You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
124 lines
4.2 KiB
Java
124 lines
4.2 KiB
Java
package com.glxp.api.aspect;
|
|
|
|
import cn.hutool.core.util.StrUtil;
|
|
import com.glxp.api.annotation.AuthRuleAnnotation;
|
|
import com.glxp.api.common.enums.ResultEnum;
|
|
import com.glxp.api.dao.auth.AuthLicenseDao;
|
|
import com.glxp.api.entity.auth.AuthLicense;
|
|
import com.glxp.api.exception.JsonException;
|
|
import com.glxp.api.util.JwtUtils;
|
|
import io.jsonwebtoken.Claims;
|
|
import lombok.RequiredArgsConstructor;
|
|
import lombok.extern.slf4j.Slf4j;
|
|
import org.aspectj.lang.JoinPoint;
|
|
import org.aspectj.lang.annotation.Aspect;
|
|
import org.aspectj.lang.annotation.Before;
|
|
import org.aspectj.lang.annotation.Pointcut;
|
|
import org.aspectj.lang.reflect.MethodSignature;
|
|
import org.springframework.stereotype.Component;
|
|
import org.springframework.web.context.request.RequestContextHolder;
|
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
import java.lang.reflect.Method;
|
|
|
|
/**
|
|
* 登录验证 AOP
|
|
*/
|
|
@Aspect
|
|
@Component
|
|
@Slf4j
|
|
@RequiredArgsConstructor
|
|
public class AuthorizeAspect {
|
|
|
|
|
|
private final AuthLicenseDao authLicenseDao;
|
|
|
|
@Pointcut("@annotation(com.glxp.api.annotation.AuthRuleAnnotation)")
|
|
public void adminLoginVerify() {
|
|
}
|
|
|
|
/**
|
|
* 登录验证
|
|
*
|
|
* @param joinPoint
|
|
*/
|
|
@Before("adminLoginVerify()")
|
|
public void doAdminAuthVerify(JoinPoint joinPoint) {
|
|
|
|
ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
|
|
if (attributes == null) {
|
|
throw new JsonException(ResultEnum.NOT_NETWORK);
|
|
}
|
|
HttpServletRequest request = attributes.getRequest();
|
|
|
|
// 尝试获取下划线格式的请求头信息
|
|
String id = request.getHeader("ADMIN_ID");
|
|
String token = request.getHeader("ADMIN_TOKEN");
|
|
|
|
// 如果没有获取到,尝试获取驼峰格式的请求头信息
|
|
if (StrUtil.isBlank(id)) {
|
|
id = request.getHeader("adminId");
|
|
}
|
|
if (StrUtil.isBlank(token)) {
|
|
token = request.getHeader("adminToken");
|
|
}
|
|
|
|
// 如果 id 或 token 仍然为空
|
|
if (StrUtil.isBlank(id) || StrUtil.isBlank(token)) {
|
|
// 尝试获取下划线格式的 api_key 和 secret_key
|
|
String apiKey = request.getHeader("api_key");
|
|
String secretKey = request.getHeader("secret_key");
|
|
|
|
// 如果没有获取到,尝试获取驼峰格式的 apiKey 和 secretKey
|
|
if (StrUtil.isBlank(apiKey)) {
|
|
apiKey = request.getHeader("apiKey");
|
|
}
|
|
if (StrUtil.isBlank(secretKey)) {
|
|
secretKey = request.getHeader("secretKey");
|
|
}
|
|
|
|
AuthLicense authLicense = authLicenseDao.get(apiKey);
|
|
if (authLicense != null && authLicense.getSecretKey().equals(secretKey)) {
|
|
// 这里可以添加验证通过后的逻辑
|
|
} else {
|
|
throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
|
|
}
|
|
} else {
|
|
String query = request.getQueryString();
|
|
Long adminId = null;
|
|
try {
|
|
adminId = Long.valueOf(id);
|
|
} catch (Exception e) {
|
|
throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
|
|
}
|
|
|
|
|
|
if (token == null) {
|
|
throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
|
|
}
|
|
|
|
// 验证 token
|
|
Claims claims = JwtUtils.parse(token);
|
|
if (claims == null) {
|
|
throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
|
|
}
|
|
Long jwtAdminId = Long.valueOf(claims.get("admin_id").toString());
|
|
if (adminId.compareTo(jwtAdminId) != 0) {
|
|
throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);
|
|
}
|
|
}
|
|
|
|
// 判断是否进行权限验证
|
|
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
|
|
//从切面中获取当前方法
|
|
Method method = signature.getMethod();
|
|
//得到了方,提取出他的注解
|
|
AuthRuleAnnotation action = method.getAnnotation(AuthRuleAnnotation.class);
|
|
// 进行权限验证
|
|
// authRuleVerify(action.value(), adminId);
|
|
}
|
|
|
|
|
|
}
|