Examples with UserClaim - com.github.qinyou.common.utils.jwt.UserClaim

Example 1 with UserClaim

use of com.github.qinyou.common.utils.jwt.UserClaim in project my_curd by qinyou.

the class ApiInterceptor method intercept.

@Override
public void intercept(Invocation invocation) {
    Ret ret;
    Controller controller = invocation.getController();
    HttpServletRequest req = controller.getRequest();
    String JWTToken = req.getHeader("Authentication");
    JWTToken = JWTToken == null ? req.getParameter("token") : JWTToken;
    // 验证 token 是否存在
    if (StringUtils.isEmpty(JWTToken)) {
        ret = Ret.fail().set("code", Result.NO_TOKEN.code).set("message", Result.NO_TOKEN.message);
        controller.renderJson(ret);
        return;
    }
    // 验证token 是否合法
    UserClaim userClaim;
    try {
        userClaim = JwtUtils.parseToken(JWTToken);
    } catch (ExpiredJwtException e) {
        log.error(e.getMessage(), e);
        ret = Ret.fail().set("code", Result.EXPIRED_TOKEN.code).set("message", Result.EXPIRED_TOKEN.message);
        controller.renderJson(ret);
        return;
    } catch (Exception e) {
        log.error(e.getMessage(), e);
        ret = Ret.fail().set("code", Result.INVALID_TOKEN.code).set("message", Result.INVALID_TOKEN.message);
        controller.renderJson(ret);
        return;
    }
    // 验证用户权限
    boolean flag = true;
    RequirePermission requirePermission = controller.getClass().getAnnotation(RequirePermission.class);
    if (requirePermission != null) {
        flag = requirePermission.isResource() ? userClaim.getPermissionList().contains(requirePermission.value()) : userClaim.getRoleList().contains(requirePermission.value());
    }
    if (flag) {
        requirePermission = invocation.getMethod().getAnnotation(RequirePermission.class);
        if (requirePermission != null) {
            flag = requirePermission.isResource() ? userClaim.getPermissionList().contains(requirePermission.value()) : userClaim.getRoleList().contains(requirePermission.value());
        }
    }
    if (!flag) {
        ret = Ret.fail().set("code", Result.NO_PERMISSION.code).set("message", Result.NO_PERMISSION.message);
        controller.renderJson(ret);
        return;
    }
    // token 用户信息 注入 到 方法参数中
    Object[] args = invocation.getArgs();
    for (int i = 0; i < args.length; i++) {
        if (args[i] instanceof UserClaim) {
            invocation.setArg(i, userClaim);
        }
    // TODO request body 注入到 controller 方法参数中
    }
    // 调用方法、请求结果封装
    try {
        invocation.invoke();
        ret = Ret.ok().set("code", Result.SUCCESS.code).set("message", Result.SUCCESS.message).set("data", invocation.getReturnValue());
    } catch (Exception e) {
        log.error(e.getMessage(), e);
        ret = Ret.fail().set("code", Result.ERROR.code).set("message", Result.ERROR.message + ":" + e.getMessage());
    }
    controller.renderJson(ret);
}

Also used : Ret(com.jfinal.kit.Ret) HttpServletRequest(javax.servlet.http.HttpServletRequest) UserClaim(com.github.qinyou.common.utils.jwt.UserClaim) ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException) Controller(com.jfinal.core.Controller) RequirePermission(com.github.qinyou.common.annotation.RequirePermission) ExpiredJwtException(io.jsonwebtoken.ExpiredJwtException)

Aggregations

RequirePermission (com.github.qinyou.common.annotation.RequirePermission)1 UserClaim (com.github.qinyou.common.utils.jwt.UserClaim)1 Controller (com.jfinal.core.Controller)1 Ret (com.jfinal.kit.Ret)1 ExpiredJwtException (io.jsonwebtoken.ExpiredJwtException)1 HttpServletRequest (javax.servlet.http.HttpServletRequest)1