClient; import io.jsonwebtoken.Claims; import org.apache.logging.log4j.core.config.Order; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.context.annotation.Lazy; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; import org.springframework.http.MediaType; import org.springframework.stereotype.Component; import javax.annotation.Resource; import javax.servlet.*; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; /** * @author zhibing.pu * @Date 2024/8/23 11:22 */ @Order(-200) @Component public class AuthFilter implements Filter { private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); @Lazy @Resource private AppUserClient appUserClient; @Lazy @Resource private SysUserClient sysUserClient; @Override public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String token = getToken(request); Claims claims = JwtUtils.parseToken(token); String userid = JwtUtils.getUserId(claims); String userType = JwtUtils.getUserType(claims); //管理后台用户 if ("system".equals(userType)) { SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); if(null == sysUser || "2".equals(sysUser.getDelFlag())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if("1".equals(sysUser.getStatus())){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); return; } } //小程序用户 if ("applet".equals(userType)) { TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData(); if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"无效的账户"); return; } if(2 == appUser.getStatus()){ log.error("[账户异常处理]请求账户id:{}", userid); unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); return; } } filterChain.doFilter(request, response); } private void unauthorizedResponse(HttpServletResponse response, String msg) { response.setStatus(HttpStatus.OK.value()); response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); PrintWriter writer = null; try { writer = response.getWriter(); } catch (IOException e) { throw new RuntimeException(e); } writer.println(JSON.toJSONString(R.fail(msg))); writer.flush(); writer.close(); } /** * 获取请求token */ private String getToken(HttpServletRequest request) { String token = request.getHeader(TokenConstants.AUTHENTICATION); // 如果前端设置了令牌前缀,则裁剪掉前缀 if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); } return token; } } //package com.ruoyi.other.filter; // //import com.alibaba.fastjson.JSON; //import com.ruoyi.account.api.feignClient.AppUserClient; //import com.ruoyi.account.api.model.TAppUser; //import com.ruoyi.common.core.constant.TokenConstants; //import com.ruoyi.common.core.domain.R; //import com.ruoyi.common.core.utils.JwtUtils; //import com.ruoyi.common.core.utils.StringUtils; //import com.ruoyi.system.api.domain.SysUser; //import com.ruoyi.system.api.feignClient.SysUserClient; //import io.jsonwebtoken.Claims; //import org.apache.logging.log4j.core.config.Order; //import org.slf4j.Logger; //import org.slf4j.LoggerFactory; //import org.springframework.context.annotation.Lazy; //import org.springframework.http.HttpHeaders; //import org.springframework.http.HttpStatus; //import org.springframework.http.MediaType; //import org.springframework.stereotype.Component; // //import javax.annotation.Resource; //import javax.servlet.*; //import javax.servlet.http.HttpServletRequest; //import javax.servlet.http.HttpServletResponse; //import java.io.IOException; //import java.io.PrintWriter; // ///** // * @author zhibing.pu // * @Date 2024/8/23 11:22 // */ //@Order(-200) //@Component //public class AuthFilter implements Filter { // private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); // // @Lazy // @Resource // private AppUserClient appUserClient; // // @Lazy // @Resource // private SysUserClient sysUserClient; // // // @Override // public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { // HttpServletRequest request = (HttpServletRequest) servletRequest; // HttpServletResponse response = (HttpServletResponse) servletResponse; // String token = getToken(request); // Claims claims = JwtUtils.parseToken(token); // String userid = JwtUtils.getUserId(claims); // String userType = JwtUtils.getUserType(claims); // //管理后台用户 // if ("system".equals(userType)) { // SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData(); // if(null == sysUser || "2".equals(sysUser.getDelFlag())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if("1".equals(sysUser.getStatus())){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被停用,请联系系统管理员!"); // return; // } // } // //小程序用户 // if ("applet".equals(userType)) { // TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData(); // if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"无效的账户"); // return; // } // if(2 == appUser.getStatus()){ // log.error("[账户异常处理]请求账户id:{}", userid); // unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!"); // return; // } // } // filterChain.doFilter(request, response); // } // // // // private void unauthorizedResponse(HttpServletResponse response, String msg) { // response.setStatus(HttpStatus.OK.value()); // response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE); // PrintWriter writer = null; // try { // writer = response.getWriter(); // } catch (IOException e) { // throw new RuntimeException(e); // } // writer.println(JSON.toJSONString(R.fail(msg))); // writer.flush(); // writer.close(); // } // // // // /** // * 获取请求token // */ // private String getToken(HttpServletRequest request) { // String token = request.getHeader(TokenConstants.AUTHENTICATION); // // 如果前端设置了令牌前缀,则裁剪掉前缀 // if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) { // token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY); // } // return token; // } // // //}
