From cdd1455ab9c6b072a1ef772ce5992df5d476ff44 Mon Sep 17 00:00:00 2001 From: xiongxiaoyang <773861846@qq.com> Date: Wed, 18 May 2022 09:06:26 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E5=A2=9E=E5=8A=A0=E7=94=A8=E6=88=B7?= =?UTF-8?q?=E8=AE=A4=E8=AF=81=E6=8B=A6=E6=88=AA=E5=99=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../core/common/constant/ErrorCodeEnum.java | 5 ++ .../xxyopen/novel/core/config/WebConfig.java | 38 ++++++++++++ .../core/constant/SystemConfigConsts.java | 5 ++ .../core/intercepter/AuthInterceptor.java | 60 +++++++++++++++++++ 4 files changed, 108 insertions(+) create mode 100644 src/main/java/io/github/xxyopen/novel/core/config/WebConfig.java create mode 100644 src/main/java/io/github/xxyopen/novel/core/intercepter/AuthInterceptor.java diff --git a/src/main/java/io/github/xxyopen/novel/core/common/constant/ErrorCodeEnum.java b/src/main/java/io/github/xxyopen/novel/core/common/constant/ErrorCodeEnum.java index 1c9eafe..ab1e609 100644 --- a/src/main/java/io/github/xxyopen/novel/core/common/constant/ErrorCodeEnum.java +++ b/src/main/java/io/github/xxyopen/novel/core/common/constant/ErrorCodeEnum.java @@ -72,6 +72,11 @@ public enum ErrorCodeEnum { * */ USER_REQUEST_PARAM_ERROR("A0400","用户请求参数错误"), + /** + * 用户登录已过期 + * */ + USER_LOGIN_EXPIRED("A0230","用户登录已过期"), + /** * 一级宏观错误码,系统执行出错 * */ diff --git a/src/main/java/io/github/xxyopen/novel/core/config/WebConfig.java b/src/main/java/io/github/xxyopen/novel/core/config/WebConfig.java new file mode 100644 index 0000000..9b82ef6 --- /dev/null +++ b/src/main/java/io/github/xxyopen/novel/core/config/WebConfig.java @@ -0,0 +1,38 @@ +package io.github.xxyopen.novel.core.config; + +import io.github.xxyopen.novel.core.constant.ApiRouterConsts; +import io.github.xxyopen.novel.core.intercepter.AuthInterceptor; +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +/** + * Spring Web Mvc 相关配置 + * 不要加 @EnableWebMvc 注解,否则会导致 jackson 的全局配置失效 + * 类上添加 @EnableWebMvc 会导致 WebMvcAutoConfiguration 中的自动配置全部失效 + * + * @author xiongxiaoyang + * @date 2022/5/18 + */ +@Configuration +@RequiredArgsConstructor +public class WebConfig implements WebMvcConfigurer { + + private final AuthInterceptor frontAuthInterceptor; + + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(frontAuthInterceptor) + // 拦截会员中心相关请求接口 + .addPathPatterns(ApiRouterConsts.API_FRONT_USER_URL_PREFIX + "/**" + // 拦截作家后台相关请求接口 + , ApiRouterConsts.API_AUTHOR_URL_PREFIX + "/**" + // 拦截平台后台相关请求接口 + , ApiRouterConsts.API_ADMIN_URL_PREFIX + "/**") + // 放行登录注册相关请求接口 + .excludePathPatterns(ApiRouterConsts.API_FRONT_USER_URL_PREFIX + "/register" + , ApiRouterConsts.API_FRONT_USER_URL_PREFIX + "/login", + ApiRouterConsts.API_ADMIN_URL_PREFIX + "/login"); + } +} diff --git a/src/main/java/io/github/xxyopen/novel/core/constant/SystemConfigConsts.java b/src/main/java/io/github/xxyopen/novel/core/constant/SystemConfigConsts.java index 0024141..15145ca 100644 --- a/src/main/java/io/github/xxyopen/novel/core/constant/SystemConfigConsts.java +++ b/src/main/java/io/github/xxyopen/novel/core/constant/SystemConfigConsts.java @@ -12,6 +12,11 @@ public class SystemConfigConsts { throw new IllegalStateException("Constant class"); } + /** + * Http 请求认证 Header + * */ + public static final String HTTP_AUTH_HEADER_NAME = "Authorization"; + /** * 前台门户系统标识 * */ diff --git a/src/main/java/io/github/xxyopen/novel/core/intercepter/AuthInterceptor.java b/src/main/java/io/github/xxyopen/novel/core/intercepter/AuthInterceptor.java new file mode 100644 index 0000000..22d88f7 --- /dev/null +++ b/src/main/java/io/github/xxyopen/novel/core/intercepter/AuthInterceptor.java @@ -0,0 +1,60 @@ +package io.github.xxyopen.novel.core.intercepter; + +import com.fasterxml.jackson.databind.ObjectMapper; +import io.github.xxyopen.novel.core.common.constant.ErrorCodeEnum; +import io.github.xxyopen.novel.core.common.resp.RestResp; +import io.github.xxyopen.novel.core.constant.ApiRouterConsts; +import io.github.xxyopen.novel.core.constant.SystemConfigConsts; +import io.github.xxyopen.novel.core.util.JwtUtils; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import lombok.RequiredArgsConstructor; +import org.springframework.http.MediaType; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerInterceptor; + +import java.nio.charset.StandardCharsets; +import java.util.Objects; + +/** + * 认证 拦截器 + * 为了注入其它的 Spring beans,需要通过 @Component 注解将该拦截器注册到 Spring 上下文 + * + * @author xiongxiaoyang + * @date 2022/5/18 + */ +@Component +@RequiredArgsConstructor +public class AuthInterceptor implements HandlerInterceptor { + + private final JwtUtils jwtUtils; + + private final ObjectMapper objectMapper; + + @SuppressWarnings("NullableProblems") + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + // 校验登录JWT + String token = request.getHeader(SystemConfigConsts.HTTP_AUTH_HEADER_NAME); + if (!Objects.isNull(token)) { + String requestUri = request.getRequestURI(); + if (requestUri.contains(ApiRouterConsts.API_FRONT_USER_URL_PREFIX) + || requestUri.contains(ApiRouterConsts.API_AUTHOR_URL_PREFIX)) { + // 校验会员和作家的登录权限 + Long userId = jwtUtils.parseToken(token, SystemConfigConsts.NOVEL_FRONT_KEY); + if (!Objects.isNull(userId)) { + // TODO 查询用户信息并校验账号状态是否正常 + // 认证成功 + return HandlerInterceptor.super.preHandle(request, response, handler); + } + }else{ + // TODO 校验后台的登录权限 + } + + } + response.setCharacterEncoding(StandardCharsets.UTF_8.name()); + response.setContentType(MediaType.APPLICATION_JSON_VALUE); + response.getWriter().write(objectMapper.writeValueAsString(RestResp.fail(ErrorCodeEnum.USER_LOGIN_EXPIRED))); + return false; + } +}