package com.kidgrow.zuul.filter;
|
|
import com.alibaba.fastjson.JSON;
|
import com.kidgrow.common.model.ResultBody;
|
import com.kidgrow.common.model.SysOrganization;
|
import com.kidgrow.common.model.SysUser;
|
import com.kidgrow.common.model.SysUserOrg;
|
import com.kidgrow.redis.util.RedisConstant;
|
import com.kidgrow.redis.util.RedisUtils;
|
import com.kidgrow.zuul.feign.SysOrganizationService;
|
import com.kidgrow.zuul.feign.SysUserOrgService;
|
import com.kidgrow.zuul.service.TokenService;
|
import com.netflix.zuul.ZuulFilter;
|
import com.netflix.zuul.context.RequestContext;
|
import lombok.SneakyThrows;
|
import lombok.extern.slf4j.Slf4j;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants;
|
import org.springframework.security.authentication.AnonymousAuthenticationToken;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextImpl;
|
import org.springframework.security.oauth2.provider.OAuth2Authentication;
|
import org.springframework.stereotype.Component;
|
|
import javax.servlet.http.HttpServletRequest;
|
import java.util.*;
|
|
import static org.springframework.cloud.netflix.zuul.filters.support.FilterConstants.PRE_DECORATION_FILTER_ORDER;
|
|
/**
|
* 石家庄喜高科技有限责任公司 版权所有 © Copyright 2020<br>
|
*
|
* @Description: 将认证用户的相关信息放入header中, 后端服务可以直接读取使用 包含了----组织的拦截--- 如果被拦截,将清除token<br>
|
* @Project: <br>
|
* @CreateDate: Created in 2020/2/21 10:12 <br>
|
* @Author: <a href="4345453@kidgrow.com">liuke</a>
|
*/
|
@Slf4j
|
@Component
|
public class OrganizationFilter extends ZuulFilter {
|
@Override
|
public String filterType() {
|
return FilterConstants.PRE_TYPE;
|
}
|
|
@Override
|
public int filterOrder() {
|
return PRE_DECORATION_FILTER_ORDER;
|
}
|
|
@Override
|
public boolean shouldFilter() {
|
return true;
|
}
|
|
@Autowired
|
RedisUtils redisUtils;
|
@Autowired
|
private SysUserOrgService sysUserOrgService;
|
@Autowired
|
private SysOrganizationService sysOrganizationService;
|
@Autowired
|
private TokenService tokenService;
|
|
@SneakyThrows
|
@Override
|
public Object run() {
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
|
if (authentication != null && !(authentication instanceof AnonymousAuthenticationToken)) {
|
RequestContext currentContext = RequestContext.getCurrentContext();
|
// 获取request对象
|
HttpServletRequest request = currentContext.getRequest();
|
//security会把一个SecurityContextImpl对象存储到session中,此对象中有当前用户的各种资料
|
SecurityContextImpl securityContextImpl = (SecurityContextImpl) request
|
.getSession().getAttribute("SPRING_SECURITY_CONTEXT");
|
authentication = securityContextImpl.getAuthentication();
|
Object principal = authentication.getPrincipal();
|
RequestContext ctx = RequestContext.getCurrentContext();
|
if (principal instanceof SysUser) {
|
//运营端进行
|
OAuth2Authentication oauth2Authentication = (OAuth2Authentication) authentication;
|
SysUser user = (SysUser) authentication.getPrincipal();
|
/**
|
* 将组织中为空的拦截
|
*/
|
List<SysUserOrg> sysUserOrgs = this.getSysUserOrg(user.getId());
|
if (sysUserOrgs == null || sysUserOrgs.isEmpty()) {
|
//退出的操作
|
this.tokenService.logout(request);
|
ctx.setSendZuulResponse(false);
|
ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
|
// String str = new String("您的组织已经被禁用,请联系管理员".getBytes("utf-8"), "utf-8");
|
ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员")));
|
} else {
|
// List<Long> collect = sysUserOrgs.stream().map(e -> e.getOrgId()).collect(Collectors.toList());
|
// List<SysOrganization> sysOrganizations = getSysOrganization();
|
// List<Long> orgIds = sysOrganizations.stream().filter(e -> e.getEnabled() == true && collect.contains(e.getId())).map(e -> e.getId()).collect(Collectors.toList());
|
// if (orgIds == null || orgIds.size() <= 0) {
|
// ctx.setSendZuulResponse(false);
|
// ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员")));
|
// }
|
if (!request.getRequestURI().contains("ReportRecord/getImg")) {
|
//根据fegin客户端查询状态
|
Map<String, Object> map;
|
for (SysUserOrg sysUserOrg : sysUserOrgs) {
|
map = new HashMap<>();
|
map.put("id", sysUserOrg.getOrgId());
|
List<SysOrganization> sysOrganizations = JSON.parseArray(JSON.toJSONString(sysOrganizationService.getListByMap(map).getData()), SysOrganization.class);
|
if (sysOrganizations == null || sysOrganizations.size() <= 0) {
|
//退出的操作
|
this.tokenService.logout(request);
|
ctx.setSendZuulResponse(false);
|
ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
|
ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员")));
|
} else {
|
for (SysOrganization sysOrganization : sysOrganizations) {
|
if (!sysOrganization.getEnabled() || sysOrganization.getIsDel()) {
|
//退出的操作
|
this.tokenService.logout(request);
|
ctx.setSendZuulResponse(false);
|
ctx.addZuulResponseHeader("Content-Type", "application/json;charset=UTF-8");
|
ctx.setResponseBody(JSON.toJSONString(ResultBody.fail(1000, "您的组织已经被禁用,请联系管理员")));
|
}
|
}
|
}
|
}
|
}
|
}
|
}
|
}
|
return null;
|
}
|
|
|
|
/**
|
* 通过userID 获取组织的关系
|
*
|
* @param str
|
* @return
|
*/
|
public List<SysUserOrg> getSysUserOrg(Long str) {
|
//获取组织 Redis中获取
|
List<SysUserOrg> sysUserOrgs = JSON.parseArray(JSON.toJSONString(redisUtils.hget(RedisConstant.USER_ORGANIZATION, str.toString())), SysUserOrg.class);
|
if (sysUserOrgs == null || sysUserOrgs.size() <= 0) {
|
//在数据库查询
|
Map<String, Object> map = new HashMap<>();
|
map.put("user_id", str);
|
sysUserOrgs = sysUserOrgService.getListByMap(map);
|
redisUtils.hset(RedisConstant.USER_ORGANIZATION, str.toString(), sysUserOrgs);
|
}
|
return sysUserOrgs;
|
}
|
|
public List<SysOrganization> getSysOrganization() {
|
Map<Object, Object> hmget = redisUtils.hmget(RedisConstant.ORGANIZATION);
|
List<SysOrganization> sysOrganizations = new ArrayList<>();
|
if (hmget == null || hmget.size() <= 0) {
|
Map<String, Object> map = new HashMap<>();
|
map.put("is_del", 0);
|
sysOrganizations = JSON.parseArray(JSON.toJSONString(sysOrganizationService.getListByMap(map).getData()), SysOrganization.class);
|
sysOrganizations.forEach(e -> {
|
redisUtils.hset(RedisConstant.ORGANIZATION, e.getId().toString(), e);
|
});
|
|
} else {
|
Set<Object> objects = hmget.keySet();
|
Iterator<Object> iterator = objects.iterator();
|
while (iterator.hasNext()) {
|
sysOrganizations.add((SysOrganization) hmget.get(iterator.next()));
|
}
|
}
|
return sysOrganizations;
|
}
|
}
|
