| 对比新文件 |
| | |
|---|
| | | /* |
|---|
| | | * Copyright (c) 2018-2028, Chill Zhuang All rights reserved. |
|---|
| | | * |
|---|
| | | * Redistribution and use in source and binary forms, with or without |
|---|
| | | * modification, are permitted provided that the following conditions are met: |
|---|
| | | * |
|---|
| | | * Redistributions of source code must retain the above copyright notice, |
|---|
| | | * this list of conditions and the following disclaimer. |
|---|
| | | * Redistributions in binary form must reproduce the above copyright |
|---|
| | | * notice, this list of conditions and the following disclaimer in the |
|---|
| | | * documentation and/or other materials provided with the distribution. |
|---|
| | | * Neither the name of the dreamlu.net developer nor the names of its |
|---|
| | | * contributors may be used to endorse or promote products derived from |
|---|
| | | * this software without specific prior written permission. |
|---|
| | | * Author: Chill 搴勯獮 (smallchill@163.com) |
|---|
| | | */ |
|---|
| | | package org.springblade.core.secure.interceptor; |
|---|
| | | |
|---|
| | | import lombok.AllArgsConstructor; |
|---|
| | | import lombok.extern.slf4j.Slf4j; |
|---|
| | | import org.springblade.core.secure.BladeUser; |
|---|
| | | import org.springblade.core.secure.provider.ResponseProvider; |
|---|
| | | import org.springblade.core.secure.utils.AuthUtil; |
|---|
| | | import org.springblade.core.secure.utils.SecureUtil; |
|---|
| | | import org.springblade.core.tool.jackson.JsonUtil; |
|---|
| | | import org.springblade.core.tool.utils.StringUtil; |
|---|
| | | import org.springblade.core.tool.utils.WebUtil; |
|---|
| | | import org.springframework.lang.NonNull; |
|---|
| | | import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; |
|---|
| | | |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | import javax.servlet.http.HttpServletResponse; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 瀹㈡埛绔牎楠屾嫤鎴櫒 |
|---|
| | | * |
|---|
| | | * @author Chill |
|---|
| | | */ |
|---|
| | | @Slf4j |
|---|
| | | @AllArgsConstructor |
|---|
| | | public class ClientInterceptor extends HandlerInterceptorAdapter { |
|---|
| | | |
|---|
| | | private final String clientId; |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) { |
|---|
| | | BladeUser user = AuthUtil.getUser(); |
|---|
| | | boolean check = ( |
|---|
| | | user != null && |
|---|
| | | StringUtil.equals(clientId, SecureUtil.getClientIdFromHeader()) && |
|---|
| | | StringUtil.equals(clientId, user.getClientId()) |
|---|
| | | ); |
|---|
| | | if (!check) { |
|---|
| | | log.warn("瀹㈡埛绔璇佸け璐ワ紝璇锋眰鎺ュ彛锛歿}锛岃姹侷P锛歿}锛岃姹傚弬鏁帮細{}", request.getRequestURI(), WebUtil.getIP(request), JsonUtil.toJson(request.getParameterMap())); |
|---|
| | | ResponseProvider.write(response); |
|---|
| | | return false; |
|---|
| | | } |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | |
|---|
| | | } |
|---|
