fanli-server.git

package com.yeshi.fanli.aspect;
 
import java.io.IOException;
import java.lang.reflect.Method;
import java.net.URLDecoder;
 
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
 
import com.aliyun.openservices.ons.api.Admin;
import com.yeshi.fanli.entity.SystemEnum;
import com.yeshi.fanli.entity.accept.AcceptData;
import com.yeshi.fanli.entity.accept.AdminAcceptData;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.Signature;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import org.yeshi.utils.JsonUtil;
 
import com.yeshi.fanli.entity.common.AdminUser;
import com.yeshi.fanli.log.LogHelper;
import com.yeshi.fanli.service.AdminUserService;
import com.yeshi.fanli.util.AESUtil;
import com.yeshi.fanli.util.Constant;
import com.yeshi.fanli.util.StringUtil;
import com.yeshi.fanli.util.annotation.RequestNoLogin;
 
import net.sf.json.JSONObject;
 
@Component
@Aspect
public class AdminLoginAspect {
 
    @Resource
    private AdminUserService adminUserService;
 
    @Around("execution(public * com.yeshi.fanli.controller.admin..*.*(..))")
    public Object verifyLoginState(ProceedingJoinPoint joinPoint) throws IOException {
        Object[] args = joinPoint.getArgs();
        Signature signature = joinPoint.getSignature();
        MethodSignature methodSignature = (MethodSignature) signature;
        Method targetMethod = methodSignature.getMethod();
 
        ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder
                .getRequestAttributes();
 
        HttpServletRequest request = servletContainer.getRequest();
 
        AdminUser admin = (AdminUser) request.getSession().getAttribute(Constant.SESSION_ADMIN);
 
        if(Constant.IS_TEST){
            admin=new AdminUser();
            admin.setId(1L);
            admin.setName("Ceshi");
            admin.setAccount("ceshi");
        }
 
 
        if (admin == null) {
 
 
            String from = request.getParameter("from");
            // 邮件H5来源的不判断是否登录
            if ("emailh5".equalsIgnoreCase(from)) {
                String callback = request.getParameter("callback");
                String signAES = request.getParameter("sign");
                if (signAES != null && signAES.contains("%"))
                    signAES = URLDecoder.decode(request.getParameter("sign"), "UTF-8");
                String sign = AESUtil.decrypt(signAES, Constant.ADMINH5_AESKEY);
                if (!StringUtil.isNullOrEmpty(sign)) {
                    LogHelper.error("H5审核签名:" + sign);
                    JSONObject json = JSONObject.fromObject(sign);
                    long time = json.optLong("timeStamp");
                    long adminId = json.optLong("adminId");
                    AdminUser adminUser = adminUserService.selectByPrimaryKey(adminId);
                    // 1个小时链接失效
                    if (System.currentTimeMillis() - time > 1000 * 60 * 60 || adminUser == null) {
                        servletContainer.getResponse().getWriter()
                                .print(callback + "(" + JsonUtil.loadFalseResult(2, "链接失效") + ")");
                        return null;
                    } else {
                        request.getSession().setAttribute(Constant.SESSION_ADMIN, adminUser);
                        request.getSession().setAttribute(Constant.SESSION_EXTRACT_VERIFY_RESULT, "1");
                    }
                } else {
                    servletContainer.getResponse().getWriter()
                            .print(callback + "(" + JsonUtil.loadFalseResult(3, "链接失效") + ")");
                    return null;
                }
 
            } else {
                Method realMethod = null;
                try {
                    realMethod = joinPoint.getTarget().getClass().getDeclaredMethod(joinPoint.getSignature().getName(),
                            targetMethod.getParameterTypes());
                } catch (NoSuchMethodException e) {
                    e.printStackTrace();
                } catch (SecurityException e) {
                    e.printStackTrace();
                }
 
                // 判断是否有忽略验证的注解
                if (realMethod == null || !realMethod.isAnnotationPresent(RequestNoLogin.class)) {
                    HttpServletResponse response = servletContainer.getResponse();
                    String callback = request.getParameter("callback");
                    if (StringUtil.isNullOrEmpty(callback)) {
                        response.getWriter().print(JsonUtil.loadFalseResult(10001, "请先登录"));
                    } else {
                        response.getWriter().print(callback + "(" + JsonUtil.loadFalseResult(10001, "请先登录") + ")");
                    }
 
                    return null;
                }
            }
        }
 
        String systemStr = request.getHeader("system");
        if (StringUtil.isNullOrEmpty(systemStr)) {
            systemStr = SystemEnum.blks.name();
        }
 
        SystemEnum system = null;
 
        for (SystemEnum s : SystemEnum.values()) {
            if (s.getName().equalsIgnoreCase(systemStr))
                system = s;
        }
 
        AdminAcceptData acceptData = null;
        for (Object obj : args) {
            if (obj instanceof AdminAcceptData) {
                acceptData = (AdminAcceptData) obj;
            }
        }
 
//        if (acceptData != null)
//            acceptData.setSystem(system);
 
        Object obj = null;
 
        try {
            obj = joinPoint.proceed(args);
        } catch (Throwable e) {
            e.printStackTrace();
        }
 
        return obj;
    }
 
}