Home Explore Help
Register Sign In
4dkankan-v4
/
4dkankan-center-scene
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

业务授权校验

dsx 1 year ago
parent
61255ab450
commit
85b258fabd
1 changed files with 35 additions and 31 deletions
Split View Show Diff Stats
  1. 35 31
      src/main/java/com/fdkankan/scene/Interceptor/CheckViewBizAuthAspect.java

+ 35 - 31
src/main/java/com/fdkankan/scene/Interceptor/CheckViewBizAuthAspect.java
View File 

@@ -1,6 +1,7 @@
 
 package com.fdkankan.scene.Interceptor;
 
 
 import cn.hutool.core.util.StrUtil;
 
+import cn.hutool.core.util.URLUtil;
 
 import com.alibaba.fastjson.JSON;
 
 import com.fdkankan.common.constant.CommonStatus;
 
 import com.fdkankan.common.constant.ErrorCode;
 
@@ -33,6 +34,9 @@ import javax.crypto.Cipher;
 
 import javax.crypto.spec.SecretKeySpec;
 
 import javax.servlet.http.HttpServletRequest;
 
 import java.io.IOException;
 
+import java.net.InetAddress;
 
+import java.net.URL;
 
+import java.net.UnknownHostException;
 
 import java.nio.charset.StandardCharsets;
 
 import java.util.*;
 
 
@@ -80,6 +84,9 @@ public class CheckViewBizAuthAspect {
 
 	public void doBefore(JoinPoint joinPoint) throws Exception {
 
 		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
 
 		Map<String, Object> params = WebUtil.getParameter(joinPoint, request);
 
+
 
+		String remoteIp = WebUtil.getIpAddress(request);
 
+
 
 		String num = (String) params.get("num");
 
 		String sign = (String) params.get("sign");
 
 
@@ -87,7 +94,7 @@ public class CheckViewBizAuthAspect {
 
 		sysLog.setRequestPath("场景展示");
 
 		sysLog.setUri(request.getRequestURI());
 
 		sysLog.setMethod(request.getMethod());
 
-		sysLog.setIp(WebUtil.getIpAddress(request));
 
+		sysLog.setIp(remoteIp);
 
 		sysLog.setBrowser(WebUtil.getBrowser(request));
 
 		sysLog.setOperationType("scene-view");
 
 		sysLog.setParams(JSON.toJSONString(params));
 
@@ -97,6 +104,7 @@ public class CheckViewBizAuthAspect {
 
 		String userName = null, ip = null, timestamp = null;
 
 		boolean flag = true;
 
 		if(StrUtil.isNotEmpty(sign)){
 
+			sign = sign.replaceAll("%2B", "+").replaceAll(" ", "+");
 
 			String[] split = null;
 
 			try {
 
 				String decode = AesUtil.decryptECB(sign, ENCRYPT_KEY, "AES/ECB/PKCS5Padding");
 
@@ -109,40 +117,39 @@ public class CheckViewBizAuthAspect {
 
 				errorMsg = "签名解密失败";
 
 			}
 
 
-			if(split.length == 1){
 
+			if(Objects.isNull(split) || split.length == 1){
 
 				flag = false;
 
 				errorCode = ErrorCode.AUTH_FAIL.code();
 
 				errorMsg = "签名参数错误";
 
-			}
 
-
 
-			for (int i = 0; i < split.length; i++){
 
-				if(i == 0){
 
-					userName = split[i];
 
-				}
 
-				if(i == 1){
 
-					ip = split[i];
 
-				}
 
-				if(i == 2){
 
-					timestamp = split[i];
 
+			}else{
 
+				for (int i = 0; i < split.length; i++){
 
+					if(i == 0){
 
+						userName = split[i];
 
+					}
 
+					if(i == 1){
 
+						ip = split[i];
 
+					}
 
+					if(i == 2){
 
+						timestamp = split[i];
 
+					}
 
 				}
 
-			}
 
 
-			String ipAddress = WebUtil.getIpAddress(request);
 
-			if(StrUtil.isNotEmpty(ip) && !ip.equals(ipAddress)){
 
-				flag = false;
 
-				errorCode = ErrorCode.AUTH_FAIL.code();
 
-				errorMsg = "ip不匹配";
 
-			}
 
+				if(StrUtil.isNotEmpty(ip) && !ip.equals(remoteIp)){
 
+					flag = false;
 
+					errorCode = ErrorCode.AUTH_FAIL.code();
 
+					errorMsg = "ip不匹配";
 
+				}
 
 
-			if(StrUtil.isNotEmpty(timestamp) && Calendar.getInstance().getTime().after(new Date(Long.valueOf(timestamp) * 1000))){
 
-				flag = false;
 
-				errorCode = ErrorCode.AUTH_FAIL.code();
 
-				errorMsg = "超出访问截止时间";
 
+				if(StrUtil.isNotEmpty(timestamp) && Calendar.getInstance().getTime().after(new Date(Long.valueOf(timestamp) * 1000))){
 
+					flag = false;
 
+					errorCode = ErrorCode.AUTH_FAIL.code();
 
+					errorMsg = "超出访问截止时间";
 
+				}
 
 			}
 
 		}else{
 
 			//查询场景是否业务授权
 
 			JySceneAuth jySceneAuth = jySceneAuthService.getByNum(num);
 
-			if(Objects.isNull(jySceneAuth) && jySceneAuth.getAuthType() == 0){
 
+			if(!Objects.isNull(jySceneAuth) && jySceneAuth.getAuthType() == 0){
 
 				//业务授权校验用户名密码
 
 				userName = (String) params.get("userName");
 
 				String password = (String) params.get("password");
 
@@ -158,7 +165,7 @@ public class CheckViewBizAuthAspect {
 
 						flag = false;
 
 						errorCode = ErrorCode.AUTH_FAIL.code();
 
 						errorMsg = "无权访问";
 
-					}else if (jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
 
+					}else if (jySceneUserAuth.getLookAuth() == 2 && jySceneUserAuth.getLookEndTime().before(Calendar.getInstance().getTime())){
 
 						flag = false;
 
 						errorCode = ErrorCode.AUTH_FAIL.code();
 
 						errorMsg = "超出访问截止时间";
 
@@ -168,12 +175,10 @@ public class CheckViewBizAuthAspect {
 
 					if(flag){
 
 						User user = userService.findByUserName(userName);
 
 						//模拟前端密码加密规则生成前端密码
 
-						password = Base64Converter.decode(Base64Converter.subText(PasswordUtils.decycptPasswordWeb(password)));
 
-						//解码
 
-						password = Base64Converter.decode(Base64Converter.subText(password));
 
-						password = SecurityUtil.MD5(password);
 
+						password = SecurityUtil.MD5(Base64Converter.decode(password));
 
 						//数据库密码比对
 
 						if(Objects.isNull(user) || !password.equals(user.getPassword())){
 
+							flag = false;
 
 							errorCode = ErrorCode.PASSWORD_ERROR.code();
 
 							errorMsg = ErrorCode.PASSWORD_ERROR.message();
 
 						}
 
@@ -194,5 +199,4 @@ public class CheckViewBizAuthAspect {
 
 
 	}
 
 
-
 
 }