zy-wcs.git - Gitblit

			@@ -1,14 +1,9 @@
			package com.zy.common.config;

			import com.alibaba.fastjson.JSON;
			import com.baomidou.mybatisplus.mapper.EntityWrapper;
			import com.core.annotations.ManagerAuth;
			import com.core.common.BaseRes;
			import com.core.common.Cools;
			import com.zy.common.utils.Http;
			import com.zy.system.entity.*;
			import com.zy.system.service.*;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.beans.factory.annotation.Value;
			import org.springframework.lang.Nullable;
			import org.springframework.stereotype.Component;
			@@ -28,16 +23,7 @@

			@Value("${super.pwd}")
			private String superPwd;
			@Autowired
			private UserService userService;
			@Autowired
			private UserLoginService userLoginService;
			@Autowired
			private OperateLogService operateLogService;
			@Autowired
			private PermissionService permissionService;
			@Autowired
			private RolePermissionService rolePermissionService;


			@Override
			public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			@@ -77,67 +63,19 @@

			@Override
			public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) {
			Object obj = request.getAttribute("operateLog");
			if (obj instanceof OperateLog) {
			OperateLog operate = (OperateLog) obj;
			operate.setResponse(String.valueOf(response.getStatus()));
			operateLogService.insert(operate);
			}
			// Object obj = request.getAttribute("operateLog");
			// if (obj instanceof OperateLog) {
			// OperateLog operate = (OperateLog) obj;
			// operate.setResponse(String.valueOf(response.getStatus()));
			// operateLogService.insert(operate);
			// }
			}

			private boolean check(HttpServletRequest request, HttpServletResponse response, String memo) {
			try {
			String token = request.getHeader("token");
			UserLogin userLogin = userLoginService.selectOne(new EntityWrapper<UserLogin>().eq("token", token));
			if (null == userLogin){
			Http.response(response, BaseRes.DENIED);
			return false;
			}
			User user = userService.selectById(userLogin.getUserId());
			String deToken = Cools.deTokn(token, user.getPassword());
			long timestamp = Long.parseLong(deToken.substring(0, 13));
			// 1天后过期
			if (System.currentTimeMillis() - timestamp > 86400000){
			Http.response(response, BaseRes.DENIED);
			return false;
			}
			// 权限校验
			if (!limit(request.getRequestURI(), user)) {
			Http.response(response, BaseRes.LIMIT);
			return false;
			}
			// 操作日志
			OperateLog operateLog = new OperateLog();
			operateLog.setAction(Cools.isEmpty(memo)?request.getRequestURI():memo);
			operateLog.setIp(request.getRemoteAddr());
			operateLog.setUserId(user.getId());
			operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
			// 请求缓存
			request.setAttribute("userId", user.getId());
			request.setAttribute("operateLog", operateLog);
			return true;
			} catch (Exception e){
			Http.response(response, BaseRes.DENIED);
			return false;
			}

			}

			/**
			* 权限拦截
			* @return false:无权限; true:认证通过
			*/
			private boolean limit(String action, User user) {
			Permission permission = new Permission();
			permission.setAction(action);
			permission.setStatus((short) 1);
			Permission one = permissionService.selectOne(new EntityWrapper<>(permission));
			if (!Cools.isEmpty(one)) {
			RolePermission rolePermission = rolePermissionService.selectOne(new EntityWrapper<>(new RolePermission(user.getRoleId(), permission.getId())));
			return !Cools.isEmpty(rolePermission);
			}
			return true;
			}


			/**
			* 跨域