From 62b7786dfe938a1353f43835cdd7dc239dc1e41b Mon Sep 17 00:00:00 2001
From: puzhibing <393733352@qq.com>
Date: 星期五, 23 八月 2024 17:11:55 +0800
Subject: [PATCH] Merge branch 'master' of http://120.76.84.145:10101/gitblit/r/java/mx_charging_pile
---
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/AuthFilter.java | 118 ++++++
/dev/null | 31 -
ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java | 235 ++++++------
ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java | 234 ++++++------
ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java | 245 ++++++------
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java | 2
ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java | 234 ++++++------
7 files changed, 588 insertions(+), 511 deletions(-)
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
index 1e5df74..d9b5181 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
@@ -74,11 +74,13 @@
String userkey = JwtUtils.getUserKey(claims);
String userid = JwtUtils.getUserId(claims);
String username = JwtUtils.getUserName(claims);
+ String userType = JwtUtils.getUserType(claims);
// 设置用户信息到请求
addHeader(mutate, SecurityConstants.USER_KEY, userkey);
addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
+ addHeader(mutate, SecurityConstants.USER_TYPE, userType);
// 内部请求来源参数清除
removeHeader(mutate, SecurityConstants.FROM_SOURCE);
return chain.filter(exchange.mutate().request(mutate.build()).build());
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/AuthFilter.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/AuthFilter.java
new file mode 100644
index 0000000..9b0c010
--- /dev/null
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/filter/AuthFilter.java
@@ -0,0 +1,118 @@
+package com.ruoyi.system.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.feignClient.AppUserClient;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import com.ruoyi.system.service.ISysUserService;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private AppUserClient appUserClient;
+
+ @Lazy
+ @Resource
+ private ISysUserService sysUserService;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String userid = request.getHeader("user_id");
+ if(StringUtils.isEmpty(userid)){
+ filterChain.doFilter(request, response);
+ return;
+ }
+ String userType = request.getHeader("user_type");
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserService.getById(userid);
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
diff --git a/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java b/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java
index c501425..a529a5f 100644
--- a/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java
+++ b/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java
@@ -1,128 +1,117 @@
-//package com.ruoyi.account.filter;
-//
-//import com.alibaba.fastjson.JSON;
-//import com.ruoyi.account.api.feignClient.AppUserClient;
-//import com.ruoyi.account.api.model.TAppUser;
-//import com.ruoyi.account.service.TAppUserService;
-//import com.ruoyi.common.core.constant.TokenConstants;
-//import com.ruoyi.common.core.domain.R;
-//import com.ruoyi.common.core.utils.JwtUtils;
-//import com.ruoyi.common.core.utils.StringUtils;
-//import com.ruoyi.system.api.domain.SysUser;
-//import com.ruoyi.system.api.feignClient.SysUserClient;
-//import io.jsonwebtoken.Claims;
-//import org.apache.logging.log4j.core.config.Order;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.context.annotation.Lazy;
-//import org.springframework.http.HttpHeaders;
-//import org.springframework.http.HttpStatus;
-//import org.springframework.http.MediaType;
-//import org.springframework.stereotype.Component;
-//
-//import javax.annotation.Resource;
-//import javax.servlet.*;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import java.io.IOException;
-//import java.io.PrintWriter;
-//
-///**
-// * @author zhibing.pu
-// * @Date 2024/8/23 11:22
-// */
-//@Order(-200)
-//@Component
-//public class AuthFilter implements Filter {
-// private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
-// @Lazy
-// @Resource
-// private TAppUserService appUserService;
-//
-// @Lazy
-// @Resource
-// private SysUserClient sysUserClient;
-//
-// @Lazy
-// @Autowired
-// private IgnoreWhiteProperties ignoreWhite;
-//
-//
-// @Override
-// public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
-// HttpServletRequest request = (HttpServletRequest) servletRequest;
-// HttpServletResponse response = (HttpServletResponse) servletResponse;
-// String url = request.getRequestURI();
-// // 跳过不需要验证的路径
-// if (StringUtils.matches(url, ignoreWhite.getWhites())) {
-// filterChain.doFilter(request, response);
-// return;
-// }
-// String token = getToken(request);
-// Claims claims = JwtUtils.parseToken(token);
-// String userid = JwtUtils.getUserId(claims);
-// String userType = JwtUtils.getUserType(claims);
-// //管理后台用户
-// if ("system".equals(userType)) {
-// SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
