版本控制 token校验
This commit is contained in:
@@ -37,7 +37,7 @@ public class LoginFilter implements Filter {
|
|||||||
"css/**",
|
"css/**",
|
||||||
"js/**",
|
"js/**",
|
||||||
"cashierService/phoneValidateCode",//验证码
|
"cashierService/phoneValidateCode",//验证码
|
||||||
"cashierService/location/**",//
|
"cashierService/location/**",//高德 获取行政区域
|
||||||
"cashierService/home/homePageUp",//首页上半
|
"cashierService/home/homePageUp",//首页上半
|
||||||
"cashierService/home",//首页
|
"cashierService/home",//首页
|
||||||
"cashierService/login/**"//登录部分接口不校验
|
"cashierService/login/**"//登录部分接口不校验
|
||||||
@@ -67,43 +67,45 @@ public class LoginFilter implements Filter {
|
|||||||
chain.doFilter(req, resp);
|
chain.doFilter(req, resp);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
// String environment = request.getHeader("environment");
|
//environment 环境标识 wx app 后续environment不可为空
|
||||||
// //token校验目前只对app生效
|
String environment = request.getHeader("environment");
|
||||||
// if (StringUtils.isNotBlank(environment) || !environment.equals("app")) {
|
//token校验目前只对app生效
|
||||||
// chain.doFilter(req, resp);
|
if (StringUtils.isBlank(environment) || !environment.equals("app")) {
|
||||||
// return;
|
chain.doFilter(req, resp);
|
||||||
// }
|
return;
|
||||||
// // 判断用户TOKEN是否存在
|
}
|
||||||
// String token = request.getHeader("token");
|
|
||||||
// if (StringUtils.isBlank(token)) {
|
// 判断用户TOKEN是否存在
|
||||||
// Result result = new Result(CodeEnum.TOKEN_EXEIST);
|
String token = request.getHeader("token");
|
||||||
// String jsonString = JSONObject.toJSONString(result);
|
if (StringUtils.isBlank(token)) {
|
||||||
// JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class);
|
Result result = new Result(CodeEnum.TOKEN_EXEIST);
|
||||||
// response.getWriter().print(jsonObject);
|
String jsonString = JSONObject.toJSONString(result);
|
||||||
// response.getWriter().flush();//流里边的缓存刷出
|
JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class);
|
||||||
// return;
|
response.getWriter().print(jsonObject);
|
||||||
// }
|
response.getWriter().flush();//流里边的缓存刷出
|
||||||
// //获取当前登录人的用户id
|
return;
|
||||||
// String loginName = TokenUtil.parseParamFromToken(token, "userId").toString();
|
}
|
||||||
// //获取redis中的token
|
//获取当前登录人的用户id
|
||||||
// String message = redisUtil.getMessage(RedisCst.ONLINE_APP_USER.concat(loginName));
|
String loginName = TokenUtil.parseParamFromToken(token, "userId").toString();
|
||||||
// if (StringUtils.isBlank(message)) {
|
//获取redis中的token
|
||||||
// Result result = new Result(CodeEnum.TOKEN_EXPIRED);
|
String message = redisUtil.getMessage(RedisCst.ONLINE_APP_USER.concat(loginName));
|
||||||
// String jsonString = JSONObject.toJSONString(result);
|
if (StringUtils.isBlank(message)) {
|
||||||
// JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class);
|
Result result = new Result(CodeEnum.TOKEN_EXPIRED);
|
||||||
// response.getWriter().print(jsonObject);
|
String jsonString = JSONObject.toJSONString(result);
|
||||||
// response.getWriter().flush();//流里边的缓存刷出
|
JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class);
|
||||||
// return;
|
response.getWriter().print(jsonObject);
|
||||||
// }
|
response.getWriter().flush();//流里边的缓存刷出
|
||||||
// String redisToken = JSON.parseObject(message).getString("token");
|
return;
|
||||||
// if (!token.equals(redisToken)) {
|
}
|
||||||
// Result result = new Result(CodeEnum.TOKEN_EXPIRED);
|
String redisToken = JSON.parseObject(message).getString("token");
|
||||||
// String jsonString = JSONObject.toJSONString(result);
|
if (!token.equals(redisToken)) {
|
||||||
// JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class);
|
Result result = new Result(CodeEnum.TOKEN_EXPIRED);
|
||||||
// response.getWriter().print(jsonObject);
|
String jsonString = JSONObject.toJSONString(result);
|
||||||
// response.getWriter().flush();//流里边的缓存刷出
|
JSONObject jsonObject = JSONObject.parseObject(jsonString, JSONObject.class);
|
||||||
// return;
|
response.getWriter().print(jsonObject);
|
||||||
// }
|
response.getWriter().flush();//流里边的缓存刷出
|
||||||
|
