From f7ea5773570beb5ad8c6efb5c1cf743294ee079b Mon Sep 17 00:00:00 2001
From: wzy <wzy19931122ai@163.com>
Date: Sun, 24 Jan 2021 14:16:04 +0800
Subject: [PATCH] modify
---
zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java | 129 +++++++++++++++++++++++++++++++++++++++++++
1 files changed, 129 insertions(+), 0 deletions(-)
diff --git a/zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java b/zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java
new file mode 100644
index 0000000..4fe5642
--- /dev/null
+++ b/zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java
@@ -0,0 +1,129 @@
+package com.matrix.system.common.interceptor;
+
+import com.alibaba.fastjson.JSONObject;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.matrix.component.redis.RedisClient;
+import com.matrix.component.redis.RedisUserLoginUtils;
+import com.matrix.core.constance.MatrixConstance;
+import com.matrix.core.pojo.AjaxResult;
+import com.matrix.core.tools.LogUtil;
+import com.matrix.core.tools.RSAUtils;
+import com.matrix.core.tools.StringUtils;
+import com.matrix.system.common.bean.SysUsers;
+import com.matrix.system.common.dao.SysUsersDao;
+import com.matrix.system.hive.bean.SysVipInfo;
+import com.matrix.system.hive.dao.SysVipInfoDao;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @author wzy
+ * @date 2020-12-21
+ **/
+@Component
+public class ApiUserLoginInterceptor implements HandlerInterceptor {
+
+ @Autowired
+ private RedisClient redisClient;
+
+ @Value("${login_private_key}")
+ private String privateKey;
+
+ @Value("${evn}")
+ private String evn;
+
+ @Autowired
+ private SysUsersDao sysUsersDao;
+
+ private final String TOKEN_HEADER = "Authorization";
+ private final String TOKEN_START_WITH = "Bearer ";
+
+ @Override
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+ if ("dev".equals(evn)) {
+ SysUsers sysUsers = sysUsersDao.selectById(1012L);
+ request.getSession().setAttribute(MatrixConstance.LOGIN_KEY, sysUsers);
+ return true;
+ }
+
+ String token = resolveToken(request);
+ AjaxResult ajaxResult = new AjaxResult();
+ ajaxResult.setStatus(AjaxResult.STATUS_LOGIN_INVALID);
+
+ response.setCharacterEncoding("UTF-8");
+ response.setContentType("application/json; charset=utf-8");
+ if (StringUtils.isBlank(token)) {
+ ajaxResult.setInfo("login time out");
+ response.getWriter().write(new ObjectMapper().writeValueAsString(ajaxResult));
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ return false;
+ }
+
+ String userStr = redisClient.getCachedValue(token);
+// redisClient.resetExpire(token);
+ if (StringUtils.isBlank(userStr)) {
+ ajaxResult.setInfo("login time out");
+ response.getWriter().write(new ObjectMapper().writeValueAsString(ajaxResult));
+ response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+ return false;
+ }
+
+ SysUsers sysUsers = JSONObject.parseObject(userStr, SysUsers.class);
+ request.getSession().setAttribute(MatrixConstance.LOGIN_KEY, sysUsers);
+ return true;
+ }
+
+ @Override
+ public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+ request.getSession().removeAttribute(MatrixConstance.LOGIN_KEY);
+ }
+
+ @Override
+ public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+
+ }
+
+ /**
+ * 解析token token_timestamp_url
+ *
+ * @param request
+ * @return
+ */
+ private String resolveToken(HttpServletRequest request) {
+ String headToken = request.getHeader(TOKEN_HEADER);
+ String sb = request.getRequestURI();
+
+ if (StringUtils.isNotBlank(headToken) && headToken.startsWith(TOKEN_START_WITH)) {
+ // 去掉令牌前缀
+ String rsaToken = headToken.replace(TOKEN_START_WITH, "");
+
+ try {
+ String decryptToken = new String(RSAUtils.decryptByPrivateKey(rsaToken, privateKey));
+
+ String[] s = decryptToken.split("_");
+ if (s == null || s.length != 3) {
+ return "";
+ }
+
+ LogUtil.info("请求路径:{} -- {}", sb, s[2]);
+ if (!sb.equals(s[2])) {
+ return "";
+ }
+
+ return s[0];
+ } catch (Exception e) {
+ LogUtil.info("#token解析错误:{}#", e);
+ return "";
+ }
+
+ }
+
+ return "";
+ }
+}
--
Gitblit v1.9.1