13

zhang

2 天以前 1d9c00b1fb1a8e6473fc8625470c7616866bb803

 src/main/java/com/zy/common/config/AdminInterceptor.java

@@ -1,14 +1,15 @@
package com.zy.common.config;

import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.core.annotations.AppAuth;
import com.core.annotations.ManagerAuth;
import com.core.common.BaseRes;
import com.core.common.Cools;
import com.zy.common.properties.SystemProperties;
import com.zy.common.utils.Http;
import com.zy.system.entity.*;
import com.zy.system.service.*;
import com.zy.system.timer.LicenseTimer;
import com.zy.system.timer.LoadingConfigTimer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.lang.Nullable;
@@ -40,6 +41,10 @@
    private PermissionService permissionService;
    @Autowired
    private RolePermissionService rolePermissionService;
    @Autowired
    private LicenseTimer licenseTimer;
    @Autowired
    private LoadingConfigTimer loadingConfigTimer;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
@@ -49,12 +54,12 @@
        }
        // super账号
        String token = request.getHeader("token");
        if (token!=null) {
        if (token != null) {
            String deToken = Cools.deTokn(token, superPwd);
            if (deToken!=null){
            if (deToken != null) {
                long timestamp = Long.parseLong(deToken.substring(0, 13));
                // 1天后过期
                if (System.currentTimeMillis() - timestamp > 86400000){
                // 半小时后过期
                if (System.currentTimeMillis() - timestamp > loadingConfigTimer.getTokenExpire()) {
                    Http.response(response, BaseRes.DENIED);
                    return false;
                }
@@ -73,9 +78,15 @@
        // response.setHeader("Access-Control-Allow-Origin", "*");
        HandlerMethod handlerMethod = (HandlerMethod) handler;
        Method method = handlerMethod.getMethod();
        if (method.isAnnotationPresent(ManagerAuth.class)){
        if (method.isAnnotationPresent(AppAuth.class)) {
            AppAuth annotation = method.getAnnotation(AppAuth.class);
            if (annotation.value().equals(AppAuth.Auth.CHECK)) {
                request.setAttribute("appAuth", annotation.memo());
            }
        }
        if (method.isAnnotationPresent(ManagerAuth.class)) {
            ManagerAuth annotation = method.getAnnotation(ManagerAuth.class);
            if (annotation.value().equals(ManagerAuth.Auth.CHECK)){
            if (annotation.value().equals(ManagerAuth.Auth.CHECK)) {
                return check(request, response, annotation.memo());
            }
        }
@@ -92,11 +103,20 @@
        }
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable Exception ex) throws Exception {
//        Object r = request.getAttribute("cool-response");
    }

    private boolean check(HttpServletRequest request, HttpServletResponse response, String memo) {
        try {
            String token = request.getHeader("token");
            String token = new String();
            token = request.getHeader("token");
            if (Cools.isEmpty(token)) {
                return true;
            }
            UserLogin userLogin = userLoginService.selectOne(new EntityWrapper<UserLogin>().eq("token", token));
            if (null == userLogin){
            if (null == userLogin) {
                Http.response(response, BaseRes.DENIED);
                return false;
            }
@@ -104,7 +124,7 @@
//            String deToken = Cools.deTokn(token, user.getPassword());
//            long timestamp = Long.parseLong(deToken.substring(0, 13));
            // 15分钟后过期
            if (System.currentTimeMillis() - userLogin.getCreateTime().getTime() > 900000){
            if (System.currentTimeMillis() - userLogin.getCreateTime().getTime() > 1800000) {
                Http.response(response, BaseRes.DENIED);
                return false;
            }
@@ -121,20 +141,20 @@
            // 操作日志
            if (!Cools.isEmpty(memo)) {
                // 进行激活判断
                if (!SystemProperties.SYSTEM_ACTIVATION) {
                if (!licenseTimer.getSystemSupport()) {
                    Http.response(response, BaseRes.NO_ACTIVATION);
                    return false;
                }
                // 记录操作日志
                OperateLog operateLog = new OperateLog();
                operateLog.setAction(Cools.isEmpty(memo)?request.getRequestURI():memo);
                operateLog.setIp(request.getRemoteAddr());
                operateLog.setUserId(user.getId());
                operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
                request.setAttribute("operateLog", operateLog);
//                // 记录操作日志
//                OperateLog operateLog = new OperateLog();
//                operateLog.setAction(Cools.isEmpty(memo)?request.getRequestURI():memo);
//                operateLog.setIp(request.getRemoteAddr());
//                operateLog.setUserId(user.getId());
//                operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
//                request.setAttribute("operateLog", operateLog);
            }
            return true;
        } catch (Exception e){
        } catch (Exception e) {
            Http.response(response, BaseRes.DENIED);
            return false;
        }
@@ -143,6 +163,7 @@

    /**
     * 权限拦截
     *
     * @return false:无权限;   true:认证通过
     */
    private boolean limit(String action, User user) {
@@ -160,7 +181,7 @@
    /**
     * 跨域
     */
    public static void cors(HttpServletResponse response){
    public static void cors(HttpServletResponse response) {
        // 跨域设置
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Credentials", "true");