Inicio Explorar Axuda
Iniciar sesión
hotel
/
hotel-saas-backend
Seguir 3
Destacar 0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: d611b3bad6
Ramas Etiquetas
hotel-saas-b...
/
jeecg-mall-api
/
src
/
main
/
java
/
interceptor
/
ThirdSessionInterceptor.java

ThirdSessionInterceptor.java 4.8 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 
  1. package interceptor;
    2. 

  2. 

  3. import annotation.ApiLogin;
    4. 

  4. import cn.hutool.core.util.StrUtil;
    5. 

  5. import cn.hutool.json.JSONUtil;
    6. 

  6. import com.alibaba.druid.support.json.JSONUtils;
    7. 

  7. import com.util.ThirdSessionHolder;
    8. 

  8. import lombok.AllArgsConstructor;
    9. 

  9. import lombok.extern.slf4j.Slf4j;
    10. 

  10. import org.apache.shiro.authc.AuthenticationException;
    11. 

  11. import org.jeecg.common.constant.CommonConstant;
    12. 

  12. import org.jeecg.common.exception.JeecgBoot401Exception;
    13. 

  13. import org.jeecg.common.exception.JeecgBootException;
    14. 

  14. import org.jeecg.common.system.util.JwtUtil;
    15. 

  15. import org.jeecg.common.util.RedisUtil;
    16. 

  16. import org.jeecg.common.util.TenantContextHolder;
    17. 

  17. import org.jeecg.modules.wxuser.entity.ThirdSession;
    18. 

  18. import org.springframework.data.redis.core.RedisTemplate;
    19. 

  19. import org.springframework.http.MediaType;
    20. 

  20. import org.springframework.stereotype.Component;
    21. 

  21. import org.springframework.web.method.HandlerMethod;
    22. 

  22. import org.springframework.web.servlet.HandlerInterceptor;
    23. 

  23. import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
    24. 

  24. 

  25. import javax.annotation.Resource;
    26. 

  26. import javax.servlet.http.HttpServletRequest;
    27. 

  27. import javax.servlet.http.HttpServletResponse;
    28. 

  28. import java.io.IOException;
    29. 

  29. import java.io.PrintWriter;
    30. 

  30. import java.util.concurrent.TimeUnit;
    31. 

  31. 

  32. /**
    33. 

  33.  * ThirdSession拦截器,校验每个请求的ThirdSession
    34. 

  34.  * @author
    35. 

  35.  */
    36. 

  36. @Slf4j
    37. 

  37. //@AllArgsConstructor
    38. 

  38. @Component
    39. 

  39. public class ThirdSessionInterceptor implements HandlerInterceptor {
    40. 

  40. //public class ThirdSessionInterceptor extends HandlerInterceptorAdapter {
    41. 

  41. //	private final RedisTemplate redisTemplate;
    42. 

  42. 

  43. 	@Resource
    44. 

  44. 	private RedisUtil redisUtil;
    45. 

  45. 

  46. 	@Override
    47. 

  47. 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
    48. 

  48. //		if (!(handler instanceof HandlerMethod)) {
    49. 

  49. //			return super.preHandle(request, response, handler);
    50. 

  50. //		}
    51. 

  51. 		if ((handler instanceof HandlerMethod)) {
    52. 

  52. 			HandlerMethod method = (HandlerMethod) handler;
    53. 

  53. 			//判断访问的control是否添加ApiLogin注解
    54. 

  54. 			ApiLogin apiLogin = method.getMethodAnnotation(ApiLogin.class);
    55. 

  55. 			String appIdHeader = request.getHeader("app-id");
    56. 

  56. 			//小程序端的所有接口需要登录才能访问,校验thirdSession
    57. 

  57. 			return this.judeSession(request, response, apiLogin);
    58. 

  58. 		}
    59. 

  59. 		return Boolean.TRUE;
    60. 

  60. 	}
    61. 

  61. 

  62. 	/**
    63. 

  63. 	 * 校验session
    64. 

  64. 	 * @param request
    65. 

  65. 	 * @param response
    66. 

  66. 	 * @return
    67. 

  67. 	 * @throws IOException
    68. 

  68. 	 */
    69. 

