IT
/
IotCenter


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
							package com.zswl.dataservice.auth;

import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.zswl.dataservice.model.user.LoginUser;
import com.zswl.dataservice.service.base.RedisService;
import com.zswl.dataservice.utils.exception.UnauthorizedException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.StringUtils;
import org.springframework.http.HttpStatus;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

//@Slf4j
public class UserContextInterceptor implements HandlerInterceptor {

    private JWTManager jwtManager;

    private AuthSettings authSettings;

    private RedisService redisService;

    public UserContextInterceptor(AuthSettings authSettings, JWTManager jwtManager, RedisService redisService) {
        this.authSettings = authSettings;
        this.jwtManager = jwtManager;
        this.redisService = redisService;
    }

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
        String method = request.getMethod();
        if (method != null && "OPTIONS".equals(method)) {
            return true;
        }

        String token = request.getHeader(authSettings.getTokenHeaderName());

        if (token != null && token.length() > 0) {
            try {
                LoginUser user = verifyUser(token);
                UserContext.set(user);
                return true;
            } catch (UnauthorizedException ue) {

                if (UserAuthUtil.isFree(authSettings, request)) {
                    return true;
                }

                response.setCharacterEncoding("UTF-8");
                response.setHeader("Content-Type", "application/json");
                response.setStatus(HttpStatus.UNAUTHORIZED.value());
                JSONObject data = new JSONObject();
                data.put("message", ue.getMessage());
                response.getWriter().write(data.toString());
                response.getWriter().flush();
                response.getWriter().close();
                return false;
            }
        } else if (UserAuthUtil.isCodeValidate(authSettings, request)) {
            String code = request.getParameter("_validate_code");

            if (code != null && code.length() > 0 && redisService.verifyExpireCode(code)) {
                String payloadJson = StringUtils.newStringUtf8(Base64.decodeBase64(code));
                JSONObject jo = JSON.parseObject(payloadJson);
                if (jo != null) {
                    LoginUser user = new LoginUser();
                    user.setLoginName(jo.getString("loginName"));
                    user.setId(jo.getString("userId"));
                    UserContext.set(user);
                }
                return true;
            } else {
                response.setCharacterEncoding("UTF-8");
                response.setHeader("Content-Type", "application/json");
                response.setStatus(HttpStatus.UNAUTHORIZED.value());
                JSONObject data = new JSONObject();
                data.put("message", "您访问资源（图片，文件，音频等）时，提供的验证code无效");
                response.getWriter().write(data.toJSONString());
                response.getWriter().flush();
                response.getWriter().close();
                return false;
            }
        } else {
            if (UserAuthUtil.isFree(authSettings, request)) {
                return true;
            } else {

                // throw new UnauthorizedUserException("用户没有登录，请登录");

                response.setCharacterEncoding("UTF-8");
                response.setHeader("Content-Type", "application/json");
                response.setStatus(HttpStatus.UNAUTHORIZED.value());
                JSONObject data = new JSONObject();
                data.put("message", "用户没有登录，请登录");
                JSONObject exception = new JSONObject();
                exception.put("type", "AuthenticationCredentialsNotFoundException");
                data.put("state", "Fail");
                data.put("exception", exception);
                response.getWriter().write(data.toJSONString());
                response.getWriter().flush();
                response.getWriter().close();
                return false;
            }
        }
    }

    @Override
    public void postHandle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Object handler, Exception ex) throws Exception {
        UserContext.shutdown();
    }

    private LoginUser verifyUser(String token) throws UnauthorizedException {
        return jwtManager.verifyToken(token);
    }

}