return;
|
||||||
|
}
|
||||||
chain.doFilter(req, resp);
|
chain.doFilter(req, resp);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -1,61 +0,0 @@
|
|||||||
//package com.chaozhanggui.system.cashierservice.config;
|
|
||||||
//
|
|
||||||
//import com.chaozhanggui.system.cashierservice.redis.RedisCst;
|
|
||||||
//import com.chaozhanggui.system.cashierservice.redis.RedisUtil;
|
|
||||||
//import com.chaozhanggui.system.cashierservice.sign.CodeEnum;
|
|
||||||
//import lombok.extern.slf4j.Slf4j;
|
|
||||||
//import org.apache.commons.lang3.StringUtils;
|
|
||||||
//import org.aspectj.lang.ProceedingJoinPoint;
|
|
||||||
//import org.aspectj.lang.annotation.Around;
|
|
||||||
//import org.aspectj.lang.annotation.Aspect;
|
|
||||||
//import org.aspectj.lang.annotation.Pointcut;
|
|
||||||
//import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
//import org.springframework.stereotype.Component;
|
|
||||||
//import com.chaozhanggui.system.cashierservice.sign.Result;
|
|
||||||
//import org.springframework.web.context.request.RequestContextHolder;
|
|
||||||
//import org.springframework.web.context.request.ServletRequestAttributes;
|
|
||||||
//
|
|
||||||
//import javax.servlet.http.HttpServletRequest;
|
|
||||||
//import java.util.Objects;
|
|
||||||
//
|
|
||||||
///**
|
|
||||||
// * 方法调用统一切面处理
|
|
||||||
// */
|
|
||||||
//@Aspect
|
|
||||||
//@Component
|
|
||||||
//@Slf4j
|
|
||||||
//public class AppApiMethodAspect {
|
|
||||||
//
|
|
||||||
// @Autowired
|
|
||||||
// RedisUtil redisUtil;
|
|
||||||
//
|
|
||||||
// @Pointcut("execution(public * (" +
|
|
||||||
// "com.chaozhanggui.system.cashierservice.controller.* " +
|
|
||||||
// ").*(..))")
|
|
||||||
// public void pkg() {
|
|
||||||
// }
|
|
||||||
//
|
|
||||||
// @Around("pkg()")
|
|
||||||
// public Object around(ProceedingJoinPoint pjp) throws Throwable {
|
|
||||||
// HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
|
|
||||||
// HttpServletRequest req = request;
|
|
||||||
// //version:版本号
|
|
||||||
// //type: ios; android;
|
|
||||||
// //environment:app;wx
|
|
||||||
//// String environment = req.getHeader("environment");
|
|
||||||
//// if (StringUtils.isNotBlank(environment) && environment.equals("app")) {
|
|
||||||
//// String type = req.getHeader("type");
|
|
||||||
//// String version = req.getHeader("version");
|
|
||||||
//// //LDBL_APP_VERSION:ios:version 存在即需要强制更新
|
|
||||||
//// String message = redisUtil.getMessage(RedisCst.LDBL_APP_VERSION + type + ":" + version);
|
|
||||||
//// if (StringUtils.isNotBlank(message)) {
|
|
||||||
//// return Result.success(CodeEnum.UPGRADE_REQUIRED, message);
|
|
||||||
//// }
|
|
||||||
//// }
|
|
||||||
//
|
|
||||||
// // 执行被拦截的方法
|
|
||||||
// Object result = pjp.proceed();
|
|
||||||
// return result;
|
|
||||||
//
|
|
||||||
// }
|
|
||||||
//}
|
|
||||||
@@ -2,10 +2,14 @@ package com.chaozhanggui.system.cashierservice.interceptor;
|
|||||||
|
|
||||||
import cn.hutool.core.util.ObjectUtil;
|
import cn.hutool.core.util.ObjectUtil;
|
||||||
import cn.hutool.json.JSONUtil;
|
import cn.hutool.json.JSONUtil;
|
||||||
|
import com.chaozhanggui.system.cashierservice.redis.RedisCst;
|
||||||
import com.chaozhanggui.system.cashierservice.redis.RedisUtil;
|
import com.chaozhanggui.system.cashierservice.redis.RedisUtil;
|
||||||
|
import com.chaozhanggui.system.cashierservice.sign.CodeEnum;
|
||||||
|
import com.chaozhanggui.system.cashierservice.sign.Result;
|
||||||
import com.chaozhanggui.system.cashierservice.sign.SginAnot;
|
import com.chaozhanggui.system.cashierservice.sign.SginAnot;
|
||||||
import com.chaozhanggui.system.cashierservice.sign.SignEnum;
|
import com.chaozhanggui.system.cashierservice.sign.SignEnum;
|
||||||
import com.chaozhanggui.system.cashierservice.util.*;
|
import com.chaozhanggui.system.cashierservice.util.*;
|
||||||
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
@@ -42,16 +46,31 @@ public class SignInterceptor implements HandlerInterceptor {
|
|||||||
|
|
||||||
String requestURI = request.getRequestURI();
|
String requestURI = request.getRequestURI();
|
||||||
