package com.xzx.gc.interceptor;
|
|
|
import com.xzx.gc.common.annotations.PassToken;
|
import com.xzx.gc.common.constant.RedisKeyConstant;
|
import com.xzx.gc.common.exception.RestException;
|
import com.xzx.gc.common.utils.LogUtils;
|
import com.xzx.gc.common.utils.RedisUtil;
|
import com.xzx.gc.common.utils.SpringUtil;
|
import com.xzx.gc.entity.CoreUser;
|
import com.xzx.gc.model.ExceptionEnum;
|
import com.xzx.gc.model.MiException;
|
import com.xzx.gc.util.SessionUtil;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.HandlerInterceptor;
|
import org.springframework.web.servlet.ModelAndView;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.lang.reflect.Method;
|
|
@Component
|
@Slf4j
|
public class SessionInterceptor implements HandlerInterceptor{
|
|
|
@Autowired
|
private RedisUtil redisUtil;
|
|
|
@Override
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
|
|
String sessionId=request.getSession().getId();
|
// log.debug("进行SESSION拦截器:{},{}",sessionId,request.getRequestURI());
|
|
if(SpringUtil.isDev()&&"true".equals(request.getHeader("swagger"))){
|
return true;
|
}
|
|
// 如果不是映射到方法直接通过或者是否有passtoken注释,有则跳过认证
|
if (!(o instanceof HandlerMethod)) {
|
return true;
|
}
|
HandlerMethod handlerMethod = (HandlerMethod) o;
|
Method method = handlerMethod.getMethod();
|
if(method.getName().equals("dataEchart")){
|
return true;
|
}
|
if(method.getName().equals("queryListMap")){
|
return true;
|
}
|
if (method.isAnnotationPresent(PassToken.class)) {
|
PassToken passToken = method.getAnnotation(PassToken.class);
|
if (passToken.required()) {
|
return true;
|
}
|
}
|
|
//验证session是否存在
|
Object obj = request.getSession().getAttribute(SessionUtil.ACCESS_CURRENT_USER);
|
Object obj2 = request.getSession().getAttribute(SessionUtil.ACCESS_CURRENT_ORG);
|
if(obj == null||obj2==null){
|
throw new MiException(ExceptionEnum.DATABASE_EXCEPTION);
|
}
|
CoreUser user= (CoreUser) obj;
|
Long userId=user.getId();
|
|
if(SpringUtil.isProdOrCloud()) {
|
String oldSessionId = redisUtil.get(RedisKeyConstant.USER_SESSION_KEY + userId);
|
if (!sessionId.equals(oldSessionId)) {
|
throw new RestException(-2, "您的登录已经过期,请重新登录");
|
}
|
}
|
|
LogUtils.setTraceId(LogUtils.TRACE_USER_ID,userId==null?"匿名":userId+"");
|
|
return true;
|
}
|
|
@Override
|
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
|
}
|
|
@Override
|
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
|
|
LogUtils.clearTraceId();
|
}
|
}
|
