添加登录验证失败code

5e3e216f · 赵啸非 · e8099a04 · 5e3e216f · 5e3e216f · 5e3e216f
Commit 5e3e216f authored Jul 18, 2022 by 赵啸非
4 changed files
--- a/base-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthUserInterceptor.java
+++ b/base-manager/src/main/java/com/mortals/xhx/base/framework/interceptor/AuthUserInterceptor.java
@@ -2,6 +2,7 @@ package com.mortals.xhx.base.framework.interceptor;

 import com.alibaba.fastjson.JSONObject;
 import com.mortals.framework.annotation.UnAuth;
+import com.mortals.framework.common.Rest;
 import com.mortals.framework.service.IAuthTokenService;
 import com.mortals.framework.service.IUser;
 import com.mortals.framework.util.AESUtil;
@@ -19,6 +20,8 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.lang.reflect.Method;

+import static com.mortals.xhx.common.key.ErrorCode.*;
+
 /**
 * 用户权限验证，基于token
 *
@@ -40,11 +43,8 @@ public class AuthUserInterceptor extends BaseInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
            throws Exception {
-
-        response.setContentType("application/json");
-
-        JSONObject ret = new JSONObject();
-        if(handler instanceof HandlerMethod){
+        //response.setContentType("application/json");
+        if (handler instanceof HandlerMethod) {
            HandlerMethod handlerMethod = (HandlerMethod) handler;
            Method method = handlerMethod.getMethod();
            UnAuth annotation = method.getAnnotation(UnAuth.class);
@@ -52,7 +52,7 @@ public class AuthUserInterceptor extends BaseInterceptor {
                //取消校验
                return true;
            }
-        }else if(handler instanceof ResourceHttpRequestHandler){
+        } else if (handler instanceof ResourceHttpRequestHandler) {
            return true;
        }
        try {
@@ -62,23 +62,23 @@ public class AuthUserInterceptor extends BaseInterceptor {
                //需要校验权限
                boolean auth = this.checkAuth(request, uri, config.getSecurityKey());
                if (!auth) {
+                    //校验token不正常
+                    String token = authTokenService.getToken(request);
+                    if(ObjectUtils.isEmpty(token)){
+                        ServletUtils.renderString(response, JSONObject.toJSONString(Rest.fail(ERROR_TOKEN_UNAUTHORIZED, ERROR_TOKEN_UNAUTHORIZED_CONTENT)));
+                        return false;
+                    }
                    //不存在时候 如果是管理员也不做拦截
                    IUser loginUser = authTokenService.getLoginUser(request);
-                    //loginUser.isManager()
-                    if(ObjectUtils.isEmpty(loginUser)){
-                        ret.put("code", -1);
-                        ret.put("msg", "用户未登录或登录失效，请重新登录");
-                        ServletUtils.renderString(response, JSONObject.toJSONString(ret));
+                    if (ObjectUtils.isEmpty(loginUser)) {
+                        ServletUtils.renderString(response, JSONObject.toJSONString(Rest.fail(ERROR_TOKEN_EXPIRED, ERROR_TOKEN_EXPIRED_CONTENT)));
                        return false;
-                    }else if(loginUser.isAdmin()||loginUser.getUserType()==1){
+                    } else if (loginUser.isAdmin() || loginUser.getUserType() == 1) {
                        return super.preHandle(request, response, handler);
                    } else {
-                        ret.put("code", -1);
-                        ret.put("msg", "用户无该操作权限!");
-                        ServletUtils.renderString(response, JSONObject.toJSONString(ret));
+                        ServletUtils.renderString(response, JSONObject.toJSONString(Rest.fail(ERROR_USER_OPERATION, ERROR_USER_OPERATION_CONTENT)));
                        return false;
                    }
-
                }
            }
        } catch (Exception e) {
@@ -106,5 +106,4 @@ public class AuthUserInterceptor extends BaseInterceptor {
    }


-
 }
--- a/base-manager/src/main/java/com/mortals/xhx/base/framework/security/AuthTokenServiceImpl.java
+++ b/base-manager/src/main/java/com/mortals/xhx/base/framework/security/AuthTokenServiceImpl.java
@@ -14,7 +14,6 @@ import io.jsonwebtoken.SignatureAlgorithm;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
 import org.springframework.core.annotation.Order;
 import org.springframework.stereotype.Service;

@@ -29,7 +28,7 @@ import java.util.Map;
 * @author zxfei
 */

-@Service
+//@Service
 @Order(1)
 @Slf4j
 public class AuthTokenServiceImpl implements IAuthTokenService {
@@ -55,17 +54,17 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
    @Value("${token.database:1}")
    private Integer portalDb;

-    protected static final Long MILLIS_SECOND = 1000l;
+    protected static final Long SECOND = 1l;

-    protected static final Long MILLIS_MINUTE = 60 * MILLIS_SECOND;
+    protected static final Long SECOND_MINUTE = 60 * SECOND;

