From 74f339a1f6f8c225d2cf04b8ba15b5e6654a8efd Mon Sep 17 00:00:00 2001
From: zhibing.pu <393733352@qq.com>
Date: 星期五, 23 八月 2024 13:36:06 +0800
Subject: [PATCH] 修改
---
ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/feignClient/SysUserClient.java | 5
ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/RuoYiOrderApplication.java | 2
ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java | 1
ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java | 117 ++++++++++++++
ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java | 117 ++++++++++++++
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java | 90 +++-------
ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/RuoYiAccountApplication.java | 2
ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/RuoYiOtherApplication.java | 2
ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java | 117 ++++++++++++++
9 files changed, 385 insertions(+), 68 deletions(-)
diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/feignClient/SysUserClient.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/feignClient/SysUserClient.java
index a7a1b24..20f98de 100644
--- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/feignClient/SysUserClient.java
+++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/feignClient/SysUserClient.java
@@ -110,9 +110,4 @@
*/
@PostMapping("/user/resetPassword")
R resetPassword(@RequestBody SysUser user);
-
-
-
- @PostMapping("/user/getSysUserById")
- SysUser getSysUserById(Long userId);
}
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java
index b67f5ef..bfa5fc4 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/RuoYiGatewayApplication.java
@@ -24,4 +24,5 @@
" | | \\ / \\ / \n" +
" ''-' `'-' `-..-' ");
}
+
}
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
index 1cd3f9c..8128e68 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
@@ -1,17 +1,13 @@
package com.ruoyi.gateway.filter;
-import com.ruoyi.account.api.feignClient.AppUserClient;
-import com.ruoyi.account.api.model.TAppUser;
-import com.ruoyi.system.api.domain.SysUser;
-import com.ruoyi.system.api.feignClient.SysUserClient;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.gateway.filter.GatewayFilterChain;
import org.springframework.cloud.gateway.filter.GlobalFilter;
-import org.springframework.context.annotation.Lazy;
import org.springframework.core.Ordered;
import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.stereotype.Component;
import org.springframework.web.server.ServerWebExchange;
@@ -27,7 +23,6 @@
import io.jsonwebtoken.Claims;
import reactor.core.publisher.Mono;
-import javax.annotation.Resource;
import java.util.HashMap;
import java.util.Map;
@@ -48,14 +43,6 @@
@Autowired
private RedisService redisService;
- @Lazy
- @Resource
- private AppUserClient appUserClient;
-
- @Lazy
- @Resource
- private SysUserClient sysUserClient;
-
@Override
@@ -69,20 +56,19 @@
return chain.filter(exchange);
}
//防抖校验
-// try {
-// antiShake(request);
-// }catch (Exception e){
-// log.error("[重复提交]请求路径:{}", exchange.getRequest().getPath());
-// return ServletUtils.webFluxResponseWriter(exchange.getResponse(), e.getMessage(), HttpStatus.SUCCESS);
-// }
+ try {
+ antiShake(request);
+ }catch (Exception e){
+ log.error("[重复提交]请求路径:{}", exchange.getRequest().getPath());
+ return ServletUtils.webFluxResponseWriter(exchange.getResponse(), e.getMessage(), HttpStatus.SUCCESS);
+ }
//校验账户是否有效
-// try {
-// verifyToken(request);
-// verifyAccount(request);
-// }catch (Exception e){
-// return unauthorizedResponse(exchange, e.getMessage());
-// }
+ try {
+ verifyToken(request);
+ }catch (Exception e){
+ return unauthorizedResponse(exchange, e.getMessage());
+ }
String token = getToken(request);
Claims claims = JwtUtils.parseToken(token);
String userkey = JwtUtils.getUserKey(claims);
@@ -140,9 +126,19 @@
* 防抖处理
*/
public void antiShake(ServerHttpRequest request) throws Exception{
+ HttpMethod method = request.getMethod();
+ if(HttpMethod.OPTIONS == method){
+ return;
+ }
HttpHeaders headers = request.getHeaders();
String client = headers.getFirst("client");
String timestamp = headers.getFirst("timestamp");
+ if(StringUtils.isEmpty(client)){
+ throw new RuntimeException("参数异常");
+ }
+ if(StringUtils.isEmpty(timestamp)){
+ throw new RuntimeException("参数异常");
+ }
String url = request.getURI().getPath();
Map<String, Object> cacheMap = redisService.getCacheMap(client);
