Home Explore Help
Register Sign In
usoft
/
platform-bi-server
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 40358369e4
Branches Tags
platform-bi-...
/
src
/
main
/
java
/
com
/
config
/
RoleInterceptor
/
SecurityInterceptor.java

SecurityInterceptor.java 2.2 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. package com.config.RoleInterceptor;
    2. 

  2. 

  3. import com.fasterxml.jackson.databind.ObjectMapper;
    4. 

  4. import com.util.GetTokenData;
    5. 

  5. import org.springframework.beans.factory.annotation.Autowired;
    6. 

  6. import org.springframework.stereotype.Component;
    7. 

  7. import org.springframework.web.method.HandlerMethod;
    8. 

  8. import org.springframework.web.servlet.HandlerInterceptor;
    9. 

  9. import org.springframework.web.servlet.ModelAndView;
    10. 

  10. 

  11. import javax.management.OperationsException;
    12. 

  12. import javax.servlet.http.HttpServletRequest;
    13. 

  13. import javax.servlet.http.HttpServletResponse;
    14. 

  14. import java.util.Map;
    15. 

  15. 

  16. @Component
    17. 

  17. public class SecurityInterceptor implements HandlerInterceptor {
    18. 

  18.     @Autowired
    19. 

  19.     GetTokenData getTokenData;
    20. 

  20.     @Autowired
    21. 

  21.     ObjectMapper objectMapper;
    22. 

  22.     @Override
    23. 

  23.     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    24. 

  24.         System.out.println("preHandle");
    25. 

  25.         if (!handler.getClass().isAssignableFrom(HandlerMethod.class)) {
    26. 

  26.             System.out.println("cat cast handler to HandlerMethod.class");
    27. 

  27.             return true;
    28. 

  28.         }
    29. 

  29.         // 获取注解
    30. 

  30.         Auth auth = ((HandlerMethod) handler).getMethod().getAnnotation(Auth.class);
    31. 

  31.         if (auth == null) {
    32. 

  32.             System.out.println("cant find @Auth in this uri:" + request.getRequestURI());
    33. 

  33.             return true;
    34. 

  34.         }
    35. 

  35.         // 从参数中取出用户身份并验证
    36. 

  36.         String admin = auth.user();
    37. 

  37.         System.out.println("auth:"+admin);
    38. 

  38.         String token = request.getHeader("token");
    39. 

  39.         Map<String, String> resultMap = getTokenData.getTokenData(token);
    40. 

  40. 

  41.         System.out.println("user:" + resultMap.get("role"));
    42. 

  42.         if (!admin.equals(resultMap.get("role"))) {
    43. 

  43.             System.out.println("permission denied");
    44. 

  44.             throw new OperationsException("权限不足");
    45. 

  45.         }
    46. 

  46.         return true;
    47. 

  47.     }
    48. 

  48. 

  49.     @Override
    50. 

  50.     public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
    51. 

  51.         System.out.println("2");
    52. 

  52.     }
    53. 

  53. 

  54.     @Override
    55. 

  55.     public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
    56. 

  56.         System.out.println("3");
    57. 

  57.     }
    58. 

  58. }
    59.