权限验证

最新推荐文章于 2024-05-03 01:21:26 发布

大艺术家南南

最新推荐文章于 2024-05-03 01:21:26 发布

阅读量3.6k

点赞数 1

分类专栏： java工作篇文章标签： aop 权限验证

本文链接：https://blog.csdn.net/razeSpirit/article/details/78840503

版权

java工作篇专栏收录该内容

15 篇文章 0 订阅

订阅专栏

用户权限验证

使用AOP进行权限验证

import com.lhn.constant.CookieConstant;
import com.lhn.exception.SellerAuthorizeException;
import com.lhn.util.CookieUtil;
import com.lhn.util.MapCache;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
/**
 * @author LiHaiNan
 * @version V1.0
 * @Description: SellerAuthorizeAspect验证，在访问所有url之前需要加一个验证和判断用户的合法性。
 * @date 下午 12:03 2017/9/23 0023
 */
@Aspect
@Component
@Slf4j
public class SellerAuthorizeAspect {

    @Autowired
    private StringRedisTemplate redisTemplate;

    @Pointcut("execution(public * com.lhn.controller.Seller*.*(..))" +
            "&& !execution(public * com.lhn.controller.SellerUserController.*(..))")
    public void verify() {}

    @Before("verify()")
    public void doVerify() {
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        HttpServletRequest request = attributes.getRequest();
        //查询cookie
        Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN);
        if (cookie == null) {
            log.warn("【登录校验】Cookie中查不到token");
            throw new SellerAuthorizeException();
        }

        //去redis里查询
//        String tokenValue = redisTemplate.opsForValue().get(String.format(RedisConstant.TOKEN_PREFIX, cookie.getValue()));
        Integer tokenValue=MapCache.MAP_CACHE_TOKEN.get(cookie.getValue());
        if (null==tokenValue) {
            log.warn("【登录校验】查不到token");
            throw new SellerAuthorizeException();
        }
    }
}

cookie类

import com.lhn.constant.CookieConstant;
import com.lhn.exception.SellerAuthorizeException;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.Map;

/**
 * @author LiHaiNan
 * @version V1.0
 * @Description: cookie工具类
 * @date 下午 7:05 2017/9/22 0022
 */
public class CookieUtil {

    /**
     * 设置
     * @param response
     * @param name
     * @param value
     * @param maxAge
     */
    public static void set(HttpServletResponse response,
                           String name,
                           String value,
                           int maxAge) {
        Cookie cookie = new Cookie(name, value);
        cookie.setPath("/");
        cookie.setMaxAge(maxAge);
        cookie.setHttpOnly(true);
        response.addCookie(cookie);
    }

    /**
     * 获取cookie
     * @param request
     * @param name
     * @return
     */
    public static Cookie get(HttpServletRequest request,
                             String name) {
        Map<String, Cookie> cookieMap = readCookieMap(request);
        if (cookieMap.containsKey(name)) {
            return cookieMap.get(name);
        }else {
            return null;
        }
    }

    /**
     * 将cookie封装成Map
     * @param request
     * @return
     */
    private static Map<String, Cookie> readCookieMap(HttpServletRequest request) {
        Map<String, Cookie> cookieMap = new HashMap<>();
        Cookie[] cookies = request.getCookies();
        if (cookies != null) {
            for (Cookie cookie: cookies) {
                cookieMap.put(cookie.getName(), cookie);
            }
        }
        return cookieMap;
    }

    /**
     * 在token中获取门店id
     * @param request
     * @return
     */
    public static Integer getBranchId(HttpServletRequest request) {
        Cookie cookie = CookieUtil.get(request, CookieConstant.TOKEN);
        Integer tokenValue= MapCache.MAP_CACHE_TOKEN.get(cookie.getValue());
        if (null==tokenValue) {
            throw new SellerAuthorizeException();
        }else {
            return tokenValue;
        }
    }
}

SellerAuthorizeException异常

/**
 * @author LiHaiNan
 * @version V1.0
 * @Description: SellerAuthorizeException
 * @date 下午 7:09 2017/9/22 0022
 */
public class SellerAuthorizeException extends RuntimeException {
}

异常处理handle

import com.lhn.config.ProjectUrlConfig;
import com.lhn.exception.SellerAuthorizeException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.servlet.ModelAndView;

import java.util.HashMap;
import java.util.Map;

/**
 * @author LiHaiNan
 * @version V1.0
 * @Description: SellExceptionHandler
 * @date 下午 7:08 2017/9/22 0022
 */
@ControllerAdvice
public class SellExceptionHandler {
    @Autowired
    private ProjectUrlConfig projectUrlConfig;

    //拦截登录异常，拦截异常之后进行一个跳转
    //http://sell.natapp4.cc/sell/wechat/qrAuthorize?returnUrl=http://sell.natapp4.cc/sell/seller/login
    @ExceptionHandler(value = SellerAuthorizeException.class)
    public ModelAndView handlerAuthorizeException() {
        //界面跳转，直接跳转到登录界面
//        return new ModelAndView("redirect:"
//                .concat(projectUrlConfig.getWechatOpenAuthorize())
//                .concat("/sell/wechat/qrAuthorize")
//                .concat("?returnUrl=")
//                .concat(projectUrlConfig.getSell())
//                .concat("/sell/seller/login"));
        Map<String, Object> map=new HashMap<>();
        map.put("msg", "登录超时请重新登录");
        map.put("url", "/sell/login.html");
        return new ModelAndView("common/error", map);
//        return new ModelAndView("redirect:/login.html");
    }
}