用户权限验证
使用AOP进行权限验证
import com.lhn.constant.CookieConstant;
import com.lhn.exception.SellerAuthorizeException;
import com.lhn.util.CookieUtil;
import com.lhn.util.MapCache;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
/**
* @author LiHaiNan
* @version V1.0
* @Description: SellerAuthorizeAspect验证,在访问所有url之前需要加一个验证和判断用户的合法性。
* @date 下午 12:03 2017/9/23 0023
*/
@Aspect
@Component
@Slf4j
public class SellerAuthorizeAspect {
@Autowired
private StringRedisTemplate redisTemplate;
@Pointcut("execution(public * com.lhn.controller.Seller*.*(..))" +
"&& !execution(public * com.lhn.controller.SellerUserController.*(..))")
public void verify() {}
@Before("verify()")
public void doVerify() {
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request = attributes.getRequest();
//查询cookie
Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN);
if (cookie == null) {
log.warn("【登录校验】Cookie中查不到token");
throw new SellerAuthorizeException();
}
//去redis里查询
// String tokenValue = redisTemplate.opsForValue().get(String.format(RedisConstant.TOKEN_PREFIX, cookie.getValue()));
Integer tokenValue=MapCache.MAP_CACHE_TOKEN.get(cookie.getValue());
if (null==tokenValue) {
log.warn("【登录校验】查不到token");
throw new SellerAuthorizeException();
}
}
}
cookie类
import com.lhn.constant.CookieConstant;
import com.lhn.exception.SellerAuthorizeException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;
/**
* @author LiHaiNan
* @version V1.0
* @Description: cookie工具类
* @date 下午 7:05 2017/9/22 0022
*/
public class CookieUtil {
/**
* 设置
* @param response
* @param name
* @param value
* @param maxAge
*/
public static void set(HttpServletResponse response,
String name,
String value,
int maxAge) {
Cookie cookie = new Cookie(name, value);
cookie.setPath("/");
cookie.setMaxAge(maxAge);
cookie.setHttpOnly(true);
response.addCookie(cookie);
}
/**
* 获取cookie
* @param request
* @param name
* @return
*/
public static Cookie get(HttpServletRequest request,
String name) {
Map<String, Cookie> cookieMap = readCookieMap(request);
if (cookieMap.containsKey(name)) {
return cookieMap.get(name);
}else {
return null;
}
}
/**
* 将cookie封装成Map
* @param request
* @return
*/
private static Map<String, Cookie> readCookieMap(HttpServletRequest request) {
Map<String, Cookie> cookieMap = new HashMap<>();
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie: cookies) {
cookieMap.put(cookie.getName(), cookie);
}
}
return cookieMap;
}
/**
* 在token中获取门店id
* @param request
* @return
*/
public static Integer getBranchId(HttpServletRequest request) {
Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN);
Integer tokenValue= MapCache.MAP_CACHE_TOKEN.get(cookie.getValue());
if (null==tokenValue) {
throw new SellerAuthorizeException();
}else {
return tokenValue;
}
}
}
SellerAuthorizeException异常
/**
* @author LiHaiNan
* @version V1.0
* @Description: SellerAuthorizeException
* @date 下午 7:09 2017/9/22 0022
*/
public class SellerAuthorizeException extends RuntimeException {
}
异常处理handle
import com.lhn.config.ProjectUrlConfig;
import com.lhn.exception.SellerAuthorizeException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.servlet.ModelAndView;
import java.util.HashMap;
import java.util.Map;
/**
* @author LiHaiNan
* @version V1.0
* @Description: SellExceptionHandler
* @date 下午 7:08 2017/9/22 0022
*/
@ControllerAdvice
public class SellExceptionHandler {
@Autowired
private ProjectUrlConfig projectUrlConfig;
//拦截登录异常,拦截异常之后进行一个跳转
//http://sell.natapp4.cc/sell/wechat/qrAuthorize?returnUrl=http://sell.natapp4.cc/sell/seller/login
@ExceptionHandler(value = SellerAuthorizeException.class)
public ModelAndView handlerAuthorizeException() {
//界面跳转,直接跳转到登录界面
// return new ModelAndView("redirect:"
// .concat(projectUrlConfig.getWechatOpenAuthorize())
// .concat("/sell/wechat/qrAuthorize")
// .concat("?returnUrl=")
// .concat(projectUrlConfig.getSell())
// .concat("/sell/seller/login"));
Map<String, Object> map=new HashMap<>();
map.put("msg", "登录超时请重新登录");
map.put("url", "/sell/login.html");
return new ModelAndView("common/error", map);
// return new ModelAndView("redirect:/login.html");
}
}