com.kedauis.inteceptor.AuthInterceptor Maven / Gradle / Ivy
package com.kedauis.inteceptor;
import com.google.gson.Gson;
import com.kedauis.system.model.SysUser;
import com.kedauis.system.web.controller.common.BaseController;
import com.kedauis.util.StaticEnum;
import com.kedauis.util.ConfigUtil;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
/**
* 项目名称:kd-uip
* 类描述:权限认证拦截器
* 创建人:QiuYu
* 创建时间:2017/12/7 17:45
* 修改人:
* 修改时间:
* 修改备注:
*/
@Component
public class AuthInterceptor implements HandlerInterceptor{
private static final Logger logger = LoggerFactory.getLogger(AuthInterceptor.class);
@Autowired
private ConfigUtil configUtil;
@Override
public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception {
// 在请求处理之前进行调用(Controller方法调用之前)
SysUser loginUser = (SysUser) httpServletRequest.getSession().getAttribute(StaticEnum.LOGIN_USER);
String callUrl = httpServletRequest.getRequestURL().toString();
String sessionId = httpServletRequest.getSession().getId();
if(null != loginUser && StringUtils.isNotBlank(loginUser.getUserName())){
try {
// 获取全部Parameter参数
Map allParams = httpServletRequest.getParameterMap();
Map qryParams = new HashMap();
for(Map.Entry entry : allParams.entrySet()){
// 参数名称长度超过20则默认为系统参数不打印
if(entry.getKey().length()<20){
qryParams.put(entry.getKey(), entry.getValue());
}
}
// 获取全部Attribute参数
Enumeration attrs = httpServletRequest.getAttributeNames();
while (attrs.hasMoreElements()){
String attrName = attrs.nextElement();
if(attrName.length()<20){
// 参数名称长度超过20则默认为系统参数不打印
qryParams.put(attrName, new String[]{httpServletRequest.getAttribute(attrName).toString()});
}
}
String parameters = new Gson().toJson(qryParams);
logger.info(
"LOGIN_USER: " + loginUser.getUserName() + " " +
"CALL URL: " + callUrl + " " +
"PARAMETERS: " + parameters + " " +
"SESSION_ID: " + sessionId
);
} catch (Exception e) {
logger.info(
"LOGIN_USER: " + loginUser.getUserName() + " " +
"CALL URL: " + callUrl + " " +
" PARAMETERS: Parameter Convert Failed: " + e.getMessage() + " " +
" SESSION_ID: " + sessionId
);
}
logger.info("USER_ID:" + loginUser.getUserId() + " SESSION_ID: " + sessionId + " CALL: " + callUrl + " BEGIN!");
// 存在登陆用户信息则允许继续访问
return true;
}else{
// 默认不存在当期登陆用户,重定向未登录处理
logger.info("用户尚未登陆或者登陆信息已失效,禁止访问!!" + " SESSION_ID: " + httpServletRequest.getSession().getId());
httpServletRequest.getRequestDispatcher("/auth/failed").forward(httpServletRequest, httpServletResponse);
return false;
}
}
@Override
public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {
// 请求处理之后进行调用,但是在视图被渲染之前(Controller方法调用之后)
String callUrl = httpServletRequest.getRequestURL().toString();
String sessionId = httpServletRequest.getSession().getId();
SysUser loginUser = (SysUser) httpServletRequest.getSession().getAttribute(StaticEnum.LOGIN_USER);
logger.info("USER_ID:" + loginUser.getUserId() + " SESSION_ID: " + sessionId + " CALL: " + callUrl + " FINISH!");
}
@Override
public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {
// 在整个请求结束之后被调用,也就是在DispatcherServlet 渲染了对应的视图之后执行(主要是用于进行资源清理工作)
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy