mirror of
https://github.com/201206030/novel.git
synced 2025-04-27 07:30:50 +00:00
feat: 增加用户认证拦截器
This commit is contained in:
xiongxiaoyang
parent
1fcd085820
commit
cdd1455ab9
@ -72,6 +72,11 @@ public enum ErrorCodeEnum {
|
|||||||
* */
|
* */
|
||||||
USER_REQUEST_PARAM_ERROR("A0400","用户请求参数错误"),
|
USER_REQUEST_PARAM_ERROR("A0400","用户请求参数错误"),
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 用户登录已过期
|
||||||
|
* */
|
||||||
|
USER_LOGIN_EXPIRED("A0230","用户登录已过期"),
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 一级宏观错误码,系统执行出错
|
* 一级宏观错误码,系统执行出错
|
||||||
* */
|
* */
|
||||||
|
|||||||
@ -0,0 +1,38 @@
|
|||||||
|
package io.github.xxyopen.novel.core.config;
|
||||||
|
|
||||||
|
import io.github.xxyopen.novel.core.constant.ApiRouterConsts;
|
||||||
|
import io.github.xxyopen.novel.core.intercepter.AuthInterceptor;
|
||||||
|
import lombok.RequiredArgsConstructor;
|
||||||
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||||
|
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Spring Web Mvc 相关配置
|
||||||
|
* 不要加 @EnableWebMvc 注解,否则会导致 jackson 的全局配置失效
|
||||||
|
* 类上添加 @EnableWebMvc 会导致 WebMvcAutoConfiguration 中的自动配置全部失效
|
||||||
|
*
|
||||||
|
* @author xiongxiaoyang
|
||||||
|
* @date 2022/5/18
|
||||||
|
*/
|
||||||
|
@Configuration
|
||||||
|
@RequiredArgsConstructor
|
||||||
|
public class WebConfig implements WebMvcConfigurer {
|
||||||
|
|
||||||
|
private final AuthInterceptor frontAuthInterceptor;
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void addInterceptors(InterceptorRegistry registry) {
|
||||||
|
registry.addInterceptor(frontAuthInterceptor)
|
||||||
|
// 拦截会员中心相关请求接口
|
||||||
|
.addPathPatterns(ApiRouterConsts.API_FRONT_USER_URL_PREFIX + "/**"
|
||||||
|
// 拦截作家后台相关请求接口
|
||||||
|
, ApiRouterConsts.API_AUTHOR_URL_PREFIX + "/**"
|
||||||
|
// 拦截平台后台相关请求接口
|
||||||
|
, ApiRouterConsts.API_ADMIN_URL_PREFIX + "/**")
|
||||||
|
// 放行登录注册相关请求接口
|
||||||
|
.excludePathPatterns(ApiRouterConsts.API_FRONT_USER_URL_PREFIX + "/register"
|
||||||
|
, ApiRouterConsts.API_FRONT_USER_URL_PREFIX + "/login",
|
||||||
|
ApiRouterConsts.API_ADMIN_URL_PREFIX + "/login");
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -12,6 +12,11 @@ public class SystemConfigConsts {
|
|||||||
throw new IllegalStateException("Constant class");
|
throw new IllegalStateException("Constant class");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Http 请求认证 Header
|
||||||
|
* */
|
||||||
|
public static final String HTTP_AUTH_HEADER_NAME = "Authorization";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 前台门户系统标识
|
* 前台门户系统标识
|
||||||
* */
|
* */
|
||||||
|
|||||||
@ -0,0 +1,60 @@
|
|||||||
|
package io.github.xxyopen.novel.core.intercepter;
|
||||||
|
|
||||||
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
|
import io.github.xxyopen.novel.core.common.constant.ErrorCodeEnum;
|
||||||
|
import io.github.xxyopen.novel.core.common.resp.RestResp;
|
||||||
|
import io.github.xxyopen.novel.core.constant.ApiRouterConsts;
|
||||||
|
import io.github.xxyopen.novel.core.constant.SystemConfigConsts;
|
||||||
|
import io.github.xxyopen.novel.core.util.JwtUtils;
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
|
import jakarta.servlet.http.HttpServletResponse;
|
||||||
|
import lombok.RequiredArgsConstructor;
|
||||||
|
import org.springframework.http.MediaType;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import org.springframework.web.servlet.HandlerInterceptor;
|
||||||
|
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.util.Objects;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 认证 拦截器
|
||||||
|
* 为了注入其它的 Spring beans,需要通过 @Component 注解将该拦截器注册到 Spring 上下文
|
||||||
|
*
|
||||||
|
* @author xiongxiaoyang
|
||||||
|
* @date 2022/5/18
|
||||||
|
*/
|
||||||
|
@Component
|
||||||
|
@RequiredArgsConstructor
|
||||||
|
public class AuthInterceptor implements HandlerInterceptor {
|
||||||
|
|
||||||
|
private final JwtUtils jwtUtils;
|
||||||
|
|
||||||
|
private final ObjectMapper objectMapper;
|
||||||
|
|
||||||
|
@SuppressWarnings("NullableProblems")
|
||||||
|
@Override
|
||||||
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
||||||
|
// 校验登录JWT
|
||||||
|
String token = request.getHeader(SystemConfigConsts.HTTP_AUTH_HEADER_NAME);
|
||||||
|
if (!Objects.isNull(token)) {
|
||||||
|
String requestUri = request.getRequestURI();
|
||||||
|
if (requestUri.contains(ApiRouterConsts.API_FRONT_USER_URL_PREFIX)
|
||||||
|
|| requestUri.contains(ApiRouterConsts.API_AUTHOR_URL_PREFIX)) {
|
||||||
|
// 校验会员和作家的登录权限
|
||||||
|
Long userId = jwtUtils.parseToken(token, SystemConfigConsts.NOVEL_FRONT_KEY);
|
||||||
|
if (!Objects.isNull(userId)) {
|
||||||
|
// TODO 查询用户信息并校验账号状态是否正常
|
||||||
|
// 认证成功
|
||||||
|
return HandlerInterceptor.super.preHandle(request, response, handler);
|
||||||
|
}
|
||||||
|
}else{
|
||||||
|
// TODO 校验后台的登录权限
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
response.setCharacterEncoding(StandardCharsets.UTF_8.name());
|
||||||
|
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
|
||||||
|
response.getWriter().write(objectMapper.writeValueAsString(RestResp.fail(ErrorCodeEnum.USER_LOGIN_EXPIRED)));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user