package com.zswl.dataservice.auth; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.zswl.dataservice.model.user.LoginUser; import com.zswl.dataservice.service.base.RedisService; import com.zswl.dataservice.utils.exception.UnauthorizedException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.apache.commons.codec.binary.Base64; import org.apache.commons.codec.binary.StringUtils; import org.springframework.http.HttpStatus; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; //@Slf4j public class UserContextInterceptor implements HandlerInterceptor { private JWTManager jwtManager; private AuthSettings authSettings; private RedisService redisService; public UserContextInterceptor(AuthSettings authSettings, JWTManager jwtManager, RedisService redisService) { this.authSettings = authSettings; this.jwtManager = jwtManager; this.redisService = redisService; } @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception { String method = request.getMethod(); if (method != null && "OPTIONS".equals(method)) { return true; } String token = request.getHeader(authSettings.getTokenHeaderName()); if (token != null && token.length() > 0) { try { LoginUser user = verifyUser(token); UserContext.set(user); return true; } catch (UnauthorizedException ue) { if (UserAuthUtil.isFree(authSettings, request)) { return true; } response.setCharacterEncoding("UTF-8"); response.setHeader("Content-Type", "application/json"); response.setStatus(HttpStatus.UNAUTHORIZED.value()); JSONObject data = new JSONObject(); data.put("message", ue.getMessage()); response.getWriter().write(data.toString()); response.getWriter().flush(); response.getWriter().close(); return false; } } else if (UserAuthUtil.isCodeValidate(authSettings, request)) { String code = request.getParameter("_validate_code"); if (code != null && code.length() > 0 && redisService.verifyExpireCode(code)) { String payloadJson = StringUtils.newStringUtf8(Base64.decodeBase64(code)); JSONObject jo = JSON.parseObject(payloadJson); if (jo != null) { LoginUser user = new LoginUser(); user.setLoginName(jo.getString("loginName")); user.setId(jo.getString("userId")); UserContext.set(user); } return true; } else { response.setCharacterEncoding("UTF-8"); response.setHeader("Content-Type", "application/json"); response.setStatus(HttpStatus.UNAUTHORIZED.value()); JSONObject data = new JSONObject(); data.put("message", "您访问资源(图片,文件,音频等)时,提供的验证code无效"); response.getWriter().write(data.toJSONString()); response.getWriter().flush(); response.getWriter().close(); return false; } } else { if (UserAuthUtil.isFree(authSettings, request)) { return true; } else { // throw new UnauthorizedUserException("用户没有登录,请登录"); response.setCharacterEncoding("UTF-8"); response.setHeader("Content-Type", "application/json"); response.setStatus(HttpStatus.UNAUTHORIZED.value()); JSONObject data = new JSONObject(); data.put("message", "用户没有登录,请登录"); JSONObject exception = new JSONObject(); exception.put("type", "AuthenticationCredentialsNotFoundException"); data.put("state", "Fail"); data.put("exception", exception); response.getWriter().write(data.toJSONString()); response.getWriter().flush(); response.getWriter().close(); return false; } } } @Override public void postHandle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Object handler, Exception ex) throws Exception { UserContext.shutdown(); } private LoginUser verifyUser(String token) throws UnauthorizedException { return jwtManager.verifyToken(token); } }