signin增加mustLogin注解

4 years ago · 784e7e100f
4 changed files with 116 additions and 5 deletions
--- a/signin/src/main/java/com/ccsens/signin/annotation/MustLoginTall.java
+++ b/signin/src/main/java/com/ccsens/signin/annotation/MustLoginTall.java
@ -0,0 +1,14 @@
+package com.ccsens.signin.annotation;
+
+import java.lang.annotation.*;
+
+/**
+ * @description: 用于标识方法需要登录，获取userId
+ *              如果未登录，直接返回用户未登录
+ * @author: wang
+ */
+@Documented
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface MustLoginTall {
+}
--- a/signin/src/main/java/com/ccsens/signin/api/ProjectController.java
+++ b/signin/src/main/java/com/ccsens/signin/api/ProjectController.java
@ -1,6 +1,7 @@
 package com.ccsens.signin.api;

 import com.ccsens.cloudutil.annotation.MustLogin;
+import com.ccsens.signin.annotation.MustLoginTall;
 import com.ccsens.signin.bean.dto.ProjectDto;
 import com.ccsens.signin.bean.vo.ProjectVo;
 import com.ccsens.signin.service.IProjectService;
@ -27,7 +28,7 @@ public class ProjectController {
    @Resource
    private IProjectService projectService;

-    @MustLogin
+    @MustLoginTall
    @ApiOperation(value = "查询项目列表", notes = "")
    @RequestMapping(value = "/query", method = RequestMethod.POST, produces = {"application/json;charset=UTF-8"})
    public JsonResponse<List<ProjectVo.QueryProject>> queryProjectList(@ApiParam @Validated @RequestBody QueryDto<ProjectDto.QueryProjectDto> params) throws Exception{
@ -50,7 +51,7 @@ public class ProjectController {
        return JsonResponse.newInstance().ok();
    }

-    @MustLogin
+    @MustLoginTall
    @ApiOperation(value = "查询日历是否有小红点", notes = "查询日历是否有小红点")
    @RequestMapping(value = "/day", method = RequestMethod.POST, produces = {"application/json;charset=UTF-8"})
    public JsonResponse<List<String>> haveProjectDay(@ApiParam @Validated @RequestBody QueryDto<ProjectDto.QueryHaveProject> params) throws Exception{
@ -58,7 +59,7 @@ public class ProjectController {
        return JsonResponse.newInstance().ok(projectById);
    }

-    @MustLogin
+    @MustLoginTall
    @ApiOperation(value = "设置项目父子结构", notes = "设置项目父子结构")
    @RequestMapping(value = "/setProjectRelation", method = RequestMethod.POST, produces = {"application/json;charset=UTF-8"})
    public JsonResponse setProjectRelation(@ApiParam @Validated @RequestBody QueryDto<ProjectDto.SetProjectRelation> params) throws Exception{
@ -66,7 +67,7 @@ public class ProjectController {
        return JsonResponse.newInstance().ok();
    }

