登录会话拦截优化

zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/aspect/AuthAspect.java

@@ -1,73 +0,0 @@
-package com.zyplayer.doc.data.aspect;
-
-import com.google.common.collect.Maps;
-import com.zyplayer.doc.core.annotation.AuthMan;
-import com.zyplayer.doc.core.json.DocResponseJson;
-import com.zyplayer.doc.core.json.HttpConst;
-import com.zyplayer.doc.core.json.ResponseJson;
-import com.zyplayer.doc.core.util.ThreadLocalUtil;
-import com.zyplayer.doc.data.config.security.DocUserDetails;
-import com.zyplayer.doc.data.config.security.DocUserUtil;
-import com.zyplayer.doc.data.utils.BeanUtil;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
-import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.reflect.MethodSignature;
-import org.springframework.stereotype.Component;
-import org.springframework.web.bind.annotation.ResponseBody;
-import org.springframework.web.bind.annotation.RestController;
-import org.springframework.web.servlet.ModelAndView;
-
-import javax.servlet.http.HttpServletRequest;
-import java.lang.reflect.Method;
-import java.net.URLEncoder;
-import java.util.Map;
-
-@Aspect
-@Component
-public class AuthAspect {
-	
-	@Around(value = "@annotation(com.zyplayer.doc.core.annotation.AuthMan) || @within(com.zyplayer.doc.core.annotation.AuthMan)")
-	public Object authController(ProceedingJoinPoint pjp) throws Throwable {
-		AuthMan authMan = BeanUtil.getAnnotation(pjp, AuthMan.class);
-		ResponseBody responseBody = BeanUtil.getAnnotation(pjp, ResponseBody.class);
-		RestController restController = BeanUtil.getAnnotation(pjp, RestController.class);
-		boolean isResponseBody = (restController != null || responseBody != null);
-		
-		Class<?> returnType = ((MethodSignature) pjp.getSignature()).getMethod().getReturnType();
-		DocUserDetails currentUser = DocUserUtil.getCurrentUser();
-		if (currentUser == null) {
-			String reason = "你访问的内容需要登录，请登录后再试";
-			if (isResponseBody) {
-				return DocResponseJson.failure(HttpConst.TOKEN_TIMEOUT, reason);
-			} else if (returnType.isAssignableFrom(ModelAndView.class)) {
-				HttpServletRequest request = ThreadLocalUtil.getHttpServletRequest();
-				StringBuffer requestURL = request.getRequestURL();
-				String requestURLStr = URLEncoder.encode(requestURL.toString(), "utf-8");
-				return new ModelAndView("redirect:./#/user/login?redirect=" + requestURLStr);
-			} else if (returnType.isAssignableFrom(Map.class)) {
-				return Maps.newHashMap();
-			}
-		}
-		// 判断权限是否足够
-		boolean haveAuth = DocUserUtil.haveAuth(authMan.value());
-		if (haveAuth) {
-			return pjp.proceed();
-		}
-		String reasonStr = "没有操作权限，请联系管理员";
-		if (isResponseBody) {
-			Method method = ((MethodSignature) pjp.getSignature()).getMethod();
-			if (method.getReturnType().equals(ResponseJson.class)) {
-				return DocResponseJson.warn(reasonStr);
-			} else {
-				try {
-					return Class.forName(method.getReturnType().getName()).newInstance();
-				} catch (Exception e) {
-					return null;
-				}
-			}
-		} else {
-			return authMan.authUrl();
-		}
-	}
-}

zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/config/DocLoginOriginInterceptor.java

