java/mx_charging_pile.git

parent: 74f339a1 | 补丁 | 提交 | ignore whitespace

zhibing.pu

2024-08-23 6fe2d7f0114d77c9f63f53cb22bf53e496f50774

修改

1个文件已添加

5个文件已修改

	ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java	2 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/AuthFilter.java	118 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java	15 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java	10 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java	10 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java	10 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java

@@ -74,11 +74,13 @@
        String userkey = JwtUtils.getUserKey(claims);
        String userid = JwtUtils.getUserId(claims);
        String username = JwtUtils.getUserName(claims);
        String userType = JwtUtils.getUserType(claims);
        
        // 设置用户信息到请求
        addHeader(mutate, SecurityConstants.USER_KEY, userkey);
        addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
        addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
        addHeader(mutate, SecurityConstants.USER_TYPE, userType);
        // 内部请求来源参数清除
        removeHeader(mutate, SecurityConstants.FROM_SOURCE);
        return chain.filter(exchange.mutate().request(mutate.build()).build());

 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/AuthFilter.java

New file
@@ -0,0 +1,118 @@
package com.ruoyi.system.filter;

import com.alibaba.fastjson.JSON;
import com.ruoyi.account.api.feignClient.AppUserClient;
import com.ruoyi.account.api.model.TAppUser;
import com.ruoyi.common.core.constant.TokenConstants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.utils.StringUtils;
import com.ruoyi.system.api.domain.SysUser;
import com.ruoyi.system.api.feignClient.SysUserClient;
import com.ruoyi.system.service.ISysUserService;
import org.apache.logging.log4j.core.config.Order;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * @author zhibing.pu
 * @Date 2024/8/23 11:22
 */
@Order(-200)
@Component
public class AuthFilter implements Filter {
    private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
	
    @Lazy
    @Resource
    private AppUserClient appUserClient;
	
    @Lazy
    @Resource
    private ISysUserService sysUserService;
	
	
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);
            return;
        }
        String userType = request.getHeader("user_type");
        //管理后台用户
        if ("system".equals(userType)) {
            SysUser sysUser = sysUserService.getById(userid);
            if(null == sysUser || "2".equals(sysUser.getDelFlag())){
                log.error("[账户异常处理]请求账户id:{}", userid);
                unauthorizedResponse(response,"无效的账户");
                return;
            }
            if("1".equals(sysUser.getStatus())){
                log.error("[账户异常处理]请求账户id:{}", userid);
                unauthorizedResponse(response,"账户已被停用，请联系系统管理员！");
                return;
            }
        }
        //小程序用户
        if ("applet".equals(userType)) {
            TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
            if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
                log.error("[账户异常处理]请求账户id:{}", userid);
                unauthorizedResponse(response,"无效的账户");
                return;
            }
            if(2 == appUser.getStatus()){
                log.error("[账户异常处理]请求账户id:{}", userid);
                unauthorizedResponse(response,"账户已被冻结，请联系系统管理员！");
                return;
            }
        }
        filterChain.doFilter(request, response);
    }
	
	
	
    private void unauthorizedResponse(HttpServletResponse response, String msg) {
        response.setStatus(HttpStatus.OK.value());
        response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
        PrintWriter writer = null;
        try {
            writer = response.getWriter();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
        writer.println(JSON.toJSONString(R.fail(msg)));
        writer.flush();
        writer.close();
    }
	
	
	
    /**
     * 获取请求token
     */
    private String getToken(HttpServletRequest request) {
        String token = request.getHeader(TokenConstants.AUTHENTICATION);
        // 如果前端设置了令牌前缀，则裁剪掉前缀
        if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
            token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
        }
        return token;
    }
	
	
}

 ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java

@@ -3,6 +3,7 @@
import com.alibaba.fastjson.JSON;
import com.ruoyi.account.api.feignClient.AppUserClient;
import com.ruoyi.account.api.model.TAppUser;
import com.ruoyi.account.service.TAppUserService;
import com.ruoyi.common.core.constant.TokenConstants;
import com.ruoyi.common.core.domain.R;
import com.ruoyi.common.core.utils.JwtUtils;
@@ -37,7 +38,7 @@
    
    @Lazy
    @Resource
    private AppUserClient appUserClient;
    private TAppUserService appUserService;
    
