FireworkServer.git

对比新文件
			@@ -0,0 +1,214 @@
			package com.gk.firework.Config.Oauth2;

			import cn.hutool.core.util.ObjectUtil;
			import cn.hutool.core.util.StrUtil;
			import com.alibaba.fastjson.JSON;
			import com.gk.firework.Domain.AuthorizationInfo;
			import com.gk.firework.Domain.Utils.CommonUtil;
			import com.gk.firework.Domain.Utils.Constants;
			import com.gk.firework.Domain.Utils.Msg;
			import com.gk.firework.Domain.Vo.UserVo;
			import com.gk.firework.Service.AuthorizationService;
			import com.gk.firework.Service.UserService;
			import io.jsonwebtoken.Claims;
			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.http.HttpHeaders;
			import org.springframework.http.HttpStatus;
			import org.springframework.util.AntPathMatcher;

			import javax.servlet.*;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.IOException;
			import java.io.PrintWriter;
			import java.util.List;
			import java.util.Map;

			/**
			* AccessToken filter
			*
			* @author zhangby
			* @date 2019-05-20 20:32
			*/
			public class AccessTokenFilter implements Filter {
			private final Logger logger = LoggerFactory.getLogger(this.getClass());

			/**
			* redis service
			*/
			IRedisService redisService = SpringContextUtil.getBean(IRedisService.class);

			UserService userService = SpringContextUtil.getBean(UserService.class);

			AuthorizationService authorizationService = SpringContextUtil.getBean(AuthorizationService.class);

			/**
			* do filter
			*
			* @param servletRequest servletRequest
			* @param servletResponse servletResponse
			* @param filterChain filterChain
			* @throws IOException IOException
			* @throws ServletException ServletException
			*/
			@Override
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;
			response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
			Msg msg = new Msg();
			try {
			// filter url && !request.getMethod().equals("OPTIONS")
			if (urlMatcher(request.getRequestURI(), Constants.FILTER_EXCLUDE_PATH)){
			String token = request.getHeader(HttpHeaders.AUTHORIZATION);
			if (null != token && !token.equals("undefined")) {
			/** 解析token */
			Claims claims = CommonUtil.parseJWT(token);
			if (ObjectUtil.isNotNull(claims)) {
			//设置当前登录用户
			System.setProperty(Constants.CURRENT_USER_ID, claims.get("user_id").toString());
			try {
			//获取redis 查询token是否有效 [jti]
			String tokenKey = StrUtil.format(RedisKeyEnum.AUTH_TOKEN.getKey(), claims.getId());
			Object userInfo = redisService.get(tokenKey);
			if (ObjectUtil.isNotNull(userInfo)) {
			Map map = JSON.parseObject(userInfo.toString(), Map.class);
			UserVo userVo = userService.selectUserVoByName(map.get("username").toString());
			if (null == userVo) {
			msg.setCode("100");
			msg.setMessage("用户不存在");
			returnJson(response, msg);
			return;
			}
			if (userVo.getIssale() == 1){
			if (userVo.getStatus()!=null && userVo.getStatus() != 1){
			msg.setCode("100");
			msg.setMessage("用户已失效");
			returnJson(response, msg);
			return;
			}
			if (userVo.getExpiredate() != null && userVo.getExpiredate().getTime() < System.currentTimeMillis()){
			msg.setCode("100");
			msg.setMessage("用户已超期");
			returnJson(response, msg);
			return;
			}

			Object loginObj = map.get("logintime");
			Object authObj = map.get("auth");
			if (loginObj != null && authObj != null){
			//通过auth查询授权码最后登录时间
			AuthorizationInfo authInfo = authorizationService.selectByUser(userVo.getCompanynumber(),authObj.toString());
			if (authInfo == null){
			msg.setCode("100");
			msg.setMessage("授权码无效");
			returnJson(response, msg);
			return;
			}
			if (authInfo.getLasttime().getTime() > Long.parseLong(loginObj.toString())){
			redisService.set(tokenKey, userInfo, 0L);
			msg.setCode("100");
			msg.setMessage("登录失效,请重新登录");
			returnJson(response, msg);
			return;
			}
			}
			}
			//更新登录超时时间
			redisService.set(tokenKey, userInfo, 60L60L18L);
			} else {
			logger.info("998：登录超时，无效认证");
			msg.setCode("100");
			msg.setMessage("登录超时，无效认证");
			returnJson(response, msg);
			return;
			}
			} catch (Exception e) {
			logger.info("401：非授权访问，无效的token");
			}
			} else {
			logger.info("500: 账户或密码不正确,登录失败");
			}
			}
			else if(request.getMethod().equals("OPTIONS")) {
			response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
			response.setHeader("Access-Control-Allow-Credentials", "true");
			response.setHeader("Access-Control-Allow-Methods", "POST, GET, PATCH, DELETE, PUT, OPTIONS");
			response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Auth-Token, Authorization");
			response.setHeader("Access-Control-Max-Age","3600");
			response.setStatus(HttpStatus.OK.value());
			return;
			}
			else {
			logger.info("500: token不存在");
			}
			}
			} catch (Exception e) {
			e.printStackTrace();
			//系统异常
			msg.setCode("100");
			msg.setMessage("系统异常请稍后重试");
			returnJson(response, msg);
			response.setStatus(HttpStatus.OK.value());
			}
			filterChain.doFilter(servletRequest, servletResponse);
			//过滤器结束之后销毁
			System.clearProperty(Constants.CURRENT_USER_ID);
			}


			@Override
			public void init(FilterConfig filterConfig) throws ServletException {
			}

			@Override
			public void destroy() {

			}

			/**
			* 认证是否需要，验证session url
			*
			* @param real_url
			* @return
			*/
			private boolean urlMatcher(String real_url, String pathFilter) {
			AntPathMatcher antPathMatcher = new AntPathMatcher();
			/** 验证添加项url */
			if (StrUtil.isNotBlank(pathFilter)) {
			for (String path : pathFilter.split(",")) {
			if (antPathMatcher.match(path.trim(), real_url.trim())) {
			return false;
			}
			}
			}
			return true;
			}

			/**
			* 返回url
			*
			* @param response
			* @param json
			*/
			private void returnJson(HttpServletResponse response, Msg msg) {
			PrintWriter writer = null;
			response.setCharacterEncoding("UTF-8");
			response.setContentType("text/html; charset=utf-8");
			response.setHeader("Access-Control-Allow-Credentials", "true");
			response.setHeader("Access-Control-Allow-Methods", "POST, GET, PATCH, DELETE, PUT, OPTIONS");
			response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, X-Auth-Token, Authorization");
			response.setHeader("Access-Control-Max-Age","3600");
			try {
			writer = response.getWriter();
			writer.print(JSON.toJSON(msg));
			} catch (IOException e) {
			} finally {
			if (writer != null) {
			writer.close();
			}
			}
			}
			}