master
wxy
parent
d11258356d
commit
ef2b5fa539
|
|
@ -0,0 +1,16 @@
|
||||||
|
package com.jing.common.core.exception;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 内部认证异常
|
||||||
|
*
|
||||||
|
* @author ruoyi
|
||||||
|
*/
|
||||||
|
public class InnerAuthException extends RuntimeException
|
||||||
|
{
|
||||||
|
private static final long serialVersionUID = 1L;
|
||||||
|
|
||||||
|
public InnerAuthException(String message)
|
||||||
|
{
|
||||||
|
super(message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,51 @@
|
||||||
|
package com.jing.common.security.aspect;
|
||||||
|
|
||||||
|
import org.aspectj.lang.ProceedingJoinPoint;
|
||||||
|
import org.aspectj.lang.annotation.Around;
|
||||||
|
import org.aspectj.lang.annotation.Aspect;
|
||||||
|
import org.springframework.core.Ordered;
|
||||||
|
import org.springframework.stereotype.Component;
|
||||||
|
import com.jing.common.core.constant.SecurityConstants;
|
||||||
|
import com.jing.common.core.exception.InnerAuthException;
|
||||||
|
import com.jing.common.core.utils.ServletUtils;
|
||||||
|
import com.jing.common.core.utils.StringUtils;
|
||||||
|
import com.jing.common.security.annotation.InnerAuth;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 内部服务调用验证处理
|
||||||
|
*
|
||||||
|
* @author ruoyi
|
||||||
|
*/
|
||||||
|
@Aspect
|
||||||
|
@Component
|
||||||
|
public class InnerAuthAspect implements Ordered
|
||||||
|
{
|
||||||
|
@Around("@annotation(innerAuth)")
|
||||||
|
public Object innerAround(ProceedingJoinPoint point, InnerAuth innerAuth) throws Throwable
|
||||||
|
{
|
||||||
|
String source = ServletUtils.getRequest().getHeader(SecurityConstants.FROM_SOURCE);
|
||||||
|
// 内部请求验证
|
||||||
|
if (!StringUtils.equals(SecurityConstants.INNER, source))
|
||||||
|
{
|
||||||
|
throw new InnerAuthException("没有内部访问权限,不允许访问");
|
||||||
|
}
|
||||||
|
|
||||||
|
String userid = ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USER_ID);
|
||||||
|
String username = ServletUtils.getRequest().getHeader(SecurityConstants.DETAILS_USERNAME);
|
||||||
|
// 用户信息验证
|
||||||
|
if (innerAuth.isUser() && (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)))
|
||||||
|
{
|
||||||
|
throw new InnerAuthException("没有设置用户信息,不允许访问 ");
|
||||||
|
}
|
||||||
|
return point.proceed();
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 确保在权限认证aop执行前执行
|
||||||
|
*/
|
||||||
|
@Override
|
||||||
|
public int getOrder()
|
||||||
|
{
|
||||||
|
return Ordered.HIGHEST_PRECEDENCE + 1;
|
||||||
|
}
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue