package com.moral.common.interceptor;
|
|
import com.auth0.jwt.JWT;
|
import com.auth0.jwt.JWTVerifier;
|
import com.auth0.jwt.algorithms.Algorithm;
|
import com.auth0.jwt.exceptions.JWTDecodeException;
|
import com.auth0.jwt.exceptions.JWTVerificationException;
|
import com.auth0.jwt.interfaces.Claim;
|
import com.moral.common.exception.WebAuthException;
|
import com.moral.common.util.RedisHashUtil;
|
import com.moral.common.util.WebTokenUtils;
|
import com.moral.common.webAnno.PassToken;
|
import com.moral.common.webAnno.UserLoginToken;
|
import com.moral.entity.Account;
|
import com.moral.service.AccountService;
|
import com.moral.service.impl.WebTokenServiceImpl;
|
import org.springframework.util.ObjectUtils;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.HandlerInterceptor;
|
import org.springframework.web.servlet.ModelAndView;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import java.lang.reflect.Method;
|
import java.util.Enumeration;
|
import java.util.Map;
|
|
/**
|
* @Description:
|
* @Param: Web大屏端拦截器配置
|
* @return:
|
* @Author: 陈凯裕
|
* @Date: 2020/9/14
|
*/
|
public class WebInterceptor implements HandlerInterceptor {
|
@Resource
|
AccountService accountService;
|
|
@Resource
|
RedisHashUtil redisHashUtil;
|
|
@Override
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
|
response.setHeader("Access-Control-Allow-Origin", "*");
|
response.setHeader("Access-Control-Allow-Headers", "Content-Type,Content-Length, Authorization, Accept,X-Requested-With");
|
response.setHeader("Access-Control-Allow-Methods","PUT,POST,GET,DELETE,OPTIONS");
|
String token = request.getHeader("token");
|
//如果不是映射到方法则直接通过
|
if(!(o instanceof HandlerMethod)){
|
return true;
|
}
|
HandlerMethod handlerMethod = (HandlerMethod)o;
|
Method method = handlerMethod.getMethod();
|
|
//如果有passtoken注解则放行
|
if(method.isAnnotationPresent(PassToken.class)){
|
PassToken passToken= method.getAnnotation(PassToken.class);
|
//验证注解是否过期
|
if(passToken.required())
|
return true;
|
}
|
|
//判断请求的方法是否需要登录
|
if(method.isAnnotationPresent(UserLoginToken.class)){
|
//判断注解是否失效
|
UserLoginToken loginToken = method.getAnnotation(UserLoginToken.class);
|
if(loginToken.required()){
|
if(ObjectUtils.isEmpty(token)){
|
throw new WebAuthException("无token,请重新登陆");
|
}
|
//获取ID
|
String id = "";
|
try {
|
id = WebTokenUtils.getIdBytoken(token);
|
}catch (JWTDecodeException e){
|
throw new WebAuthException("401,token无效");
|
}
|
Account account = accountService.getAccountById(Integer.parseInt(id));
|
if(ObjectUtils.isEmpty(account)){
|
throw new WebAuthException("用户不存在,请重新登陆");
|
}
|
|
//验证token
|
Algorithm algorithm = Algorithm.HMAC256(WebTokenServiceImpl.SECRET);
|
JWTVerifier jwtVerifier = JWT.require(algorithm)
|
.withIssuer("qxpc")
|
.build();
|
try{
|
jwtVerifier.verify(token);
|
}catch (JWTVerificationException e){
|
throw new WebAuthException("401,token过期或者无效");
|
}
|
|
//判断token是否在退出黑名单
|
String redisToken = (String)redisHashUtil.getMapVal("webToken",id);
|
if(token.equals(redisToken))
|
throw new WebAuthException("401,token过期");
|
|
return true;
|
}
|
}
|
return true;
|
|
}
|
|
@Override
|
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
|
|
}
|
|
@Override
|
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
|
|
}
|
}
|