-// if(null == sysUser || "2".equals(sysUser.getDelFlag())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if("1".equals(sysUser.getStatus())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
-// return;
-// }
-// }
-// //小程序用户
-// if ("applet".equals(userType)) {
-// TAppUser appUser = appUserService.getById(userid);
-// if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if(2 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
-// return;
-// }
-// }
-// filterChain.doFilter(request, response);
-// }
-//
-//
-//
-// private void unauthorizedResponse(HttpServletResponse response, String msg) {
-// response.setStatus(HttpStatus.OK.value());
-// response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
-// PrintWriter writer = null;
-// try {
-// writer = response.getWriter();
-// } catch (IOException e) {
-// throw new RuntimeException(e);
-// }
-// writer.println(JSON.toJSONString(R.fail(msg)));
-// writer.flush();
-// writer.close();
-// }
-//
-//
-//
-// /**
-// * 获取请求token
-// */
-// private String getToken(HttpServletRequest request) {
-// String token = request.getHeader(TokenConstants.AUTHENTICATION);
-// // 如果前端设置了令牌前缀,则裁剪掉前缀
-// if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
-// token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
-// }
-// return token;
-// }
-//
-//
-//}
+package com.ruoyi.account.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.account.service.TAppUserService;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private TAppUserService appUserService;
+
+ @Lazy
+ @Resource
+ private SysUserClient sysUserClient;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String userid = request.getHeader("user_id");
+ if(StringUtils.isEmpty(userid)){
+ filterChain.doFilter(request, response);
+ return;
+ }
+ String userType = request.getHeader("user_type");
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserService.getById(userid);
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
diff --git a/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/IgnoreWhiteProperties.java b/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/IgnoreWhiteProperties.java
deleted file mode 100644
index a89b9f3..0000000
--- a/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/IgnoreWhiteProperties.java
+++ /dev/null
@@ -1,31 +0,0 @@
-package com.ruoyi.account.filter;
-
-import org.springframework.boot.context.properties.ConfigurationProperties;
-import org.springframework.cloud.context.config.annotation.RefreshScope;
-import org.springframework.context.annotation.Configuration;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * 放行白名单配置
- *
- * @author ruoyi
- */
-@Configuration
-@RefreshScope
-@ConfigurationProperties(prefix = "security.ignore")
-public class IgnoreWhiteProperties {
- /**
- * 放行白名单配置,网关不校验此处的白名单
- */
- private List<String> whites = new ArrayList<>();
-
- public List<String> getWhites() {
- return whites;
- }
-
- public void setWhites(List<String> whites) {
- this.whites = whites;
- }
-}
diff --git a/ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java b/ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java
index 6f3ca9e..467e29a 100644
--- a/ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java
+++ b/ruoyi-service/ruoyi-chargingPile/src/main/java/com/ruoyi/chargingPile/filter/AuthFilter.java
@@ -1,118 +1,117 @@
-//package com.ruoyi.chargingPile.filter;
-//
-//import com.alibaba.fastjson.JSON;
-//import com.ruoyi.account.api.feignClient.AppUserClient;
-//import com.ruoyi.account.api.model.TAppUser;
-//import com.ruoyi.common.core.constant.TokenConstants;
-//import com.ruoyi.common.core.domain.R;
-//import com.ruoyi.common.core.utils.JwtUtils;
-//import com.ruoyi.common.core.utils.StringUtils;
-//import com.ruoyi.system.api.domain.SysUser;
-//import com.ruoyi.system.api.feignClient.SysUserClient;
-//import io.jsonwebtoken.Claims;
-//import org.apache.logging.log4j.core.config.Order;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.context.annotation.Lazy;
-//import org.springframework.http.HttpHeaders;
-//import org.springframework.http.HttpStatus;
-//import org.springframework.http.MediaType;
-//import org.springframework.stereotype.Component;
-//
-//import javax.annotation.Resource;
-//import javax.servlet.*;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import java.io.IOException;
-//import java.io.PrintWriter;
-//import java.io.UnsupportedEncodingException;
-//
-///**
-// * @author zhibing.pu
-// * @Date 2024/8/23 11:22
-// */
-//@Order(-200)
-//@Component
-//public class AuthFilter implements Filter {
-// private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
-//
-// @Lazy
-// @Resource
-// private AppUserClient appUserClient;
-//
-// @Lazy
-// @Resource
-// private SysUserClient sysUserClient;
-//
-//
-// @Override
-// public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
-// HttpServletRequest request = (HttpServletRequest) servletRequest;
-// HttpServletResponse response = (HttpServletResponse) servletResponse;
-// String token = getToken(request);
-// Claims claims = JwtUtils.parseToken(token);
-// String userid = JwtUtils.getUserId(claims);
