package cc.mrbird.febs.common.interceptor; import cc.mrbird.febs.common.entity.FebsResponse; import cc.mrbird.febs.common.utils.AppContants; import cc.mrbird.febs.common.utils.RedisUtils; import cc.mrbird.febs.common.utils.SpringContextUtil; import cc.mrbird.febs.mall.entity.MallMember; import cn.hutool.core.util.StrUtil; import cn.hutool.crypto.asymmetric.KeyType; import cn.hutool.crypto.asymmetric.RSA; import com.alibaba.fastjson.JSON; import com.fasterxml.jackson.databind.ObjectMapper; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.http.HttpStatus; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * @author xxx * @date 2020-08-24 **/ @Slf4j public class LoginInterceptor implements HandlerInterceptor { private final RedisUtils redisUtils = SpringContextUtil.getBean(RedisUtils.class); @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String headerToken = request.getHeader("token"); if (StringUtils.isBlank(headerToken)) { responseUnAuth(response); return false; } String token = resolveToken(headerToken); if (token == null || AppContants.TIME_OUT.equals(token)) { responseUnAuth(response); return false; } String userJsonStr = redisUtils.getString(token); if (StringUtils.isBlank(userJsonStr)) { responseUnAuth(response); return false; } MallMember member = JSON.parseObject(userJsonStr, MallMember.class); request.getSession().setAttribute("member", member); return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } private void responseUnAuth(HttpServletResponse response) throws IOException { response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); response.getWriter().write(new ObjectMapper().writeValueAsString(new FebsResponse().code(HttpStatus.UNAUTHORIZED))); } private String resolveToken(String token) { try { RSA rsa = new RSA(AppContants.PRIVATE_KEY, null); String[] tokens = StrUtil.split(rsa.decryptStr(token, KeyType.PrivateKey), "_"); if (verifyTokenExpired(Long.parseLong(tokens[1]))) { return tokens[0]; } else { return AppContants.TIME_OUT; } } catch (Exception e) { log.error("#解析token异常#", e); return null; } } private Boolean verifyTokenExpired(Long time) { boolean isDebug = false; if (!isDebug) { long currentTime = System.currentTimeMillis(); return currentTime - time <= 30000; } return true; } }