diff --git a/src/main/java/com/chaozhanggui/system/cashierservice/auth/LoginFilter.java b/src/main/java/com/chaozhanggui/system/cashierservice/auth/LoginFilter.java index 083bda5..d030a65 100644 --- a/src/main/java/com/chaozhanggui/system/cashierservice/auth/LoginFilter.java +++ b/src/main/java/com/chaozhanggui/system/cashierservice/auth/LoginFilter.java @@ -37,7 +37,7 @@ public class LoginFilter implements Filter { "css/**", "js/**", "cashierService/phoneValidateCode",//验证码 - "cashierService/location/**",// + "cashierService/location/**",//高德 获取行政区域 "cashierService/home/homePageUp",//首页上半 "cashierService/home",//首页 "cashierService/login/**"//登录部分接口不校验 @@ -67,43 +67,45 @@ public class LoginFilter implements Filter { chain.doFilter(req, resp); return; } -// String environment = request.getHeader("environment"); -// //token校验目前只对app生效 -// if (StringUtils.isNotBlank(environment) || !environment.equals("app")) { -// chain.doFilter(req, resp); -// return; -// } -// // 判断用户TOKEN是否存在 -// String token = request.getHeader("token"); -// if (StringUtils.isBlank(token)) { -// Result result = new Result(CodeEnum.TOKEN_EXEIST); -// String jsonString = JSONObject.toJSONString(result); -// JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class); -// response.getWriter().print(jsonObject); -// response.getWriter().flush();//流里边的缓存刷出 -// return; -// } -// //获取当前登录人的用户id -// String loginName = TokenUtil.parseParamFromToken(token, "userId").toString(); -// //获取redis中的token -// String message = redisUtil.getMessage(RedisCst.ONLINE_APP_USER.concat(loginName)); -// if (StringUtils.isBlank(message)) { -// Result result = new Result(CodeEnum.TOKEN_EXPIRED); -// String jsonString = JSONObject.toJSONString(result); -// JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class); -// response.getWriter().print(jsonObject); -// response.getWriter().flush();//流里边的缓存刷出 -// return; -// } -// String redisToken = JSON.parseObject(message).getString("token"); -// if (!token.equals(redisToken)) { -// Result result = new Result(CodeEnum.TOKEN_EXPIRED); -// String jsonString = JSONObject.toJSONString(result); -// JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class); -// response.getWriter().print(jsonObject); -// response.getWriter().flush();//流里边的缓存刷出 -// return; -// } + //environment 环境标识 wx app 后续environment不可为空 + String environment = request.getHeader("environment"); + //token校验目前只对app生效 + if (StringUtils.isBlank(environment) || !environment.equals("app")) { + chain.doFilter(req, resp); + return; + } + + // 判断用户TOKEN是否存在 + String token = request.getHeader("token"); + if (StringUtils.isBlank(token)) { + Result result = new Result(CodeEnum.TOKEN_EXEIST); + String jsonString = JSONObject.toJSONString(result); + JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class); + response.getWriter().print(jsonObject); + response.getWriter().flush();//流里边的缓存刷出 + return; + } + //获取当前登录人的用户id + String loginName = TokenUtil.parseParamFromToken(token, "userId").toString(); + //获取redis中的token + String message = redisUtil.getMessage(RedisCst.ONLINE_APP_USER.concat(loginName)); + if (StringUtils.isBlank(message)) { + Result result = new Result(CodeEnum.TOKEN_EXPIRED); + String jsonString = JSONObject.toJSONString(result); + JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class); + response.getWriter().print(jsonObject); + response.getWriter().flush();//流里边的缓存刷出 + return; + } + String redisToken = JSON.parseObject(message).getString("token"); + if (!token.equals(redisToken)) { + Result result = new Result(CodeEnum.TOKEN_EXPIRED); + String jsonString = JSONObject.toJSONString(result); + JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class); + response.getWriter().print(jsonObject); + response.getWriter().flush();//流里边的缓存刷出 + return; + } chain.doFilter(req, resp); } diff --git a/src/main/java/com/chaozhanggui/system/cashierservice/config/AppApiMethodAspect.java b/src/main/java/com/chaozhanggui/system/cashierservice/config/AppApiMethodAspect.java deleted file mode 100644 index 32afb42..0000000 --- a/src/main/java/com/chaozhanggui/system/cashierservice/config/AppApiMethodAspect.java +++ /dev/null @@ -1,61 +0,0 @@ -//package com.chaozhanggui.system.cashierservice.config; -// -//import com.chaozhanggui.system.cashierservice.redis.RedisCst; -//import com.chaozhanggui.system.cashierservice.redis.RedisUtil; -//import com.chaozhanggui.system.cashierservice.sign.CodeEnum; -//import lombok.extern.slf4j.Slf4j; -//import org.apache.commons.lang3.StringUtils; -//import org.aspectj.lang.ProceedingJoinPoint; -//import org.aspectj.lang.annotation.Around; -//import org.aspectj.lang.annotation.Aspect; -//import org.aspectj.lang.annotation.Pointcut; -//import org.springframework.beans.factory.annotation.Autowired; -//import org.springframework.stereotype.Component; -//import com.chaozhanggui.system.cashierservice.sign.Result; -//import org.springframework.web.context.request.RequestContextHolder; -//import org.springframework.web.context.request.ServletRequestAttributes; -// -//import javax.servlet.http.HttpServletRequest; -//import java.util.Objects; -// -///** -// * 方法调用统一切面处理 -// */ -//@Aspect -//@Component -//@Slf4j -//public class AppApiMethodAspect { -// -// @Autowired -// RedisUtil redisUtil; -// -// @Pointcut("execution(public * (" + -// "com.chaozhanggui.system.cashierservice.controller.