-    protected static final Long MILLIS_HOUR = 60 * MILLIS_MINUTE;
+    protected static final Long SECOND_HOUR = 60 * SECOND_MINUTE;

-    protected static final Long MILLIS_DAY = 24 * MILLIS_HOUR;
+    protected static final Long SECOND_DAY = 24 * SECOND_HOUR;

-    protected static final Long MILLIS_WEEK = 7 * MILLIS_DAY;
+    protected static final Long SECOND_WEEK = 7 * SECOND_DAY;

-    private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
+    private static final Long SECOND_MINUTE_TEN = 1 * SECOND_MINUTE;

    @Autowired
    private ICacheService cacheService;
@@ -85,9 +84,9 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
                Claims claims = parseToken(token);
                String uuid = (String) claims.get(SysConstains.LOGIN_USER_KEY);
                String userKey = getTokenKey(uuid);
-               //cacheService.select(portalDb);
+                cacheService.select(portalDb);
                String userStr = cacheService.get(userKey);
-               // cacheService.select(db);
+                cacheService.select(db);
                if (StringUtils.isNotEmpty(userStr)) {
                    JSONObject userObj = JSON.parseObject(userStr);
                    Long userId = userObj.getLongValue("id");
@@ -149,7 +148,6 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
                            return loginName;
                        }

-
                        @Override
                        public String getRealName() {
                            return realName;
@@ -196,7 +194,6 @@ public class AuthTokenServiceImpl implements IAuthTokenService {

                        }

-
                        @Override
                        public String getMenuUrl() {
                            return menuUrl;
@@ -205,7 +202,6 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
                    };

                }
-                //  return cacheService.get(userKey, IUser.class);
            } catch (Exception e) {
                log.error("解析jwt token异常！", e);
                return null;
@@ -261,7 +257,7 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
    public void verifyToken(IUser user) {
        long expireTime = user.getExpireTime();
        long currentTime = System.currentTimeMillis();
-        if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
+        if (expireTime - currentTime <= SECOND_MINUTE_TEN) {
            log.info("不足十分钟，刷新过期时间");
            refreshToken(user);
        }
@@ -274,11 +270,11 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
     */
    public void refreshToken(IUser user) {
        //user.setLoginTime(System.currentTimeMillis());
-        user.setExpireTime(user.getLoginTime() == null ? System.currentTimeMillis() : user.getLoginTime() + expireTime * MILLIS_MINUTE);
+        user.setExpireTime(user.getLoginTime() == null ? System.currentTimeMillis() : user.getLoginTime() + expireTime * SECOND_MINUTE);
        // 根据uuid将user缓存
        String userKey = getTokenKey(user.getToken());
        //设置有效时间 单位秒
-        cacheService.setnx(userKey, user, expireTime * MILLIS_MINUTE);
+        cacheService.setnx(userKey, user, expireTime * SECOND_MINUTE);
    }


@@ -293,7 +289,7 @@ public class AuthTokenServiceImpl implements IAuthTokenService {
                .setExpiration(DateUtils.addCurrDate(7))
                .setClaims(claims)
                .signWith(SignatureAlgorithm.HS256, Base64.getEncoder()
-                .encodeToString(secret.getBytes())).compact();
+                        .encodeToString(secret.getBytes())).compact();
        return token;
    }


