forked from kidgrow-microservices-platform
blame | history | raw
bingbing
2020-07-14 e0bb13f823169282241f5797f7a0cbaabc1d3365 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87

package com.xxl.job.admin.controller.interceptor;


 


import com.xxl.job.admin.controller.annotation.PermessionLimit;


import com.xxl.job.admin.core.conf.XxlJobAdminConfig;


import com.xxl.job.admin.core.util.CookieUtil;


import org.springframework.stereotype.Component;


import org.springframework.util.DigestUtils;


import org.springframework.web.method.HandlerMethod;


import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;


 


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.math.BigInteger;


 


/**


 * 权限拦截, 简易版


 *


 * @author xuxueli 2015-12-12 18:09:04


 */


@Component


public class PermissionInterceptor extends HandlerInterceptorAdapter {


 


 


    public static final String LOGIN_IDENTITY_KEY = "XXL_JOB_LOGIN_IDENTITY";


    private static String LOGIN_IDENTITY_TOKEN;


    public static String getLoginIdentityToken() {


        if (LOGIN_IDENTITY_TOKEN == null) {


            String username = XxlJobAdminConfig.getAdminConfig().getLoginUsername();


            String password = XxlJobAdminConfig.getAdminConfig().getLoginPassword();


 


            // login token


            String tokenTmp = DigestUtils.md5DigestAsHex(String.valueOf(username + "_" + password).getBytes());        //.getBytes("UTF-8")


            tokenTmp = new BigInteger(1, tokenTmp.getBytes()).toString(16);


 


            LOGIN_IDENTITY_TOKEN = tokenTmp;


        }


        return LOGIN_IDENTITY_TOKEN;


    }


 


    public static boolean login(HttpServletResponse response, String username, String password, boolean ifRemember){


 


        // login token


        String tokenTmp = DigestUtils.md5DigestAsHex(String.valueOf(username + "_" + password).getBytes());


        tokenTmp = new BigInteger(1, tokenTmp.getBytes()).toString(16);


 


        if (!getLoginIdentityToken().equals(tokenTmp)){


            return false;


        }


 


        // do login


        CookieUtil.set(response, LOGIN_IDENTITY_KEY, getLoginIdentityToken(), ifRemember);


        return true;


    }


    public static void logout(HttpServletRequest request, HttpServletResponse response){


        CookieUtil.remove(request, response, LOGIN_IDENTITY_KEY);


    }


    public static boolean ifLogin(HttpServletRequest request){


        String indentityInfo = CookieUtil.getValue(request, LOGIN_IDENTITY_KEY);


        if (indentityInfo==null || !getLoginIdentityToken().equals(indentityInfo.trim())) {


            return false;


        }


        return true;


    }


 


 


 


    @Override


    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {


        


        if (!(handler instanceof HandlerMethod)) {


            return super.preHandle(request, response, handler);


        }


        


        if (!ifLogin(request)) {


            HandlerMethod method = (HandlerMethod)handler;


            PermessionLimit permission = method.getMethodAnnotation(PermessionLimit.class);


            if (permission == null || permission.limit()) {


                response.sendRedirect(request.getContextPath() + "/toLogin");


                //request.getRequestDispatcher("/toLogin").forward(request, response);


                return false;


            }


        }


        


        return super.preHandle(request, response, handler);


    }


    


}