* " + -// ").*(..))") -// public void pkg() { -// } -// -// @Around("pkg()") -// public Object around(ProceedingJoinPoint pjp) throws Throwable { -// HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest(); -// HttpServletRequest req = request; -// //version:版本号 -// //type: ios; android; -// //environment:app;wx -//// String environment = req.getHeader("environment"); -//// if (StringUtils.isNotBlank(environment) && environment.equals("app")) { -//// String type = req.getHeader("type"); -//// String version = req.getHeader("version"); -//// //LDBL_APP_VERSION:ios:version 存在即需要强制更新 -//// String message = redisUtil.getMessage(RedisCst.LDBL_APP_VERSION + type + ":" + version); -//// if (StringUtils.isNotBlank(message)) { -//// return Result.success(CodeEnum.UPGRADE_REQUIRED, message); -//// } -//// } -// -// // 执行被拦截的方法 -// Object result = pjp.proceed(); -// return result; -// -// } -//} diff --git a/src/main/java/com/chaozhanggui/system/cashierservice/interceptor/SignInterceptor.java b/src/main/java/com/chaozhanggui/system/cashierservice/interceptor/SignInterceptor.java index b00edbf..783eb80 100644 --- a/src/main/java/com/chaozhanggui/system/cashierservice/interceptor/SignInterceptor.java +++ b/src/main/java/com/chaozhanggui/system/cashierservice/interceptor/SignInterceptor.java @@ -2,10 +2,14 @@ package com.chaozhanggui.system.cashierservice.interceptor; import cn.hutool.core.util.ObjectUtil; import cn.hutool.json.JSONUtil; +import com.chaozhanggui.system.cashierservice.redis.RedisCst; import com.chaozhanggui.system.cashierservice.redis.RedisUtil; +import com.chaozhanggui.system.cashierservice.sign.CodeEnum; +import com.chaozhanggui.system.cashierservice.sign.Result; import com.chaozhanggui.system.cashierservice.sign.SginAnot; import com.chaozhanggui.system.cashierservice.sign.SignEnum; import com.chaozhanggui.system.cashierservice.util.*; +import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -42,16 +46,31 @@ public class SignInterceptor implements HandlerInterceptor { String requestURI = request.getRequestURI(); - String token=request.getHeader("token"); + String token = request.getHeader("token"); - String type=request.getHeader("type"); +// String type=request.getHeader("type"); - - if(ignoreUrl.contains(requestURI)){ + if (ignoreUrl.contains(requestURI)) { return true; } +// version:版本号 +// type: ios; android; +// environment:app;wx + String environment = request.getHeader("environment"); + if (StringUtils.isNotBlank(environment) && environment.equals("app")) { + String type = request.getHeader("type"); + String version = request.getHeader("version"); + //LDBL_APP_VERSION:ios:version 存在即需要强制更新 + String message = redisUtil.getMessage(RedisCst.LDBL_APP_VERSION + type + ":" + version); + // 返回false表示拦截器的处理已完成,请求不再继续向下执行 + if (StringUtils.isNotBlank(message)) { + response.getWriter().write(JSONUtil.toJsonStr(Result.success(CodeEnum.UPGRADE_REQUIRED, message.replaceAll("\"", "")))); + response.getWriter().flush(); + return false; + } + } String ip = IpUtil.getIpAddr(request); @@ -63,9 +82,9 @@ public class SignInterceptor implements HandlerInterceptor { } - if("C".equals(type)){ - String openId=request.getHeader("openId"); - } +// if("C".equals(type)){ +// String openId=request.getHeader("openId"); +// } return true; @@ -79,27 +98,27 @@ public class SignInterceptor implements HandlerInterceptor { } else if (enumm == SignEnum.SHA1) { return SHA1Util.check(map); } else if (enumm == SignEnum.RSA) { - Map data=(HashMap)map; - String sign=data.get("sign").toString(); - return RSAUtils.verify(JSONUtil.toJsonStr(data.get("data")),RSAUtils.getPublicKey(publicKey),sign); + Map data = (HashMap) map; + String sign = data.get("sign").toString(); + return RSAUtils.verify(JSONUtil.toJsonStr(data.get("data")), RSAUtils.getPublicKey(publicKey), sign); } return false; } - public Map getMap(Object obj){ - Map map=new HashMap(); - if(obj==null){ + public Map getMap(Object obj) { + Map map = new HashMap(); + if (obj == null) { return null; } - if(obj instanceof Map){ - map=(Map) obj; - }else{ + if (obj instanceof Map) { + map = (Map) obj; + } else { map = BeanUtil.transBean2Map(obj); } - if(map.containsKey("sign")){ + if (map.containsKey("sign")) { map.remove("sign"); } return map; @@ -108,6 +127,7 @@ public class SignInterceptor implements HandlerInterceptor { /** * 把request转为map + * * @param request * @return */ diff --git a/src/main/java/com/chaozhanggui/system/cashierservice/sign/CodeEnum.java b/src/main/java/com/chaozhanggui/system/cashierservice/sign/CodeEnum.java index 0eda53e..ba24a7b 100644 --- a/src/main/java/com/chaozhanggui/system/cashierservice/sign/CodeEnum.java +++ b/src/main/java/com/chaozhanggui/system/cashierservice/sign/CodeEnum.java @@ -5,7 +5,7 @@ public enum CodeEnum { //系统编码 SYS_EXCEPTION("999",false,"系统异常","fail"), SUCCESS("0",false,"成功","success"), - UPGRADE_REQUIRED("426",true,"成功","success"), + UPGRADE_REQUIRED("426",false,"成功","success"), ENCRYPT("0",true,"成功","success"), FAIL("1",false,"失败","fail"), TOKEN_EXEIST("-2",false,"token不能为空","fail"),