package com.iailab.module.data.api.utils;
|
|
|
import com.iailab.framework.common.constant.Constant;
|
import com.iailab.framework.common.pojo.CommonResult;
|
import com.iailab.framework.security.core.LoginUser;
|
import com.iailab.framework.security.core.util.SecurityFrameworkUtils;
|
import com.iailab.framework.tenant.core.context.TenantContextHolder;
|
import com.iailab.module.system.api.user.AdminUserApi;
|
import com.iailab.module.system.api.user.dto.AdminUserRespDTO;
|
import org.apache.commons.lang3.StringUtils;
|
|
import javax.annotation.Resource;
|
|
import org.springframework.stereotype.Component;
|
import org.springframework.util.ObjectUtils;
|
|
import javax.servlet.http.HttpServletRequest;
|
import java.util.regex.Pattern;
|
|
/**
|
* @author PanZhibao
|
* @Description
|
* @createTime 2023年12月06日 15:55:00
|
*/
|
@Component
|
public class ApiSecurityUtils {
|
|
/*@Resource
|
private ApiAppService apiAppService;*/
|
|
@Resource
|
private AdminUserApi adminUserApi;
|
|
private Pattern pattern = Pattern.compile("^[-\\+]?[\\d]*$");
|
|
private String getRequestToken(HttpServletRequest httpRequest) {
|
//从header中获取token
|
String token = httpRequest.getHeader(Constant.TOKEN_HEADER);
|
|
//如果header中不存在token,则从参数中获取token
|
if (StringUtils.isBlank(token)) {
|
token = httpRequest.getParameter(Constant.TOKEN_HEADER);
|
}
|
|
return token;
|
}
|
|
private void setTenantId(HttpServletRequest httpRequest) {
|
String tenantId = httpRequest.getHeader(Constant.HEAD_TENANT_ID);
|
|
if (StringUtils.isBlank(tenantId)) {
|
TenantContextHolder.setTenantId(Long.parseLong(tenantId));
|
}
|
}
|
|
|
public void validate(HttpServletRequest httpRequest) throws Exception {
|
setTenantId(httpRequest);
|
/*String token = getRequestToken(httpRequest);
|
if (StringUtils.isBlank(token)) {
|
throw new Exception("token 不能为空!");
|
}
|
LoginUser loginUser = SecurityFrameworkUtils.getLoginUser();
|
if (ObjectUtils.isEmpty(loginUser)) {
|
throw new RuntimeException("用户不能为空");
|
}
|
CommonResult<AdminUserRespDTO> user = adminUserApi.getUser(loginUser.getId());
|
if(ObjectUtils.isEmpty(user)) {
|
throw new RuntimeException("用户不存在");
|
}
|
AdminUserRespDTO userData = user.getData();
|
String username = userData.getUsername();*/
|
/*ApiAppEntity appInfo = apiAppService.getInfoByAppKey(username);
|
if (appInfo == null) {
|
throw new RuntimeException("应用未授权");
|
}*/
|
//TODO 验证签名
|
// if(!com.iailab.common.utils.JwtUtils.verify(token, appInfo.getAppSecret())){
|
// throw new RuntimeException("签名错误");
|
// }
|
}
|
|
private boolean isInteger(String str) {
|
return pattern.matcher(str).matches();
|
}
|
|
|
}
|