blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
admin
2020-07-14 eec7e789a87863c25d92c10ad5dfc22ad80c448d 
 fanli/src/main/java/com/yeshi/fanli/aspect/AdminLoginAspect.java


@@ -1,121 +1,146 @@


package com.yeshi.fanli.aspect;







import java.io.IOException;



import java.lang.reflect.Method;



import java.net.URLDecoder;







import javax.annotation.Resource;



import javax.servlet.http.HttpServletRequest;



import javax.servlet.http.HttpServletResponse;







import org.aspectj.lang.ProceedingJoinPoint;



import org.aspectj.lang.Signature;



import org.aspectj.lang.annotation.Around;



import org.aspectj.lang.annotation.Aspect;



import org.aspectj.lang.reflect.MethodSignature;



import org.springframework.stereotype.Component;



import org.springframework.web.context.request.RequestContextHolder;



import org.springframework.web.context.request.ServletRequestAttributes;



import org.yeshi.utils.JsonUtil;







import com.yeshi.fanli.entity.common.AdminUser;



import com.yeshi.fanli.log.LogHelper;



import com.yeshi.fanli.service.AdminUserService;



import com.yeshi.fanli.util.AESUtil;



import com.yeshi.fanli.util.Constant;



import com.yeshi.fanli.util.StringUtil;



import com.yeshi.fanli.util.annotation.RequestNoLogin;







import net.sf.json.JSONObject;







@Component



@Aspect



public class AdminLoginAspect {







   @Resource



   private AdminUserService adminUserService;







//   @Around("execution(public * com.yeshi.fanli.controller.admin..*.*(..))")



   public Object verifyLoginState(ProceedingJoinPoint joinPoint) throws IOException {







      Signature signature = joinPoint.getSignature();



      MethodSignature methodSignature = (MethodSignature) signature;



      Method targetMethod = methodSignature.getMethod();







      ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder



            .getRequestAttributes();







      HttpServletRequest request = servletContainer.getRequest();







      AdminUser admin = (AdminUser) request.getSession().getAttribute(Constant.SESSION_ADMIN);







      if (admin == null) {







         String from = request.getParameter("from");



         // 邮件H5来源的不判断是否登录



         if ("emailh5".equalsIgnoreCase(from)) {



            String callback = request.getParameter("callback");



            String signAES = request.getParameter("sign");



            if (signAES != null && signAES.contains("%"))



               signAES = URLDecoder.decode(request.getParameter("sign"), "UTF-8");



            String sign = AESUtil.decrypt(signAES, Constant.ADMINH5_AESKEY);



            if (!StringUtil.isNullOrEmpty(sign)) {



               LogHelper.error("H5审核签名:" + sign);



               JSONObject json = JSONObject.fromObject(sign);



               long time = json.optLong("timeStamp");



               long adminId = json.optLong("adminId");



               AdminUser adminUser = adminUserService.selectByPrimaryKey(adminId);



               // 1个小时链接失效



               if (System.currentTimeMillis() - time > 1000 * 60 * 60 || adminUser == null) {



                  servletContainer.getResponse().getWriter()



                        .print(callback + "(" + JsonUtil.loadFalseResult(2, "链接失效") + ")");



                  return null;



               } else {



                  request.getSession().setAttribute(Constant.SESSION_ADMIN, adminUser);



                  request.getSession().setAttribute(Constant.SESSION_EXTRACT_VERIFY_RESULT, "1");



               }



            } else {



               servletContainer.getResponse().getWriter()



                     .print(callback + "(" + JsonUtil.loadFalseResult(3, "链接失效") + ")");



               return null;



            }







         } else {



            Method realMethod = null;



            try {



               realMethod = joinPoint.getTarget().getClass().getDeclaredMethod(joinPoint.getSignature().getName(),



                     targetMethod.getParameterTypes());



            } catch (NoSuchMethodException e) {



               e.printStackTrace();



            } catch (SecurityException e) {



               e.printStackTrace();



            }







            // 判断是否有忽略验证的注解



            if (realMethod == null || !realMethod.isAnnotationPresent(RequestNoLogin.class)) {



               HttpServletResponse response = servletContainer.getResponse();



               String callback = request.getParameter("callback");



               if (StringUtil.isNullOrEmpty(callback)) {



                  response.getWriter().print(JsonUtil.loadFalseResult(1, "请先登录"));



               } else {



                  response.getWriter().print(callback + "(" + JsonUtil.loadFalseResult(1, "请先登录") + ")");



               }







               return null;



            }



         }



      }







      Object[] args = joinPoint.getArgs();



      Object obj = null;







      try {



         obj = joinPoint.proceed(args);



      } catch (Throwable e) {



         e.printStackTrace();



      }







      return obj;



