AuthFilter(add)

bab66b72 · 张小凤 · 0c1b8b2b · bab66b72 · bab66b72 · bab66b72
--- a/src/main/java/com/mmc/oms/common/ResultEnum.java
+++ b/src/main/java/com/mmc/oms/common/ResultEnum.java
@@ -395,7 +395,10 @@ public enum ResultEnum implements BaseErrorInfoInterface {
    HELP_FAIL_ERROR("2009", "不能给自己助力哦！"),
    ALREADY_BINDING_ERROR("2010", "优惠券已被绑定"),
    ALREADY_DIVIDE_ERROR("2011", "订单已分成"),
-    DIVIDE_OBJ_NOT_EXIST("2012", "先点击确认添加分成对象");
+    DIVIDE_OBJ_NOT_EXIST("2012", "先点击确认添加分成对象"),
+    THE_REQUEST_IS_NOT_AUTHENTICATED("2013","请求未经过鉴权"),
+    THE_TOKEN_IS_INVALID("2014","token失效") ;
+
    /**
     * 错误码
     *

--- a/src/main/java/com/mmc/oms/common/Tenant.java
+++ b/src/main/java/com/mmc/oms/common/Tenant.java
+package com.mmc.oms.common;
+
+import lombok.Data;
+
+import java.io.Serializable;
+
+/**
+ * @Author small
+ * @Date 2023/5/28 17:32
+ * @Version 1.0
+ */
+@Data
+public class Tenant implements Serializable {
+
+    /**
+     * 用户id
+     */
+    private Integer userId;
+    /**
+     * 所在机构id
+     */
+    private Integer tenantId;
+    /**
+     * 用户名称
+     */
+    private String userName;
+    /**
+     * 管理机构id集合
+     */
+    private String tenantIds;
+    /**
+     * 菜单路由路径集合
+     */
+    private String token;
+    /**
+     * 角色id
+     */
+    private Integer roleId;
+
+    /**
+     * 角色类型，1超管  2其他角色
+     */
+    private Integer roleType;
+
+    public Tenant(String userName) {
+        this.userId = userId;
+        this.tenantId = tenantId;
+        this.userName = userName;
+        this.tenantIds = tenantIds;
+        this.token = token;
+        this.roleId = roleId;
+        this.roleType = roleType;
+    }
+
+    /**
+     * userid相同，认为是同个用户
+     *
+     * @param o
+     * @return
+     */
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o instanceof Tenant) {
+            Tenant tenant = (Tenant) o;
+            return getUserId().equals(tenant.getUserId());
+        } else {
+            return false;
+        }
+    }
+
+    @Override
+    public int hashCode() {
+        int result = 17;
+        result = 31 * result + getUserId().hashCode();
+        return result;
+    }
+}
--- a/src/main/java/com/mmc/oms/config/Audience.java
+++ b/src/main/java/com/mmc/oms/config/Audience.java
+package com.mmc.oms.config;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * @Author small
+ * @Date 2023/5/28 17:04
+ * @Version 1.0
+ */
+@Data
+@ConfigurationProperties(prefix = "audience")
+@Component
+public class Audience {
+    private String clientId;
+    private String base64Secret;
+    private String name;
+    private long expiresSecond;
+}
--- a/src/main/java/com/mmc/oms/config/TenantContext.java
+++ b/src/main/java/com/mmc/oms/config/TenantContext.java
+package com.mmc.oms.config;
+
+import com.mmc.oms.common.Tenant;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+
+/**
+ * @Author small
+ * @Date 2023/5/28 17:18
+ * @Version 1.0
+ */
+@Slf4j
+public class TenantContext {
+
+    private static ThreadLocal<Tenant> tenantHolder = new ThreadLocal<>();
+
+    public static void setTenant(Tenant tenant) {
+        tenantHolder.set(tenant);
+    }
+
+    public static Tenant getTenant() {
+        return tenantHolder.get();
+    }
+
+    public static Integer getUserId() {
+        return getTenant().getUserId();
+    }
+
+    public static Integer getTenantId() {
+        return getTenant().getTenantId();
+    }
+
+    public static Integer getRoleId() {
+        return getTenant().getRoleId();
+    }
+
+
+    public static boolean exists() {
+        return getTenant() != null;
+    }
+
+    public static void clear() {
+        tenantHolder.remove();
+    }
+
+    public static Tenant buildTenant( String accountNo ) {
+
+
+        if (StringUtils.isBlank(accountNo)) {
+            log.error("登录信息[accountNo]获取异常");
+            return null;
+        }
+        return new Tenant(accountNo);
+    }
+
+    /**
+     * valid tenantId is correct
+     */
+    private static boolean validNumeric(String number) {
+        return StringUtils.isNotEmpty(number) && StringUtils.isNumeric(number);
+    }
+
+
+}
--- a/src/main/java/com/mmc/oms/filter/AuthFilter.java
+++ b/src/main/java/com/mmc/oms/filter/AuthFilter.java
+package com.mmc.oms.filter;
+
+/**
+ * @Author small
+ * @Date 2023/5/28 17:02
+ * @Version 1.0
+ */
+
+import javax.servlet.Filter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/** 登录认证 */
+public interface AuthFilter extends Filter {
+    /** 拦截前 */
+    public boolean before(HttpServletRequest request, HttpServletResponse response);
+
+    /** 通过拦截后 */
+    public boolean after();
+}
--- a/src/main/java/com/mmc/oms/filter/AuthSignatureFilter.java
+++ b/src/main/java/com/mmc/oms/filter/AuthSignatureFilter.java
+package com.mmc.oms.filter;
