package com.qianwen.core.secure.interceptor;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletResponse;
|
import org.slf4j.Logger;
|
import org.slf4j.LoggerFactory;
|
import com.qianwen.core.secure.BladeUser;
|
import com.qianwen.core.secure.provider.ResponseProvider;
|
import com.qianwen.core.secure.utils.AuthUtil;
|
import com.qianwen.core.secure.utils.SecureUtil;
|
import com.qianwen.core.tool.jackson.JsonUtil;
|
import com.qianwen.core.tool.utils.StringUtil;
|
import com.qianwen.core.tool.utils.WebUtil;
|
import org.springframework.lang.NonNull;
|
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
|
|
/* loaded from: blade-core-secure-9.3.0.0-SNAPSHOT.jar:org/springblade/core/secure/interceptor/ClientInterceptor.class */
|
public class ClientInterceptor extends HandlerInterceptorAdapter {
|
private static final Logger log = LoggerFactory.getLogger(ClientInterceptor.class);
|
private final String clientId;
|
|
public ClientInterceptor(final String clientId) {
|
this.clientId = clientId;
|
}
|
|
public boolean preHandle(@NonNull HttpServletRequest request, @NonNull HttpServletResponse response, @NonNull Object handler) {
|
BladeUser user = AuthUtil.getUser();
|
boolean check = user != null && StringUtil.equals(this.clientId, SecureUtil.getClientIdFromHeader()) && StringUtil.equals(this.clientId, user.getClientId());
|
if (!check) {
|
log.warn("客户端认证失败,请求接口:{},请求IP:{},请求参数:{}", new Object[]{request.getRequestURI(), WebUtil.getIP(request), JsonUtil.toJson(request.getParameterMap())});
|
ResponseProvider.write(response);
|
return false;
|
}
|
return true;
|
}
|
}
|