-// String userType = JwtUtils.getUserType(claims);
-// //管理后台用户
-// if ("system".equals(userType)) {
-// SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
-// if(null == sysUser || "2".equals(sysUser.getDelFlag())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if("1".equals(sysUser.getStatus())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
-// return;
-// }
-// }
-// //小程序用户
-// if ("applet".equals(userType)) {
-// TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
-// if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if(2 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
-// return;
-// }
-// }
-// filterChain.doFilter(request, response);
-// }
-//
-//
-//
-// private void unauthorizedResponse(HttpServletResponse response, String msg) {
-// response.setStatus(HttpStatus.OK.value());
-// response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
-// PrintWriter writer = null;
-// try {
-// writer = response.getWriter();
-// } catch (IOException e) {
-// throw new RuntimeException(e);
-// }
-// writer.println(JSON.toJSONString(R.fail(msg)));
-// writer.flush();
-// writer.close();
-// }
-//
-//
-//
-// /**
-// * 获取请求token
-// */
-// private String getToken(HttpServletRequest request) {
-// String token = request.getHeader(TokenConstants.AUTHENTICATION);
-// // 如果前端设置了令牌前缀,则裁剪掉前缀
-// if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
-// token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
-// }
-// return token;
-// }
-//
-//
-//}
+package com.ruoyi.chargingPile.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.feignClient.AppUserClient;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private AppUserClient appUserClient;
+
+ @Lazy
+ @Resource
+ private SysUserClient sysUserClient;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String userid = request.getHeader("user_id");
+ if(StringUtils.isEmpty(userid)){
+ filterChain.doFilter(request, response);
+ return;
+ }
+ String userType = request.getHeader("user_type");
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java
index d103791..6d39f09 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java
@@ -1,117 +1,117 @@
-//package com.ruoyi.order.filter;
-//
-//import com.alibaba.fastjson.JSON;
-//import com.ruoyi.account.api.feignClient.AppUserClient;
-//import com.ruoyi.account.api.model.TAppUser;
-//import com.ruoyi.common.core.constant.TokenConstants;
-//import com.ruoyi.common.core.domain.R;
-//import com.ruoyi.common.core.utils.JwtUtils;
-//import com.ruoyi.common.core.utils.StringUtils;
-//import com.ruoyi.system.api.domain.SysUser;
-//import com.ruoyi.system.api.feignClient.SysUserClient;
-//import io.jsonwebtoken.Claims;
-//import org.apache.logging.log4j.core.config.Order;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.context.annotation.Lazy;
-//import org.springframework.http.HttpHeaders;
-//import org.springframework.http.HttpStatus;
-//import org.springframework.http.MediaType;
-//import org.springframework.stereotype.Component;
-//
-//import javax.annotation.Resource;
-//import javax.servlet.*;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import java.io.IOException;
-//import java.io.PrintWriter;
-//
-///**
-// * @author zhibing.pu
-// * @Date 2024/8/23 11:22
-// */
-//@Order(-200)
-//@Component
-//public class AuthFilter implements Filter {
-// private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
-//
-// @Lazy
-// @Resource
-// private AppUserClient appUserClient;
-//
-// @Lazy
-// @Resource
-// private SysUserClient sysUserClient;
-//
-//
-// @Override
-// public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
-// HttpServletRequest request = (HttpServletRequest) servletRequest;
-// HttpServletResponse response = (HttpServletResponse) servletResponse;
-// String token = getToken(request);
-// Claims claims = JwtUtils.parseToken(token);
-// String userid = JwtUtils.getUserId(claims);
-// String userType = JwtUtils.getUserType(claims);
-// //管理后台用户
-// if ("system".equals(userType)) {
-// SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
-// if(null == sysUser || "2".equals(sysUser.getDelFlag())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if("1".equals(sysUser.getStatus())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
-// return;
-// }
-// }
-// //小程序用户
-// if ("applet".equals(userType)) {
-// TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
-// if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if(2 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
-// return;
-// }
-// }
-// filterChain.doFilter(request, response);
-// }
-//
-//
-//
-// private void unauthorizedResponse(HttpServletResponse response, String msg) {
-// response.setStatus(HttpStatus.OK.value());
-// response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
-// PrintWriter writer = null;
-// try {
-// writer = response.getWriter();
-// } catch (IOException e) {
-// throw new RuntimeException(e);
-// }
-// writer.println(JSON.toJSONString(R.fail(msg)));
-// writer.flush();
-// writer.close();
-// }
-//
-//
-//
-// /**
-// * 获取请求token
-// */