if(null == cacheMap){
@@ -183,47 +179,15 @@
if (claims == null) {
throw new RuntimeException("令牌已过期或验证不正确!");
}
- String userkey = JwtUtils.getUserKey(claims);
- boolean islogin = redisService.hasKey(getTokenKey(userkey));
- if (!islogin) {
- throw new RuntimeException("登录状态已过期");
- }
+// String userkey = JwtUtils.getUserKey(claims);
+// boolean islogin = redisService.hasKey(getTokenKey(userkey));
+// if (!islogin) {
+// throw new RuntimeException("登录状态已过期");
+// }
String userid = JwtUtils.getUserId(claims);
String username = JwtUtils.getUserName(claims);
if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) {
throw new RuntimeException("令牌验证失败");
- }
- }
-
- /**
- * 校验账户是否有效
- * @param request
- * @throws Exception
- */
- public void verifyAccount(ServerHttpRequest request) throws Exception{
- String token = getToken(request);
- Claims claims = JwtUtils.parseToken(token);
- String userid = JwtUtils.getUserId(claims);
- String userType = JwtUtils.getUserType(claims);
- //管理后台用户
- if ("system".equals(userType)) {
- SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
- if(null == sysUser || "2".equals(sysUser.getDelFlag())){
- throw new RuntimeException("无效的账户");
- }
- if("1".equals(sysUser.getStatus())){
- throw new RuntimeException("账户已被停用,请联系系统管理员!");
- }
- }
- //小程序用户
- if ("applet".equals(userType)) {
- TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
- if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
- throw new RuntimeException("无效的账户");
- }
- if(2 == appUser.getStatus()){
- throw new RuntimeException("账户已被冻结,请联系系统管理员!");
- }
}
}
diff --git a/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/RuoYiAccountApplication.java b/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/RuoYiAccountApplication.java
index b879af8..29b5337 100644
--- a/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/RuoYiAccountApplication.java
+++ b/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/RuoYiAccountApplication.java
@@ -6,6 +6,7 @@
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.servlet.ServletComponentScan;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@@ -19,6 +20,7 @@
@EnableRyFeignClients
@SpringBootApplication
@EnableScheduling//开启定时任务
+@ServletComponentScan
@EnableTransactionManagement//开启事务
public class RuoYiAccountApplication {
public static void main(String[] args) {
diff --git a/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java b/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java
new file mode 100644
index 0000000..2793752
--- /dev/null
+++ b/ruoyi-service/ruoyi-account/src/main/java/com/ruoyi/account/filter/AuthFilter.java
@@ -0,0 +1,117 @@
+package com.ruoyi.account.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.feignClient.AppUserClient;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.JwtUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import io.jsonwebtoken.Claims;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private AppUserClient appUserClient;
+
+ @Lazy
+ @Resource
+ private SysUserClient sysUserClient;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String token = getToken(request);
+ Claims claims = JwtUtils.parseToken(token);
+ String userid = JwtUtils.getUserId(claims);
+ String userType = JwtUtils.getUserType(claims);
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/RuoYiOrderApplication.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/RuoYiOrderApplication.java
index 5fe3649..7255afa 100644
--- a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/RuoYiOrderApplication.java
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/RuoYiOrderApplication.java
@@ -6,6 +6,7 @@
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.servlet.ServletComponentScan;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@@ -19,6 +20,7 @@
@EnableRyFeignClients
@SpringBootApplication
@EnableScheduling//开启定时任务
+@ServletComponentScan
@EnableTransactionManagement//开启事务
public class RuoYiOrderApplication {
public static void main(String[] args) {
diff --git a/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java
new file mode 100644
index 0000000..db9addd
--- /dev/null
+++ b/ruoyi-service/ruoyi-order/src/main/java/com/ruoyi/order/filter/AuthFilter.java
@@ -0,0 +1,117 @@
+package com.ruoyi.order.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.feignClient.AppUserClient;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.JwtUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import io.jsonwebtoken.Claims;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private AppUserClient appUserClient;