    @Lazy
    @Resource
@@ -48,10 +49,12 @@
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String token = getToken(request);
        Claims claims = JwtUtils.parseToken(token);
        String userid = JwtUtils.getUserId(claims);
        String userType = JwtUtils.getUserType(claims);
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);
            return;
        }
        String userType = request.getHeader("user_type");
        //管理后台用户
        if ("system".equals(userType)) {
            SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
@@ -68,7 +71,7 @@
        }
        //小程序用户
        if ("applet".equals(userType)) {
            TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
            TAppUser appUser = appUserService.getById(userid);
            if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
                log.error("[账户异常处理]请求账户id:{}", userid);
                unauthorizedResponse(response,"无效的账户");

 ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java

@@ -49,10 +49,12 @@
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String token = getToken(request);
        Claims claims = JwtUtils.parseToken(token);
        String userid = JwtUtils.getUserId(claims);
        String userType = JwtUtils.getUserType(claims);
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);
            return;
        }
        String userType = request.getHeader("user_type");
        //管理后台用户
        if ("system".equals(userType)) {
            SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();

 ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java

@@ -48,10 +48,12 @@
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String token = getToken(request);
        Claims claims = JwtUtils.parseToken(token);
        String userid = JwtUtils.getUserId(claims);
        String userType = JwtUtils.getUserType(claims);
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);
            return;
        }
        String userType = request.getHeader("user_type");
        //管理后台用户
        if ("system".equals(userType)) {
            SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();

 ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java

@@ -48,10 +48,12 @@
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String token = getToken(request);
        Claims claims = JwtUtils.parseToken(token);
        String userid = JwtUtils.getUserId(claims);
        String userType = JwtUtils.getUserType(claims);
        String userid = request.getHeader("user_id");
        if(StringUtils.isEmpty(userid)){
            filterChain.doFilter(request, response);
            return;
        }
        String userType = request.getHeader("user_type");
        //管理后台用户
        if ("system".equals(userType)) {
            SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();

			@@ -74,11 +74,13 @@
			String userkey = JwtUtils.getUserKey(claims);
			String userid = JwtUtils.getUserId(claims);
			String username = JwtUtils.getUserName(claims);
			String userType = JwtUtils.getUserType(claims);

			// 设置用户信息到请求
			addHeader(mutate, SecurityConstants.USER_KEY, userkey);
			addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
			addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
			addHeader(mutate, SecurityConstants.USER_TYPE, userType);
			// 内部请求来源参数清除
			removeHeader(mutate, SecurityConstants.FROM_SOURCE);
			return chain.filter(exchange.mutate().request(mutate.build()).build());

New file
			@@ -0,0 +1,118 @@
			package com.ruoyi.system.filter;

			import com.alibaba.fastjson.JSON;
			import com.ruoyi.account.api.feignClient.AppUserClient;
			import com.ruoyi.account.api.model.TAppUser;
			import com.ruoyi.common.core.constant.TokenConstants;
			import com.ruoyi.common.core.domain.R;
			import com.ruoyi.common.core.utils.StringUtils;
			import com.ruoyi.system.api.domain.SysUser;
			import com.ruoyi.system.api.feignClient.SysUserClient;
			import com.ruoyi.system.service.ISysUserService;
			import org.apache.logging.log4j.core.config.Order;
			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;
			import org.springframework.context.annotation.Lazy;
			import org.springframework.http.HttpHeaders;
			import org.springframework.http.HttpStatus;
			import org.springframework.http.MediaType;
			import org.springframework.stereotype.Component;

			import javax.annotation.Resource;
			import javax.servlet.*;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.IOException;
			import java.io.PrintWriter;

			/**
			* @author zhibing.pu
			* @Date 2024/8/23 11:22
			*/
			@Order(-200)
			@Component
			public class AuthFilter implements Filter {
			private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);

			@Lazy
			@Resource
			private AppUserClient appUserClient;

			@Lazy
			@Resource
			private ISysUserService sysUserService;


