包含加密解析和全局异常
首先判断用户的登录状态
获取cookie对象,解析用户ID的值,此操作包含加密解析和全局异常
如果用户ID不为空,并且在数据库中可以查找到记录,表示请求合法。
否则,请求不合法,进行拦截,重定向到登录界面
package com.qiangqiang.crm.interceptors;
import com.qiangqiang.crm.exceptions.NoLoginException;
import com.qiangqiang.crm.service.UserService;
import com.qiangqiang.crm.utils.LoginUserUtil;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class NoLoginInterceptor extends HandlerInterceptorAdapter {
@Resource
private UserService userService;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
/**
* 获取cookie 解析用户id
* 如果用户id 存在 并且数据库中存在对应记录 请求合法 反之 用户未登录 请求非法
*/
Integer userId= LoginUserUtil.releaseUserIdFromCookie(request);
if(userId==0 || null== userService.selectByPrimaryKey(userId)){
throw new NoLoginException();
}
return super.preHandle(request, response, handler);
}
}
package com.qiangqiang.crm.utils;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang3.StringUtils;
/**
* Created by Tony on 2016/8/23.
*/
public class LoginUserUtil {
/**
* 从cookie中获取userId
* @param request
* @return
*/
public static int releaseUserIdFromCookie(HttpServletRequest request) {
String userIdString = CookieUtil.getCookieValue(request, "userIdStr");
if (StringUtils.isBlank(userIdString)) {
return 0;
}
Integer userId = UserIDBase64.decoderUserID(userIdString);
return userId;
}
}
package com.qiangqiang.crm.exceptions;
/**
* 自定义参数异常
*/
public class NoLoginException extends RuntimeException {
private Integer code=300;
private String msg="用户未登录!";
public NoLoginException() {
super("用户未登录!");
}
public NoLoginException(String msg) {
super(msg);
this.msg = msg;
}
public NoLoginException(Integer code) {
super("用户未登录!");
this.code = code;
}
public NoLoginException(Integer code, String msg) {
super(msg);
this.code = code;
this.msg = msg;
}
public Integer getCode() {
return code;
}
public void setCode(Integer code) {
this.code = code;
}
public String getMsg() {
return msg;
}
public void setMsg(String msg) {
this.msg = msg;
}
}
package com.qiangqiang.crm.utils;
import org.apache.commons.lang3.StringUtils;
import java.util.Base64;
public class UserIDBase64 {
/**
* userID解密
* @param encodedUserID 加密后的用户id
* @return
*/
public static Integer decoderUserID(String encodedUserID) {
if (StringUtils.isBlank(encodedUserID)) {
return null;
}
try {
String reversedString = new StringBuffer(encodedUserID).reverse().toString();
String base64String = reversedString.replaceAll("#", "=");
int userIDPos = base64String.indexOf("==") + 6;
String realBase64UserID = base64String.substring(userIDPos);
String base64Encoded = new String(Base64.getDecoder().decode(realBase64UserID.getBytes()));
return Integer.parseInt(base64Encoded);
} catch (Exception e) {
return null;
}
}
/**
* 用户id加密
* @param userID 用户id
* @return
*/
public static String encoderUserID(Integer userID){
String base64UserIDEncoded = Base64.getEncoder().encodeToString((userID + "").getBytes());
String currentStringBase64Encoded = Base64.getEncoder().encodeToString((System.currentTimeMillis() + "").getBytes());
String keyString = currentStringBase64Encoded
+ currentStringBase64Encoded.substring(4, 8) + base64UserIDEncoded;
byte[] codeBytes = keyString.getBytes();
byte[] ordedBytes = new byte[codeBytes.length];
for(int i=0; i<codeBytes.length; i++){
ordedBytes[i] = codeBytes[codeBytes.length-i-1];
}
return new String(ordedBytes).replaceAll("=", "#");
}
public static void main(String[] args) {
System.out.println(encoderUserID(20));
System.out.println(decoderUserID("#AjMzgjM##QN1AjN4gTOzgjM3UTM"));
}
}
