modify: 登录校验

19ce167c · “zcwang” · 68457730 · 19ce167c · 19ce167c · 19ce167c
Commit 19ce167c authored Nov 23, 2022 by “zcwang”
5 changed files
--- a/yanxuan-qc-change-system-biz/src/main/java/com/netease/mail/yanxuan/change/biz/biz/ChangeFlowBiz.java
+++ b/yanxuan-qc-change-system-biz/src/main/java/com/netease/mail/yanxuan/change/biz/biz/ChangeFlowBiz.java
@@ -32,6 +32,7 @@ import com.netease.mail.yanxuan.change.biz.service.change.ChangeConfigService;
 import com.netease.mail.yanxuan.change.biz.service.change.ChangeTypeService;
 import com.netease.mail.yanxuan.change.common.bean.AdminUserHolder;
 import com.netease.mail.yanxuan.change.common.bean.CommonConstants;
+import com.netease.mail.yanxuan.change.common.bean.RequestLocalBean;
 import com.netease.mail.yanxuan.change.common.bean.ResponseCode;
 import com.netease.mail.yanxuan.change.common.bean.ResponseCodeEnum;
 import com.netease.mail.yanxuan.change.common.enums.ChangeFlowEnum;
@@ -102,7 +103,7 @@ public class ChangeFlowBiz {
    private ChangeRecordMapper changeRecordMapper;
    public String createAndSubmit(ChangeFlowCreateReq changeFlowCreateReq) {
-        String uid = AdminUserHolder.getUserName();
+        String uid = RequestLocalBean.getUid();
        log.info("[create] createReq={}, uid:{}", JSON.toJSONString(changeFlowCreateReq), uid);
        // 校验变更主体
        checkSubject(changeFlowCreateReq);
@@ -313,7 +314,7 @@ public class ChangeFlowBiz {
        // 检查工单节点
        this.checkNode(changeRecord.getFlowNode(), changeFlowSubmitReq.getCurrentNodeId());
        // todo:检验操作权限
-        String uid = AdminUserHolder.getUserName();
+        String uid = RequestLocalBean.getUid();
        String changeCommander = changeRecord.getChangeCommander();
        if (!uid.equals(changeCommander)) {
            throw ExceptionFactory.createBiz(ResponseCode.NO_AUTH, ResponseCode.NO_AUTH.getMsg());
@@ -480,7 +481,7 @@ public class ChangeFlowBiz {
        content.put("updateTime", System.currentTimeMillis());
        content.put(CommonConstants.FLOW_OPERATION_KEY, FlowOperationTypeEnum.REFUSE.getValue());
        // String uid = RequestLocalBean.getUid();
-        String uid = "1";
+        String uid = "1@.com";
        String nextNodeId = this.submitFlow(String.valueOf(flowId), flowDataDTO, uid, ChangeFlowEnum.CHANGE_FLOW_EXE.getTopoId(), JSON.toJSONString(content));
        log.info("[cancel] nextNodeId:{}", nextNodeId);
        // 填充更新数据

--- a/yanxuan-qc-change-system-common/src/main/java/com/netease/mail/yanxuan/change/common/bean/AdminUserHolder.java
+++ b/yanxuan-qc-change-system-common/src/main/java/com/netease/mail/yanxuan/change/common/bean/AdminUserHolder.java
@@ -29,9 +29,9 @@ public class AdminUserHolder {
     *
     * @return 用户名，null-未登录
     */
-    public static String getUserName() {
+    /*public static String getUserName() {
        return userThreadLocal.get();
-    }
+    }*/
    public static void setUserName(String userName) {
        userThreadLocal.set(userName);

--- a/yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/LoginInterceptor.java
+++ b/yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/LoginInterceptor.java
@@ -17,6 +17,7 @@ import org.springframework.web.servlet.ModelAndView;
 import com.alibaba.fastjson.JSON;
 import com.netease.mail.yanxuan.change.common.bean.AdminUserHolder;
 import com.netease.mail.yanxuan.change.common.bean.AjaxResult;
+import com.netease.mail.yanxuan.change.common.bean.RequestLocalBean;
 import com.netease.mail.yanxuan.change.common.bean.ResponseCodeEnum;
 import com.netease.mail.yanxuan.change.common.util.ResponseUtil;
@@ -33,7 +34,8 @@ public class LoginInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {
-        String yxUid = AdminUserHolder.getUserName();
+        String yxUid = RequestLocalBean.getUid();
+        log.debug("[LoginInterceptor] yxUid:{}", yxUid);
        if (yxUid == null) {
            String text = JSON.toJSONString(AjaxResult.of(ResponseCodeEnum.SC_UNAUTHORIZED.getCode(), "not-login"));
            String callback = request.getParameter("callback");

--- a/yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/UserInterceptor.java
+++ b/yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/UserInterceptor.java
+/**
+ * @(#)UserInterceptor.java, 2022/11/23.
+ * <p/>
+ * Copyright 2022 Netease, Inc. All rights reserved.
+ * NETEASE PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
+ */
+package com.netease.mail.yanxuan.change.web.config;
+/**
+ * @Author zcwang
+ * @Date 2022/11/23
+ */
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+import com.netease.mail.yanxuan.change.common.bean.RequestLocalBean;
+import com.netease.mail.yx.openid.YxOpenidLogin;
+import com.netease.mail.yx.openid.YxOpenidUser;
+import lombok.extern.slf4j.Slf4j;
+/**
+ * 提取用户uid
+ *
+ * @author lwtang
+ */
+@Component
+@Slf4j
+public class UserInterceptor implements HandlerInterceptor {
+    @Value("${product:product}")
+    String product;
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+        throws Exception {
+        //获取cookie信息
+        Cookie[] cookies = request.getCookies();
+        String userCookie = null;
+        if (cookies != null) {
+            for (Cookie cookie: cookies) {
+                if (cookie.getName().equals("YX_OPENID_SESS")) {
+                    userCookie = cookie.getValue();
+                }
+            }
+        }
+        log.info("YX_OPENID_SESS: {}", userCookie);
+        // 解析cookie
+        YxOpenidUser yxuser = null;
+        if (userCookie != null) {
+            yxuser = YxOpenidLogin.parseCookie(userCookie);
+        }
+        // ajax请求，走返回码
+        String accept = request.getHeader("Accept");
+        // cookie不存在或者超过一个小时(时间自己定)
+        if (yxuser == null || yxuser.getLoginTime() < System.currentTimeMillis() - 60 * 1000 * 1000) {
+            //如果是ajax请求
+            if (!accept.contains("text/html") || request.getRequestURI().contains("ajax")) {
+                log.info("ajax request user is null or login time too early, yxuser: {}", yxuser);
+            } else {
+                String url = request.getRequestURL().toString();
+                String loginUrl = YxOpenidLogin.getLoginUrl(url);
+                log.info("redirect url: {}", loginUrl);
+                response.sendRedirect(loginUrl);
+            }
+        } else {
+            // 获取用户信息
+            // 邮箱地址
+            String email = yxuser.getEmail();
+            RequestLocalBean.setUid(email);
+            // 中文姓名
+            String fullname = yxuser.getFullName();
+            RequestLocalBean.setName(fullname);
+            // 用户登录时间戳
+            long loginTime = yxuser.getLoginTime();
+            log.info("[UserAccess] user: {}, url: {}", email, request.getPathInfo());
+            RequestLocalBean.setLastLoginTime(loginTime);
+        }
+        return true;
+    }
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
+        ModelAndView modelAndView) throws Exception {
+    }
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
+        throws Exception {
+        RequestLocalBean.clear();
+    }
+}
--- a/yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/WebMvcConfig.java
+++ b/yanxuan-qc-change-system-web/src/main/java/com/netease/mail/yanxuan/change/web/config/WebMvcConfig.java
@@ -18,7 +18,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
 public class WebMvcConfig implements WebMvcConfigurer{
    @Autowired
-    private AdminUserLoginInterceptor adminUserLoginInterceptor;
+    private UserInterceptor userInterceptor;
    @Autowired
    private LoginInterceptor loginInterceptor;
@@ -30,7 +30,7 @@ public class WebMvcConfig implements WebMvcConfigurer{
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
-        registry.addInterceptor(adminUserLoginInterceptor).addPathPatterns("/**");
+        registry.addInterceptor(userInterceptor).addPathPatterns("/**");
        registry.addInterceptor(loginInterceptor).addPathPatterns("/**").excludePathPatterns("/change/flow/getOperator");
    }