方法一:AOP动态代理方式
@Aspect
@Component
public class MyAspect {
@Pointcut("execution(public * com.ctfo.tocc.modular.*.controller.*.*(..))")
public void controllerMethodAspect() {}
@Around("controllerMethodAspect()")
public Object checkUserBefore(ProceedingJoinPoint joinPoint) throws Throwable{
HttpServletRequest request = HttpContext.getRequest();
if (request != null && !request.getRequestURI().contains("/cqjk_business") ) {
String authToken = request.getHeader("Authorization");
if (ToolUtil.isEmpty(authToken) || ToolUtil.isNotEmpty(authToken) && (null == LoginContext.me().getLoginUser())) {
//无token 或者 有token 过期了
// throw new ServiceException(401, "token无效,请登录");
// return ResponseData.error(401, "token无效,请登录");
}
}
return joinPoint.proceed();
}
}
方法二:过滤器拦截
@Slf4j
@WebFilter(filterName = "authFilter", urlPatterns = "/*")
@Order(1)
public class AuthenticationFilter implements Filter {
@Autowired
private UserInfoService UserInfoService;
@Autowired
private LocalCache localCache;
@Value("${auth.server.url}")
private String gatewayUrl;
@Value("${auth.jwt.secret}")
private String authJwtSecret;
@Value("${auth.jwt.expire}")
private Long authJwtExpire;
@Override
public void init(FilterConfig filterConfig) throws ServletException {
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
String spath = req.getRequestURI();
String[] urls = {".js", ".css", ".ico", ".jpg", ".png", ".gif", ".svg", "wolf2", "woff2",
"swagger", "webjars", "v2"};
boolean flag = true;
for (String str : urls) {
if (spath.indexOf(str) != -1) {
flag = false;
break;
}
}
if(spath.contains("/userInfo/login")) { //登陆不拦截
flag = false;
}
if (spath.contains("/statis/")) {
flag = false;
}
// flag = false;
if (flag) {
String token = req.getHeader("Authorization");
if (StringUtils.isBlank(token)) {
responseResult(res,"token is null");
return;
}
if (spath.contains("/statis/")) { //统计端,走统一权限平台
// //token合法性校验
// String jwt = token.substring(0, token.lastIndexOf("."));
// JwtTokenUtil jwtTokenUtil = new JwtTokenUtil(authJwtSecret, authJwtExpire);
// if (!jwtTokenUtil.checkToken(jwt)) {
// responseResult(res,"Invalid token");
// return;
// }
//
// LoginUser loginUser = DataKit.getLoginUser(gatewayUrl, token);
// if (null == loginUser) {
// responseResult(res,"ERROR Permission denied");
// return;
// }
} else { //企业录入页面,走自己登陆平台
String tempToken = (String) localCache.get(token);
//String tempToken = cacheToken.get(token);
if (StringUtils.isBlank(tempToken)) {
tempToken = token;
}
String username =TokenUtils.getUsername(tempToken);
Map<String,Object> result = UserInfoService.getUserCompanyNameAndBelongCountry(username);
if (result==null) {
responseResult(res,"user not exist");
return;
}
UserInfoResult user = new UserInfoResult();
user.setUserName((String) result.get("user_name"));
user.setPassword((String) result.get("password"));
if (!TokenUtils.validateToken(tempToken, user)) {
responseResult(res,"invalid token");
return;
}
//缓存刷新后的token
String newToken = TokenUtils.refreshToken(tempToken);
localCache.set(token, newToken, TokenUtils.TIMEOUT);
req.setAttribute("companyName", (String) result.get("company_name"));
req.setAttribute("belongCountry", (String) result.get("belong_county"));
req.setAttribute("acountType", String.valueOf(result.get("acount_type")));
}
chain.doFilter(req, res);
} else {
chain.doFilter(req, res);
}
}
private void responseResult(HttpServletResponse response, String result) {
response.setCharacterEncoding("UTF-8");
response.setHeader("Content-Type", "application/json");
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "GET, POST");
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Max-Age", "3600");
response.setStatus(HttpServletResponse.SC_OK);
response.setContentType("application/json;charset=UTF-8");
PrintWriter writer = null;
try {
writer = response.getWriter();
writer.write(JSON.toJSONString(result));
writer.flush();
} catch (IOException ex) {
log.error(ex.getMessage());
} finally {
if (writer != null) {
writer.close();
}
}
}
@Override
public void destroy() {
}
}
方法三:拦截器拦截
public class LoginCheckInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 登录校验
if (request.getRequestURI().contains("/jtPatrol")) {
try {
// LoginContext.me().getLoginUser().getUserId();
} catch (Exception e) {
response.setCharacterEncoding("utf-8");
response.setContentType("application/json");
CoreExceptionEnum error = CoreExceptionEnum.NO_CURRENT_USER;
PrintWriter writer = response.getWriter();
writer.write(JSON.toJSONString(new ErrorResponseData(error.getCode(), error.getMessage())));
writer.flush();
writer.close();
return false;
}
}
return true;
}
}