Skip to content

B
beyond-clouds
Commit eb1629cb by 段启岩
Options

用户拉黑后判断

parent 5d92b631
Showing with 22 additions and 11 deletions
src/main/java/cn/meteor/beyondclouds/config/WebMvcConfig.java
......@@ -8,6 +8,7 @@ import cn.meteor.beyondclouds.core.interceptor.TokenInterceptor;
import cn.meteor.beyondclouds.core.redis.TokenManager;
import cn.meteor.beyondclouds.core.resolver.CurrentSubjectResolver;
import cn.meteor.beyondclouds.core.resolver.CollectAccessInfoResolver;
import cn.meteor.beyondclouds.modules.user.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
......@@ -30,6 +31,9 @@ public class WebMvcConfig implements WebMvcConfigurer {
@Autowired
private TokenManager tokenManager;
@Autowired
private IUserService userService;
@Bean
TokenInterceptor tokenInterceptor() {
return new TokenInterceptor(tokenManager);
......@@ -37,7 +41,7 @@ public class WebMvcConfig implements WebMvcConfigurer {
@Bean
AccessInterceptor accessInterceptor() {
return new AccessInterceptor();
return new AccessInterceptor(userService);
}
@Bean
......
src/main/java/cn/meteor/beyondclouds/core/interceptor/AccessInterceptor.java
......@@ -4,7 +4,12 @@ import cn.meteor.beyondclouds.core.annotation.Anonymous;
import cn.meteor.beyondclouds.core.authentication.Subject;
import cn.meteor.beyondclouds.core.constant.SysConstants;
import cn.meteor.beyondclouds.core.emuns.AuthorizationErrorCode;
import cn.meteor.beyondclouds.modules.user.entity.User;
import cn.meteor.beyondclouds.modules.user.enums.UserErrorCode;
import cn.meteor.beyondclouds.modules.user.enums.UserStatus;
import cn.meteor.beyondclouds.modules.user.exception.AuthenticationServiceException;
import cn.meteor.beyondclouds.modules.user.exception.UserServiceException;
import cn.meteor.beyondclouds.modules.user.service.IUserService;
import cn.meteor.beyondclouds.util.ThreadLocalMap;
import lombok.extern.java.Log;
import org.apache.http.HttpStatus;
......@@ -23,6 +28,12 @@ import javax.servlet.http.HttpServletResponse;
@Log
public class AccessInterceptor implements HandlerInterceptor {
private IUserService userService;
public AccessInterceptor(IUserService userService) {
this.userService = userService;
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
......@@ -44,6 +55,11 @@ public class AccessInterceptor implements HandlerInterceptor {
// 2.目标接口需要认证且经过认证,直接放行
if (null != currentSubject && currentSubject.isAuthenticated()) {
// 用户如果被封号,则直接返回错误
User user = userService.getById(currentSubject.getId());
if (!user.getStatus().equals(UserStatus.NORMAL.getStatus())) {
throw new UserServiceException(UserErrorCode.USER_DISABLED);
}
return true;
} else {
// 3.目标接口需要认证且未经过认证,则抛出异常
......
src/main/java/cn/meteor/beyondclouds/core/interceptor/TokenInterceptor.java
......@@ -32,11 +32,8 @@ public class TokenInterceptor implements HandlerInterceptor {
private TokenManager tokenManager;
private IUserService userService;
public TokenInterceptor(TokenManager tokenManager, IUserService userService) {
public TokenInterceptor(TokenManager tokenManager) {
this.tokenManager = tokenManager;
this.userService = userService;
}
@Override
......@@ -69,12 +66,6 @@ public class TokenInterceptor implements HandlerInterceptor {
if (null == userId) {
throw new AuthorizationException(AuthorizationErrorCode.SIGN_VERIFY_FAILURE);
}
// 用户如果被封号,则直接返回错误
User user = userService.getById(userId);
if (!user.getStatus().equals(UserStatus.NORMAL.getStatus())) {
throw new UserServiceException(UserErrorCode.USER_DISABLED);
}
// 构建一个经过系统认证的subject
Subject authenticatedSubject = Subject.authenticated(userId, RequestUtils.getIpAddr(request));
ThreadLocalMap.put(SysConstants.HTTP_ATTRIBUTE_SUBJECT, authenticatedSubject);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment