zy-wcs.git - Gitblit

			@@ -34,6 +34,7 @@
			@Component
			public class AdminInterceptor extends HandlerInterceptorAdapter {

			private final RateLimiter rateLimiter = RateLimiter.create(10);// 默认每秒最多处理 10 个请求
			@Value("${super.pwd}")
			private String superPwd;
			@Autowired
			@@ -49,8 +50,6 @@
			@Autowired
			private ApiConfigService apiConfigService;

			private final RateLimiter rateLimiter = RateLimiter.create(10);// 默认每秒最多处理 10 个请求

			@Override
			public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			cors(response);
			@@ -59,7 +58,7 @@
			}
			HandlerMethod handlerMethod = (HandlerMethod) handler;
			Method method = handlerMethod.getMethod();
			if (method.isAnnotationPresent(RateLimit.class)){
			if (method.isAnnotationPresent(RateLimit.class)) {
			RateLimit annotation = method.getAnnotation(RateLimit.class);
			rateLimiter.setRate(annotation.value());
			if (!rateLimiter.tryAcquire(annotation.value(), TimeUnit.SECONDS)) {
			@@ -70,12 +69,12 @@

			// super账号
			String token = request.getHeader("token");
			if (token!=null) {
			if (token != null) {
			String deToken = Cools.deTokn(token, superPwd);
			if (deToken!=null){
			if (deToken != null) {
			long timestamp = Long.parseLong(deToken.substring(0, 13));
			// 1天后过期
			if (System.currentTimeMillis() - timestamp > 86400000){
			if (System.currentTimeMillis() - timestamp > 86400000) {
			Http.response(response, BaseRes.DENIED);
			return false;
			}
			@@ -87,9 +86,9 @@
			}
			// 跨域设置
			// response.setHeader("Access-Control-Allow-Origin", "*");
			if (method.isAnnotationPresent(ManagerAuth.class)){
			if (method.isAnnotationPresent(ManagerAuth.class)) {
			ManagerAuth annotation = method.getAnnotation(ManagerAuth.class);
			if (annotation.value().equals(ManagerAuth.Auth.CHECK)){
			if (annotation.value().equals(ManagerAuth.Auth.CHECK)) {
			return check(request, response, annotation.memo());
			}
			}
			@@ -98,7 +97,7 @@
			String servletPath = request.getServletPath();
			ApiConfig apiConfig = apiConfigService.selectByUrl(servletPath);
			if (apiConfig != null) {
			if(apiConfig.getStatus() == 1){
			if (apiConfig.getStatus() == 1) {
			//api被禁用
			Http.response(response, BaseRes.LIMIT);
			return false;
			@@ -122,7 +121,7 @@
			try {
			String token = request.getHeader("token");
			UserLogin userLogin = userLoginService.selectOne(new EntityWrapper<UserLogin>().eq("token", token));
			if (null == userLogin){
			if (null == userLogin) {
			Http.response(response, BaseRes.DENIED);
			return false;
			}
			@@ -130,7 +129,7 @@
			String deToken = Cools.deTokn(token, user.getPassword());
			long timestamp = Long.parseLong(deToken.substring(0, 13));
			// 1天后过期
			if (System.currentTimeMillis() - timestamp > 86400000){
			if (System.currentTimeMillis() - timestamp > 86400000) {
			Http.response(response, BaseRes.DENIED);
			return false;
			}
			@@ -149,7 +148,7 @@
			request.setAttribute("userId", user.getId());
			// request.setAttribute("operateLog", operateLog);
			return true;
			} catch (Exception e){
			} catch (Exception e) {
			Http.response(response, BaseRes.DENIED);
			return false;
			}
			@@ -175,7 +174,7 @@
			/**
			* 跨域
			*/
			private void cors(HttpServletResponse response){
			private void cors(HttpServletResponse response) {
			// 跨域设置
			response.setHeader("Access-Control-Allow-Origin", "*");
			response.setHeader("Access-Control-Allow-Credentials", "true");