7 vuotta sitten · 43d40d88cd
--- a/src/main/java/com/uas/platform/b2c/core/filter/SystemSessionInterceptor.java
+++ b/src/main/java/com/uas/platform/b2c/core/filter/SystemSessionInterceptor.java
@@ -0,0 +1,28 @@
 
				+package com.uas.platform.b2c.core.filter;
			
 
				+
			
 
				+import com.uas.platform.b2c.common.account.model.User;
			
 
				+import com.uas.platform.b2c.core.support.SystemSession;
			
 
				+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
			
 
				+
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import javax.servlet.http.HttpServletResponse;
			
 
				+import javax.servlet.http.HttpSession;
			
 
				+
			
 
				+/**
			
 
				+ * 用户信息拦截器，对所有的请求，自动将Session 中的用户信息设置进
			
 
				+ */
			
 
				+public class SystemSessionInterceptor extends HandlerInterceptorAdapter {
			
 
				+
			
 
				+    @Override
			
 
				+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			
 
				+        if (SystemSession.getUser() == null) {
			
 
				+            HttpSession session = request.getSession(false);
			
 
				+            if (session != null && session.getAttribute("user") != null) {
			
 
				+                SystemSession.setUser((User) session.getAttribute("user"));
			
 
				+            }
			
 
				+            SystemSession.setSession(session);
			
 
				+        }
			
 
				+        return true;
			
 
				+    }
			
 
				+
			
 
				+}
			
--- a/src/main/java/com/uas/platform/b2c/core/support/SystemSession.java
+++ b/src/main/java/com/uas/platform/b2c/core/support/SystemSession.java
@@ -2,6 +2,8 @@ package com.uas.platform.b2c.core.support;
 
				 
			
 
				 import com.uas.platform.b2c.common.account.model.User;
			
 
				 
			
 
				+import javax.servlet.http.HttpSession;
			
 
				+
			
 
				 /**
			
 
				  * 每次请求服务器时，用户信息存放在本次线程中
			
 
				  * 
			
@@ -11,22 +13,45 @@ import com.uas.platform.b2c.common.account.model.User;
 
				  */
			
 
				 public class SystemSession {
			
 
				 
			
 
				-	private static ThreadLocal<User> local = new ThreadLocal<User>();
			
 
				+	private static ThreadLocal<User> localUser = new ThreadLocal<User>();
			
 
				+
			
 
				+	private static ThreadLocal<HttpSession> loaclSession = new ThreadLocal<HttpSession>();
			
 
				+
			
 
				+	/**
			
 
				+	 * 在Session信息拦截器中会进行调用，将登录的用户信息设置到这里
			
 
				+	 * @param session
			
 
				+	 */
			
 
				+	public static void setSession(HttpSession session) {
			
 
				+		loaclSession.set(session);
			
 
				+	}
			
 
				+
			
 
				+	public static HttpSession getSession() {
			
 
				+		return loaclSession.get();
			
 
				+	}
			
 
				+
			
 
				+	public static void clearSesssion() {
			
 
				+		loaclSession.set(null);
			
 
				+	}
			
 
				 
			
 
				 	/**
			
 
				 	 * 在身份信息验证拦截器中会进行调用，将登录的用户信息设置到这里
			
 
				 	 * @param session
			
 
				 	 */
			
 
				 	public static void setUser(User session) {
			
 
				-		local.set(session);
			
 
				+		localUser.set(session);
			
 
				 	}
			
 
				 
			
 
				 	public static User getUser() {
			
 
				-		return local.get();
			
 
				+		return localUser.get();
			
 
				+	}
			
 
				+
			
 
				+	public static void clearUser() {
			
 
				+		localUser.set(null);
			
 
				 	}
			
 
				 
			
 
				 	public static void clear() {
			
 
				-		local.set(null);
			
 
				+		localUser.set(null);
			
 
				+		loaclSession.set(null);
			
 
				 	}
			
 
				 
			
 
				 }
			
--- a/src/main/java/com/uas/platform/b2c/prod/product/component/dao/ComponentDao.java
+++ b/src/main/java/com/uas/platform/b2c/prod/product/component/dao/ComponentDao.java
@@ -23,6 +23,15 @@ public interface ComponentDao extends JpaSpecificationExecutor<Component>, JpaRe
 
				 	@QueryHints({ @QueryHint(name = "org.hibernate.cacheable", value = "true") })
			
 
				 	public Component findByUuid(String uuid);
			
 
				 
			
 
				+	/**
			
 
				+	 * 根据uuid查找器件
			
 
				+	 *
			
 
				+	 * @param uuid
			
 
				+	 * @return 器件信息
			
 
				+	 */
			
 
				+	@QueryHints({ @QueryHint(name = "org.hibernate.cacheable", value = "true") })
			
 
				+	public String findAttachByUuid(String uuid);
			
 
				+
			
 
				 	/**
			
 
				 	 * 根据uuid查找id
			
 
				 	 * 
			
--- a/src/main/java/com/uas/platform/b2c/prod/store/api/CommodityController.java
+++ b/src/main/java/com/uas/platform/b2c/prod/store/api/CommodityController.java
@@ -85,9 +85,6 @@ public class CommodityController {
 
				 	 */
			
 
				 	@RequestMapping(value = "/component/{componentUuid}", method = RequestMethod.GET)
			
 
				 	public Component findComponentByUuid(@PathVariable String componentUuid, HttpServletRequest request) {
			
 
				-		HttpSession session = request.getSession(false);
			
 
				-		if (session != null && session.getAttribute("user") != null)
			
 
				-			SystemSession.setUser((User) session.getAttribute("user"));
			
 
				 		logger.info(String.format("Find information of component by component uuid %s", componentUuid));
			
 
				 		return componentService.findByUuid(componentUuid);
			
 
				 	}
			
--- a/src/main/webapp/WEB-INF/spring/webmvc.xml
+++ b/src/main/webapp/WEB-INF/spring/webmvc.xml
@@ -115,6 +115,11 @@
 
				 			<mvc:exclude-mapping path="/seek/getSeekRanking"/>
			
 
				 			<bean class="com.uas.platform.b2c.core.filter.SSOInterceptor"></bean>
			
 
				 		</mvc:interceptor>
			
 
				+		<!-- 对所有的请求拦截，将Session中的User信息设置进SystemSession -->
			
 
				+		<mvc:interceptor>
			
 
				+			<mvc:mapping path="/**"></mvc:mapping>
			
 
				+			<bean class="com.uas.platform.b2c.core.filter.SystemSessionInterceptor"></bean>
			
 
				+		</mvc:interceptor>
			
 
				 		<!-- 针对具体UAS用户，采用独立私钥签名、认证 -->
			
 
				 		<mvc:interceptor>
			
 
				 			<mvc:mapping path="/api/authed/**"></mvc:mapping>