|
|
@@ -1,5 +1,6 @@
|
|
|
package beilv.framework.shiro.web.filter.wxMiniAppAccessControlFilter;
|
|
|
|
|
|
+import beilv.common.utils.StringUtils;
|
|
|
import beilv.common.utils.rsa.RsaUtil;
|
|
|
import beilv.system.domain.SysMember;
|
|
|
import beilv.system.mapper.SysMemberMapper;
|
|
|
@@ -30,13 +31,15 @@ public class WxMiniAppAccessControlFilter extends AccessControlFilter {
|
|
|
}
|
|
|
|
|
|
@Override
|
|
|
- protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue){
|
|
|
+ protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
|
|
|
HttpServletRequest httpRequest = (HttpServletRequest) request;
|
|
|
// 这里可以添加你的自定义验证逻辑
|
|
|
String token = httpRequest.getHeader("accessToken");
|
|
|
// 验证 token,返回 true 表示允许访问
|
|
|
- if (token == null && isValidToken(token)) {
|
|
|
- throw exception(USER_NOT_EXISTS);// 默认不允许访问
|
|
|
+ if (null == token || !isValidToken(token)) {
|
|
|
+// throw new Exception("123123123");// 默认不允许访问
|
|
|
+ response.getWriter().write("{\"message\": \"false!\"}");
|
|
|
+ return false;
|
|
|
} else {
|
|
|
return true;
|
|
|
}
|
|
|
@@ -53,14 +56,15 @@ public class WxMiniAppAccessControlFilter extends AccessControlFilter {
|
|
|
|
|
|
private boolean isValidToken(String token){
|
|
|
// 在这里实现你的 token 验证逻辑
|
|
|
- String str = null;
|
|
|
+ String str;
|
|
|
try {
|
|
|
str = RsaUtil.decrypt(token, privateKey);
|
|
|
//根据userId从数据库中查询用户信息,判断用户是否存在,如果不存在,则返回false,表示拒绝访问;如果存在,则返回true,表示放行访问
|
|
|
SysMember sysMember = sysMemberMapper.selectSysMemberById(Long.parseLong(str));
|
|
|
return ObjectUtils.isNotEmpty(sysMember);
|
|
|
} catch (Exception e) {
|
|
|
- throw new RuntimeException(e);
|
|
|
+ e.printStackTrace();
|
|
|
+ return false;
|
|
|
}
|
|
|
}
|
|
|
|
limeng