@@ -1,91 +0,0 @@
-package com.zyplayer.doc.data.config;
-
-import com.zyplayer.doc.core.json.HttpConst;
-import com.zyplayer.doc.data.config.security.DocUserUtil;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Component;
-import org.springframework.web.servlet.HandlerInterceptor;
-import org.springframework.web.servlet.ModelAndView;
-
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- * 登录和跨域拦截器
- * @author 暮光：城中城
- * @since 2019年05月25日
- */
-@Component
-public class DocLoginOriginInterceptor implements HandlerInterceptor {
-	
-	@Value("${zyplayer.doc.manage.originDomainRegex:}")
-	private String originDomainRegex;
-	
-	@Override
-	public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object arg2, Exception arg3) {
-		// 清理用户信息
-		DocUserUtil.clean();
-	}
-	
-	@Override
-	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object haddler, ModelAndView modelAndView) {
-	}
-	
-	/**
-	 * 记录请求信息
-	 */
-	@Override
-	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object obj) {
-		// 指定域名可跨域访问
-		if (StringUtils.isNotBlank(originDomainRegex)) {
-			String origin = request.getHeader("Origin");
-			if (StringUtils.isNotBlank(origin) && origin.toLowerCase().matches(originDomainRegex)) {
-				response.setHeader("Access-Control-Allow-Origin", origin); // 允许访问的域
-				response.setHeader("Access-Control-Allow-Methods", "HEAD,GET,POST,PUT,DELETE");// 允许GET、POST的外域请求
-				response.setHeader("Access-Control-Allow-Credentials", "true"); // 允许请求带cookie到服务器
-				response.setContentType("application/json; charset=utf-8"); // 设定JSON格式标准输出、及编码
-			}
-		}
-		// 清理用户信息
-		DocUserUtil.clean();
-		// 设置token
-		String accessToken = getCookieValueByRequest(request, HttpConst.ACCESS_TOKEN);
-		DocUserUtil.setAccessToken(accessToken);
-		return true;
-	}
-	
-	/**
-	 * 获取cookie
-	 *
-	 * @param request
-	 * @param name
-	 * @return
-	 */
-	public static Cookie getCookieByRequest(HttpServletRequest request, String name) {
-		if (StringUtils.isEmpty(name)) {
-			return null;
-		}
-		Cookie[] cookies = request.getCookies();
-		for (int i = 0; (cookies != null) && (i < cookies.length); i++) {
-			Cookie cookie = cookies[i];
-			if (name.equals(cookie.getName())) {
-				return cookie;
-			}
-		}
-		return null;
-	}
-	
-	/**
-	 * 获取cookie值
-	 *
-	 * @param request
-	 * @param name
-	 * @return
-	 */
-	public static String getCookieValueByRequest(HttpServletRequest request, String name) {
-		Cookie cookie = getCookieByRequest(request, name);
-		return cookie == null ? null : cookie.getValue();
-	}
-}

zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/utils/BeanUtil.java

@@ -1,33 +0,0 @@
-package com.zyplayer.doc.data.utils;
-
-import org.aspectj.lang.JoinPoint;
-import org.aspectj.lang.Signature;
-import org.aspectj.lang.reflect.MethodSignature;
-
-import java.lang.annotation.Annotation;
-import java.lang.reflect.Method;
-
-public class BeanUtil {
-	
-	@SuppressWarnings({"unchecked"})
-	public static <T extends Annotation> T getAnnotation(JoinPoint pjp, Class<T> t) throws Exception {
-		Method method = ((MethodSignature) pjp.getSignature()).getMethod();
-		T annotation = method.getAnnotation(t);// 方法上定义的
-		if (annotation == null) {
-			annotation = (T) pjp.getSignature().getDeclaringType().getAnnotation(t);// 类上定义的
-			if (annotation == null) {
-				Object target = pjp.getTarget();
-				annotation = target.getClass().getAnnotation(t);// 实现类上定义的
-				if (annotation == null) {
-					Signature sig = pjp.getSignature();
-					if (sig instanceof MethodSignature) {
-						MethodSignature msig = (MethodSignature) sig;
-						Method currentMethod = target.getClass().getMethod(msig.getName(), msig.getParameterTypes());
-						annotation = currentMethod.getAnnotation(t);// 实现类的方法上定义的
-					}
-				}
-			}
-		}
-		return annotation;
-	}
-}