blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
admin
2020-07-14 eec7e789a87863c25d92c10ad5dfc22ad80c448d 
 fanli/src/main/java/com/yeshi/fanli/aspect/AdminLoginAspect.java


@@ -8,6 +8,10 @@


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;




import com.aliyun.openservices.ons.api.Admin;


import com.yeshi.fanli.entity.SystemEnum;


import com.yeshi.fanli.entity.accept.AcceptData;


import com.yeshi.fanli.entity.accept.AdminAcceptData;


import org.aspectj.lang.ProceedingJoinPoint;


import org.aspectj.lang.Signature;


import org.aspectj.lang.annotation.Around;


@@ -32,90 +36,111 @@


@Aspect


public class AdminLoginAspect {




   @Resource


   private AdminUserService adminUserService;


    @Resource


    private AdminUserService adminUserService;




   @Around("execution(public * com.yeshi.fanli.controller.admin..*.*(..))")


   public Object verifyLoginState(ProceedingJoinPoint joinPoint) throws IOException {


    @Around("execution(public * com.yeshi.fanli.controller.admin..*.*(..))")


    public Object verifyLoginState(ProceedingJoinPoint joinPoint) throws IOException {


        Object[] args = joinPoint.getArgs();


        Signature signature = joinPoint.getSignature();


        MethodSignature methodSignature = (MethodSignature) signature;


        Method targetMethod = methodSignature.getMethod();




      Signature signature = joinPoint.getSignature();


      MethodSignature methodSignature = (MethodSignature) signature;


      Method targetMethod = methodSignature.getMethod();


        ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder


                .getRequestAttributes();




      ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder


            .getRequestAttributes();


        HttpServletRequest request = servletContainer.getRequest();




      HttpServletRequest request = servletContainer.getRequest();


        AdminUser admin = (AdminUser) request.getSession().getAttribute(Constant.SESSION_ADMIN);




      AdminUser admin = (AdminUser) request.getSession().getAttribute(Constant.SESSION_ADMIN);


        if (admin == null) {




      if (admin == null) {


            String from = request.getParameter("from");


            // 邮件H5来源的不判断是否登录


            if ("emailh5".equalsIgnoreCase(from)) {


                String callback = request.getParameter("callback");


                String signAES = request.getParameter("sign");


                if (signAES != null && signAES.contains("%"))


                    signAES = URLDecoder.decode(request.getParameter("sign"), "UTF-8");


                String sign = AESUtil.decrypt(signAES, Constant.ADMINH5_AESKEY);


                if (!StringUtil.isNullOrEmpty(sign)) {


                    LogHelper.error("H5审核签名:" + sign);


                    JSONObject json = JSONObject.fromObject(sign);


                    long time = json.optLong("timeStamp");


                    long adminId = json.optLong("adminId");


                    AdminUser adminUser = adminUserService.selectByPrimaryKey(adminId);


                    // 1个小时链接失效


                    if (System.currentTimeMillis() - time > 1000 * 60 * 60 || adminUser == null) {


                        servletContainer.getResponse().getWriter()


                                .print(callback + "(" + JsonUtil.loadFalseResult(2, "链接失效") + ")");


                        return null;


                    } else {


                        request.getSession().setAttribute(Constant.SESSION_ADMIN, adminUser);


                        request.getSession().setAttribute(Constant.SESSION_EXTRACT_VERIFY_RESULT, "1");


                    }


                } else {


                    servletContainer.getResponse().getWriter()


                            .print(callback + "(" + JsonUtil.loadFalseResult(3, "链接失效") + ")");


                    return null;


                }




         String from = request.getParameter("from");


         // 邮件H5来源的不判断是否登录


         if ("emailh5".equalsIgnoreCase(from)) {


            String callback = request.getParameter("callback");


            String signAES = request.getParameter("sign");


            if (signAES != null && signAES.contains("%"))


               signAES = URLDecoder.decode(request.getParameter("sign"), "UTF-8");


