package chunxiao.huiben.config.interceptor;
import chunxiao.huiben.app.mapper.UserMapper;
import chunxiao.huiben.app.vo.UserMessageVO;
import chunxiao.huiben.utils.Delay;
import chunxiao.huiben.utils.JWTUtil;
import chunxiao.huiben.utils.StringUtil;
import com.alibaba.fastjson.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.integration.annotation.IntegrationComponentScan;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.HashMap;
import org.springframework.web.method.HandlerMethod;
@Configuration
@IntegrationComponentScan
public class AppSecurityInterceptor extends HandlerInterceptorAdapter {
@Autowired
private UserMapper userMapper;
@Autowired
private RedisTemplate redisTemplate;
@Value("${app.login.log}")
private String appLoginPrefix;
private long lastTime = 0;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws IOException {
String token = request.getHeader("x-access-token");
if (StringUtil.isEmpty(token)) {
JSONObject res = new JSONObject();
res.put("data", new ArrayList<>());
res.put("message", "请登录后访问");
res.put("code", 2);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
out = response.getWriter();
out.append(res.toString());
return false;
}
UserMessageVO userMap = JWTUtil.getUserMap(token);
if (StringUtil.isEmpty(userMap)) {
JSONObject res = new JSONObject();
res.put("data", new ArrayList<>());
res.put("message", "请登录后访问");
res.put("code", 2);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
out = response.getWriter();
out.append(res.toString());
return false;
}
//根据用户名查询用户的状态
Integer userID = userMap.getUserId();
//TODO 先行注释
// Map<Object, Object> o = redisTemplate.opsForHash().entries(appLoginPrefix);
// if (o != null) {
// Object value = o.get(userID);
// if (!value.equals(token)) {
// JSONObject res = new JSONObject();
// res.put(“data”, new ArrayList<>());
// res.put(“message”, “账号已被登录请重新登录”);
// res.put(“code”, 3);
// response.setCharacterEncoding(“UTF-8”);
// response.setContentType(“application/json; charset=utf-8”);
// PrintWriter out = null;
// out = response.getWriter();
// out.append(res.toString());
// return false;
// }
// }
HashMap<String, Object> hashMap1;
try {
hashMap1 = userMapper.selectByPK(userID);
int status = Integer.parseInt(hashMap1.get("status").toString());
if (status == 2) {
JSONObject res = new JSONObject();
res.put("data", new ArrayList<>());
res.put("message", "您的账号已被拉入黑名单,如有疑问请联系客服");
res.put("code", 3);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
out = response.getWriter();
out.append(res.toString());
return false;
}
if (status == 3) {
JSONObject res = new JSONObject();
res.put("data", new ArrayList<>());
res.put("message", "账户异常请联系管理员");
res.put("code", 3);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
out = response.getWriter();
out.append(res.toString());
return false;
}
} catch (Exception e) {
JSONObject res = new JSONObject();
res.put("data", new ArrayList<>());
res.put("message", "系统正在维护请稍后重试");
res.put("code", 3);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
out = response.getWriter();
out.append(res.toString());
System.err.println(e.getMessage());
return false;
}
if (userMap.getRole() != 1) {
JSONObject res = new JSONObject();
res.put("data", new ArrayList<>());
res.put("message", "404");
res.put("code", 2);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
out = response.getWriter();
out.append(res.toString());
return false;
}
//开始进入请求地址拦截
HandlerMethod hm = (HandlerMethod) handler;
Delay delay = hm.getMethodAnnotation(Delay.class);
if (delay != null) {
boolean b = startDelay(delay.time());
if(b==false){
JSONObject res = new JSONObject();
res.put("data", new ArrayList<>());
res.put("message", "请勿重复请求");
res.put("code", 0);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
PrintWriter out = null;
out = response.getWriter();
out.append(res.toString());
// System.err.println(e.getMessage());
return false;
}
}
return true;
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
//处理请求完成后视图渲染之前的处理操作
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
//视图渲染之后的操作
}
private boolean startDelay(int time) {
long currentTime = System.currentTimeMillis();
if (currentTime - lastTime > time) {
lastTime = currentTime;
return true;
}
return false;
}
}
package chunxiao.huiben.utils;
import org.springframework.stereotype.Component;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
/**
- @author changwensong
- @data 2019/12/15 0015 -上午 12:41
*/
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
@Component
public @interface Delay {
int time() default 1000;
}
@Delay(time = 2000)
@ApiOperation(“添加收藏”)
@PostMapping(“/addcollect”)
public ResultData addcollect(@RequestHeader(“x-access-token”) String accessToken,
@RequestBody Usercollect usercollect) throws Exception {
return appBorrowService.addcollect(accessToken, usercollect);
}