司机端校验accessToken代码实现

2 years ago · d1785b5dbb
parent fd788ecf6d
commit d1785b5dbb
2 changed files with 85 additions and 0 deletions
--- a/online-taxi-public/api-driver/src/main/java/com/taxi/apidriver/interceptor/InterceptorConfig.java
+++ b/online-taxi-public/api-driver/src/main/java/com/taxi/apidriver/interceptor/InterceptorConfig.java
@ -0,0 +1,32 @@
+package com.taxi.apidriver.interceptor;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class InterceptorConfig implements WebMvcConfigurer {
+
+    /**
+     * 在拦截器初始化时，JwtInterceptor的bean已经生成
+     * @return
+     */
+    @Bean
+    public JwtInterceptor jwtInterceptor(){
+        return new JwtInterceptor();
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+//        WebMvcConfigurer.super.addInterceptors(registry);
+        registry.addInterceptor(jwtInterceptor())
+                .addPathPatterns("/**")//拦截的路径
+                .excludePathPatterns("/noauthTest")
+                .excludePathPatterns("/user")
+                .excludePathPatterns("/token-refresh")
+                .excludePathPatterns("/verification-code-check")
+                .excludePathPatterns("/verification-code");//不拦截的路径
+
+    }
+}
--- a/online-taxi-public/api-driver/src/main/java/com/taxi/apidriver/interceptor/JwtInterceptor.java
+++ b/online-taxi-public/api-driver/src/main/java/com/taxi/apidriver/interceptor/JwtInterceptor.java
@ -0,0 +1,53 @@
+package com.taxi.apidriver.interceptor;
+
+import com.internal.contant.TokenConstant;
+import com.internal.dto.ResponseResult;
+import com.internal.dto.TokenResult;
+import com.internal.util.JwtUtils;
+import com.internal.util.RedisPrefixUtils;
+import net.sf.json.JSONObject;
+import org.apache.commons.lang.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+public class JwtInterceptor implements HandlerInterceptor {
+
+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        boolean resultBoolean = true;
+        String resultStr = "";
+        String token = request.getHeader("Authorization");
+        //解析token
+        TokenResult tokenResult = JwtUtils.checkToken(token);
+        if(tokenResult == null){
+            resultStr = "token invalid ";
+            resultBoolean = false;
+        }else{
+            //拼接tokenKey
+            String phone = tokenResult.getPassengerPhone();
+            String identity = tokenResult.getIdentity();
+            String tokenKey  = RedisPrefixUtils.getTokenPrefixKey(phone,identity, TokenConstant.ACCESS_TOKEN_TYPE);
+            //从redis中取出token
+            String redisToke = stringRedisTemplate.opsForValue().get(tokenKey);
+            if(StringUtils.isBlank(redisToke) || (!token.trim().equals(redisToke.trim()))){
+                resultStr = "token invalid ";
+                resultBoolean = false;
+            }
+        }
+        //
+        if(!resultBoolean){
+            PrintWriter outPrintWriter = response.getWriter();
+            JSONObject jsonObject = JSONObject.fromObject(ResponseResult.fail(resultStr));
+            outPrintWriter.print(jsonObject.toString());
+        }
+        return resultBoolean;
+    }
+}