package com.yeshi.fanli.aspect;
|
|
import java.io.IOException;
|
import java.lang.reflect.Method;
|
import java.net.URLDecoder;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
|
import org.aspectj.lang.ProceedingJoinPoint;
|
import org.aspectj.lang.Signature;
|
import org.aspectj.lang.annotation.Around;
|
import org.aspectj.lang.annotation.Aspect;
|
import org.aspectj.lang.reflect.MethodSignature;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.context.request.RequestContextHolder;
|
import org.springframework.web.context.request.ServletRequestAttributes;
|
import org.yeshi.utils.JsonUtil;
|
|
import com.yeshi.fanli.entity.common.AdminUser;
|
import com.yeshi.fanli.log.LogHelper;
|
import com.yeshi.fanli.service.AdminUserService;
|
import com.yeshi.fanli.util.AESUtil;
|
import com.yeshi.fanli.util.Constant;
|
import com.yeshi.fanli.util.StringUtil;
|
import com.yeshi.fanli.util.annotation.RequestNoLogin;
|
|
import net.sf.json.JSONObject;
|
|
@Component
|
@Aspect
|
public class AdminLoginAspect {
|
|
@Resource
|
private AdminUserService adminUserService;
|
|
@Around("execution(public * com.yeshi.fanli.controller.admin..*.*(..))")
|
public Object verifyLoginState(ProceedingJoinPoint joinPoint) throws IOException {
|
|
Signature signature = joinPoint.getSignature();
|
MethodSignature methodSignature = (MethodSignature) signature;
|
Method targetMethod = methodSignature.getMethod();
|
|
ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder
|
.getRequestAttributes();
|
|
HttpServletRequest request = servletContainer.getRequest();
|
|
AdminUser admin = (AdminUser) request.getSession().getAttribute(Constant.SESSION_ADMIN);
|
|
if (admin == null) {
|
|
String from = request.getParameter("from");
|
// 邮件H5来源的不判断是否登录
|
if ("emailh5".equalsIgnoreCase(from)) {
|
String callback = request.getParameter("callback");
|
String signAES = request.getParameter("sign");
|
if (signAES != null && signAES.contains("%"))
|
signAES = URLDecoder.decode(request.getParameter("sign"), "UTF-8");
|
String sign = AESUtil.decrypt(signAES, Constant.ADMINH5_AESKEY);
|
if (!StringUtil.isNullOrEmpty(sign)) {
|
LogHelper.error("H5审核签名:" + sign);
|
JSONObject json = JSONObject.fromObject(sign);
|
long time = json.optLong("timeStamp");
|
long adminId = json.optLong("adminId");
|
AdminUser adminUser = adminUserService.selectByPrimaryKey(adminId);
|
// 1个小时链接失效
|
if (System.currentTimeMillis() - time > 1000 * 60 * 60 || adminUser == null) {
|
servletContainer.getResponse().getWriter()
|
.print(callback + "(" + JsonUtil.loadFalseResult(2, "链接失效") + ")");
|
return null;
|
} else {
|
request.getSession().setAttribute(Constant.SESSION_ADMIN, adminUser);
|
request.getSession().setAttribute(Constant.SESSION_EXTRACT_VERIFY_RESULT, "1");
|
}
|
} else {
|
servletContainer.getResponse().getWriter()
|
.print(callback + "(" + JsonUtil.loadFalseResult(3, "链接失效") + ")");
|
return null;
|
}
|
|
} else {
|
Method realMethod = null;
|
try {
|
realMethod = joinPoint.getTarget().getClass().getDeclaredMethod(joinPoint.getSignature().getName(),
|
targetMethod.getParameterTypes());
|
} catch (NoSuchMethodException e) {
|
e.printStackTrace();
|
} catch (SecurityException e) {
|
e.printStackTrace();
|
}
|
|
// 判断是否有忽略验证的注解
|
if (realMethod == null || !realMethod.isAnnotationPresent(RequestNoLogin.class)) {
|
HttpServletResponse response = servletContainer.getResponse();
|
String callback = request.getParameter("callback");
|
if (StringUtil.isNullOrEmpty(callback)) {
|
response.getWriter().print(JsonUtil.loadFalseResult(1, "请先登录"));
|
} else {
|
response.getWriter().print(callback + "(" + JsonUtil.loadFalseResult(1, "请先登录") + ")");
|
}
|
|
return null;
|
}
|
}
|
}
|
|
Object[] args = joinPoint.getArgs();
|
Object obj = null;
|
|
try {
|
obj = joinPoint.proceed(args);
|
} catch (Throwable e) {
|
e.printStackTrace();
|
}
|
|
return obj;
|
}
|
|
}
|