            String sign = AESUtil.decrypt(signAES, Constant.ADMINH5_AESKEY);


            if (!StringUtil.isNullOrEmpty(sign)) {


               LogHelper.error("H5审核签名:" + sign);


               JSONObject json = JSONObject.fromObject(sign);


               long time = json.optLong("timeStamp");


               long adminId = json.optLong("adminId");


               AdminUser adminUser = adminUserService.selectByPrimaryKey(adminId);


               // 1个小时链接失效


               if (System.currentTimeMillis() - time > 1000 * 60 * 60 || adminUser == null) {


                  servletContainer.getResponse().getWriter()


                        .print(callback + "(" + JsonUtil.loadFalseResult(2, "链接失效") + ")");


                  return null;


               } else {


                  request.getSession().setAttribute(Constant.SESSION_ADMIN, adminUser);


                  request.getSession().setAttribute(Constant.SESSION_EXTRACT_VERIFY_RESULT, "1");


               }


            } else {


               servletContainer.getResponse().getWriter()


                     .print(callback + "(" + JsonUtil.loadFalseResult(3, "链接失效") + ")");


               return null;


            }


            } else {


                Method realMethod = null;


                try {


                    realMethod = joinPoint.getTarget().getClass().getDeclaredMethod(joinPoint.getSignature().getName(),


                            targetMethod.getParameterTypes());


                } catch (NoSuchMethodException e) {


                    e.printStackTrace();


                } catch (SecurityException e) {


                    e.printStackTrace();


                }




         } else {


            Method realMethod = null;


            try {


               realMethod = joinPoint.getTarget().getClass().getDeclaredMethod(joinPoint.getSignature().getName(),


                     targetMethod.getParameterTypes());


            } catch (NoSuchMethodException e) {


               e.printStackTrace();


            } catch (SecurityException e) {


               e.printStackTrace();


            }


                // 判断是否有忽略验证的注解


                if (realMethod == null || !realMethod.isAnnotationPresent(RequestNoLogin.class)) {


                    HttpServletResponse response = servletContainer.getResponse();


                    String callback = request.getParameter("callback");


                    if (StringUtil.isNullOrEmpty(callback)) {


                        response.getWriter().print(JsonUtil.loadFalseResult(10001, "请先登录"));


                    } else {


                        response.getWriter().print(callback + "(" + JsonUtil.loadFalseResult(10001, "请先登录") + ")");


                    }




            // 判断是否有忽略验证的注解


            if (realMethod == null || !realMethod.isAnnotationPresent(RequestNoLogin.class)) {


               HttpServletResponse response = servletContainer.getResponse();


               String callback = request.getParameter("callback");


               if (StringUtil.isNullOrEmpty(callback)) {


                  response.getWriter().print(JsonUtil.loadFalseResult(1, "请先登录"));


               } else {


                  response.getWriter().print(callback + "(" + JsonUtil.loadFalseResult(1, "请先登录") + ")");


               }


                    return null;


                }


            }


        }




               return null;


            }


         }


      }


        String systemStr = request.getHeader("system");


        if (StringUtil.isNullOrEmpty(systemStr)) {


            systemStr = SystemEnum.blks.name();


        }




      Object[] args = joinPoint.getArgs();


      Object obj = null;


        SystemEnum system = null;




      try {


         obj = joinPoint.proceed(args);


      } catch (Throwable e) {


         e.printStackTrace();


      }


        for (SystemEnum s : SystemEnum.values()) {


            if (s.getName().equalsIgnoreCase(systemStr))


                system = s;


        }




      return obj;


   }


        AdminAcceptData acceptData = null;


        for (Object obj : args) {


            if (obj instanceof AdminAcceptData) {


                acceptData = (AdminAcceptData) obj;


            }


        }




//        if (acceptData != null)


//            acceptData.setSystem(system);




        Object obj = null;




        try {


            obj = joinPoint.proceed(args);


        } catch (Throwable e) {


            e.printStackTrace();


        }




        return obj;


    }




}