add authInterceptor

12d7d5e1 · kenzo · 0b164889 · 12d7d5e1 · 12d7d5e1 · 12d7d5e1
Commit 12d7d5e1 authored Nov 12, 2025 by kenzo
5 changed files
--- a/src/main/java/com/cnooc/expert/common/interceptor/AbstractAuthInterceptor.java
+++ b/src/main/java/com/cnooc/expert/common/interceptor/AbstractAuthInterceptor.java
+package com.cnooc.expert.common.interceptor;
+
+import com.cnooc.expert.common.exception.GlobalErrorCodeConstants;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+public abstract class AbstractAuthInterceptor implements HandlerInterceptor {
+
+    @Autowired
+    private ObjectMapper objectMapper;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        // 放过OPTIONS请求
+        if ("OPTIONS".equals(request.getMethod())) {
+            return true;
+        }
+
+        if (request.getRequestURI().contains("favicon.ico")) {
+            return true;
+        }
+
+        // Annotation
+        if (handler instanceof HandlerMethod) {
+            HandlerMethod handlerMethod = (HandlerMethod) handler;
+            if (handlerMethod.getBean().getClass().isAnnotationPresent(NoAuth.class)) {
+                return true;
+            }
+        }
+
+        /*if (!valid(request)) {
+            response.setHeader("Access-Control-Allow-Origin", "*");
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Unauthorized"); // 401
+
+            return false;
+        }*/
+
+        if (!valid(request)) {
+            returnJsonResponse(response, HttpStatus.UNAUTHORIZED.value(), GlobalErrorCodeConstants.LOGIN_EXPIRED.getCode(), "Token无效或已过");
+
+            return false;
+        }
+
+        return true;
+    }
+
+    abstract protected boolean valid(HttpServletRequest request);
+
+    private void returnJsonResponse(HttpServletResponse response, int status, int httpCode, String message) throws IOException {
+        response.setStatus(status);
+        response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+        response.setCharacterEncoding("UTF-8");
+
+        Map<String, Object> result = new HashMap<>();
+        result.put("httpCode", httpCode);
+        result.put("message", message);
+
+        String json = objectMapper.writeValueAsString(result);
+        response.getWriter().write(json);
+        response.getWriter().flush();
+    }
+
+}
--- a/src/main/java/com/cnooc/expert/common/interceptor/NoAuth.java
+++ b/src/main/java/com/cnooc/expert/common/interceptor/NoAuth.java
+package com.cnooc.expert.common.interceptor;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target({ElementType.TYPE})
+public @interface NoAuth {
+}
--- a/src/main/java/com/cnooc/expert/common/interceptor/WebAuthInterceptor.java
+++ b/src/main/java/com/cnooc/expert/common/interceptor/WebAuthInterceptor.java
+package com.cnooc.expert.common.interceptor;
+
+import javax.servlet.http.HttpServletRequest;
+
+public class WebAuthInterceptor extends AbstractAuthInterceptor {
+
+    @Override
+    protected boolean valid(HttpServletRequest request) {
+        return true;
+    }
+}
--- a/src/main/java/com/cnooc/expert/common/response/ApiResult.java
+++ b/src/main/java/com/cnooc/expert/common/response/ApiResult.java
 package com.cnooc.expert.common.response;

-import com.cnooc.expert.common.exception.ErrorCode;
 import com.cnooc.expert.common.exception.GlobalErrorCodeConstants;
 import lombok.Getter;
 import lombok.Setter;

--- a/src/main/java/com/cnooc/expert/config/TheWebMvcConfigurer.java
+++ b/src/main/java/com/cnooc/expert/config/TheWebMvcConfigurer.java
+package com.cnooc.expert.config;
+
+import com.cnooc.expert.common.interceptor.WebAuthInterceptor;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class TheWebMvcConfigurer implements WebMvcConfigurer {
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(webAuthInterceptor());
+    }
+
+    @Bean
+    public WebAuthInterceptor webAuthInterceptor() {
+        return new WebAuthInterceptor();
+    }
+
+}