api接口集成权限验证

src/main/java/com/hb/proj/allconfig/APICallInterceptor.java

@@ -0,0 +1,73 @@
+package com.hb.proj.allconfig;
+
+import java.io.PrintWriter;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import com.hb.proj.utils.JacksonUtils;
+import com.hb.proj.utils.RespVOBuilder;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+
+/**
+ * 接口调用拦截器
+ * @author cwen
+ *
+ */
+public class APICallInterceptor implements HandlerInterceptor {
+
+	@Override
+	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+			throws Exception {
+		
+		if(!checkAPIAuth(request)) {
+			writeToResponse(response,JacksonUtils.getJSON(RespVOBuilder.error("权限不足或登录已过期")));
+			return false;
+		}
+		return true;
+	}
+	
+	private boolean checkAPIAuth(HttpServletRequest request) {
+		
+		String reqUri=request.getRequestURI();
+		String contextPath=request.getContextPath();
+		
+		System.out.println(reqUri);
+		System.out.println(reqUri.replaceFirst(contextPath, ""));
+		
+		
+		String token=request.getHeader(CacheConfig.TOKEN_HEADER_NAME);
+		if(StringUtils.isBlank(token)) {
+			return false;
+		}
+		AccessToken accessToken=CacheConfig.get(token);
+		if(accessToken==null) {
+			return false;
+		}
+		
+		return accessToken.verify(reqUri);
+	}
+	
+	private  void writeToResponse(HttpServletResponse response,String message){
+		PrintWriter out=null;
+		try {
+			response.setContentType("text/json;charset=UTF-8");
+			out = response.getWriter();
+			out.write(message);
+			
+		} catch (Exception ex) {
+			ex.printStackTrace();
+		}finally{
+			if (out != null) {
+				out.flush();
+				out.close();
+			}
+		}
+	}
+
+
+	
+
+}

src/main/java/com/hb/proj/allconfig/AccessToken.java

@@ -1,8 +1,9 @@
 package com.hb.proj.allconfig;
 
-import java.util.List;
-
 import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.hb.xframework.util.MD5Encrypt;
+
+import io.micrometer.common.util.StringUtils;
 
 public class AccessToken {
 
@@ -17,7 +18,7 @@ public class AccessToken {
 	/**
 	 * 权限值
 	 */
-	private List<String> authCodes;
+	private String authCodes;
 
 	
 	
@@ -29,17 +30,20 @@ public class AccessToken {
 		this.tokenId=tokenId;
 	}
 	
-	public AccessToken(String tokenId,List<String> authCodes) {
+	public AccessToken(String tokenId,String authCodes) {
 		this.tokenId=tokenId;
 		this.authCodes=authCodes;
 	}
 
-	public List<String> getAuthCodes() {
-		return authCodes;
-	}
-
-	public void setAuthCodes(List<String> authCodes) {
-		this.authCodes = authCodes;
+	
+	public boolean verify(String uri) {
+		if(isSuperAdmin) {
+			return true;
+		}
+		if(StringUtils.isBlank(uri)) {
+			return false;
+		}
+		return authCodes.contains("~"+MD5Encrypt.md5(uri.trim())+"~");
 	}
 
 	public boolean isSuperAdmin() {
@@ -57,4 +61,12 @@ public class AccessToken {
 	public void setTokenId(String tokenId) {
 		this.tokenId = tokenId;
 	}
+
+	public String getAuthCodes() {
+		return authCodes;
+	}
+
+	public void setAuthCodes(String authCodes) {
+		this.authCodes = authCodes;
+	}
 }