From 3372040097ad2c01aeb6fd6485e89f19bf81b316 Mon Sep 17 00:00:00 2001
From: Junjie <fallin.jie@qq.com>
Date: 星期三, 18 三月 2026 17:02:34 +0800
Subject: [PATCH] #
---
src/main/java/com/zy/common/config/AdminInterceptor.java | 117 +++++++++++++++++++++++++++++++++++++++++-----------------
1 files changed, 83 insertions(+), 34 deletions(-)
diff --git a/src/main/java/com/zy/common/config/AdminInterceptor.java b/src/main/java/com/zy/common/config/AdminInterceptor.java
index f758e4d..03c488d 100644
--- a/src/main/java/com/zy/common/config/AdminInterceptor.java
+++ b/src/main/java/com/zy/common/config/AdminInterceptor.java
@@ -1,30 +1,39 @@
package com.zy.common.config;
import com.alibaba.fastjson.JSON;
-import com.baomidou.mybatisplus.mapper.EntityWrapper;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.core.annotations.ManagerAuth;
import com.core.common.BaseRes;
import com.core.common.Cools;
import com.zy.common.utils.Http;
import com.zy.system.entity.*;
import com.zy.system.service.*;
+import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.lang.Nullable;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;
+import java.util.Date;
+import java.util.LinkedHashMap;
+import java.util.Map;
/**
* Created by vincent on 2019-06-13
*/
@Component
-public class AdminInterceptor extends HandlerInterceptorAdapter {
+@Slf4j
+public class AdminInterceptor implements HandlerInterceptor {
+
+ private static final String ATTR_USER_ID = "userId";
+ private static final String ATTR_OPERATE_LOG = "operateLog";
+ private static final Long SUPER_USER_ID = 9527L;
@Value("${super.pwd}")
private String superPwd;
@@ -45,6 +54,8 @@
if (handler instanceof org.springframework.web.servlet.resource.ResourceHttpRequestHandler) {
return true;
}
+ ManagerAuth annotation = resolveManagerAuth(handler);
+ boolean requiresCheck = annotation != null && annotation.value().equals(ManagerAuth.Auth.CHECK);
// super璐﹀彿
String token = request.getHeader("token");
if (token!=null) {
@@ -57,43 +68,54 @@
return false;
}
if ("super".equals(deToken.substring(13))) {
- request.setAttribute("userId", 9527);
+ request.setAttribute(ATTR_USER_ID, SUPER_USER_ID);
+ if (requiresCheck) {
+ cacheOperateLog(request, annotation.memo(), SUPER_USER_ID);
+ }
return true;
}
}
}
// 璺ㄥ煙璁剧疆
// response.setHeader("Access-Control-Allow-Origin", "*");
- HandlerMethod handlerMethod = (HandlerMethod) handler;
- Method method = handlerMethod.getMethod();
- if (method.isAnnotationPresent(ManagerAuth.class)){
- ManagerAuth annotation = method.getAnnotation(ManagerAuth.class);
- if (annotation.value().equals(ManagerAuth.Auth.CHECK)){
- return check(request, response, annotation.memo());
- }
+ if (!(handler instanceof HandlerMethod)) {
+ return true;
+ }
+ if (requiresCheck){
+ return check(request, response, annotation.memo());
}
return true;
}
@Override
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, @Nullable ModelAndView modelAndView) {
-// Object obj = request.getAttribute("operateLog");
-// if (obj instanceof OperateLog) {
-// OperateLog operate = (OperateLog) obj;
-// operate.setResponse(String.valueOf(response.getStatus()));
-// operateLogService.insert(operate);
-// }
+ }
+
+ @Override
+ public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler,
+ @Nullable Exception ex) {
+ Object obj = request.getAttribute(ATTR_OPERATE_LOG);
+ if (!(obj instanceof OperateLog)) {
+ return;
+ }
+ OperateLog operateLog = (OperateLog) obj;
+ operateLog.setResponse(buildResponseContent(response, ex));
+ try {
+ operateLogService.save(operateLog);
+ } catch (Exception saveEx) {
+ log.warn("淇濆瓨鎿嶄綔鏃ュ織澶辫触, uri={}", request.getRequestURI(), saveEx);
+ }
}
