接口鉴权

src/main/java/com/izouma/awesomeadmin/interceptor/GlobalInterceptor.java

@@ -1,13 +1,21 @@
 package com.izouma.awesomeadmin.interceptor;
 
 import com.izouma.awesomeadmin.shiro.AppToken;
+import com.izouma.awesomeadmin.util.PropertiesFileLoader;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwt;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.security.Keys;
 import org.apache.commons.lang.StringUtils;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.subject.Subject;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 
+import javax.crypto.SecretKey;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.util.Base64;
+import java.util.Date;
 
 /**
  * Created by xiong on 2017/6/16.
@@ -17,6 +25,26 @@ public class GlobalInterceptor extends HandlerInterceptorAdapter {
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         Subject subject = SecurityUtils.getSubject();
+//        if (!request.getRequestURI().startsWith("/auth/") && !subject.isAuthenticated() && !request.getRequestURI().startsWith("/admin")) {
+//            try {
+//                String token = request.getHeader("api_token");
+//                SecretKey key = Keys.hmacShaKeyFor(Base64.getDecoder().decode(PropertiesFileLoader.getProperties("jwtsecret").getBytes()));
+//                Jwt jwt = Jwts.parser()
+//                        .setSigningKey(key)
+//                        .parse(token);
+//                Claims claims = (Claims) jwt.getBody();
+//                if (claims.getExpiration() != null) {
+//                    if (claims.getExpiration().before(new Date())) {
+//                        response.setStatus(403);
+//                        return false;
+//                    }
+//                }
+//            } catch (Exception e) {
+//                response.setStatus(403);
+//                return false;
+//            }
+//        }
+
         if (!subject.isAuthenticated()) {
             String token = request.getHeader("token");
             if (StringUtils.isNotEmpty(token)) {
@@ -31,7 +59,7 @@ public class GlobalInterceptor extends HandlerInterceptorAdapter {
         response.addHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
         response.addHeader("Access-Control-Allow-Methods", "*");
         response.addHeader("Access-Control-Max-Age", "100");
-        response.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
+        response.addHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token");
         response.addHeader("Access-Control-Allow-Credentials", "true");
         return super.preHandle(request, response, handler);
     }

src/main/java/com/izouma/awesomeadmin/service/impl/UserInfoServiceImpl.java

@@ -1,6 +1,5 @@
 package com.izouma.awesomeadmin.service.impl;
 
-import com.fasterxml.jackson.databind.ObjectMapper;
 import com.izouma.awesomeadmin.constant.AppConstant;
 import com.izouma.awesomeadmin.dao.*;
 import com.izouma.awesomeadmin.dto.Page;
@@ -8,7 +7,6 @@ import com.izouma.awesomeadmin.model.AlipayTemp;
 import com.izouma.awesomeadmin.model.UserInfo;
 import com.izouma.awesomeadmin.service.OSSFileService;
 import com.izouma.awesomeadmin.service.UserInfoService;
-import com.izouma.awesomeadmin.shiro.AppToken;
 import com.izouma.awesomeadmin.util.MD5Util;
 import com.izouma.awesomeadmin.util.PropertiesFileLoader;
 import com.izouma.awesomeadmin.util.WeixinUtil;
@@ -259,8 +257,8 @@ public class UserInfoServiceImpl implements UserInfoService {
         logger.info("loginAppToken");
         UserInfo userInfo = null;
         try {
-            AppToken appToken = sysAppTokenMapper.getToken(token);
-            if (appToken != null) {
+//            AppToken appToken = sysAppTokenMapper.getToken(token);
+//            if (appToken != null) {
                 SecretKey key = Keys.hmacShaKeyFor(Base64.getDecoder().decode(PropertiesFileLoader.getProperties("jwtsecret").getBytes()));
                 Jwt jwt = Jwts.parser()
                         .setSigningKey(key)
@@ -271,8 +269,12 @@ public class UserInfoServiceImpl implements UserInfoService {
                         return null;
                     }
                 }
-                userInfo = getUserInfoById(claims.getSubject());
-            }
+                if (claims.getSubject().equals("guest")) {
+                    userInfo = new UserInfo();
+                } else {
+                    userInfo = getUserInfoById(claims.getSubject());
+                }
+//            }
         } catch (Exception e) {
             logger.error("loginAppToken", e);
         }

src/main/java/com/izouma/awesomeadmin/web/AuthenticationController.java

@@ -119,6 +119,22 @@ public class AuthenticationController {
         return new Result(true, "已退出登录");
     }
 
+    @RequestMapping(value = "/loginGuest", method = RequestMethod.POST)
+    @ResponseBody
+    public Result loginGuest() {
+        SecretKey key = Keys.hmacShaKeyFor(Base64.getDecoder().decode(PropertiesFileLoader.getProperties("jwtsecret").getBytes()));
+        JwtBuilder jwt = Jwts.builder();
+        jwt.setId(UUID.randomUUID().toString())
+                .setIssuer("admin")
+                .setIssuedAt(new Date())
+                .setSubject("guest")
+                .signWith(key);
+        Date date = new Date(System.currentTimeMillis() + (1 * 60 * 60 * 1000));
+        jwt.setExpiration(date);
+        String token = jwt.compact();
+        return new Result(true, token);
+    }
+
     private Map<String, Object> login(AuthenticationToken authenticationToken, boolean remember, boolean requireToken,
                                       int expireDays, HttpServletRequest request, HttpServletResponse response) {
         Map<String, Object> map = new HashMap<>();
@@ -164,4 +180,6 @@ public class AuthenticationController {
         sysAppTokenMapper.saveToken(userInfo.getId(), token);
         return token;
     }
+
+
 }

src/main/java/com/izouma/awesomeadmin/web/ProductInfoController.java

@@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletResponse;
 */
 @Controller
 @RequestMapping("/productInfo")
+@RequiresAuthentication
 public class ProductInfoController {
 
