package com.cloud.device.filter;
|
|
import com.cloud.common.utils.RequestUtil;
|
import lombok.extern.slf4j.Slf4j;
|
import org.apache.commons.lang3.StringUtils;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.servlet.ModelAndView;
|
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
|
/**
|
* @author lp
|
*/
|
@Component
|
@Slf4j
|
public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
|
|
@Override
|
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
|
AuthNoneIgnore annotation;
|
if(handler instanceof HandlerMethod) {
|
annotation = ((HandlerMethod) handler).getMethodAnnotation(AuthNoneIgnore.class);
|
}else{
|
return true;
|
}
|
//如果有@AuthNoneIgnore注解,则不验证token
|
if(annotation != null){
|
return true;
|
}else{
|
if(StringUtils.isBlank(RequestUtil.getTokenByParam())){
|
throw new java.lang.SecurityException ("this process no authority");
|
}
|
|
}
|
return true;
|
}
|
|
@Override
|
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
|
ModelAndView modelAndView) throws Exception {}
|
|
@Override
|
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
|
throws Exception {}
|
|
}
|
