2 rokov pred · 0e3f54015d
--- a/src/main/java/com/hb/proj/allconfig/APICallFilter.java
+++ b/src/main/java/com/hb/proj/allconfig/APICallFilter.java
@@ -13,6 +13,7 @@ import org.slf4j.LoggerFactory;
 
				 import org.springframework.web.filter.OncePerRequestFilter;
			
 
				 
			
 
				 import com.hb.proj.utils.JacksonUtils;
			
 
				+import com.hb.proj.utils.RespVO;
			
 
				 import com.hb.proj.utils.RespVOBuilder;
			
 
				 
			
 
				 import jakarta.servlet.FilterChain;
			
@@ -40,9 +41,10 @@ public class APICallFilter extends OncePerRequestFilter {
 
				 	protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
			
 
				 			throws ServletException, IOException {
			
 
				 		
			
 
				+		RespVO<Object>  checkRst=checkAPIAuth(request);
			
 
				 		
			
 
				-		if(!checkAPIAuth(request)) {
			
 
				-			writeToResponse(response,JacksonUtils.getJSON(RespVOBuilder.error("权限不足或登录已过期")));
			
 
				+		if(checkRst!=null) {
			
 
				+			writeToResponse(response,JacksonUtils.getJSON(checkRst));
			
 
				 			return ;
			
 
				 		}
			
 
				 		filterChain.doFilter(request,response);
			
@@ -51,7 +53,7 @@ public class APICallFilter extends OncePerRequestFilter {
 
				 	
			
 
				 	
			
 
				 	
			
 
				-    private boolean checkAPIAuth(HttpServletRequest request) {
			
 
				+    private RespVO<Object> checkAPIAuth(HttpServletRequest request) {
			
 
				 		
			
 
				 		String reqUri=request.getRequestURI();
			
 
				 		String contextPath=request.getContextPath();
			
@@ -59,19 +61,19 @@ public class APICallFilter extends OncePerRequestFilter {
 
				 		
			
 
				 		if(isExcludePath(reqUri)) {
			
 
				 			logger.debug("该请求地址为排除地址："+reqUri);
			
 
				-			return true;
			
 
				+			return null;
			
 
				 		}
			
 
				 		
			
 
				 		String token=request.getHeader(CacheConfig.TOKEN_HEADER_NAME);
			
 
				 		if(StringUtils.isBlank(token)) {
			
 
				-			return false;
			
 
				+			return RespVOBuilder.unIdentify();
			
 
				 		}
			
 
				 		AccessToken accessToken=CacheConfig.get(token);
			
 
				 		if(accessToken==null) {
			
 
				-			return false;
			
 
				+			return RespVOBuilder.unIdentify();
			
 
				 		}
			
 
				 		
			
 
				-		return accessToken.verify(reqUri);
			
 
				+		return accessToken.verify(reqUri)?null:RespVOBuilder.noAuth("权限不足");
			
 
				 	}
			
 
				     
			
 
				     private boolean isExcludePath(String path)
			
--- a/src/main/java/com/hb/proj/utils/RespVOBuilder.java
+++ b/src/main/java/com/hb/proj/utils/RespVOBuilder.java
@@ -7,9 +7,13 @@ import com.hb.xframework.util.MD5Encrypt;
 
				 
			
 
				 public class RespVOBuilder {
			
 
				 	
			
 
				-	public static final int API_CALL_ERROR=400;
			
 
				+	public static final int API_CALL_ERROR=400;  //api调用错误，逻辑错误
			
 
				 	
			
 
				-	public static final int API_EXE_ERROR=500;
			
 
				+	public static final int API_EXE_ERROR=500;  //api执行错误，运行时错误
			
 
				+	
			
 
				+	public static final int NO_AUTH_ERROR=403;  //api调用权限不足
			
 
				+	
			
 
				+	public static final int UN_IDENTIFY_ERROR=401;  //未认证用户
			
 
				 
			
 
				 	public static <T> RespVO<T>  ok() {  
			
 
				 		return new RespVO<T>(0,null,getI18n("操作成功"));
			
@@ -23,6 +27,14 @@ public class RespVOBuilder {
 
				 		return new RespVO<T>(API_CALL_ERROR,null,getI18n(error));
			
 
				 	}
			
 
				 	
			
 
				+	public static <T> RespVO<T>  noAuth(String error) {
			
 
				+		return new RespVO<T>(NO_AUTH_ERROR,null,getI18n(error));
			
 
				+	}
			
 
				+	
			
 
				+	public static <T> RespVO<T>  unIdentify() {
			
 
				+		return new RespVO<T>(UN_IDENTIFY_ERROR,null,getI18n("未认证或认证已失效"));
			
 
				+	}
			
 
				+	
			
 
				 	public static <T> RespVO<T>  error(int code,String error) {
			
 
				 		return new RespVO<T>(code,null,getI18n(error));
			
 
				 	}