基於SpirngMVC登入攔截器(使用了redis快取),僅供參考
阿新 • • 發佈:2019-01-24
package com.avic.common.interceptor; import java.io.IOException; import java.io.PrintWriter; import java.io.UnsupportedEncodingException; import java.net.URLDecoder; import java.net.URLEncoder; import java.util.HashMap; import java.util.Map; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import com.alibaba.fastjson.JSONObject; import com.avic.common.constant.UserConst; import com.avic.common.utils.HttpUtils; import com.avic.common.utils.RedisUtils; import com.avic.config.InitializeData; import com.avic.user.entity.User; import com.avic.user.entity.UserQualification; import com.avic.user.protocol.IUserQualificationClient; import com.avic.user.protocol.IUserServiceClient; @Component public class LoginInterceptor implements HandlerInterceptor { @Autowired private IUserServiceClient userServiceClient; @Autowired private IUserQualificationClient userQualificationClient; @Autowired private RedisUtils redisUtils; @Autowired private InitializeData initializeData; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { System.out.println(initializeData); Cookie cookies []= request.getCookies(); String requserUrl=request.getRequestURI(); String token=null; User user=null; if(cookies==null||cookies.length==0){ return redirect(request, response); } for(Cookie cookie : cookies){ if(cookie.getName().equals("tk")){ token = cookie.getValue();//sso認證系統認證通過返回的token continue; } } if(token==null){ return redirect(request, response); } System.out.println("LoginInterceptor------------URLDecoder--------------decode---token-----qian--------"+token); token=URLDecoder.decode(token, "UTF-8");//解碼 System.out.println("LoginInterceptor------------URLDecoder--------------decode---token-----hou--------"+token); user=redisUtils.get(token,User.class);//取得redis快取的使用者資訊 if(user!=null){ request.setAttribute("loginUser",user); return checkSellerAuthentication(requserUrl, user, response); }else{ try { //請求sso認證系統認證token是否合法,進行使用者資訊儲存 Map<String, String> parameters = new HashMap<String, String>(); token= URLEncoder.encode(token, "UTF-8"); parameters.put("token", token); parameters.put("domain", initializeData.getDomainMaps().get(UserConst.PC_DOMAIN_KEY)); String url=initializeData.getDomainMaps().get(UserConst.SSO_DOMAIN_KEY) + "/login/checkToken"; String stringResult = HttpUtils.sendPost(url, parameters); if(StringUtils.isBlank(stringResult)){ return redirect(request, response); } JSONObject jsonResult = JSONObject.parseObject(stringResult); if(null==jsonResult || null ==jsonResult.get("code") || !UserConst.SUCCESS.equals(jsonResult.getString("code").trim())){ return redirect(request, response); } JSONObject userObject = jsonResult.getJSONObject("data"); if(null==userObject || null ==userObject.get("userId")){ return redirect(request, response); } System.out.println("LoginInterceptor------------redisUtils--------------decode---token-----qian--------"+token); token=URLDecoder.decode(token, "UTF-8");//解碼 System.out.println("LoginInterceptor------------redisUtils--------------decode---token-----hou--------"+token); user = userServiceClient.show(Integer.parseInt(userObject.getString("userId"))); redisUtils.set(token,user, 20*60);//有效時間20分鐘 String userNickName=URLEncoder.encode(user.getUserName(), "UTF-8"); Cookie nk= new Cookie("un",userNickName); nk.setPath("/"); response.addCookie(nk); request.setAttribute("loginUser",user); } catch (Exception e) { return redirect(request, response); } return checkSellerAuthentication(requserUrl, user, response); } } private boolean redirect(HttpServletRequest request,HttpServletResponse response){ try { String ajaxType = request.getHeader("X-Requested-With"); boolean isAjax="XMLHttpRequest".equalsIgnoreCase(ajaxType);//判斷是否ajax請求登入 if(isAjax){ PrintWriter printWriter = response.getWriter(); printWriter.print("{\"code\": \""+UserConst.USER_NO_LOGIN+"\"}");//使用者未登陸 printWriter.flush(); printWriter.close(); return false; }else{ response.sendRedirect(initializeData.getDomainMaps().get(UserConst.PC_DOMAIN_KEY)+"/login?refer="+getBackUrl(request)); return false; } } catch (IOException e) { e.printStackTrace(); return false; } } /** * 驗證賣家是否認證通過 * @param requserUrl * @param user * @param response * @return */ private boolean checkSellerAuthentication(String requserUrl,User user,HttpServletResponse response){ try { if(requserUrl.contains("/company")){//判斷該賣家是否已實名認證 UserQualification userQualification = userQualificationClient.getUserQualificationByUserId(user.getUserId()); if(userQualification==null){ response.sendRedirect(initializeData.getDomainMaps().get(UserConst.PC_DOMAIN_KEY)+"/member/apply");//申請頁面 return false; } if(userQualification.getFlag().equals(UserConst.SELLER_REAL_NAME_CERTIFICATION_CHECK_STATUS_TO_AUDIT)){//待稽核 response.sendRedirect(initializeData.getDomainMaps().get(UserConst.PC_DOMAIN_KEY)+"/member/checkPending"); return false; } if(userQualification.getFlag().equals(UserConst.SELLER_REAL_NAME_CERTIFICATION_CHECK_STATUS_NO_PASS)){//稽核不通過 response.sendRedirect(initializeData.getDomainMaps().get(UserConst.PC_DOMAIN_KEY)+"/member/checkNoPass"); return false; } } } catch (IOException e) { e.printStackTrace(); return false; } return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { // TODO Auto-generated method stub } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { // TODO Auto-generated method stub } /** * 獲取系統配置的個系統域名或者請求URL * * @param key * @param isHttpHeader * 是否包含http頭 1:是 0:否 * @param request * @return */ /* * public String getCustomPropertyData(String key,HttpServletRequest * request) { String result = customSource.getProperty(key); return result; * } */ /** * 取得登入前url * * @param request * @return */ public String getBackUrl(HttpServletRequest request) { try { String queryString = request.getQueryString(); String contextPath = request.getContextPath(); String servletPath = request.getServletPath(); int serverPort = request.getServerPort(); StringBuffer urlBuffer = new StringBuffer(); urlBuffer.append(request.getScheme()).append("://").append(request.getServerName()); if (serverPort > 0) { // 如果有埠 urlBuffer.append(":").append(serverPort); } urlBuffer.append(contextPath != null ? contextPath : "").append(servletPath != null ? servletPath : "") .append(queryString != null ? "?" + queryString : ""); return URLEncoder.encode(urlBuffer.toString(), "UTF-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } return ""; } }