地质所 沉降监测网建设项目
blame | 历史 | 原始文档
chenhuan
2024-05-16 f992b4e508b358eba4170b1e9b1bb21319f7a3cd 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96

package com.javaweb.framework.shiro.web.filter.online;


 


import java.io.IOException;


import javax.servlet.ServletRequest;


import javax.servlet.ServletResponse;


import org.apache.shiro.session.Session;


import org.apache.shiro.subject.Subject;


import org.apache.shiro.web.filter.AccessControlFilter;


import org.apache.shiro.web.util.WebUtils;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.beans.factory.annotation.Value;


import com.javaweb.common.constant.ShiroConstants;


import com.javaweb.common.enums.OnlineStatus;


import com.javaweb.framework.shiro.session.OnlineSession;


import com.javaweb.framework.shiro.session.OnlineSessionDAO;


import com.javaweb.framework.util.ShiroUtils;


import com.javaweb.system.domain.SysUser;


 


/**


 * 自定义访问控制


 * 


 * @author ruoyi


 */


public class OnlineSessionFilter extends AccessControlFilter


{


    /**


     * 强制退出后重定向的地址


     */


    @Value("${shiro.user.loginUrl}")


    private String loginUrl;


 


    @Autowired


    private OnlineSessionDAO onlineSessionDAO;


 


    /**


     * 表示是否允许访问;mappedValue就是[urls]配置中拦截器参数部分,如果允许访问返回true,否则false;


     */


    @Override


    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue)


            throws Exception


    {


        Subject subject = getSubject(request, response);


        if (subject == null || subject.getSession() == null)


        {


            return true;


        }


        Session session = onlineSessionDAO.readSession(subject.getSession().getId());


        if (session != null && session instanceof OnlineSession)


        {


            OnlineSession onlineSession = (OnlineSession) session;


            request.setAttribute(ShiroConstants.ONLINE_SESSION, onlineSession);


            // 把user对象设置进去


            boolean isGuest = onlineSession.getUserId() == null || onlineSession.getUserId() == 0L;


            if (isGuest == true)


            {


                SysUser user = ShiroUtils.getSysUser();


                if (user != null)


                {


                    onlineSession.setUserId(user.getUserId());


                    onlineSession.setLoginName(user.getLoginName());


                    onlineSession.setAvatar(user.getAvatar());


                    onlineSession.setDeptName(user.getDept().getDeptName());


                    onlineSession.markAttributeChanged();


                }


            }


 


            if (onlineSession.getStatus() == OnlineStatus.off_line)


            {


                return false;


            }


        }


        return true;


    }


 


    /**


     * 表示当访问拒绝时是否已经处理了;如果返回true表示需要继续处理;如果返回false表示该拦截器实例已经处理了,将直接返回即可。


     */


    @Override


    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception


    {


        Subject subject = getSubject(request, response);


        if (subject != null)


        {


            subject.logout();


        }


        saveRequestAndRedirectToLogin(request, response);


        return false;


    }


 


    // 跳转到登录页


    @Override


    protected void redirectToLogin(ServletRequest request, ServletResponse response) throws IOException


    {


        WebUtils.issueRedirect(request, response, loginUrl);


    }


}