|
|
|
package com.yoho.ufo.interceptor;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Created by li.ma on 2018/9/13.
|
|
|
|
*/
|
|
|
|
import java.util.ArrayList;
|
|
|
|
import java.util.List;
|
|
|
|
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
|
|
|
|
import com.yoho.ufo.constants.CodeEnum;
|
|
|
|
import com.yoho.ufo.constants.PlatformConstant;
|
|
|
|
import com.yoho.ufo.login.model.OperatorBean;
|
|
|
|
import com.yoho.ufo.login.model.UserInfoResponseBO;
|
|
|
|
import org.apache.commons.lang3.StringUtils;
|
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
|
|
|
import org.springframework.web.servlet.HandlerInterceptor;
|
|
|
|
import org.springframework.web.servlet.ModelAndView;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
* 描述:
|
|
|
|
* 做url权限校验
|
|
|
|
* @author ping.huang
|
|
|
|
* 2016年4月11日
|
|
|
|
*/
|
|
|
|
public class UrlInterceptor implements HandlerInterceptor {
|
|
|
|
private static final Logger log = LoggerFactory.getLogger(UrlInterceptor.class);
|
|
|
|
|
|
|
|
//免过滤列表(不管有没有session都可以访问)
|
|
|
|
private List<String> firstNoFilterList = new ArrayList<String>();
|
|
|
|
|
|
|
|
//第二级免过滤列表(只要有session就都可以访问)
|
|
|
|
private List<String> secondNoFilterList = new ArrayList<String>();
|
|
|
|
|
|
|
|
|
|
|
|
private static final ThreadLocal<OperatorBean> localOpera = new ThreadLocal<>();
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object arg2) throws Exception {
|
|
|
|
|
|
|
|
String url = (String) request.getAttribute("javax.servlet.include.request_uri");
|
|
|
|
if (StringUtils.isEmpty(url)) {
|
|
|
|
url = request.getRequestURI();
|
|
|
|
}
|
|
|
|
log.info("url is {}.",url);
|
|
|
|
OperatorBean opera = new OperatorBean();
|
|
|
|
opera.setClientIp(request.getRemoteAddr());
|
|
|
|
localOpera.set(opera);
|
|
|
|
String lastName = url.substring(url.lastIndexOf("/") + 1);
|
|
|
|
log.info("lastName is {}.",lastName);
|
|
|
|
/*//只拦截*.do
|
|
|
|
if (!lastName.endsWith(".do")) {
|
|
|
|
return true;
|
|
|
|
}*/
|
|
|
|
|
|
|
|
//第一层免过滤
|
|
|
|
if (StringUtils.isEmpty(lastName) || firstNoFilterList.contains(lastName)) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
//过滤session失效的
|
|
|
|
//UserInfoResponseBO user = loginSessionUtil.getLoginSession(request);
|
|
|
|
UserInfoResponseBO user = (UserInfoResponseBO) request.getSession().getAttribute(PlatformConstant.USER_SESSION);
|
|
|
|
|
|
|
|
if (user == null) {
|
|
|
|
log.warn("session 过期,重新登录,lastName is {}.",lastName);
|
|
|
|
response.setStatus(CodeEnum.SESSION_TIME_OUT.getCode());
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
opera.setUser(user);
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
public static OperatorBean getLocalOpera(){
|
|
|
|
return localOpera.get();
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void afterCompletion(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, Exception arg3) throws Exception {
|
|
|
|
localOpera.remove();
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void postHandle(HttpServletRequest arg0, HttpServletResponse arg1, Object arg2, ModelAndView arg3) throws Exception {
|
|
|
|
// TODO Auto-generated method stub
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
public void setFirstNoFilterList(List<String> firstNoFilterList) {
|
|
|
|
this.firstNoFilterList = firstNoFilterList;
|
|
|
|
}
|
|
|
|
|
|
|
|
public void setSecondNoFilterList(List<String> secondNoFilterList) {
|
|
|
|
this.secondNoFilterList = secondNoFilterList;
|
|
|
|
}
|
|
|
|
} |
...
|
...
|
|
