From 46b609d9847ebc904430c6825079f0750aa51bd2 Mon Sep 17 00:00:00 2001 From: xyli Date: Fri, 3 Mar 2023 17:34:30 +0800 Subject: [PATCH 1/3] =?UTF-8?q?IpInterceptor.java=20=E6=96=B0=E5=A2=9Echec?= =?UTF-8?q?kHeaderUser=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/interceptor/LoginInterceptor.java | 39 +++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/src/main/java/mpms/common/interceptor/LoginInterceptor.java b/src/main/java/mpms/common/interceptor/LoginInterceptor.java index a19890c..ce65b51 100644 --- a/src/main/java/mpms/common/interceptor/LoginInterceptor.java +++ b/src/main/java/mpms/common/interceptor/LoginInterceptor.java @@ -30,6 +30,45 @@ import java.util.concurrent.TimeUnit; public class LoginInterceptor extends BaseLinxInterceptor { + /** + * 尝试获取 header 中的信息 + * + * @param session ses + * @param request req + * @return true 获取成功 + */ + private int checkHeaderUser(HttpServletRequest request, HttpSession session) { + String token = request.getHeader(ServerOpenApi.HTTP_HEAD_AUTHORIZATION); + if (StrUtil.isEmpty(token)) { + return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; + } + JWT jwt = JwtUtil.readBody(token); + if (JwtUtil.expired(jwt, 0)) { + int renewal = ServerExtConfigBean.getInstance().getAuthorizeRenewal(); + if (jwt == null || renewal <= 0 || JwtUtil.expired(jwt, TimeUnit.MINUTES.toSeconds(renewal))) { + return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; + } + return ServerConfigBean.RENEWAL_AUTHORIZE_CODE; + } + UserModel user = (UserModel) session.getAttribute(SESSION_NAME); + UserService userService = SpringUtil.getBean(UserService.class); + String id = JwtUtil.getId(jwt); + UserModel newUser = userService.checkUserFromDB(id); + if (newUser == null) { + return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; + } + if (null != user) { + String tokenUserId = JwtUtil.readUserId(jwt); + boolean b = user.getId().equals(tokenUserId) && user.getUserMd5Key().equals(id) + && user.getModifyTime() == newUser.getModifyTime(); + if (!b) { + return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; + } + } + session.setAttribute(LoginInterceptor.SESSION_NAME, newUser); + return 0; + } + /** * 尝试获取 header 中的信息 -- Gitee From 625073a7229d2623951d293e62de32861ed0810f Mon Sep 17 00:00:00 2001 From: xyli Date: Fri, 3 Mar 2023 17:36:18 +0800 Subject: [PATCH 2/3] =?UTF-8?q?IpInterceptor.java=20=E5=AE=9E=E7=8E=B0preH?= =?UTF-8?q?andle=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../common/interceptor/LoginInterceptor.java | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/src/main/java/mpms/common/interceptor/LoginInterceptor.java b/src/main/java/mpms/common/interceptor/LoginInterceptor.java index ce65b51..468b15e 100644 --- a/src/main/java/mpms/common/interceptor/LoginInterceptor.java +++ b/src/main/java/mpms/common/interceptor/LoginInterceptor.java @@ -28,7 +28,35 @@ import java.util.concurrent.TimeUnit; */ @InterceptorPattens(sort = -1, exclude = ServerOpenApi.API + "**") public class LoginInterceptor extends BaseLinxInterceptor { + /** + * session + */ + public static final String SESSION_NAME = "user"; + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, HandlerMethod handlerMethod) throws Exception { + HttpSession session = getSession(); + // + NotLogin notLogin = handlerMethod.getMethodAnnotation(NotLogin.class); + if (notLogin == null) { + notLogin = handlerMethod.getBeanType().getAnnotation(NotLogin.class); + } + if (notLogin == null) { + // 这里需要判断请求头里是否有 Authorization 属性 + String authorization = request.getHeader(ServerOpenApi.HTTP_HEAD_AUTHORIZATION); + if (StrUtil.isNotEmpty(authorization)) { + // jwt token 检测机制 + int code = this.checkHeaderUser(request, session); + if (code > 0) { + this.responseLogin(request, response, handlerMethod, code); + return false; + } + } + } + reload(); + // + return true; + } /** * 尝试获取 header 中的信息 -- Gitee From 057ddf7e2822d58b34904146474572b40a4fcf69 Mon Sep 17 00:00:00 2001 From: xyli Date: Fri, 3 Mar 2023 17:37:37 +0800 Subject: [PATCH 3/3] =?UTF-8?q?IpInterceptor.java=20=E5=AE=9E=E7=8E=B0preH?= =?UTF-8?q?andle=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/java/mpms/common/interceptor/LoginInterceptor.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/mpms/common/interceptor/LoginInterceptor.java b/src/main/java/mpms/common/interceptor/LoginInterceptor.java index 468b15e..f1d8d74 100644 --- a/src/main/java/mpms/common/interceptor/LoginInterceptor.java +++ b/src/main/java/mpms/common/interceptor/LoginInterceptor.java @@ -36,6 +36,7 @@ public class LoginInterceptor extends BaseLinxInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, HandlerMethod handlerMethod) throws Exception { HttpSession session = getSession(); + // NotLogin notLogin = handlerMethod.getMethodAnnotation(NotLogin.class); if (notLogin == null) { -- Gitee