1

zhang

6 天以前 510a21954afdf40479bdf293568cc7979e6043ad

 src/main/java/com/zy/common/config/AdminInterceptor.java

@@ -1,16 +1,9 @@
package com.zy.common.config;

import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.core.annotations.ManagerAuth;
import com.core.common.BaseRes;
import com.core.common.Cools;
import com.zy.common.utils.Http;
import com.zy.system.entity.Permission;
import com.zy.system.entity.RolePermission;
import com.zy.system.entity.User;
import com.zy.system.entity.UserLogin;
import com.zy.system.service.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Component;
@@ -30,16 +23,7 @@

    @Value("${super.pwd}")
    private String superPwd;
    @Autowired
    private UserService userService;
    @Autowired
    private UserLoginService userLoginService;
    @Autowired
    private OperateLogService operateLogService;
    @Autowired
    private PermissionService permissionService;
    @Autowired
    private RolePermissionService rolePermissionService;


    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
@@ -88,58 +72,10 @@
    }

    private boolean check(HttpServletRequest request, HttpServletResponse response, String memo) {
        try {
            String token = request.getHeader("token");
            UserLogin userLogin = userLoginService.selectOne(new EntityWrapper<UserLogin>().eq("token", token));
            if (null == userLogin){
                Http.response(response, BaseRes.DENIED);
                return false;
            }
            User user = userService.selectById(userLogin.getUserId());
            String deToken = Cools.deTokn(token, user.getPassword());
            long timestamp = Long.parseLong(deToken.substring(0, 13));
            // 1天后过期
            if (System.currentTimeMillis() - timestamp > 86400000){
                Http.response(response, BaseRes.DENIED);
                return false;
            }
            // 权限校验
            if (!limit(request.getRequestURI(), user)) {
                Http.response(response, BaseRes.LIMIT);
                return false;
            }
            // 操作日志
//            OperateLog operateLog = new OperateLog();
//            operateLog.setAction(Cools.isEmpty(memo)?request.getRequestURI():memo);
//            operateLog.setIp(request.getRemoteAddr());
//            operateLog.setUserId(user.getId());
//            operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
            // 请求缓存
            request.setAttribute("userId", user.getId());
//            request.setAttribute("operateLog", operateLog);
            return true;
        } catch (Exception e){
            Http.response(response, BaseRes.DENIED);
            return false;
        }

    }

    /**
     * 权限拦截
     * @return false:无权限;   true:认证通过
     */
    private boolean limit(String action, User user) {
        Permission permission = new Permission();
        permission.setAction(action);
        permission.setStatus((short) 1);
        Permission one = permissionService.selectOne(new EntityWrapper<>(permission));
        if (!Cools.isEmpty(one)) {
            RolePermission rolePermission = rolePermissionService.selectOne(new EntityWrapper<>(new RolePermission(user.getRoleId(), permission.getId())));
            return !Cools.isEmpty(rolePermission);
        }
        return true;
    }


    /**
     * 跨域