微信支付

qmjszx-common/src/main/java/beilv/common/enums/ErrorCodeConstants.java

@@ -14,6 +14,6 @@ public interface ErrorCodeConstants {
 
     ErrorCode MINI_AUTH_LOGIN_BAD = new ErrorCode(1004004002, "登录失败，请联系管理员");
 
-
+    ErrorCode USER_NOT_EXISTS = new ErrorCode(1004001000, "用户不存在");
 
 }

qmjszx-framework/src/main/java/beilv/framework/shiro/web/filter/wxMiniAppAccessControlFilter/WxMiniAppAccessControlFilter.java

@@ -14,6 +14,9 @@ import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import static beilv.common.enums.ErrorCodeConstants.USER_NOT_EXISTS;
+import static beilv.common.utils.ExceptionUtil.exception;
+
 @Slf4j
 @Component
 public class WxMiniAppAccessControlFilter extends AccessControlFilter {
@@ -27,28 +30,38 @@ public class WxMiniAppAccessControlFilter extends AccessControlFilter {
     }
 
     @Override
-    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
+    protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue){
         HttpServletRequest httpRequest = (HttpServletRequest) request;
         // 这里可以添加你的自定义验证逻辑
         String token = httpRequest.getHeader("accessToken");
         // 验证 token，返回 true 表示允许访问
-        return token != null && isValidToken(token); // 默认不允许访问
+        if (token == null && isValidToken(token)) {
+            throw exception(USER_NOT_EXISTS);// 默认不允许访问
+        } else {
+            return true;
+        }
     }
 
+
     @Override
-    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
+    protected boolean onAccessDenied(ServletRequest request, ServletResponse response) {
         HttpServletResponse httpResponse = (HttpServletResponse) response;
         // 设置未授权的响应状态
         httpResponse.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
         return false; // 拒绝访问
     }
 
-    private boolean isValidToken(String token) throws Exception {
+    private boolean isValidToken(String token){
         // 在这里实现你的 token 验证逻辑
-        String str = RsaUtil.decrypt(token, privateKey);
-        //根据userId从数据库中查询用户信息，判断用户是否存在，如果不存在，则返回false，表示拒绝访问；如果存在，则返回true，表示放行访问
-        SysMember sysMember = sysMemberMapper.selectSysMemberById(Long.parseLong(str));
-        return ObjectUtils.isNotEmpty(sysMember);
+        String str = null;
+        try {
+            str = RsaUtil.decrypt(token, privateKey);
+            //根据userId从数据库中查询用户信息，判断用户是否存在，如果不存在，则返回false，表示拒绝访问；如果存在，则返回true，表示放行访问
+            SysMember sysMember = sysMemberMapper.selectSysMemberById(Long.parseLong(str));
+            return ObjectUtils.isNotEmpty(sysMember);
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
     }
 
 }