添加拦截器及相关

shiwan/admin/src/main/java/com/huimv/admin/controller/LoginController.java

@@ -33,6 +33,17 @@ public class LoginController {
 //        Result result = iLoginService.login(accountName,         .getMD5Str(password));
         // 未对密码加密
         Result result = iLoginService.login(accountName, password);
+        if(result.getCode() != 1000){
+            AccessToken accessToken = new AccessToken();
+//            accessToken.setToken(session.getId());
+//            accessToken.setLoginIp(userIp);
+            accessToken.setCreated(new Date());
+            accessToken.setAccountName(accountName);
+            accessToken.setCode(result.getCode());
+            accessToken.setMessage(result.getMessage());
+            return accessToken;
+        }
+
         SysAccountEntity accountEntity = (SysAccountEntity) result.getData();
         String userIp = IpTools.getRemoteHost(req);
         //spring-session默认使用uuid作为sessionId返回：
@@ -55,7 +66,6 @@ public class LoginController {
         return iLoginService.logout();
     }
 
-
     @RequestMapping(value = "getCheckNumber", produces = {"text/html;charset=UTF-8"})
     public void getCheckNumber(HttpServletResponse response) throws IOException {
         //创建对象
@@ -67,6 +77,7 @@ public class LoginController {
         //把图片返回前端
         ImageIO.write(image, "JPEG", response.getOutputStream());
     }
+
     @RequestMapping("/checkNumber")
     public Result checkNumber(String userCaptcha){
         //获取用户输入的校验码并进行比较

shiwan/admin/src/main/java/com/huimv/admin/session/AccessToken.java

@@ -13,6 +13,16 @@ public class AccessToken {
     private String accountName;
     private Integer code;
 
+    public String getMessage() {
+        return message;
+    }
+
+    public void setMessage(String message) {
+        this.message = message;
+    }
+
+    private String message;
+
     public Integer getCode() {
         return code;
     }
@@ -53,10 +63,15 @@ public class AccessToken {
 		this.loginIp = loginIp;
 	}
 
-	@Override
-	public String toString() {
-		return "AccessToken [token=" + token + ", loginIp=" + loginIp + ", created=" + created + "]";
-	}
-
-
+    @Override
+    public String toString() {
+        return "AccessToken{" +
+                "token='" + token + '\'' +
+                ", loginIp='" + loginIp + '\'' +
+                ", created=" + created +
+                ", accountName='" + accountName + '\'' +
+                ", code=" + code +
+                ", message='" + message + '\'' +
+                '}';
+    }
 }

shiwan/admin/src/main/java/com/huimv/admin/session/SessionBase.java

@@ -0,0 +1,37 @@
+package com.huimv.admin.session;
+
+//import com.huimv.core.domain.MemberAccount;
+//import com.huimv.core.domain.OrganizeInfo;
+//import com.huimv.exception.PlatformException;
+//import com.huimv.exception.constant.ExceptionConstant;
+
+/**
+ * @author yejijie
+ * @created 2020年8月5日 上午8:29:26
+*/
+public class SessionBase {
+
+//    protected OrganizeInfo getCurrentOrgInfo(){
+//
+//        OrganizeInfo organizeInfo = SessionHolder.getOrganizeInfo();
+//        if(organizeInfo == null){
+//            throw new PlatformException(ExceptionConstant.ORG_NOT_AUTHORIZE, "无法解析组织信息");
+//        }
+//        return organizeInfo;
+//    }
+//    protected Integer getCurrOrgId() {
+//    	OrganizeInfo org = this.getCurrentOrgInfo();
+//    	return org.getId();
+//    }
+//    protected MemberAccount getCurrentAccInfo(){
+//        MemberAccount memberAccount = SessionHolder.getMemberAccount();
+//        if(memberAccount == null){
+//            throw new PlatformException(ExceptionConstant.ACCOUNT_NOT_AUTHORIZE, "无法解析账户信息");
+//        }
+//        return memberAccount;
+//    }
+//    protected Integer getCurrMemberId() {
+//    	MemberAccount memberAccount = this.getCurrentAccInfo();
+//    	return memberAccount.getId();
+//    }
+}

shiwan/admin/src/main/java/com/huimv/admin/session/SessionHolder.java

@@ -0,0 +1,31 @@
+package com.huimv.admin.session;
+
+//import com.huimv.core.domain.MemberAccount;
+//import com.huimv.core.domain.OrganizeInfo;
+
+/**
+ * @author yejijie
+ * @created 2020年8月4日 下午7:56:20
+*/
+public class SessionHolder {
+
+//	private final static ThreadLocal<OrganizeInfo> _organizeInfo = new ThreadLocal<>();
+//	private final static ThreadLocal<MemberAccount> _memberAccount = new ThreadLocal<>();
+//	public static OrganizeInfo getOrganizeInfo() {
+//		return _organizeInfo.get();
+//	}
+//	public static MemberAccount getMemberAccount() {
+//		return _memberAccount.get();
+//	}
+//
+//	public static void setOrganizeInfo(OrganizeInfo organizeInfo) {
+//		_organizeInfo.set(organizeInfo);
+//	}
+//	public static void setMemberAccount(MemberAccount memberAccount) {
+//		_memberAccount.set(memberAccount);
+//	}
+//	public static void removeAll() {
+//		_organizeInfo.remove();
+//		_memberAccount.remove();
+//	}
+}

