package com.lunhan.xxx.host.api;
|
|
import com.lunhan.xxx.common.config.SysConfig;
|
import com.lunhan.xxx.common.enums.EResultCode;
|
import com.lunhan.xxx.common.exceptions.BusinessException;
|
import com.lunhan.xxx.common.jwt.JWTUtil;
|
import com.lunhan.xxx.common.jwt.LoginUserDTO;
|
import com.lunhan.xxx.common.util.IPUtils;
|
import com.lunhan.xxx.common.util.LocalDateTimeUtil;
|
import com.lunhan.xxx.common.util.RandVerifyCode;
|
import com.lunhan.xxx.common.util.StringUtil;
|
import com.lunhan.xxx.entity.enums.EUserType;
|
import org.apache.commons.lang3.BooleanUtils;
|
import org.springframework.core.annotation.AnnotationUtils;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.HandlerInterceptor;
|
import org.springframework.web.servlet.ModelAndView;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.util.ArrayList;
|
import java.util.List;
|
import java.util.Objects;
|
|
|
@Component
|
public class TokenFilter implements HandlerInterceptor {
|
@Override
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
|
String method = request.getMethod();
|
if ("options".equalsIgnoreCase(method)) {
|
|
return true;
|
}
|
Long now = LocalDateTimeUtil.nowTimeStamp();
|
String reqId = now + RandVerifyCode.complexCode(6);
|
ApiRequestLogDTO req = new ApiRequestLogDTO();
|
req.setRequestTime(now);
|
req.setRequestId(reqId);
|
req.setRequestIP(IPUtils.getIpAddress(request));
|
String urlParams = request.getQueryString();
|
if (StringUtil.isNotNullOrEmpty(urlParams)) {
|
urlParams = "?" + urlParams;
|
}
|
req.setPath(request.getRequestURI() + urlParams);
|
req.setMethod(method);
|
req.setRequestData("");
|
// Map<String, String> mapHeaders = new HashMap<>();
|
// Enumeration<String> headerNames = request.getHeaderNames();
|
// String key = headerNames.nextElement();
|
// while (StringUtil.isNotNullOrEmpty(key)) {
|
// mapHeaders.put(key, request.getHeader(key));
|
// key = headerNames.nextElement();
|
// }
|
req.setRequestHeaders("");
|
String token = request.getHeader(SysConfig.getTokenHeader());
|
req.setRequestToken(token);
|
HttpRequestLogPool.setRequestInfo(req);
|
|
List<Class<?>> listHas = new ArrayList<>();
|
if (handler instanceof HandlerMethod) {
|
HandlerMethod methodHandle = (HandlerMethod) handler;
|
Class<?> clazz = ((HandlerMethod) handler).getBeanType();
|
|
NonLogin nonLogin = methodHandle.getMethodAnnotation(NonLogin.class);
|
// 如果方法拥有跳过登陆验权的注解,则返回成功
|
if (Objects.nonNull(nonLogin)) {
|
return true;
|
}
|
nonLogin = AnnotationUtils.findAnnotation(clazz, NonLogin.class);
|
// 如果此方法所属类拥有跳过登陆验权的注解,则返回成功
|
if (Objects.nonNull(nonLogin)) {
|
return true;
|
}
|
|
MustAdmin mustAdmin = methodHandle.getMethodAnnotation(MustAdmin.class);
|
if (Objects.nonNull(mustAdmin)) {
|
listHas.add(MustAdmin.class);
|
}
|
mustAdmin = AnnotationUtils.findAnnotation(clazz, MustAdmin.class);
|
if (Objects.nonNull(mustAdmin)) {
|
listHas.add(MustAdmin.class);
|
}
|
}
|
if (Objects.isNull(token)) {
|
throw new BusinessException(EResultCode.UNAUTHORIZED, "token未传入");
|
}
|
|
// 验证token
|
LoginUserDTO user = JWTUtil.getUser(token);
|
// 超级管理员拥有所有权限
|
if (Objects.equals(user.getUserType(), EUserType.ADMIN.getValue())) {
|
return true;
|
}
|
if (
|
listHas.contains(MustAdmin.class) && (
|
BooleanUtils.isFalse(Objects.equals(user.getUserType(), EUserType.ADMIN.getValue())) &&
|
BooleanUtils.isFalse(Objects.equals(user.getUserType(), EUserType.ADMIN_USER.getValue()))
|
)
|
) {
|
throw new BusinessException(EResultCode.FORBIDDEN, "没有权限");
|
}
|
return true;
|
}
|
|
@Override
|
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) {
|
|
}
|
|
@Override
|
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
|
|
}
|
}
|