			@Override
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;
			String userid = request.getHeader("user_id");
			if(StringUtils.isEmpty(userid)){
			filterChain.doFilter(request, response);
			return;
			}
			String userType = request.getHeader("user_type");
			//管理后台用户
			if ("system".equals(userType)) {
			SysUser sysUser = sysUserService.getById(userid);
			if(null == sysUser \|\| "2".equals(sysUser.getDelFlag())){
			log.error("[账户异常处理]请求账户id:{}", userid);
			unauthorizedResponse(response,"无效的账户");
			return;
			}
			if("1".equals(sysUser.getStatus())){
			log.error("[账户异常处理]请求账户id:{}", userid);
			unauthorizedResponse(response,"账户已被停用，请联系系统管理员！");
			return;
			}
			}
			//小程序用户
			if ("applet".equals(userType)) {
			TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
			if(null == appUser \|\| appUser.getDelFlag() \|\| 3 == appUser.getStatus()){
			log.error("[账户异常处理]请求账户id:{}", userid);
			unauthorizedResponse(response,"无效的账户");
			return;
			}
			if(2 == appUser.getStatus()){
			log.error("[账户异常处理]请求账户id:{}", userid);
			unauthorizedResponse(response,"账户已被冻结，请联系系统管理员！");
			return;
			}
			}
			filterChain.doFilter(request, response);
			}



			private void unauthorizedResponse(HttpServletResponse response, String msg) {
			response.setStatus(HttpStatus.OK.value());
			response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
			PrintWriter writer = null;
			try {
			writer = response.getWriter();
			} catch (IOException e) {
			throw new RuntimeException(e);
			}
			writer.println(JSON.toJSONString(R.fail(msg)));
			writer.flush();
			writer.close();
			}



			/**
			* 获取请求token
			*/
			private String getToken(HttpServletRequest request) {
			String token = request.getHeader(TokenConstants.AUTHENTICATION);
			// 如果前端设置了令牌前缀，则裁剪掉前缀
			if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
			token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
			}
			return token;
			}


			}

			@@ -3,6 +3,7 @@
			import com.alibaba.fastjson.JSON;
			import com.ruoyi.account.api.feignClient.AppUserClient;
			import com.ruoyi.account.api.model.TAppUser;
			import com.ruoyi.account.service.TAppUserService;
			import com.ruoyi.common.core.constant.TokenConstants;
			import com.ruoyi.common.core.domain.R;
			import com.ruoyi.common.core.utils.JwtUtils;
			@@ -37,7 +38,7 @@

			@Lazy
			@Resource
			private AppUserClient appUserClient;
			private TAppUserService appUserService;

			@Lazy
			@Resource
			@@ -48,10 +49,12 @@
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;
			String token = getToken(request);
			Claims claims = JwtUtils.parseToken(token);
			String userid = JwtUtils.getUserId(claims);
			String userType = JwtUtils.getUserType(claims);
			String userid = request.getHeader("user_id");
			if(StringUtils.isEmpty(userid)){
			filterChain.doFilter(request, response);
			return;
			}
			String userType = request.getHeader("user_type");
			//管理后台用户
			if ("system".equals(userType)) {
			SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
			@@ -68,7 +71,7 @@
			}
			//小程序用户
			if ("applet".equals(userType)) {
			TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
			TAppUser appUser = appUserService.getById(userid);
			if(null == appUser \|\| appUser.getDelFlag() \|\| 3 == appUser.getStatus()){
			log.error("[账户异常处理]请求账户id:{}", userid);
			unauthorizedResponse(response,"无效的账户");

			@@ -49,10 +49,12 @@
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;
			String token = getToken(request);
			Claims claims = JwtUtils.parseToken(token);
			String userid = JwtUtils.getUserId(claims);
			String userType = JwtUtils.getUserType(claims);
			String userid = request.getHeader("user_id");
			if(StringUtils.isEmpty(userid)){
			filterChain.doFilter(request, response);
			return;
			}
			String userType = request.getHeader("user_type");
			//管理后台用户
			if ("system".equals(userType)) {
			SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();

			@@ -48,10 +48,12 @@
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;
			String token = getToken(request);
			Claims claims = JwtUtils.parseToken(token);
			String userid = JwtUtils.getUserId(claims);
			String userType = JwtUtils.getUserType(claims);
			String userid = request.getHeader("user_id");
			if(StringUtils.isEmpty(userid)){
			filterChain.doFilter(request, response);
			return;
			}
			String userType = request.getHeader("user_type");
			//管理后台用户
			if ("system".equals(userType)) {
			SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();