提交 | 用户 | 时间
|
ead005
|
1 |
package com.iailab.module.model.common.utils; |
潘 |
2 |
|
|
3 |
|
|
4 |
import com.iailab.framework.common.constant.Constant; |
|
5 |
import com.iailab.framework.tenant.core.context.TenantContextHolder; |
|
6 |
import com.iailab.module.system.api.user.AdminUserApi; |
|
7 |
import org.apache.commons.lang3.StringUtils; |
|
8 |
import org.springframework.stereotype.Component; |
|
9 |
|
|
10 |
import javax.annotation.Resource; |
|
11 |
import javax.servlet.http.HttpServletRequest; |
|
12 |
import java.util.regex.Pattern; |
|
13 |
|
|
14 |
/** |
|
15 |
* @author PanZhibao |
|
16 |
* @Description |
|
17 |
* @createTime 2023年12月06日 15:55:00 |
|
18 |
*/ |
|
19 |
@Component |
|
20 |
public class ApiSecurityUtils { |
|
21 |
|
|
22 |
/*@Resource |
|
23 |
private ApiAppService apiAppService;*/ |
|
24 |
|
|
25 |
@Resource |
|
26 |
private AdminUserApi adminUserApi; |
|
27 |
|
|
28 |
private Pattern pattern = Pattern.compile("^[-\\+]?[\\d]*$"); |
|
29 |
|
|
30 |
private String getRequestToken(HttpServletRequest httpRequest) { |
|
31 |
//从header中获取token |
|
32 |
String token = httpRequest.getHeader(Constant.TOKEN_HEADER); |
|
33 |
|
|
34 |
//如果header中不存在token,则从参数中获取token |
|
35 |
if (StringUtils.isBlank(token)) { |
|
36 |
token = httpRequest.getParameter(Constant.TOKEN_HEADER); |
|
37 |
} |
|
38 |
|
|
39 |
return token; |
|
40 |
} |
|
41 |
|
|
42 |
private void setTenantId(HttpServletRequest httpRequest) { |
|
43 |
String tenantId = httpRequest.getHeader(Constant.HEAD_TENANT_ID); |
|
44 |
|
4787c2
|
45 |
if (StringUtils.isNotBlank(tenantId)) { |
ead005
|
46 |
TenantContextHolder.setTenantId(Long.parseLong(tenantId)); |
潘 |
47 |
} |
|
48 |
} |
|
49 |
|
|
50 |
|
|
51 |
public void validate(HttpServletRequest httpRequest) throws Exception { |
|
52 |
setTenantId(httpRequest); |
|
53 |
/*String token = getRequestToken(httpRequest); |
|
54 |
if (StringUtils.isBlank(token)) { |
|
55 |
throw new Exception("token 不能为空!"); |
|
56 |
} |
|
57 |
LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); |
|
58 |
if (ObjectUtils.isEmpty(loginUser)) { |
|
59 |
throw new RuntimeException("用户不能为空"); |
|
60 |
} |
|
61 |
CommonResult<AdminUserRespDTO> user = adminUserApi.getUser(loginUser.getId()); |
|
62 |
if(ObjectUtils.isEmpty(user)) { |
|
63 |
throw new RuntimeException("用户不存在"); |
|
64 |
} |
|
65 |
AdminUserRespDTO userData = user.getData(); |
|
66 |
String username = userData.getUsername();*/ |
|
67 |
/*ApiAppEntity appInfo = apiAppService.getInfoByAppKey(username); |
|
68 |
if (appInfo == null) { |
|
69 |
throw new RuntimeException("应用未授权"); |
|
70 |
}*/ |
|
71 |
//TODO 验证签名 |
|
72 |
// if(!com.iailab.common.utils.JwtUtils.verify(token, appInfo.getAppSecret())){ |
|
73 |
// throw new RuntimeException("签名错误"); |
|
74 |
// } |
|
75 |
} |
|
76 |
|
|
77 |
private boolean isInteger(String str) { |
|
78 |
return pattern.matcher(str).matches(); |
|
79 |
} |
|
80 |
|
|
81 |
|
|
82 |
} |