private boolean check(HttpServletRequest request, HttpServletResponse response, String memo) {
try {
String token = request.getHeader("token");
- UserLogin userLogin = userLoginService.selectOne(new EntityWrapper<UserLogin>().eq("token", token).eq("system_type", "WCS"));
+ UserLogin userLogin = userLoginService.getOne(new QueryWrapper<UserLogin>().eq("token", token).eq("system_type", "WCS"));
if (null == userLogin){
Http.response(response, BaseRes.DENIED);
return false;
}
- User user = userService.selectById(userLogin.getUserId());
+ User user = userService.getById(userLogin.getUserId());
String deToken = Cools.deTokn(token, user.getPassword());
long timestamp = Long.parseLong(deToken.substring(0, 13));
// 1澶╁悗杩囨湡
@@ -106,17 +128,9 @@
Http.response(response, BaseRes.LIMIT);
return false;
}
- // 鎿嶄綔鏃ュ織
- OperateLog operateLog = new OperateLog();
- operateLog.setAction(Cools.isEmpty(memo)?request.getRequestURI():memo);
- operateLog.setIp(request.getRemoteAddr());
- operateLog.setUserId(user.getId());
- operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
- operateLog.setResponse(JSON.toJSONString(request.getRequestURI()));
- operateLogService.insert(operateLog);
// 璇锋眰缂撳瓨
- request.setAttribute("userId", user.getId());
-// request.setAttribute("operateLog", operateLog);
+ request.setAttribute(ATTR_USER_ID, user.getId());
+ cacheOperateLog(request, memo, user.getId());
return true;
} catch (Exception e){
Http.response(response, BaseRes.DENIED);
@@ -133,9 +147,9 @@
Permission permission = new Permission();
permission.setAction(action);
permission.setStatus((short) 1);
- Permission one = permissionService.selectOne(new EntityWrapper<>(permission));
+ Permission one = permissionService.getOne(new QueryWrapper<>(permission));
if (!Cools.isEmpty(one)) {
- RolePermission rolePermission = rolePermissionService.selectOne(new EntityWrapper<>(new RolePermission(user.getRoleId(), permission.getId())));
+ RolePermission rolePermission = rolePermissionService.getOne(new QueryWrapper<>(new RolePermission(user.getRoleId(), permission.getId())));
return !Cools.isEmpty(rolePermission);
}
return true;
@@ -149,9 +163,44 @@
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "*");
- response.setHeader("Access-Control-Allow-Headers", "Content-Type,Access-Token");
+ response.setHeader("Access-Control-Allow-Headers", "Content-Type,Access-Token,token,X-Lang,Accept-Language");
response.setHeader("Access-Control-Expose-Headers", "*");
}
+ private ManagerAuth resolveManagerAuth(Object handler) {
+ if (!(handler instanceof HandlerMethod)) {
+ return null;
+ }
+ HandlerMethod handlerMethod = (HandlerMethod) handler;
+ Method method = handlerMethod.getMethod();
+ if (!method.isAnnotationPresent(ManagerAuth.class)) {
+ return null;
+ }
+ return method.getAnnotation(ManagerAuth.class);
+ }
+
+ private void cacheOperateLog(HttpServletRequest request, String memo, Long userId) {
+ if (userId == null || request.getAttribute(ATTR_OPERATE_LOG) != null) {
+ return;
+ }
+ OperateLog operateLog = new OperateLog();
+ operateLog.setAction(Cools.isEmpty(memo) ? request.getRequestURI() : memo);
+ operateLog.setIp(request.getRemoteAddr());
+ operateLog.setUserId(userId);
+ operateLog.setRequest(JSON.toJSONString(request.getParameterMap()));
+ operateLog.setCreateTime(new Date());
+ request.setAttribute(ATTR_OPERATE_LOG, operateLog);
+ }
+
+ private String buildResponseContent(HttpServletResponse response, Exception ex) {
+ Map<String, Object> result = new LinkedHashMap<>();
+ result.put("status", response.getStatus());
+ if (ex != null) {
+ result.put("error", ex.getClass().getName());
+ result.put("message", ex.getMessage());
+ }
+ return JSON.toJSONString(result);
+ }
+
}
--
Gitblit v1.9.1