   }







}



package com.yeshi.fanli.aspect;




import java.io.IOException;


import java.lang.reflect.Method;


import java.net.URLDecoder;




import javax.annotation.Resource;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;




import com.aliyun.openservices.ons.api.Admin;


import com.yeshi.fanli.entity.SystemEnum;


import com.yeshi.fanli.entity.accept.AcceptData;


import com.yeshi.fanli.entity.accept.AdminAcceptData;


import org.aspectj.lang.ProceedingJoinPoint;


import org.aspectj.lang.Signature;


import org.aspectj.lang.annotation.Around;


import org.aspectj.lang.annotation.Aspect;


import org.aspectj.lang.reflect.MethodSignature;


import org.springframework.stereotype.Component;


import org.springframework.web.context.request.RequestContextHolder;


import org.springframework.web.context.request.ServletRequestAttributes;


import org.yeshi.utils.JsonUtil;




import com.yeshi.fanli.entity.common.AdminUser;


import com.yeshi.fanli.log.LogHelper;


import com.yeshi.fanli.service.AdminUserService;


import com.yeshi.fanli.util.AESUtil;


import com.yeshi.fanli.util.Constant;


import com.yeshi.fanli.util.StringUtil;


import com.yeshi.fanli.util.annotation.RequestNoLogin;




import net.sf.json.JSONObject;




@Component


@Aspect


public class AdminLoginAspect {




    @Resource


    private AdminUserService adminUserService;




    @Around("execution(public * com.yeshi.fanli.controller.admin..*.*(..))")


    public Object verifyLoginState(ProceedingJoinPoint joinPoint) throws IOException {


        Object[] args = joinPoint.getArgs();


        Signature signature = joinPoint.getSignature();


        MethodSignature methodSignature = (MethodSignature) signature;


        Method targetMethod = methodSignature.getMethod();




        ServletRequestAttributes servletContainer = (ServletRequestAttributes) RequestContextHolder


                .getRequestAttributes();




        HttpServletRequest request = servletContainer.getRequest();




        AdminUser admin = (AdminUser) request.getSession().getAttribute(Constant.SESSION_ADMIN);




        if (admin == null) {




            String from = request.getParameter("from");


            // 邮件H5来源的不判断是否登录


            if ("emailh5".equalsIgnoreCase(from)) {


                String callback = request.getParameter("callback");


                String signAES = request.getParameter("sign");


                if (signAES != null && signAES.contains("%"))


                    signAES = URLDecoder.decode(request.getParameter("sign"), "UTF-8");


                String sign = AESUtil.decrypt(signAES, Constant.ADMINH5_AESKEY);


                if (!StringUtil.isNullOrEmpty(sign)) {


                    LogHelper.error("H5审核签名:" + sign);


                    JSONObject json = JSONObject.fromObject(sign);


                    long time = json.optLong("timeStamp");


                    long adminId = json.optLong("adminId");


                    AdminUser adminUser = adminUserService.selectByPrimaryKey(adminId);


                    // 1个小时链接失效


                    if (System.currentTimeMillis() - time > 1000 * 60 * 60 || adminUser == null) {


                        servletContainer.getResponse().getWriter()


                                .print(callback + "(" + JsonUtil.loadFalseResult(2, "链接失效") + ")");


                        return null;


                    } else {


                        request.getSession().setAttribute(Constant.SESSION_ADMIN, adminUser);


                        request.getSession().setAttribute(Constant.SESSION_EXTRACT_VERIFY_RESULT, "1");


                    }


                } else {


                    servletContainer.getResponse().getWriter()


                            .print(callback + "(" + JsonUtil.loadFalseResult(3, "链接失效") + ")");


                    return null;


                }




            } else {


                Method realMethod = null;


                try {


                    realMethod = joinPoint.getTarget().getClass().getDeclaredMethod(joinPoint.getSignature().getName(),


                            targetMethod.getParameterTypes());


                } catch (NoSuchMethodException e) {


                    e.printStackTrace();


                } catch (SecurityException e) {


                    e.printStackTrace();


                }




                // 判断是否有忽略验证的注解


                if (realMethod == null || !realMethod.isAnnotationPresent(RequestNoLogin.class)) {


                    HttpServletResponse response = servletContainer.getResponse();


                    String callback = request.getParameter("callback");


                    if (StringUtil.isNullOrEmpty(callback)) {


                        response.getWriter().print(JsonUtil.loadFalseResult(10001, "请先登录"));


                    } else {


                        response.getWriter().print(callback + "(" + JsonUtil.loadFalseResult(10001, "请先登录") + ")");


                    }




                    return null;


                }


            }


        }




        String systemStr = request.getHeader("system");


        if (StringUtil.isNullOrEmpty(systemStr)) {


            systemStr = SystemEnum.blks.name();


        }




        SystemEnum system = null;




        for (SystemEnum s : SystemEnum.values()) {


            if (s.getName().equalsIgnoreCase(systemStr))


                system = s;


        }




        AdminAcceptData acceptData = null;


        for (Object obj : args) {


            if (obj instanceof AdminAcceptData) {


                acceptData = (AdminAcceptData) obj;


            }


        }




//        if (acceptData != null)


//            acceptData.setSystem(system);




        Object obj = null;




        try {


            obj = joinPoint.proceed(args);


        } catch (Throwable e) {


            e.printStackTrace();


        }




        return obj;


    }




}