--- a/base-manager/src/main/java/com/mortals/xhx/common/key/ErrorCode.java
+++ b/base-manager/src/main/java/com/mortals/xhx/common/key/ErrorCode.java
+package com.mortals.xhx.common.key;
+
+/**
+ * 错误码
+ * 
+ * @author: zxfei
+ * @date: 2022/5/12 14:56
+ */
+public interface ErrorCode {
+
+    public static final int STATUS_MS_EXCEPTION = 500;
+    public static final int STATUS_VALIDATE_EXCEPTION = 420;
+    public static final int STATUS_UNCHECKED_EXCEPTION = 605;
+    public static final int STATUS_TOKEN_NULL_EXCEPTION = 604;
+
+    public static final int STATUS_CODE_SUCCESS = 0;
+    public static final int STATUS_CODE_WARN = 1;
+    public static final int STATUS_CODE_ERROR = 2;
+    public static final int STATUS_CODE_INFO = 3;
+    public static final int STATUS_CODE_TOKEN_EXPIRED = 4;
+    public static final int STATUS_CODE_FATAL = 5;
+    public static final int STATUS_CODE_TRADE_PWD_NOT_SET = 6;
+    public static final int STATUS_ACCOUNT_LOCKED = 7;
+    public static final int STATUS_TRADE_PWD_OVER_THREE_TIME = 8;
+    public static final int STATUS_TRADE_PWD_ERROR = 9;
+    public static final int STATUS_EMPTY_PWD_ERROR = 10;
+    public static final int STATUS_TEL_NOT_RGI_ERROR = 11;
+    public static final int STATUS_TEL_ALREADY_REGI = 12;
+    public static final int STATUS_SAFETY_RISK = 13;
+    public static final int STATUS_LOGIN_CODE = 15;
+    public static final int BOOK_FAKUAN_CODE = 16;
+
+
+
+    public static final int ERROR_TOKEN_EXPIRED = 9001;
+    public static final String ERROR_TOKEN_EXPIRED_CONTENT = "用户登录过期，请重新登录!";
+    public static final int ERROR_TOKEN_UNAUTHORIZED = 9002;
+    public static final String ERROR_TOKEN_UNAUTHORIZED_CONTENT = "token不正确或已过期";
+
+    public static final int ERROR_USER_OPERATION = 9009;
+    public static final String ERROR_USER_OPERATION_CONTENT = "用户无该操作权限!";
+
+    public static final String ERROR_TRADE_PWD_OVER_THREE_TIME = "支付密码错误，请15分钟后再试";
+    public static final String ERROR_TRADE_PWD_ERROR = "支付密码错误，请重试";
+    public static final String ERROR_EMPTY_PWD_ERROR = "请设置登录密码";
+    public static final String ERROR_TEL_NOT_RGI = "该号码未注册";
+    public static final String ERROR_USERNAME_OR_PASSWORD = "用户名或者密码错误";
+    public static final String ERROR_TRADE_PWD = "交易密码错误";
+    public static final String ERROR_FORBIDDEN_OPER = "非法操作";
+    public static final String ERROR_TRADE_PWD_NOT_SET = "非法操作";
+    public static final String ERROR_NOT_REAL_NAME_AUTH = "您未实名认证，禁止该操作";
+    public static final String ERROR_INTERNAL_SERVER_ERROR = "服务器内部错误";
+
+    public static final String ERROR_TOKEN_IS_NULL = "token不能为空";
+    public static final String ERROR_MISS_SERVLET = "服务不存在";
+    public static final String ERROR_CAPTCHA_OFTEN = "验证码已发送";
+    public static final String ERROR_CAPTCHA_WRONG = "验证码错误";
+    public static final String ERROR_TEL_ALREADY_REGI = "该手机号已被注册";
+    public static final String ERROR_CODE_DUPLICATE_KEY = "重复添加信息（含部分）";
+    public static final String ERROR_NOT_EXITS = "对应记录不存在";
+    public static final String ERROR_STATUS_CATEGORY = "状态错误";
+    public static final String ERROR_FRIEND_SHIP_ALREADY = "已经是你好友";
+    public static final String ERROR_FRIEND_SHIP_WAIT = "已向改好友发出邀请，等待接受";
+    public static final String ERROR_CODE_ACCOUNT_LOCKED = "账号被锁定，请联系客服";
+    public static final String WARN_ARGUMENT = "参数错误";
+    public static final String ERROR_USERNAME_EXIST = "该号码已被注册";
+    public static final String ERROR_SAFETY_RISK = "不在常用设备上登录";
+    public static final String INFO_TEL_BIND = "手机号码已经被绑定";
+    public static final String INFO_TEL_FORMAT_WRONG = "手机号码格式不正确";
+    public static final String ERROR_NOT_FOUND = "404 not found";
+
+    public static final String DISABLED="该账号已被封禁，如有疑问请联系平台";
+    public static final String DATENULL="缺少参数";
+    public static final String ERRDATE="无效参数";
+    public static final String ERRSTAE="状态异常";
+    public static final String EXTDATE="参数异常";
+    public static final String NUMEXE="账号异常";
+    public static final String CAPDON="资产已被冻结，如有疑问请联系平台";
+    public static final String CONOTS="操作失败";
+    public static final String OK="成功！";
+    public static final String TOKENX="身份验证失败，请重新登录";
+    public static final String CAPNOT="充值余额不足请充值";
+    public static final String SYSNOT="系统繁忙，请稍后再试...";
+    public static final String NOWER="没有权限";
+    public static final String PAGEDATA="分页参数不能为空";
+
+
+}
--- a/base-manager/src/main/java/com/mortals/xhx/module/skin/service/impl/SkinBaseServiceImpl.java
+++ b/base-manager/src/main/java/com/mortals/xhx/module/skin/service/impl/SkinBaseServiceImpl.java
@@ -143,7 +143,6 @@ public class SkinBaseServiceImpl extends AbstractCRUDServiceImpl<SkinBaseDao, Sk
    private void genTemplateCss(SkinBaseEntity entity, Context context) {
        //加载模板，合成模板数据
        Map data = new HashMap();
-
        List<SkinFieldEntity> collect = entity.getSkinFieldList().stream().map(field -> {
            SkinFieldEntity skinFieldEntity = new SkinFieldEntity();
            BeanUtils.copyProperties(field,skinFieldEntity, BeanUtil.getNullPropertyNames(field));