权限管理与Shiro入门（六）

用户1289394

发布于 2023-10-03 13:26:34

1130

发布于 2023-10-03 13:26:34

3.3 拦截器中鉴权

（1）在ihrm-common下添加拦截器 JwtInterceptor

@Component
public class JwtInterceptor extends HandlerInterceptorAdapter {
    @Autowired    
    private JwtUtil jwtUtil;    
    
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, 
Object handler) throws Exception {
        // 1.通过request获取请求token信息
        String authorization = request.getHeader("Authorization");
        //判断请求头信息是否为空，或者是否已Bearer开头
        if(!StringUtils.isEmpty(authorization) && authorization.startsWith("Bearer")) {
            //获取token数据
            String token = authorization.replace("Bearer ","");
            //解析token获取claims
            Claims claims = jwtUtils.parseJwt(token);
            if(claims != null) {
                //通过claims获取到当前用户的可访问API权限字符串
                String apis = (String) claims.get("apis");  //api-user-delete,api-userupdate 
                      //通过handler
                HandlerMethod h = (HandlerMethod) handler;
                //获取接口上的reqeustmapping注解
                RequestMapping annotation =
h.getMethodAnnotation(RequestMapping.class);
                //获取当前请求接口中的name属性
                String name = annotation.name();
                //判断当前用户是否具有响应的请求权限
                if(apis.contains(name)) {
                    request.setAttribute("user_claims",claims);
                    return true;
               }else {
                    throw new CommonException(ResultCode.UNAUTHORISE);
               }
           }
       }
        throw new CommonException(ResultCode.UNAUTHENTICATED);
   }
}

（2）修改UserController的profile方法

/**
     * 用户登录成功之后，获取用户信息
     *     1.获取用户id
     *     2.根据用户id查询用户
     *     3.构建返回值对象
     *     4.响应
     */
    @RequestMapping(value="/profile",method = RequestMethod.POST)
    public Result profile(HttpServletRequest request) throws Exception {
        String userid = claims.getId();
        //获取用户信息
        User user = userService.findById(userid);
        //根据不同的用户级别获取用户权限
        ProfileResult result = null;
        if("user".equals(user.getLevel())) {
            result = new ProfileResult(user);
       }else {
            Map map = new HashMap();
            if("coAdmin".equals(user.getLevel())) {
                map.put("enVisible","1");
           }
            List<Permission> list = permissionService.findAll(map);
            result = new ProfileResult(user,list);
       }
        return new Result(ResultCode.SUCCESS,result);
   }

（3）配置拦截器类,创建com.ihrm.system.SystemConfig

package com.ihrm.system;
import com.ihrm.common.interceptor.JwtInterceptor;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;
@Configuration
public class SystemConfig extends WebMvcConfigurationSupport {
    @Autowired
    private JwtInterceptor jwtInterceptor;
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(jwtInterceptor).
        addPathPatterns("/**").
        excludePathPatterns("/frame/login","/frame/register/**"); //设置不拦截的请求地址
   }
}

本文参与?腾讯云自媒体分享计划，分享自微信公众号。

原始发表：2023-10-03 07:30，如有侵权请联系?cloudcommunity@tencent.com 删除

管理