-// private String getToken(HttpServletRequest request) {
-// String token = request.getHeader(TokenConstants.AUTHENTICATION);
-// // 如果前端设置了令牌前缀,则裁剪掉前缀
-// if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
-// token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
-// }
-// return token;
-// }
-//
-//
-//}
+package com.ruoyi.order.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.feignClient.AppUserClient;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private AppUserClient appUserClient;
+
+ @Lazy
+ @Resource
+ private SysUserClient sysUserClient;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String userid = request.getHeader("user_id");
+ if(StringUtils.isEmpty(userid)){
+ filterChain.doFilter(request, response);
+ return;
+ }
+ String userType = request.getHeader("user_type");
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
diff --git a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java
index 89e8832..d1e25ba 100644
--- a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java
+++ b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java
@@ -1,117 +1,117 @@
-//package com.ruoyi.other.filter;
-//
-//import com.alibaba.fastjson.JSON;
-//import com.ruoyi.account.api.feignClient.AppUserClient;
-//import com.ruoyi.account.api.model.TAppUser;
-//import com.ruoyi.common.core.constant.TokenConstants;
-//import com.ruoyi.common.core.domain.R;
-//import com.ruoyi.common.core.utils.JwtUtils;
-//import com.ruoyi.common.core.utils.StringUtils;
-//import com.ruoyi.system.api.domain.SysUser;
-//import com.ruoyi.system.api.feignClient.SysUserClient;
-//import io.jsonwebtoken.Claims;
-//import org.apache.logging.log4j.core.config.Order;
-//import org.slf4j.Logger;
-//import org.slf4j.LoggerFactory;
-//import org.springframework.context.annotation.Lazy;
-//import org.springframework.http.HttpHeaders;
-//import org.springframework.http.HttpStatus;
-//import org.springframework.http.MediaType;
-//import org.springframework.stereotype.Component;
-//
-//import javax.annotation.Resource;
-//import javax.servlet.*;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import java.io.IOException;
-//import java.io.PrintWriter;
-//
-///**
-// * @author zhibing.pu
-// * @Date 2024/8/23 11:22
-// */
-//@Order(-200)
-//@Component
-//public class AuthFilter implements Filter {
-// private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
-//
-// @Lazy
-// @Resource
-// private AppUserClient appUserClient;
-//
-// @Lazy
-// @Resource
-// private SysUserClient sysUserClient;
-//
-//
-// @Override
-// public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
-// HttpServletRequest request = (HttpServletRequest) servletRequest;
-// HttpServletResponse response = (HttpServletResponse) servletResponse;
-// String token = getToken(request);
-// Claims claims = JwtUtils.parseToken(token);
-// String userid = JwtUtils.getUserId(claims);
-// String userType = JwtUtils.getUserType(claims);
-// //管理后台用户
-// if ("system".equals(userType)) {
-// SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
-// if(null == sysUser || "2".equals(sysUser.getDelFlag())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if("1".equals(sysUser.getStatus())){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
-// return;
-// }
-// }
-// //小程序用户
-// if ("applet".equals(userType)) {
-// TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
-// if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"无效的账户");
-// return;
-// }
-// if(2 == appUser.getStatus()){
-// log.error("[账户异常处理]请求账户id:{}", userid);
-// unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
-// return;
-// }
-// }
-// filterChain.doFilter(request, response);
-// }
-//
-//
-//
-// private void unauthorizedResponse(HttpServletResponse response, String msg) {
-// response.setStatus(HttpStatus.OK.value());
-// response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
-// PrintWriter writer = null;
-// try {
-// writer = response.getWriter();
-// } catch (IOException e) {
-// throw new RuntimeException(e);
-// }
-// writer.println(JSON.toJSONString(R.fail(msg)));
-// writer.flush();
-// writer.close();
-// }
-//
-//
-//
-// /**
-// * 获取请求token
-// */
-// private String getToken(HttpServletRequest request) {
-// String token = request.getHeader(TokenConstants.AUTHENTICATION);
-// // 如果前端设置了令牌前缀,则裁剪掉前缀
-// if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
-// token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
-// }
-// return token;
-// }
-//
-//
-//}
+package com.ruoyi.other.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.feignClient.AppUserClient;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private AppUserClient appUserClient;
+
+ @Lazy
+ @Resource
+ private SysUserClient sysUserClient;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String userid = request.getHeader("user_id");
+ if(StringUtils.isEmpty(userid)){
+ filterChain.doFilter(request, response);
+ return;
+ }
+ String userType = request.getHeader("user_type");
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
--
Gitblit v1.7.1