shiwan/admin/src/main/java/com/huimv/admin/session/config/ApiToken.java

@@ -0,0 +1,9 @@
+package com.huimv.admin.session.config;
+
+import java.lang.annotation.*;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ElementType.TYPE, ElementType.METHOD})
+@Documented
+public @interface ApiToken {
+}

shiwan/admin/src/main/java/com/huimv/admin/session/config/AppTokenConfiguration.java

@@ -0,0 +1,29 @@
+package com.huimv.admin.session.config;
+
+//import com.huimv.session.WebApiInterceptor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class AppTokenConfiguration implements WebMvcConfigurer {
+
+//    @Bean
+//    public WebApiInterceptor webApiInterceptor() {
+//        return new WebApiInterceptor();
+//    }
+//
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        //多个拦截器组成一个拦截器链
+        //addPathPattern 用于添加拦截规则 路径，是带api接口的
+        //用于定义、排除用户的拦截
+        registry.addInterceptor(new WebApiInterceptor())
+                .addPathPatterns("/**");
+//                .excludePathPatterns(
+//                		"/my/login",
+//                        "/my/logout");
+    }
+
+}

shiwan/admin/src/main/java/com/huimv/admin/session/config/WebApiInterceptor.java

@@ -0,0 +1,80 @@
+package com.huimv.admin.session.config;
+
+import com.huimv.admin.exception.PlatformException;
+import com.huimv.admin.exception.constant.ExceptionConstant;
+import com.huimv.admin.session.HmSession;
+import com.huimv.admin.session.SessionHolder;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.lang.reflect.Method;
+
+@Slf4j
+public class WebApiInterceptor extends HandlerInterceptorAdapter {
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
+
+        if (!(handler instanceof HandlerMethod)) {
+            return true;
+        }
+
+        HttpSession session = request.getSession();
+        String sessionId = session.getId();
+        System.out.println("admin拦截器 sessionId>>"+sessionId);
+//        if (sessionId == null) {
+//            System.out.println("0000000000000");
+//            log.info("session:{}",session);
+//            log.info("session id is null");
+//            throw new PlatformException(ExceptionConstant.REQUEST_NOT_AUTHORIZE, "未找到授权信息00000");
+//        }
+
+        final HandlerMethod handlerMethod = (HandlerMethod) handler;
+        final Class<?> clazz = handlerMethod.getBeanType();
+        final Method method = handlerMethod.getMethod();
+        if (clazz.isAnnotationPresent(ApiToken.class) || method.isAnnotationPresent(ApiToken.class)) {
+            log.info("BeanType:{}",clazz.getName());
+            HmSession hmSession = (HmSession) session.getAttribute("hmSession");
+            if(hmSession == null){
+                throw new PlatformException(ExceptionConstant.REQUEST_NOT_AUTHORIZE, "未找到授权信息");
+            }
+//            if(hmSession.getMemberAccount() == null){
+//                throw new PlatformException(ExceptionConstant.ACCOUNT_NOT_AUTHORIZE, "未找到账户信息");
+//            }
+//            if(hmSession.getOrganizeInfo() == null){
+//                throw new PlatformException(ExceptionConstant.ORG_NOT_AUTHORIZE, "未找到组织信息");
+//            }
+
+            //设置请求参数，api只要接受就好，也不用做二次校验：
+            //HashMap newParam = new HashMap(request.getParameterMap());
+            //newParam.put("memberAccount", hmSession.getMemberAccount());
+            //newParam.put("organizeInfo", hmSession.getOrganizeInfo());
+            //request = new ParameterRequestWrapper(request, newParam);
+
+            //Map<String, String[]> parameterMap = new HashMap(request.getParameterMap());
+
+//            request.setAttribute("memberAccount", hmSession.getMemberAccount());
+//            request.setAttribute("organizeInfo", hmSession.getOrganizeInfo());
+//            SessionHolder.setMemberAccount(hmSession.getMemberAccount());
+//            SessionHolder.setOrganizeInfo(hmSession.getOrganizeInfo());
+        }
+
+        return true;
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) {
+    }
+
+    //方法执行之后拦截
+    @Override
+    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) {
+    	//log.info("释放一下，防止线程复用",SessionHolder.getOrganizeInfo());
+//    	SessionHolder.removeAll();
+    }
+}