地质所 沉降监测网建设项目
blame | 历史 | 原始文档
chenhuan
2024-05-16 0fdd42e318f51f9e3c6581473416af1cca69877f 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

package com.javaweb.app.common.interceptor;


 


import java.lang.reflect.Method;


 


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


 


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.web.method.HandlerMethod;


import org.springframework.web.servlet.HandlerInterceptor;


import org.springframework.web.servlet.ModelAndView;


 


import com.javaweb.app.common.annotation.PassToken;


import com.javaweb.app.common.exception.UnauthorizedException;


import com.javaweb.app.common.util.JwtUtil;


import com.javaweb.app.controller.sys.entity.AppUser;


import com.javaweb.app.controller.sys.service.impl.UserService;


 


public class AuthenticationInterceptor implements HandlerInterceptor


{


    public static final String USER_KEY = "userId";


 


    @Autowired


    UserService                userService;


 


    @Override


    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,


            Object object) throws Exception


    {


        String token = request.getHeader("token");// 从 http 请求头中取出


                                                             // token


        // 如果不是映射到方法直接通过


        if (!(object instanceof HandlerMethod))


        {


            return true;


        }


        HandlerMethod handlerMethod = (HandlerMethod) object;


        Method method = handlerMethod.getMethod();


        // 检查是否有passtoken注释,有则跳过认证


        if (method.isAnnotationPresent(PassToken.class))


        {


            PassToken passToken = method.getAnnotation(PassToken.class);


            if (passToken.required())


            {


                return true;


            }


        }


        // 执行认证


        if (token == null)


        {


            throw new RuntimeException("无token,请重新登录");


        }


        String username = JwtUtil.getUsername(token);


        if (username == null)


        {


            throw new RuntimeException("token invalid");


        }


        AppUser appUser = userService.findByUsername(username);


        if (appUser == null)


        {


            throw new RuntimeException("用户不存在,请重新登录");


        }


        // 验证 token


        if (!JwtUtil.verify(token, appUser.getUsername(), appUser.getPassword()))


        {


            throw new UnauthorizedException();


        }


        // 设置userId到request里,后续根据userId,获取用户信息


        request.setAttribute(USER_KEY, appUser.getId());


        return true;


    }


 


    @Override


    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o,


            ModelAndView modelAndView) throws Exception


    {


    }


 


    @Override


    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse,


            Object o, Exception e) throws Exception


    {


    }


}