From c253b555c7905c5136d47cd615ef545fa50cc6ad Mon Sep 17 00:00:00 2001
From: 935090232@qq.com <ak473600000>
Date: Sun, 20 Feb 2022 21:24:16 +0800
Subject: [PATCH] Merge branch 'api_score_meger'
---
zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java | 123 +++++++++++++++++++++++++++++++++++++++++
1 files changed, 123 insertions(+), 0 deletions(-)
diff --git a/zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java b/zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java
new file mode 100644
index 0000000..cb284a7
--- /dev/null
+++ b/zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java
@@ -0,0 +1,123 @@
+package com.matrix.system.common.interceptor;
+
+import com.alibaba.fastjson.JSONObject;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.matrix.core.constance.MatrixConstance;
+import com.matrix.core.pojo.AjaxResult;
+import com.matrix.core.tools.LogUtil;
+import com.matrix.core.tools.RSAUtils;
+import com.matrix.core.tools.StringUtils;
+import com.matrix.system.common.bean.SysUsers;
+import com.matrix.system.common.dao.SysUsersDao;
+import com.matrix.system.common.init.LocalCache;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Objects;
+
+/**
+ * @author wzy
+ * @date 2020-12-21
+ **/
+@Component
+public class ApiUserLoginInterceptor implements HandlerInterceptor {
+
+
+ @Value("${login_private_key}")
+ private String privateKey;
+
+ @Value("${evn}")
+ private String evn;
+
+ @Autowired
+ private SysUsersDao sysUsersDao;
+
+ private static final String TOKEN_HEADER = "Authorization";
+ private static final String TOKEN_START_WITH = "Bearer ";
+
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+// if ("dev".equals(evn)) {
+// SysUsers sysUsers = sysUsersDao.selectById(1022L);
+// request.getSession().setAttribute(MatrixConstance.LOGIN_KEY, sysUsers);
+// return true;
+// }
+
+ String token = resolveToken(request,privateKey);
+ AjaxResult ajaxResult = new AjaxResult();
+ ajaxResult.setStatus(AjaxResult.STATUS_LOGIN_INVALID);
+
+ response.setCharacterEncoding("UTF-8");
+ response.setContentType("application/json; charset=utf-8");
+ if (StringUtils.isBlank(token)) {
+ ajaxResult.setInfo("login time out");
+ response.getWriter().write(new ObjectMapper().writeValueAsString(ajaxResult));
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ return false;
+ }
+
+ SysUsers sysUsers = LocalCache.get(token);
+ if (Objects.isNull(sysUsers)) {
+ ajaxResult.setInfo("login time out");
+ response.getWriter().write(new ObjectMapper().writeValueAsString(ajaxResult));
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ return false;
+ }
+
+ request.getSession().setAttribute(MatrixConstance.LOGIN_KEY, sysUsers);
+ return true;
+ }
+
+ @Override
+ public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+ request.getSession().removeAttribute(MatrixConstance.LOGIN_KEY);
+ }
+
+ @Override
+ public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+
+ }
+
+ /**
+ * 解析token token_timestamp_url
+ *
+ * @param request
+ * @return
+ */
+ public static String resolveToken(HttpServletRequest request,String privateKey) {
+ String headToken = request.getHeader(TOKEN_HEADER);
+ String sb = request.getRequestURI();
+
+ if (StringUtils.isNotBlank(headToken) && headToken.startsWith(TOKEN_START_WITH)) {
+ // 去掉令牌前缀
+ String rsaToken = headToken.replace(TOKEN_START_WITH, "");
+
+ try {
+ String decryptToken = new String(RSAUtils.decryptByPrivateKey(rsaToken, privateKey));
+
+ String[] s = decryptToken.split("_");
+ if (s == null || s.length != 3) {
+ return "";
+ }
+
+ LogUtil.info("请求路径:{} -- {}", sb, s[2]);
+ if (!sb.equals(s[2])) {
+ return "";
+ }
+
+ return s[0];
+ } catch (Exception e) {
+ LogUtil.info("#token解析错误:{}#", e);
+ return "";
+ }
+
+ }
+
+ return "";
+ }
+}
--
Gitblit v1.9.1