|
|
||||||
String token=request.getHeader("token");
|
String token = request.getHeader("token");
|
||||||
|
|
||||||
String type=request.getHeader("type");
|
// String type=request.getHeader("type");
|
||||||
|
|
||||||
|
|
||||||
|
if (ignoreUrl.contains(requestURI)) {
|
||||||
if(ignoreUrl.contains(requestURI)){
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// version:版本号
|
||||||
|
// type: ios; android;
|
||||||
|
// environment:app;wx
|
||||||
|
String environment = request.getHeader("environment");
|
||||||
|
if (StringUtils.isNotBlank(environment) && environment.equals("app")) {
|
||||||
|
String type = request.getHeader("type");
|
||||||
|
String version = request.getHeader("version");
|
||||||
|
//LDBL_APP_VERSION:ios:version 存在即需要强制更新
|
||||||
|
String message = redisUtil.getMessage(RedisCst.LDBL_APP_VERSION + type + ":" + version);
|
||||||
|
// 返回false表示拦截器的处理已完成,请求不再继续向下执行
|
||||||
|
if (StringUtils.isNotBlank(message)) {
|
||||||
|
response.getWriter().write(JSONUtil.toJsonStr(Result.success(CodeEnum.UPGRADE_REQUIRED, message.replaceAll("\"", ""))));
|
||||||
|
response.getWriter().flush();
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
String ip = IpUtil.getIpAddr(request);
|
String ip = IpUtil.getIpAddr(request);
|
||||||
@@ -63,9 +82,9 @@ public class SignInterceptor implements HandlerInterceptor {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
if("C".equals(type)){
|
// if("C".equals(type)){
|
||||||
String openId=request.getHeader("openId");
|
// String openId=request.getHeader("openId");
|
||||||
}
|
// }
|
||||||
|
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
@@ -79,27 +98,27 @@ public class SignInterceptor implements HandlerInterceptor {
|
|||||||
} else if (enumm == SignEnum.SHA1) {
|
} else if (enumm == SignEnum.SHA1) {
|
||||||
return SHA1Util.check(map);
|
return SHA1Util.check(map);
|
||||||
} else if (enumm == SignEnum.RSA) {
|
} else if (enumm == SignEnum.RSA) {
|
||||||
Map<String,Object> data=(HashMap)map;
|
Map<String, Object> data = (HashMap) map;
|
||||||
String sign=data.get("sign").toString();
|
String sign = data.get("sign").toString();
|
||||||
return RSAUtils.verify(JSONUtil.toJsonStr(data.get("data")),RSAUtils.getPublicKey(publicKey),sign);
|
return RSAUtils.verify(JSONUtil.toJsonStr(data.get("data")), RSAUtils.getPublicKey(publicKey), sign);
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public Map<String,Object> getMap(Object obj){
|
public Map<String, Object> getMap(Object obj) {
|
||||||
Map<String,Object> map=new HashMap<String,Object>();
|
Map<String, Object> map = new HashMap<String, Object>();
|
||||||
if(obj==null){
|
if (obj == null) {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(obj instanceof Map){
|
if (obj instanceof Map) {
|
||||||
map=(Map<String, Object>) obj;
|
map = (Map<String, Object>) obj;
|
||||||
}else{
|
} else {
|
||||||
map = BeanUtil.transBean2Map(obj);
|
map = BeanUtil.transBean2Map(obj);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(map.containsKey("sign")){
|
if (map.containsKey("sign")) {
|
||||||
map.remove("sign");
|
map.remove("sign");
|
||||||
}
|
}
|
||||||
return map;
|
return map;
|
||||||
@@ -108,6 +127,7 @@ public class SignInterceptor implements HandlerInterceptor {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* 把request转为map
|
* 把request转为map
|
||||||
|
*
|
||||||
* @param request
|
* @param request
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -5,7 +5,7 @@ public enum CodeEnum {
|
|||||||
//系统编码
|
//系统编码
|
||||||
SYS_EXCEPTION("999",false,"系统异常","fail"),
|
SYS_EXCEPTION("999",false,"系统异常","fail"),
|
||||||
SUCCESS("0",false,"成功","success"),
|
SUCCESS("0",false,"成功","success"),
|
||||||
UPGRADE_REQUIRED("426",true,"成功","success"),
|
UPGRADE_REQUIRED("426",false,"成功","success"),
|
||||||
ENCRYPT("0",true,"成功","success"),
|
ENCRYPT("0",true,"成功","success"),
|
||||||
FAIL("1",false,"失败","fail"),
|
FAIL("1",false,"失败","fail"),
|
||||||
TOKEN_EXEIST("-2",false,"token不能为空","fail"),
|
TOKEN_EXEIST("-2",false,"token不能为空","fail"),
|
||||||
|
|||||||
Reference in New Issue
Block a user