+
+import com.alibaba.fastjson2.JSON;
+import com.alibaba.fastjson2.JSONObject;
+import com.mmc.oms.common.ResultBody;
+import com.mmc.oms.common.ResultEnum;
+import com.mmc.oms.common.Tenant;
+import com.mmc.oms.config.Audience;
+import com.mmc.oms.config.TenantContext;
+import com.mmc.oms.model.dto.UserAccountDTO;
+import io.jsonwebtoken.Claims;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.ArrayUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.stereotype.Component;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * @Author small
+ * @Date 2023/5/28 17:02
+ * @Version 1.0
+ */
+@Slf4j
+@Component
+@WebFilter(filterName = "AuthSignatureFilter", urlPatterns = "/*")
+public class AuthSignatureFilter implements AuthFilter {
+
+    @Autowired
+    private Audience audience;
+
+
+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+    /**
+     * 无需登录白名单
+     */
+    private static final String[] IGNORE_URLS = {"/oms/swagger/swagger-resources","/oms/swagger/v2/api-docs","/oms/swagger/doc.html"};
+
+    /*无需加密狗无需登录白名单*/
+    private static final String[] USE_KEY = {"/crm/account/loginByUsbKey"};
+
+    /**
+     * 请求方式预请求方式值
+     */
+
+    private static final String REQUEST_METHOD_OPTIONS_VALUE = "OPTIONS";
+
+    public static final String SWAGGER_URL_PREFIX = "/oms/swagger";
+
+    @Override
+    public void init(FilterConfig filterConfig) {
+        log.info(" filter name is 'AuthSignatureFilter' init success");
+    }
+
+    /**
+     * 过滤器前置处理
+     *
+     * @param request
+     * @param response
+     * @return
+     */
+    @Override
+    public boolean before(HttpServletRequest request, HttpServletResponse response) {
+        String url = request.getRequestURI();
+        // 忽略以下url请求,白名单路径以及swagger路径
+        if (!ArrayUtils.contains(IGNORE_URLS, url)
+                && !ArrayUtils.contains(USE_KEY, url) && !url.startsWith("/oms/webjars") && !url.startsWith(SWAGGER_URL_PREFIX)) {
+            if (REQUEST_METHOD_OPTIONS_VALUE.equals(request.getMethod())) {
+                response.setStatus(HttpServletResponse.SC_OK);
+                return false;
+            } else {
+                String token = request.getHeader("token");
+                if (null==token){
+                    response(response,ResultBody.error(ResultEnum.THE_REQUEST_IS_NOT_AUTHENTICATED));
+                    return false;
+                }
+                String s = stringRedisTemplate.opsForValue().get(token);
+                if (null==s){
+                    response(response,ResultBody.error(ResultEnum.THE_TOKEN_IS_INVALID));
+                    return false;
+                }
+                UserAccountDTO userAccountDTO = JSON.parseObject(s, UserAccountDTO.class);
+                try {
+                    Tenant tenant = TenantContext.buildTenant(userAccountDTO.getAccountNo());
+                    if (tenant!=null){
+                        TenantContext.setTenant(tenant);
+                        return true;
+                    }
+                } catch (Exception e) {
+                    e.printStackTrace();
+                }
+            }
+        }
+        return true;
+    }
+
+    @Override
+    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
+            throws IOException, ServletException {
+        final HttpServletRequest request = (HttpServletRequest) req;
+        final HttpServletResponse response = (HttpServletResponse) res;
+
+        if (!before(request, response)) {
+            return;
+        }
+        chain.doFilter(req, res);
+        after();
+    }
+
+    /**
+     * 过滤器后置处理
+     *
+     * @return
+     */
+    @Override
+    public boolean after() {
+        TenantContext.clear(); // 上下文清理
+        return true;
+    }
+
+    private static final String APPLICATION_JSON_UTF8 = "application/json;charset=UTF-8";
+
+    public static void response(HttpServletResponse response, ResultBody resultBody) {
+        response.setContentType(APPLICATION_JSON_UTF8);
+        try {
+            response
+                    .getWriter()
+                    .write(JSON.toJSONString(ResultBody.error(resultBody.getCode(), resultBody.getMessage())));
+        } catch (IOException e) {
+            log.error(e.getMessage());
+        }
+    }
+
+    private static String toString(Object obj) {
+        if (null == obj) {
+            return "";
+        }
+        return obj.toString();
+    }
+
+    @Override
+    public void destroy() {
+    }
+}
--- a/src/main/resources/application-local.yml
+++ b/src/main/resources/application-local.yml
@@ -6,7 +6,7 @@ spring:
    username: tmj
    password: MMC@2022&MYSQL
  redis:
-    database: 0
+    database: 1
    host: r-wz9ke310fs684hacn1pd.redis.rds.aliyuncs.com
    port: 6379
    password: MMC@2022&REDIS