diff --git a/ruoyi-business/pom.xml b/ruoyi-business/pom.xml
index f4f64aebb..27254841e 100644
--- a/ruoyi-business/pom.xml
+++ b/ruoyi-business/pom.xml
@@ -84,12 +84,6 @@
easyexcel
2.2.6
-
-
- io.jsonwebtoken
- jjwt
- 0.7.0
-
diff --git a/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxLoginController.java b/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxLoginController.java
index ca7841596..59ad59673 100644
--- a/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxLoginController.java
+++ b/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxLoginController.java
@@ -2,13 +2,13 @@ package com.ruoyi.business.ajax;
import com.alibaba.fastjson.JSONObject;
import com.ruoyi.business.domain.BizMember;
+import com.ruoyi.business.model.Member;
import com.ruoyi.business.service.IBizMemberService;
import com.ruoyi.business.utils.Encrypt;
-import com.ruoyi.business.utils.JWTUtil;
import com.ruoyi.common.core.controller.BaseController;
import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.utils.JWTUtil;
import com.ruoyi.common.utils.StringUtils;
-import org.apache.ibatis.annotations.Param;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@@ -33,27 +33,24 @@ public class AjaxLoginController extends BaseController {
return AjaxResult.warn("请输入用户名密码");
}
- BizMember member = bizMemberService.selectBizMemberByMobile(mobile);
- if (Objects.isNull(member)) {
+ BizMember bizMember = bizMemberService.selectBizMemberByMobile(mobile);
+ if (Objects.isNull(bizMember)) {
return AjaxResult.warn("用户名或密码错误");
}
// DES加密
String encryptPassword = Encrypt.encrypt(password);
- if (!encryptPassword.equals(member.getPassword())) {
+ if (!encryptPassword.equals(bizMember.getPassword())) {
return AjaxResult.warn("用户名或密码错误");
}
- if (member.getIsEnable() == 0) {
+ if (bizMember.getIsEnable() == 0) {
return AjaxResult.warn("账户已禁用,请联系系统管理员");
}
- JSONObject object = new JSONObject();
- object.put("id", member.getId());
- object.put("name", member.getMemberName());
- object.put("mobile", member.getMobile());
+ Member member = new Member(bizMember.getId(), bizMember.getMemberName(), bizMember.getMobile());
Long day = 1000L * 60L * 60L;
- String token = JWTUtil.createJWT(object.toJSONString(), day);
- return super.success(token);
+ String token = JWTUtil.createJWT(member.toJsonString(), day);
+ return AjaxResult.success(token);
}
}
diff --git a/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxMemberController.java b/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxMemberController.java
index 9504840d0..fb6ccefd0 100644
--- a/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxMemberController.java
+++ b/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AjaxMemberController.java
@@ -2,11 +2,9 @@ package com.ruoyi.business.ajax;
import com.ruoyi.business.domain.BizMember;
import com.ruoyi.business.domain.BizMemberAddress;
-import com.ruoyi.business.domain.BizProduct;
import com.ruoyi.business.service.IBizMemberAddressService;
import com.ruoyi.business.service.IBizMemberService;
-import com.ruoyi.business.service.IBizProductService;
-import com.ruoyi.business.service.IBizProductTypeService;
+import com.ruoyi.common.annotation.AjaxLogin;
import com.ruoyi.common.core.domain.AjaxResult;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
@@ -16,6 +14,7 @@ import org.springframework.web.bind.annotation.RestController;
import java.util.HashMap;
import java.util.Map;
+@AjaxLogin
@RestController
@RequestMapping("/ajax/member")
public class AjaxMemberController extends AuthController {
diff --git a/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AuthController.java b/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AuthController.java
index 4296b2dcc..5b12cdec4 100644
--- a/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AuthController.java
+++ b/ruoyi-business/src/main/java/com/ruoyi/business/ajax/AuthController.java
@@ -1,13 +1,24 @@
package com.ruoyi.business.ajax;
+import com.alibaba.fastjson.JSONObject;
+import com.ruoyi.business.model.Member;
import com.ruoyi.common.core.controller.BaseController;
+import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+
public class AuthController extends BaseController {