+
+ @Lazy
+ @Resource
+ private SysUserClient sysUserClient;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String token = getToken(request);
+ Claims claims = JwtUtils.parseToken(token);
+ String userid = JwtUtils.getUserId(claims);
+ String userType = JwtUtils.getUserType(claims);
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
diff --git a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/RuoYiOtherApplication.java b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/RuoYiOtherApplication.java
index 310262a..f1b9f56 100644
--- a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/RuoYiOtherApplication.java
+++ b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/RuoYiOtherApplication.java
@@ -7,6 +7,7 @@
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.web.servlet.ServletComponentScan;
import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@@ -20,6 +21,7 @@
@EnableRyFeignClients
@SpringBootApplication
@EnableScheduling//开启定时任务
+@ServletComponentScan
@EnableTransactionManagement//开启事务
public class RuoYiOtherApplication {
public static void main(String[] args) {
diff --git a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java
new file mode 100644
index 0000000..7790a23
--- /dev/null
+++ b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/filter/AuthFilter.java
@@ -0,0 +1,117 @@
+package com.ruoyi.other.filter;
+
+import com.alibaba.fastjson.JSON;
+import com.ruoyi.account.api.feignClient.AppUserClient;
+import com.ruoyi.account.api.model.TAppUser;
+import com.ruoyi.common.core.constant.TokenConstants;
+import com.ruoyi.common.core.domain.R;
+import com.ruoyi.common.core.utils.JwtUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.api.feignClient.SysUserClient;
+import io.jsonwebtoken.Claims;
+import org.apache.logging.log4j.core.config.Order;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.context.annotation.Lazy;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * @author zhibing.pu
+ * @Date 2024/8/23 11:22
+ */
+@Order(-200)
+@Component
+public class AuthFilter implements Filter {
+ private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);
+
+ @Lazy
+ @Resource
+ private AppUserClient appUserClient;
+
+ @Lazy
+ @Resource
+ private SysUserClient sysUserClient;
+
+
+ @Override
+ public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+ HttpServletRequest request = (HttpServletRequest) servletRequest;
+ HttpServletResponse response = (HttpServletResponse) servletResponse;
+ String token = getToken(request);
+ Claims claims = JwtUtils.parseToken(token);
+ String userid = JwtUtils.getUserId(claims);
+ String userType = JwtUtils.getUserType(claims);
+ //管理后台用户
+ if ("system".equals(userType)) {
+ SysUser sysUser = sysUserClient.getSysUser(Long.valueOf(userid)).getData();
+ if(null == sysUser || "2".equals(sysUser.getDelFlag())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if("1".equals(sysUser.getStatus())){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被停用,请联系系统管理员!");
+ return;
+ }
+ }
+ //小程序用户
+ if ("applet".equals(userType)) {
+ TAppUser appUser = appUserClient.getUserById(Long.valueOf(userid)).getData();
+ if(null == appUser || appUser.getDelFlag() || 3 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"无效的账户");
+ return;
+ }
+ if(2 == appUser.getStatus()){
+ log.error("[账户异常处理]请求账户id:{}", userid);
+ unauthorizedResponse(response,"账户已被冻结,请联系系统管理员!");
+ return;
+ }
+ }
+ filterChain.doFilter(request, response);
+ }
+
+
+
+ private void unauthorizedResponse(HttpServletResponse response, String msg) {
+ response.setStatus(HttpStatus.OK.value());
+ response.setHeader(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON_UTF8_VALUE);
+ PrintWriter writer = null;
+ try {
+ writer = response.getWriter();
+ } catch (IOException e) {
+ throw new RuntimeException(e);
+ }
+ writer.println(JSON.toJSONString(R.fail(msg)));
+ writer.flush();
+ writer.close();
+ }
+
+
+
+ /**
+ * 获取请求token
+ */
+ private String getToken(HttpServletRequest request) {
+ String token = request.getHeader(TokenConstants.AUTHENTICATION);
+ // 如果前端设置了令牌前缀,则裁剪掉前缀
+ if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
+ token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+ }
+ return token;
+ }
+
+
+}
--
Gitblit v1.7.1