2022/7/20 鉴权改拦截器；异常返回值调整；

src/main/java/com/zhiwei/brandkbs2/auth/AuthAspect.java

@@ -32,8 +32,8 @@ import java.util.Map;
  * @description 权限切面
  * @date 2022年4月18日11:02:02
  */
-@Aspect
-@Component
+//@Aspect
+//@Component
 public class AuthAspect {
 
     @Value("${jwt.key}")

src/main/java/com/zhiwei/brandkbs2/interceptor/InterceptorConfig.java

+package com.zhiwei.brandkbs2.interceptor;
+
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+import javax.annotation.Resource;
+
+
+/**
+ * @Description: 统一拦截器配置 鉴权
+ * @Author: shentao
+ * @Date: 2022/7/20 11:04
+ */
+@Configuration
+public class InterceptorConfig implements WebMvcConfigurer {
+
+	@Resource
+	private MainAuthInterceptor mainAuthInterceptor;
+
+
+	@Override
+	public void addInterceptors(InterceptorRegistry registry) {
+		// 自定义拦截器，添加拦截路径和排除拦截路径
+		registry.addInterceptor(mainAuthInterceptor).addPathPatterns("/app/**","/admin/**").excludePathPatterns();
+	}
+}

src/main/java/com/zhiwei/brandkbs2/interceptor/MainAuthInterceptor.java

+package com.zhiwei.brandkbs2.interceptor;
+
+import com.zhiwei.brandkbs2.auth.Auth;
+import com.zhiwei.brandkbs2.auth.UserThreadLocal;
+import com.zhiwei.brandkbs2.common.GenericAttribute;
+import com.zhiwei.brandkbs2.model.CommonCodeEnum;
+import com.zhiwei.brandkbs2.model.ResponseResult;
+import com.zhiwei.brandkbs2.pojo.UserInfo;
+import com.zhiwei.brandkbs2.service.UserService;
+import com.zhiwei.brandkbs2.util.Tools;
+import com.zhiwei.middleware.auth.util.JwtUtil;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.stereotype.Component;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.Map;
+import java.util.Objects;
+
+
+/**
+ * @Description: 品见鉴权拦截器
+ * @Author: shentao
+ * @Date: 2022/7/20 11:20
+ */
+@Component
+public class MainAuthInterceptor implements HandlerInterceptor {
+
+    private static final Logger log = LogManager.getLogger(MainAuthInterceptor.class);
+
+    private final UserService UserService;
+
+    public MainAuthInterceptor(UserService userService) {
+        UserService = userService;
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
+        Auth auth = null;
+        if (handler instanceof HandlerMethod) {
+            HandlerMethod method = (HandlerMethod) handler;
+            auth = method.getMethodAnnotation(Auth.class);
+            if (null == auth) {
+                auth = method.getMethod().getDeclaringClass().getAnnotation(Auth.class);
+            }
+        }
+        // 不需要验证权限
+        if (null == auth) {
+            return true;
+        }
+        String token = request.getHeader("Token");
+        try {
+            // 不存在token 重新获取token
+            if (null == token || Objects.equals("undefined", token)) {
+                Tools.responseMessage(response, HttpServletResponse.SC_UNAUTHORIZED, new ResponseResult(CommonCodeEnum.UNAUTHENTICATED, null));
+                return false;
+            }
+            Map<String, Object> tokenInfo = JwtUtil.unsign(token, Map.class);
+            // 解析失败 token过期 重新登录
+            if (null == tokenInfo) {
+                Tools.responseMessage(response, HttpServletResponse.SC_UNAUTHORIZED, new ResponseResult(CommonCodeEnum.UNAUTHENTICATED, null));
+                return false;
+            }
+            String uid = tokenInfo.get(GenericAttribute.USER_ID).toString();
+            UserInfo userInfo = UserService.queryUserInfo(uid, request.getHeader("pid"));
+            // 无用户信息 todo
+            if (null == userInfo) {
+                Tools.responseMessage(response, HttpServletResponse.SC_UNAUTHORIZED, new ResponseResult(CommonCodeEnum.UNAUTHENTICATED, null));
+                return false;
+            }
+            // 权限不足
+            if (userInfo.getRoleId() > auth.role().getState()) {
+                Tools.responseMessage(response, HttpServletResponse.SC_FORBIDDEN, new ResponseResult(CommonCodeEnum.UN_AUTHORISE, null));
+                return false;
+            }
+            return true;
+        } catch (Exception e) {
+            log.error("拦截鉴权出错；token：{}", token, e);
+            return false;
+        }
+    }
+
+}

src/main/java/com/zhiwei/brandkbs2/model/CommonCodeEnum.java

@@ -10,7 +10,7 @@ public enum CommonCodeEnum implements ResultCode {
     /**
      * 非法参数
      */
-    INVALID_PARAM(false, 403, "非法参数！", 200),
+    INVALID_PARAM(false, 404, "非法参数！", 200),
     /**
      * 操作成功
      */
@@ -26,7 +26,7 @@ public enum CommonCodeEnum implements ResultCode {
     /**
      * 权限不足
      */
-    UN_AUTHORISE(false, 402, "权限不足,无权操作！", 200),
+    UN_AUTHORISE(false, 403, "权限不足,无权操作！", 200),
     /**
      * 系统异常
      */

src/main/java/com/zhiwei/brandkbs2/util/Tools.java

@@ -561,4 +561,22 @@ public class Tools {
         return JSON.parseObject(JSON.toJSONString(obj), clazz);
     }
 
+    /**
+     * 自定义HttpStatus和response内容，返回response
+     * @param response
+     * @param status
+     * @param returnData
+     * @throws Exception
+     */
+    public static void responseMessage(HttpServletResponse response, int status, Object returnData) throws Exception {
+        response.setStatus(status);
+        response.setCharacterEncoding("utf-8");
+        response.setContentType("application/json; charset=utf-8");
+        String json = JSONObject.toJSONString(returnData);
+        try (PrintWriter writer = response.getWriter()) {
+            writer.print(json);
+            writer.flush();
+        }
+    }
+
 }
\ No newline at end of file