Open houyouliang opened 7 years ago
package com.hat.service.interceptor;
import java.util.Set;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.StringUtils; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView;
import com.hat.db.service.RedisService; import com.hat.util.code.RequestCode; import com.hat.util.code.ReturnMsg; import com.hat.util.code.StaticVariable; import com.hat.util.net.IpUtil; import com.hat.util.security.MD5Util;
public class VisitInterceptor implements HandlerInterceptor {
private Logger logger = LoggerFactory.getLogger(VisitInterceptor.class); @Autowired private RedisService redisService; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { StringBuilder stringBuilder = new StringBuilder(); String ip = IpUtil.getUserIpAddress(request); String authToken = request.getHeader(RequestCode.AUTHTOKEN); String channelNo = request.getHeader(RequestCode.CHANNELNO); String uri = request.getRequestURI(); if (StringUtils.isEmpty(authToken) || StringUtils.isEmpty(channelNo)) { response.setCharacterEncoding(StaticVariable.UTF8); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.getWriter().print(ReturnMsg.AUTH_FAIL); logger.warn(stringBuilder.append(ip).append(StaticVariable.ACCESS).append(uri).append(StaticVariable.AUTHTOKEN_CHANNELNO).toString()); return false; } String token = MD5Util.encrypt64(channelNo,ip); Set<String> str = redisService.getSet(authToken); if (str!= null && token.equals(authToken) && str.contains(uri)) { return true; } else { response.setCharacterEncoding(StaticVariable.UTF8); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.getWriter().print(ReturnMsg.AUTH_FAIL); logger.warn(stringBuilder.append(ip).append(StaticVariable.ACCESS).append(uri).append(StaticVariable.PARAMETER).append(authToken).append(StaticVariable.VERTICAL_LINE).append(channelNo).append(ReturnMsg.AUTH_FAIL).toString()); return false; } } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { }
}
package com.hat.service.interceptor;
import java.util.Set;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse;
import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.StringUtils; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView;
import com.hat.db.service.RedisService; import com.hat.util.code.RequestCode; import com.hat.util.code.ReturnMsg; import com.hat.util.code.StaticVariable; import com.hat.util.net.IpUtil; import com.hat.util.security.MD5Util;
public class VisitInterceptor implements HandlerInterceptor {
}