ruoyi-vue开发框架框架
SprintBatchSprintBoot原创ruoyi-vue大约 3 分钟约 766 字
添加栏截器
package com.ruoyi.framework.config;
import com.ruoyi.framework.interceptor.apiInterceptor;
import com.ruoyi.framework.interceptor.jimuInterceptor;
import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
/**
* 积木报表拦截器
* 只有登录的用户才可以访问,不可匿名访问
* @author liuhuan
* @title: InterceptorConfig
* @description: TODO
* @projectName ruoyi
* @date 2021/6/239:24 上午
* @return V1.0.0
*/
@Configuration
@AllArgsConstructor
public class InterceptorConfig extends WebMvcConfigurerAdapter {
private jimuInterceptor jimuInterceptor;
private apiInterceptor apiInterceptor;
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(jimuInterceptor).addPathPatterns("/jmreport/view/**");
registry.addInterceptor(jimuInterceptor).addPathPatterns("/jmreport/list/**");
registry.addInterceptor(jimuInterceptor).addPathPatterns("/jmreport/index/**");
// registry.addInterceptor(apiInterceptor).addPathPatterns ("/api/**");
}
}
积木拦截器
package com.ruoyi.framework.interceptor;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.constant.HttpStatus;
import com.ruoyi.common.core.domain.AjaxResult;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.redis.RedisCache;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.web.service.TokenService;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import java.text.MessageFormat;
import java.util.Enumeration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.yaml.snakeyaml.events.Event;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* @author liuhuan
* @title: jimuInterceptor
* @description: TODO
* @projectName ruoyi
* @date 2021/6/239:20 上午
* @return V1.0.0
*/
@Component
public class jimuInterceptor implements HandlerInterceptor {
@Autowired
private TokenService tokenService;
//日志
protected final Logger logger = LoggerFactory.getLogger (jimuInterceptor.class);
@Override
public boolean preHandle (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
// logger.info("执行拦截器的preHandle方法");
try {
String token = getToken (httpServletRequest);
if (token != null) {
Claims claims = parseToken (token);
String uuid = (String) claims.get (Constants.LOGIN_USER_KEY);
String userKey = getTokenKey (uuid);
LoginUser user = redisCache.getCacheObject (userKey);
//判断用户是否存在
if (user==null)
{
AjaxResult ajaxResult = AjaxResult.error("请求访问,认证失败,无法访问系统资源");
ServletUtils.renderString(httpServletResponse, JSONObject.toJSONString(ajaxResult));
return false;
}else {
String url=httpServletRequest.getRequestURL ().toString ();
//非管理员:拦截创建和设计报表
if (url.contains ("/jmreport/index"))
{
if(!user.getUser ().isAdmin ())
{
AjaxResult ajaxResult = AjaxResult.error("您非管理员,无法访问系统资源");
ServletUtils.renderString(httpServletResponse, JSONObject.toJSONString(ajaxResult));
return false;
}
}
//判断请求用户是否与登录的用户是否一致
if (!user.getUser ().isAdmin ())
{
String userId=httpServletRequest.getParameter ("id");
if(userId==null)
{
AjaxResult ajaxResult = AjaxResult.error("未检测到用户,无法访问系统资源");
ServletUtils.renderString(httpServletResponse, JSONObject.toJSONString(ajaxResult));
return false;
}
else {
logger.info (MessageFormat.format ("请求用户【{0}】", userId));
if (!userId.equals (user.getUser ().getUserName ())){
AjaxResult ajaxResult = AjaxResult.error("请求用户不匹配,无法访问系统资源");
ServletUtils.renderString(httpServletResponse, JSONObject.toJSONString(ajaxResult));
return false;
}
}
}
}
}
else {
AjaxResult ajaxResult = AjaxResult.error("请求访问,认证失败,无法访问系统资源");
ServletUtils.renderString(httpServletResponse, JSONObject.toJSONString(ajaxResult));
return false;
}
}catch (Exception ex){
AjaxResult ajaxResult = AjaxResult.error("请求访问,认证失败,无法访问系统资源");
ServletUtils.renderString(httpServletResponse, JSONObject.toJSONString(ajaxResult));
return false;
}
return true;
}
@Override
public void postHandle (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
// logger.info("执行拦截器的postHandle方法");
}
@Override
public void afterCompletion (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
// logger.info("执行拦截器的afterCompletion方法");
}
// 令牌自定义标识
@Value ("${token.header}")
private String header;
// 令牌秘钥
@Value ("${token.secret}")
private String secret;
// 令牌有效期(默认30分钟)
@Value ("${token.expireTime}")
private int expireTime;
protected static final long MILLIS_SECOND = 1000;
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
@Autowired
private RedisCache redisCache;
private Claims parseToken (String token) {
// System.out.println (header+"="+token);
return Jwts.parser ()
.setSigningKey (secret)
.parseClaimsJws (token)
.getBody ();
}
private String getTokenKey (String uuid) {
return Constants.LOGIN_TOKEN_KEY + uuid;
}
private String getToken (HttpServletRequest request) {
String token = request.getParameter ("token");
if (StringUtils.isNotEmpty (token) && token.startsWith (Constants.TOKEN_PREFIX)) {
token = token.replace (Constants.TOKEN_PREFIX, "");
}
return token;
}
}
api拦截器
package com.ruoyi.framework.interceptor;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* API拦截器
* @author liuhuan
* @title: apiInterceptor
* @description: TODO
* @projectName ruoyi
* @date 2021/11/53:39 下午
* @return V1.0.0
*/
@Component
public class apiInterceptor implements HandlerInterceptor {
@Override
public boolean preHandle (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
System.out.println ("请求拦截");
return true;
}
@Override
public void postHandle (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
// logger.info("执行拦截器的postHandle方法");
}
@Override
public void afterCompletion (HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
// logger.info("执行拦截器的afterCompletion方法");
}
}