  69. 	private boolean judeSession(HttpServletRequest request, HttpServletResponse response, ApiLogin apiLogin) throws IOException {
    70. 

  70. 		//获取header中的ThirdSession
    71. 

  71. 		String thirdSessionHeader = request.getHeader("third-session");
    72. 

  72. 		if (StrUtil.isNotBlank(thirdSessionHeader)) {
    73. 

  73. 			//获取缓存中的ThirdSession
    74. 

  74. 			String key = CommonConstant.PREFIX_WX_APP_USER_TOKEN + thirdSessionHeader;
    75. 

  75. 			Object thirdSessionObj = redisUtil.get(key);
    76. 

  76. 			if (thirdSessionObj == null) {//session过期
    77. 

  77. 				ThirdSessionHolder.clear();
    78. 

  78. 				this.writerPrint(response, "登录超时,请重新登录");
    79. 

  79. 				return Boolean.FALSE;
    80. 

  80. 			} else {
    81. 

  81. 				String thirdSessionStr = String.valueOf(thirdSessionObj);
    82. 

  82. 				ThirdSession thirdSession = JSONUtil.toBean(thirdSessionStr, ThirdSession.class);
    83. 

  83. 				//判断session是否属于当前tenantId、appId
    84. 

  84. 				String tenantIdHeader = request.getHeader("tenant-id");
    85. 

  85. 				if (StrUtil.isNotBlank(tenantIdHeader) && !thirdSession.getTenantId().equals(tenantIdHeader)) {
    86. 

  86. 					this.writerPrint(response, "登录超时,请重新登录");
    87. 

  87. 					return Boolean.FALSE;
    88. 

  88. 				}
    89. 

  89. 				String appIdHeader = request.getHeader("app-id");
    90. 

  90. 				if (StrUtil.isNotBlank(appIdHeader) && StrUtil.isNotBlank(thirdSession.getAppId()) && !thirdSession.getAppId().equals(appIdHeader)) {
    91. 

  91. 					this.writerPrint(response, "登录超时,请重新登录");
    92. 

  92. 					return Boolean.FALSE;
    93. 

  93. 				}
    94. 

  94. 				redisUtil.expire(key, JwtUtil.EXPIRE_TIME * 24 * 30 / 1000);//更新session过期时间
    95. 

  95. 				TenantContextHolder.setTenantId(thirdSession.getTenantId());//设置租户ID
    96. 

  96. 				ThirdSessionHolder.setThirdSession(thirdSession);//设置thirdSession
    97. 

  97. 

  98. 				if (apiLogin != null && apiLogin.mustLogin()) {
    99. 

  99. 					//此接口必须登录商城才能访问
    100. 

  100. 					return this.judeSessionUserMall(response, thirdSession);
    101. 

  101. 				}
    102. 

  102. 				return Boolean.TRUE;
    103. 

  103. 			}
    104. 

  104. 		} else {
    105. 

  105. 			this.writerPrint(response, "session不能为空");
    106. 

  106. 			return Boolean.FALSE;
    107. 

  107. 		}
    108. 

  108. 	}
    109. 

  109. 

  110. 	/**
    111. 

  111. 	 * 校验session是否商城登录
    112. 

  112. 	 * @param thirdSession
    113. 

  113. 	 * @return
    114. 

  114. 	 * @throws IOException
    115. 

  115. 	 */
    116. 

  116. 	private boolean judeSessionUserMall(HttpServletResponse response, ThirdSession thirdSession) throws IOException {
    117. 

  117. 		String userId = thirdSession.getUserId();
    118. 

  118. 		if(StrUtil.isBlank(userId)){
    119. 

  119. 			this.writerPrint(response, "请先登录");
    120. 

  120. 			return Boolean.FALSE;
    121. 

  121. 		}
    122. 

  122. 		return Boolean.TRUE;
    123. 

  123. 	}
    124. 

  124. 

  125. 	private void writerPrint(HttpServletResponse response, String msg) throws IOException {
    126. 

  126. 		//返回401错误码,触发小程序重新登录
    127. 

  127. 		JwtUtil.responseError(response,401,msg);
    128. 

  128. 	}
    129. 

  129. }
    130. 

  130.