1

ksafepack-framework/src/main/java/com/kelp/framework/config/DataSourceConfig.java

@@ -63,7 +63,7 @@ public class DataSourceConfig {
 	@Bean(name = "entityManagerFactory")
 	public LocalContainerEntityManagerFactoryBean entityManagerFactory(EntityManagerFactoryBuilder builder,DynamicDataSource dynamicDataSource) {
 		return builder.dataSource(dynamicDataSource)
-				.packages("com.kelp.zhishu.entity","com.kelp.plat.entity","com.kelp.biz.entity","com.kelp.business.entity","com.kelp.jwy.entity","com.kelp.crm.entity") // 设置实体类所在位置
+				.packages("com.kelp.zhishu.entity","com.kelp.plat.entity","com.kelp.biz.entity","com.kelp.business.entity","com.kelp.jwy.entity","com.kelp.crm.entity","com.kelp.website.entity") // 设置实体类所在位置
 				.persistenceUnit("persistenceUnit").build();
 	}
 

ksafepack-framework/src/main/java/com/kelp/framework/config/InterceptorConfig.java

@@ -2,6 +2,7 @@ package com.kelp.framework.config;
 
 import java.util.List;
 
+import com.kelp.framework.interceptor.UInterceptor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.converter.HttpMessageConverter;
@@ -35,8 +36,10 @@ public class InterceptorConfig extends WebMvcConfigurationSupport {
 	public EInterceptor eInterceptor() {
 		return new EInterceptor();
 	}
-	
-
+	@Bean
+	public UInterceptor uInterceptor() {
+		return new UInterceptor();
+	}
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
     	
@@ -45,6 +48,8 @@ public class InterceptorConfig extends WebMvcConfigurationSupport {
     	registry.addInterceptor(pInterceptor()).addPathPatterns("/plat/**").excludePathPatterns("/plat/index","/plat/login");
     	
     	registry.addInterceptor(eInterceptor()).addPathPatterns("/crm/**").excludePathPatterns("/crm/index","/crm/login");
+
+    	registry.addInterceptor(uInterceptor()).addPathPatterns("/website/**").excludePathPatterns("/website/index","/website/login").excludePathPatterns("/website/register");
     }
     
     /**

ksafepack-framework/src/main/java/com/kelp/framework/interceptor/UInterceptor.java

@@ -0,0 +1,141 @@
+/**
+ * 解决nginx负载均衡问题
+ */
+package com.kelp.framework.interceptor;
+
+import com.kelp.common.config.RedisBean;
+import com.kelp.common.constant.KeyConstant;
+import com.kelp.common.utils.AuthenticationBean;
+import com.kelp.common.utils.CookieUtil;
+import com.kelp.common.utils.jwt.JwtUtil;
+import com.kelp.framework.exception.E_NOGrantException;
+import com.kelp.framework.exception.E_NOLoginException;
+import com.kelp.plat.service.U_RFService;
+import com.opensymphony.oscache.util.StringUtil;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class UInterceptor extends HandlerInterceptorAdapter{
+	
+	private static Logger log = LoggerFactory.getLogger(UInterceptor.class);
+	
+	@Autowired
+	private RedisBean redisBean;
+	
+	@Resource
+	private U_RFService ufService;
+	
+	@Value("${token.alive.time}")
+	private int tokenLiveCount;
+	
+	@Override
+	public boolean preHandle(HttpServletRequest request,
+		HttpServletResponse response, Object handler) throws Exception {
+	    
+		System.out.println("user interceptor ----- ");
+		
+		String url = request.getRequestURL().toString();
+		if (url.lastIndexOf("website") > 0) {
+			url = url.substring(url.lastIndexOf("website") - 1);
+		}
+		
+		System.out.println("enterprise u r accessing : " + url);
+		
+		log.error("enterprise u r accessing : " + url);
+		
+		String token = CookieUtil.getCookie(request, "token");
+		
+		//如果没有token则没有登录
+		if(StringUtil.isEmpty(token)){
+			log.error("accessed without token.");
+			throw new E_NOLoginException("EL-001","accessed without token.");
+		}
+		
+		//验证token是否合法，不合法则登录
+		if(!JwtUtil.verify(token, KeyConstant.JWTKEY)){
+			System.out.println("the token is : expired...");
+			log.error("the token is : expired...");
+			throw new E_NOLoginException("EL-002","the token has expired.");
+		}
+		
+		String accountId = JwtUtil.getId(token);
+		String host = JwtUtil.getHost(token);
+		
+		//判断是否在另外的设备上登录
+		if(!request.getSession().getId().equals(host)){
+			System.out.println("u were logined on anather device.");
+			log.error("u logined on anather device.");
+			throw new E_NOLoginException("EL-003","u logined on anather device.");
+		}
+		
+		//如果redis中没有本次访问的token或本次访问的token与redis中不同
+		if(null == redisBean.hget(accountId, "u_token") || !redisBean.hget(accountId, "u_token").equals(token)){
+			System.out.println("there is no token in redis.");
+			log.error("there is no token in redis.");
+			throw new E_NOLoginException("EL-004","the token don't match token in at.");
+		}
+		
+		//从redis中获取departmentId
+//		String departmentId = redisBean.hget(accountId, "e_department");
+		//如果没有找到，则视为没有登录
+//		if(departmentId == null){
+//			System.out.println("ur department is not valid.");
+//			log.error("ur department is not valid.");
+//			throw new E_NOLoginException("EL-005","the token of department has expired.");
+//		}
+		
+		//从redis中获取roleId
+		String roleId = redisBean.hget(accountId, "u_role");
+		//如果没有找到，则视为没有登录
+		if(roleId == null){
+			System.out.println("ur role is not valid.");
+			log.error("ur role is not valid.");
+			throw new E_NOLoginException("EL-006","the token of role has expired.");
+		}
+		
+		
+		//判断此account在本系统中的权限
+		if(!AuthenticationBean.getERfMap().containsKey(roleId)){
+			AuthenticationBean.getERfMap().put(roleId, ufService.getSRFs(roleId));
+		}
+		
+		if(!AuthenticationBean.getERfMap().get(roleId).containsKey(url)){
+			System.out.println(url +",u r not granted to access this url.");
+			log.error("u r not granted to access this url.");
+			throw new E_NOGrantException("EG-001","u r not granted to access this url.");
+		}
+		
+		//更新token
+		token = JwtUtil.sign(accountId, request.getSession().getId(), KeyConstant.JWTKEY);
+		//更新redis
+		redisBean.hset(accountId, "u_token",token);
+		redisBean.hset(accountId, "u_role",roleId);
+//		redisBean.hset(accountId, "u_department",departmentId);
+		//更新cookie
+		CookieUtil.editCookie(request, response, "token", token);
+		
+		return true;
+	}
+	
+	@Override
+	public void afterCompletion(HttpServletRequest request,
+			HttpServletResponse response, Object handler, Exception ex)
+			throws Exception {
+		super.afterCompletion(request, response, handler, ex);
+	}
+
+	@Override
+	public void postHandle(HttpServletRequest request,
+			HttpServletResponse response, Object handler,
+			ModelAndView modelAndView) throws Exception {
+		super.postHandle(request, response, handler, modelAndView);
+	}
+}