diff --git a/src/main/java/cn/com/tenlion/config/CheckAuthInterceptor.java b/src/main/java/cn/com/tenlion/config/CheckAuthInterceptor.java index 00bc075..02f438d 100644 --- a/src/main/java/cn/com/tenlion/config/CheckAuthInterceptor.java +++ b/src/main/java/cn/com/tenlion/config/CheckAuthInterceptor.java @@ -6,10 +6,13 @@ import cn.com.tenlion.pojo.dtos.carduser.CardUserDTO; import cn.com.tenlion.pojo.vos.carduser.CardUserVO; import cn.com.tenlion.service.carduser.ICardUserService; import cn.com.tenlion.util.AesUtil; +import cn.com.tenlion.util.annotation.AccessRightsCheck; +import cn.com.tenlion.util.enumeration.Auth; import com.alibaba.fastjson.JSONObject; import com.github.pagehelper.util.StringUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; +import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; @@ -17,6 +20,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.io.PrintWriter; +import java.lang.reflect.Method; /** * TODO @@ -40,6 +44,33 @@ public class CheckAuthInterceptor implements HandlerInterceptor { if(path.contains("release")){ return true; } + /** + * 2021年1月28日10:28:38 + * CBC Start + * 通过Controller中方法上的注解进行权限控制与放行 + */ + // 获得类的请求 + HandlerMethod handlerMethod = null; + if(handler instanceof HandlerMethod) { + handlerMethod = (HandlerMethod) handler; + }else{ + return true; + } + // 权限校验的注解 + Method m = handlerMethod.getMethod(); + AccessRightsCheck accessRightsCheck = m.getAnnotation(AccessRightsCheck.class); + if(accessRightsCheck != null) { + if(accessRightsCheck != null) { + // 不校验 + if(Auth.NOCHECK.equals(accessRightsCheck.auth())) { + return true; + } + } + } + /** + * 2021年1月28日10:34:47 + * CBC End + */ String token = request.getHeader("token"); if(token == null || StringUtil.isEmpty(token)){ response.setStatus(response.SC_UNAUTHORIZED);