-    @MustLogin
+    @MustLoginTall
    @ApiOperation(value = "设置项目顺序", notes = "设置项目顺序")
    @RequestMapping(value = "/setProjectSort", method = RequestMethod.POST, produces = {"application/json;charset=UTF-8"})
    public JsonResponse setProjectSort(@ApiParam @Validated @RequestBody QueryDto<ProjectDto.SetProjectSort> params) throws Exception{
--- a/signin/src/main/java/com/ccsens/signin/aspect/MustLoginTallAspect.java
+++ b/signin/src/main/java/com/ccsens/signin/aspect/MustLoginTallAspect.java
@ -0,0 +1,96 @@
+package com.ccsens.signin.aspect;
+
+
+import com.ccsens.signin.bean.po.SysUser;
+import com.ccsens.signin.service.IUserService;
+import com.ccsens.util.*;
+import com.ccsens.util.bean.dto.QueryDto;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
+import io.jsonwebtoken.SignatureException;
+import lombok.extern.slf4j.Slf4j;
+import org.aspectj.lang.ProceedingJoinPoint;
+import org.aspectj.lang.annotation.Around;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Pointcut;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.annotation.Order;
+import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@Order(0)
+@Slf4j
+@Aspect
+@Component
+public class MustLoginTallAspect {
+    @Autowired
+    private IUserService userService;
+
+    @Pointcut("@annotation(com.ccsens.signin.annotation.MustLoginTall)")
+    public void tallAdvice(){
+
+    }
+    @Around("tallAdvice()")
+    public Object tallAdvice(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
+        //拿到参数
+        Object[] args = proceedingJoinPoint.getArgs();
+
+        QueryDto dto = args == null || args.length < 1 ? null : (QueryDto) args[0];
+        //拿到当前得request请求
+        HttpServletRequest httpServletRequest = ((ServletRequestAttributes)
+                RequestContextHolder.getRequestAttributes()).getRequest();
+        HttpServletResponse httpServletResponse = ((ServletRequestAttributes)
+                RequestContextHolder.getRequestAttributes()).getResponse();
+        final String authHeader = httpServletRequest.getHeader(WebConstant.HEADER_KEY_TOKEN);
+        if (authHeader == null || !authHeader.startsWith(WebConstant.HEADER_KEY_TOKEN_PREFIX)) {
+            HttpServletUtil.responseJson(httpServletResponse,
+                    JacksonUtil.beanToJson(JsonResponse.newInstance().tokenNotFound()));
+            return httpServletResponse;
+        }
+        final String token = authHeader.substring(WebConstant.HEADER_KEY_TOKEN_PREFIX.length());
+
+        //验证token是否有效
+        Claims claims = null;
+        try {
+            claims = JwtUtil.parseJWT(token, WebConstant.JWT_ACCESS_TOKEN_SECERT);
+        }catch(SignatureException e){
+            HttpServletUtil.responseJson(httpServletResponse,
+                    JacksonUtil.beanToJson(JsonResponse.newInstance().tokenSignatureFail(e.getMessage())));
+            return httpServletResponse;
+        }catch(ExpiredJwtException e){
+            HttpServletUtil.responseJson(httpServletResponse,
+                    JacksonUtil.beanToJson(JsonResponse.newInstance().tokenExpire(e.getMessage())));
+            return httpServletResponse;
+        }catch(Exception e){
+            HttpServletUtil.responseJson(httpServletResponse,
+                    JacksonUtil.beanToJson(JsonResponse.newInstance().tokenFailed(e.getMessage())));
+            return httpServletResponse;
+        }
+
+        //验证用户存根
+        if(userService.tokenNotExistInCache(Long.valueOf(claims.getSubject()))){
+            HttpServletUtil.responseJson(httpServletResponse,
+                    JacksonUtil.beanToJson(JsonResponse.newInstance().tokenStubNotFound()));
+            return httpServletResponse;
+        }
+
+
+        //验证用户是否禁用
+        SysUser user = userService.getUserById(Long.valueOf(claims.getSubject()));
+        if(user.getRecStatus() == WebConstant.REC_STATUS.Disabled.value){
+            HttpServletUtil.responseJson(httpServletResponse,
+                    JacksonUtil.beanToJson(JsonResponse.newInstance().userDisabled()));
+            return httpServletResponse;
+        }
+        dto.setUserId(user.getId());
+        dto.setUserName(user.getNickname());
+        dto.setAvatarUrl(user.getAvatarUrl());
+        args[0]=dto;
+        Object proceed = proceedingJoinPoint.proceed(args);
+        return proceed;
+    }
+}
--- a/signin/src/main/java/com/ccsens/signin/bean/dto/ProjectDto.java
+++ b/signin/src/main/java/com/ccsens/signin/bean/dto/ProjectDto.java
@ -83,7 +83,7 @@ public class ProjectDto {

    @Data
    @ApiModel("设置项目顺序")
-    public class SetProjectSort {
+    public static class SetProjectSort {
        @NotNull(message = "被移动的项目id不能为空")
        @ApiModelProperty("项目id")
        private List<Long> projectIdList;