diff --git a/sky-server/src/main/java/com/sky/inteceptor/JwtTokenAdminInterceptor.java b/sky-server/src/main/java/com/sky/inteceptor/JwtTokenAdminInterceptor.java new file mode 100644 index 0000000..ad58935 --- /dev/null +++ b/sky-server/src/main/java/com/sky/inteceptor/JwtTokenAdminInterceptor.java @@ -0,0 +1,63 @@ +package com.sky.inteceptor; + +import com.sky.constant.JwtClaimsConstant; +import com.sky.context.BaseContext; +import com.sky.properties.JwtProperties; +import com.sky.utils.JwtUtil; +import io.jsonwebtoken.Claims; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.HandlerInterceptor; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * jwt令牌校验的拦截器 + */ +@Component +@Slf4j +public class JwtTokenAdminInterceptor implements HandlerInterceptor { + + @Autowired + private JwtProperties jwtProperties; + + /** + * 校验jwt + * + * @param request + * @param response + * @param handler + * @return + * @throws Exception + */ + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + + System.out.println("当前线程的id:" + Thread.currentThread().getId()); + //判断当前拦截到的是Controller的方法还是其他资源 + if (!(handler instanceof HandlerMethod)) { + //当前拦截到的不是动态方法,直接放行 + return true; + } + + //1、从请求头中获取令牌 + String token = request.getHeader(jwtProperties.getAdminTokenName()); + + //2、校验令牌 + try { + log.info("jwt校验:{}", token); + Claims claims = JwtUtil.parseJWT(jwtProperties.getAdminSecretKey(), token); + Long empId = Long.valueOf(claims.get(JwtClaimsConstant.EMP_ID).toString()); + log.info("当前员工id:", empId); + BaseContext.setCurrentId(empId); + //3、通过,放行 + return true; + } catch (Exception ex) { + //4、不通过,响应401状态码 + response.setStatus(401); + return false; + } + } +} diff --git a/sky-server/src/main/java/com/sky/inteceptor/JwtTokenUserInterceptor.java b/sky-server/src/main/java/com/sky/inteceptor/JwtTokenUserInterceptor.java new file mode 100644 index 0000000..2b7be79 --- /dev/null +++ b/sky-server/src/main/java/com/sky/inteceptor/JwtTokenUserInterceptor.java @@ -0,0 +1,63 @@ +package com.sky.inteceptor; + +import com.sky.constant.JwtClaimsConstant; +import com.sky.context.BaseContext; +import com.sky.properties.JwtProperties; +import com.sky.utils.JwtUtil; +import io.jsonwebtoken.Claims; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.HandlerInterceptor; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * jwt令牌校验的拦截器 + */ +@Component +@Slf4j +public class JwtTokenUserInterceptor implements HandlerInterceptor { + + @Autowired + private JwtProperties jwtProperties; + + /** + * 校验jwt + * + * @param request + * @param response + * @param handler + * @return + * @throws Exception + */ + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + + System.out.println("当前线程的id:" + Thread.currentThread().getId()); + //判断当前拦截到的是Controller的方法还是其他资源 + if (!(handler instanceof HandlerMethod)) { + //当前拦截到的不是动态方法,直接放行 + return true; + } + + //1、从请求头中获取令牌 + String token = request.getHeader(jwtProperties.getUserTokenName()); + + //2、校验令牌 + try { + log.info("jwt校验:{}", token); + Claims claims = JwtUtil.parseJWT(jwtProperties.getUserSecretKey(), token); + Long userId = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString()); + log.info("当前用户id:", userId); + BaseContext.setCurrentId(userId); + //3、通过,放行 + return true; + } catch (Exception ex) { + //4、不通过,响应401状态码 + response.setStatus(401); + return false; + } + } +}