     @Autowired

src/main/java/com/izouma/awesomeadmin/web/StoreInfoController.java

@@ -22,6 +22,7 @@ import javax.servlet.http.HttpServletResponse;
 */
 @Controller
 @RequestMapping("/storeInfo")
+@RequiresAuthentication
 public class StoreInfoController {
 
     @Autowired

src/main/java/com/izouma/awesomeadmin/web/UserInfoController.java

@@ -44,6 +44,7 @@ import javax.servlet.http.HttpSession;
  */
 @Controller
 @RequestMapping("/userInfo")
+@RequiresAuthentication
 public class UserInfoController {
 
     @Autowired

src/main/vue/src/entries/index.js

@@ -38,6 +38,7 @@ const baseUrl = process.env.NODE_ENV === 'production' ? '../' : `http://${locati
 Vue.prototype.$baseUrl = baseUrl;
 axios.defaults.withCredentials = true;
 axios.defaults.baseURL = baseUrl;
+axios.defaults.headers.common['token'] = "0eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiI2M2MzZjI2MC0yNGJiLTQxNTctYTQ5Yy0yNThhN2Q3NTgyNWUiLCJpc3MiOiJhZG1pbiIsImlhdCI6MTUzNjgwOTM4Niwic3ViIjoiZ3Vlc3QiLCJleHAiOjE1MzY4MTI5ODZ9.O7yhHcMt0QWqAg_Ev9lNwMlwgxZtKEu8rUpynrVyqV8"
 Vue.prototype.$http = {
     get(params) {
         return new Promise((resolve, reject) => {
@@ -71,14 +72,14 @@ Vue.prototype.$http = {
                     reject(res);
                 }
                 try {
-                    if (res.data.code === 10001) {
-                        axios({
-                            method: 'post',
-                            url: '/auth/logout'
-                        });
-                        store.commit('updateUserInfo', null);
-                        router.replace('/login');
-                    }
+                    // if (res.data.code === 10001) {
+                    //     axios({
+                    //         method: 'post',
+                    //         url: '/auth/logout'
+                    //     });
+                    //     store.commit('updateUserInfo', null);
+                    //     router.replace('/login');
+                    // }
                 } catch (e) {
 
                 }
@@ -138,14 +139,14 @@ Vue.prototype.$http = {
                     reject(res);
                 }
                 try {
-                    if (res.data.code === 10001) {
-                        axios({
-                            method: 'post',
-                            url: '/auth/logout'
-                        });
-                        store.commit('updateUserInfo', null);
-                        router.replace('/login');
-                    }
+                    // if (res.data.code === 10001) {
+                    //     axios({
+                    //         method: 'post',
+                    //         url: '/auth/logout'
+                    //     });
+                    //     store.commit('updateUserInfo', null);
+                    //     router.replace('/login');
+                    // }
                 } catch (e) {
 
                 }
@@ -158,7 +159,7 @@ Vue.prototype.$http = {
 };
 
 
-Vue.prototype.getTime = function(str) {
+Vue.prototype.getTime = function (str) {
     if (str) {
         return moment(str).format('YYYY-MM-DD HH:mm')
     } else {
@@ -166,7 +167,7 @@ Vue.prototype.getTime = function(str) {
     }
 }
 
-Vue.prototype.getPhone = function(phone) {
+Vue.prototype.getPhone = function (phone) {
     if (phone) {
         if (phone.length == 11) {
             var str = phone.substr(0, 3)
@@ -182,7 +183,7 @@ Vue.prototype.getPhone = function(phone) {
 
 
 }
-Vue.prototype.getMail = function(mail) {
+Vue.prototype.getMail = function (mail) {
     if (mail) {
         var list = mail.split('@')
         var str = list[0].substr(0, 3)
@@ -197,7 +198,7 @@ Vue.prototype.getMail = function(mail) {
 }
 
 
-Vue.prototype.sendMeg = function(phone) {
+Vue.prototype.sendMeg = function (phone) {
     return new Promise((resolve, reject) => {
         this.$http.get({
             url: '/rong/sendCode',
@@ -219,7 +220,7 @@ Vue.prototype.sendMeg = function(phone) {
 }
 
 //检查是否存在
-Vue.prototype.checkHas = function(data) {
+Vue.prototype.checkHas = function (data) {
     return new Promise((resolve, reject) => {
         this.$http.get({
             url: '/userInfo/getOne',
@@ -272,7 +273,7 @@ const updateTableHeight = () => {
 
 
 //校验手机号是否正确
-Vue.prototype.checkPhone = function(phone) {
+Vue.prototype.checkPhone = function (phone) {
     var result = false
     if ((/^1[3|4|5|8|7|6|9][0-9]\d{8}$/.test(phone))) {
         result = true