2 年之前 · 53abdb2cd3
--- a/src/main/java/com/fdkankan/ucenter/annotation/CheckInnerApiPermit.java
+++ b/src/main/java/com/fdkankan/ucenter/annotation/CheckInnerApiPermit.java
@@ -0,0 +1,14 @@
 
				+package com.fdkankan.ucenter.annotation;
			
 
				+
			
 
				+import java.lang.annotation.Documented;
			
 
				+import java.lang.annotation.ElementType;
			
 
				+import java.lang.annotation.Retention;
			
 
				+import java.lang.annotation.RetentionPolicy;
			
 
				+import java.lang.annotation.Target;
			
 
				+
			
 
				+@Target({ElementType.METHOD})
			
 
				+@Retention(RetentionPolicy.RUNTIME)
			
 
				+@Documented
			
 
				+public @interface CheckInnerApiPermit {
			
 
				+    String description() default "";
			
 
				+}
			
--- a/src/main/java/com/fdkankan/ucenter/config/WebAppConfig.java
+++ b/src/main/java/com/fdkankan/ucenter/config/WebAppConfig.java
@@ -1,11 +1,9 @@
 
				 package com.fdkankan.ucenter.config;
			
 
				 
			
 
				 import com.fdkankan.ucenter.interceptor.AppInterceptor;
			
 
				-import com.fdkankan.ucenter.interceptor.InnerApiInterceptor;
			
 
				 import com.fdkankan.ucenter.interceptor.UcenterInterceptor;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.context.annotation.Configuration;
			
 
				-import org.springframework.web.servlet.config.annotation.CorsRegistry;
			
 
				 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
			
 
				 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
			
 
				 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
			
@@ -18,16 +16,10 @@ public class WebAppConfig implements WebMvcConfigurer {
 
				 	UcenterInterceptor ucenterInterceptor;
			
 
				 	@Autowired
			
 
				 	AppInterceptor appInterceptor;
			
 
				-	@Autowired
			
 
				-	private InnerApiInterceptor innerApiInterceptor;
			
 
				-
			
 
				 
			
 
				 	@Override
			
 
				 	public void addInterceptors(InterceptorRegistry registry) {
			
 
				 
			
 
				-		//内部接口拦截器
			
 
				-		registry.addInterceptor(innerApiInterceptor).addPathPatterns("/_inner/**");
			
 
				-
			
 
				 		registry.addInterceptor(ucenterInterceptor).addPathPatterns("/**")
			
 
				 				.excludePathPatterns(
			
 
				 						//"/user/virtualOrder/**",
			
--- a/src/main/java/com/fdkankan/ucenter/controller/inner/InnerController.java
+++ b/src/main/java/com/fdkankan/ucenter/controller/inner/InnerController.java
@@ -1,5 +1,6 @@
 
				 package com.fdkankan.ucenter.controller.inner;
			
 
				 
			
 
				+import com.fdkankan.ucenter.annotation.CheckInnerApiPermit;
			
 
				 import com.fdkankan.ucenter.common.BaseController;
			
 
				 import com.fdkankan.ucenter.common.Result;
			
 
				 import com.fdkankan.ucenter.service.IInnerService;
			
@@ -30,6 +31,7 @@ public class InnerController extends BaseController {
 
				     /**
			
 
				      * 根据场景码获取token
			
 
				      */
			
 
				+    @CheckInnerApiPermit
			
 
				     @GetMapping("/_token")
			
 
				     public Result createTokenByNum(String num){
			
 
				         return innerService.createTokenByNum(num);
			
@@ -38,6 +40,7 @@ public class InnerController extends BaseController {
 
				     /**
			
 
				      * 根据场景码获取token
			
 
				      */
			
 
				+    @CheckInnerApiPermit
			
 
				     @GetMapping("/querySceneDataSource")
			
 
				     public Result querySceneDataSource(String num){
			
 
				         return innerService.querySceneDataSource(num);
			
--- a/src/main/java/com/fdkankan/ucenter/interceptor/CheckInnerApiPermitAspect.java
+++ b/src/main/java/com/fdkankan/ucenter/interceptor/CheckInnerApiPermitAspect.java
@@ -0,0 +1,48 @@
 
				+package com.fdkankan.ucenter.interceptor;
			
 
				+
			
 
				+import cn.hutool.core.util.StrUtil;
			
 
				+import com.fdkankan.common.constant.ErrorCode;
			
 
				+import com.fdkankan.common.exception.BusinessException;
			
 
				+import java.io.IOException;
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import lombok.extern.log4j.Log4j2;
			
 
				+import org.aspectj.lang.JoinPoint;
			
 
				+import org.aspectj.lang.annotation.Aspect;
			
 
				+import org.aspectj.lang.annotation.Before;
			
 
				+import org.aspectj.lang.annotation.Pointcut;
			
 
				+import org.springframework.beans.factory.annotation.Value;
			
 
				+import org.springframework.core.annotation.Order;
			
 
				+import org.springframework.stereotype.Component;
			
 
				+import org.springframework.web.context.request.RequestContextHolder;
			
 
				+import org.springframework.web.context.request.ServletRequestAttributes;
			
 
				+
			
 
				+@Log4j2
			
 
				+@Aspect
			
 
				+@Component
			
 
				+@Order(101)
			
 
				+public class CheckInnerApiPermitAspect {
			
 
				+
			
 
				+	@Value("${inner.customToken}")
			
 
				+	private String customToken;
			
 
				+
			
 
				+	@Pointcut("@annotation(com.fdkankan.ucenter.annotation.CheckInnerApiPermit)")
			
 
				+	public void checkCooperationPermit() {
			
 
				+	}
			
 
				+
			
 
				+	/**
			
 
				+	 * 前置通知 用于判断用户协作场景是否有协作权限
			
 
				+	 *
			
 
				+	 * @param joinPoint
			
 
				+	 *            切点
			
 
				+	 * @throws IOException
			
 
				+	 */
			
 
				+	@Before("checkCooperationPermit()")
			
 
				+	public void doBefore(JoinPoint joinPoint) throws Exception {
			
 
				+		HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
			
 
				+		String customToken = request.getHeader("custom-token");
			
 
				+		if(StrUtil.isEmpty(customToken) || !customToken.equals(this.customToken)){
			
 
				+			throw new BusinessException(ErrorCode.HAVE_NO_RIGHT);
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				+}
			
--- a/src/main/java/com/fdkankan/ucenter/interceptor/InnerApiInterceptor.java
+++ b/src/main/java/com/fdkankan/ucenter/interceptor/InnerApiInterceptor.java
@@ -1,48 +0,0 @@
 
				-package com.fdkankan.ucenter.interceptor;
			
 
				-
			
 
				-
			
 
				-import cn.hutool.core.util.StrUtil;
			
 
				-import cn.hutool.http.ContentType;
			
 
				-import cn.hutool.http.HttpResponse;
			
 
				-import cn.hutool.http.HttpUtil;
			
 
				-import cn.hutool.json.JSONUtil;
			
 
				-import com.alibaba.fastjson.JSON;
			
 
				-import com.alibaba.fastjson.JSONObject;
			
 
				-import com.fdkankan.common.constant.ErrorCode;
			
 
				-import com.fdkankan.common.util.JwtUtil;
			
 
				-import com.fdkankan.redis.util.RedisUtil;
			
 
				-import com.fdkankan.ucenter.common.RedisKeyUtil;
			
 
				-import com.fdkankan.ucenter.common.Result;
			
 
				-import com.fdkankan.ucenter.constant.LoginConstant;
			
 
				-import java.awt.PageAttributes.MediaType;
			
 
				-import java.io.IOException;
			
 
				-import javax.servlet.http.HttpServletRequest;
			
 
				-import javax.servlet.http.HttpServletResponse;
			
 
				-import lombok.extern.slf4j.Slf4j;
			
 
				-import org.apache.commons.lang3.StringUtils;
			
 
				-import org.springframework.beans.factory.annotation.Autowired;
			
 
				-import org.springframework.beans.factory.annotation.Value;
			
 
				-import org.springframework.stereotype.Component;
			
 
				-import org.springframework.web.servlet.HandlerInterceptor;
			
 
				-
			
 
				-@Component
			
 
				-@Slf4j
			
 
				-public class InnerApiInterceptor implements HandlerInterceptor {
			
 
				-
			
 
				-	@Value("${inner.customToken}")
			
 
				-	private String customToken;
			
 
				-
			
 
				-	@Override
			
 
				-	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			
 
				-		response.setContentType("application/json;charset=UTF-8");
			
 
				-		String customToken = request.getHeader("custom-token");
			
 
				-		if(StrUtil.isEmpty(customToken) || !customToken.equals(this.customToken)){
			
 
				-			response.getWriter().append(JSON.toJSONString(Result.failure(ErrorCode.HAVE_NO_RIGHT.code(), ErrorCode.HAVE_NO_RIGHT.message())));
			
 
				-			return false;
			
 
				-		}
			
 
				-		return true;
			
 
				-	}
			
 
				-
			
 
				-
			
 
				-}
			
 
				-