| 提交 | 用户 | 时间 | ||
| a6de49 | 1 | package com.iailab.module.data.api.utils; |
| H | 2 | |
| 3 | ||
| 4 | import com.iailab.framework.common.constant.Constant; | |
| 5 | import com.iailab.framework.common.pojo.CommonResult; | |
| 6 | import com.iailab.framework.security.core.LoginUser; | |
| 7 | import com.iailab.framework.security.core.util.SecurityFrameworkUtils; | |
| d41f14 | 8 | import com.iailab.framework.tenant.core.context.TenantContextHolder; |
| a6de49 | 9 | import com.iailab.module.system.api.user.AdminUserApi; |
| H | 10 | import com.iailab.module.system.api.user.dto.AdminUserRespDTO; |
| 11 | import org.apache.commons.lang3.StringUtils; | |
| d41f14 | 12 | |
| a6de49 | 13 | import javax.annotation.Resource; |
| d41f14 | 14 | |
| a6de49 | 15 | import org.springframework.stereotype.Component; |
| H | 16 | import org.springframework.util.ObjectUtils; |
| 17 | ||
| 18 | import javax.servlet.http.HttpServletRequest; | |
| 19 | import java.util.regex.Pattern; | |
| 20 | ||
| 21 | /** | |
| 22 | * @author PanZhibao | |
| 23 | * @Description | |
| 24 | * @createTime 2023年12月06日 15:55:00 | |
| 25 | */ | |
| 26 | @Component | |
| 27 | public class ApiSecurityUtils { | |
| 28 | ||
| 0866d8 | 29 | /*@Resource |
| 潘 | 30 | private ApiAppService apiAppService;*/ |
| a6de49 | 31 | |
| H | 32 | @Resource |
| 33 | private AdminUserApi adminUserApi; | |
| 34 | ||
| 35 | private Pattern pattern = Pattern.compile("^[-\\+]?[\\d]*$"); | |
| 36 | ||
| 37 | private String getRequestToken(HttpServletRequest httpRequest) { | |
| 38 | //从header中获取token | |
| 39 | String token = httpRequest.getHeader(Constant.TOKEN_HEADER); | |
| 40 | ||
| 41 | //如果header中不存在token,则从参数中获取token | |
| 42 | if (StringUtils.isBlank(token)) { | |
| 43 | token = httpRequest.getParameter(Constant.TOKEN_HEADER); | |
| 44 | } | |
| 45 | ||
| 46 | return token; | |
| 47 | } | |
| 48 | ||
| d41f14 | 49 | private void setTenantId(HttpServletRequest httpRequest) { |
| 潘 | 50 | String tenantId = httpRequest.getHeader(Constant.HEAD_TENANT_ID); |
| 51 | ||
| 52 | if (StringUtils.isBlank(tenantId)) { | |
| 53 | TenantContextHolder.setTenantId(Long.parseLong(tenantId)); | |
| 54 | } | |
| 55 | } | |
| 56 | ||
| a6de49 | 57 | |
| H | 58 | public void validate(HttpServletRequest httpRequest) throws Exception { |
| d41f14 | 59 | setTenantId(httpRequest); |
| 潘 | 60 | /*String token = getRequestToken(httpRequest); |
| a6de49 | 61 | if (StringUtils.isBlank(token)) { |
| H | 62 | throw new Exception("token 不能为空!"); |
| 63 | } | |
| 64 | LoginUser loginUser = SecurityFrameworkUtils.getLoginUser(); | |
| 65 | if (ObjectUtils.isEmpty(loginUser)) { | |
| 66 | throw new RuntimeException("用户不能为空"); | |
| 67 | } | |
| 68 | CommonResult<AdminUserRespDTO> user = adminUserApi.getUser(loginUser.getId()); | |
| 69 | if(ObjectUtils.isEmpty(user)) { | |
| 70 | throw new RuntimeException("用户不存在"); | |
| 71 | } | |
| 72 | AdminUserRespDTO userData = user.getData(); | |
| d41f14 | 73 | String username = userData.getUsername();*/ |
| 0866d8 | 74 | /*ApiAppEntity appInfo = apiAppService.getInfoByAppKey(username); |
| a6de49 | 75 | if (appInfo == null) { |
| H | 76 | throw new RuntimeException("应用未授权"); |
| 0866d8 | 77 | }*/ |
| a6de49 | 78 | //TODO 验证签名 |
| H | 79 | // if(!com.iailab.common.utils.JwtUtils.verify(token, appInfo.getAppSecret())){ |
| 80 | // throw new RuntimeException("签名错误"); | |
| 81 | // } | |
| 82 | } | |
| 83 | ||
| 84 | private boolean isInteger(String str) { | |
| 85 | return pattern.matcher(str).matches(); | |
| 86 | } | |
| 87 | ||
| 88 | ||
| 89 | } | |