+ @Resource
+ private HttpServletRequest request;
//获取前端登录用户ID
- public Long getUserID()
- {
- return 1L;
+ public Long getUserID() {
+ return getMember().getId();
+ }
+
+ public Member getMember() {
+ String jsonString = (String) request.getAttribute("member");
+ return JSONObject.parseObject(jsonString, Member.class);
}
}
diff --git a/ruoyi-business/src/main/java/com/ruoyi/business/model/Member.java b/ruoyi-business/src/main/java/com/ruoyi/business/model/Member.java
new file mode 100644
index 000000000..f9dfecb7a
--- /dev/null
+++ b/ruoyi-business/src/main/java/com/ruoyi/business/model/Member.java
@@ -0,0 +1,61 @@
+package com.ruoyi.business.model;
+
+import com.alibaba.fastjson.JSONObject;
+
+/**
+ * 用户实体
+ * @author bei.wu
+ */
+public class Member {
+
+ /**
+ * 用户主键
+ */
+ private Long id;
+ /**
+ * 用户名称
+ */
+ private String name;
+ /**
+ * 用户手机号
+ */
+ private String mobile;
+
+ public Member() {
+
+ }
+
+ public Member(Long id, String name, String mobile) {
+ this.id = id;
+ this.name = name;
+ this.mobile = mobile;
+ }
+
+ public Long getId() {
+ return id;
+ }
+
+ public void setId(Long id) {
+ this.id = id;
+ }
+
+ public String getName() {
+ return name;
+ }
+
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ public String getMobile() {
+ return mobile;
+ }
+
+ public void setMobile(String mobile) {
+ this.mobile = mobile;
+ }
+
+ public String toJsonString() {
+ return JSONObject.toJSONString(this);
+ }
+}
diff --git a/ruoyi-common/pom.xml b/ruoyi-common/pom.xml
index 57e07ef7a..0268d9911 100644
--- a/ruoyi-common/pom.xml
+++ b/ruoyi-common/pom.xml
@@ -101,6 +101,11 @@
javax.servlet-api
+
+ io.jsonwebtoken
+ jjwt
+ 0.7.0
+
\ No newline at end of file
diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/AjaxLogin.java b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/AjaxLogin.java
index 25726ae58..a50277635 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/annotation/AjaxLogin.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/annotation/AjaxLogin.java
@@ -6,7 +6,7 @@ import java.lang.annotation.*;
* 前端接口鉴权
* @author bei.wu
*/
-@Target(ElementType.METHOD)
+@Target({ElementType.METHOD, ElementType.TYPE})
@Retention(RetentionPolicy.RUNTIME)
@Documented
public @interface AjaxLogin
diff --git a/ruoyi-business/src/main/java/com/ruoyi/business/utils/JWTUtil.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/JWTUtil.java
similarity index 98%
rename from ruoyi-business/src/main/java/com/ruoyi/business/utils/JWTUtil.java
rename to ruoyi-common/src/main/java/com/ruoyi/common/utils/JWTUtil.java
index ca4125c82..4f920cb05 100644
--- a/ruoyi-business/src/main/java/com/ruoyi/business/utils/JWTUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/JWTUtil.java
@@ -1,4 +1,4 @@
-package com.ruoyi.business.utils;
+package com.ruoyi.common.utils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtBuilder;
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/AjaxAuthenticationInterceptor.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/AjaxAuthenticationInterceptor.java
index 2bfbe545c..ffe004bb3 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/AjaxAuthenticationInterceptor.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/AjaxAuthenticationInterceptor.java
@@ -1,10 +1,21 @@
package com.ruoyi.framework.interceptor;
+import com.ruoyi.common.annotation.AjaxLogin;
+import com.ruoyi.common.annotation.RepeatSubmit;
+import com.ruoyi.common.core.domain.AjaxResult;
+import com.ruoyi.common.json.JSON;
+import com.ruoyi.common.utils.JWTUtil;
+import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.common.utils.StringUtils;
+import io.jsonwebtoken.Claims;
+import org.apache.commons.lang3.ObjectUtils;
import org.springframework.stereotype.Component;
+import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import java.lang.reflect.Method;
/**
* /ajax/**
@@ -16,6 +27,29 @@ public class AjaxAuthenticationInterceptor extends HandlerInterceptorAdapter {
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+
+ if (handler instanceof HandlerMethod) {
+ HandlerMethod handlerMethod = (HandlerMethod) handler;
+ AjaxLogin classAnnotation = ((HandlerMethod) handler).getMethod().getDeclaringClass().getAnnotation(AjaxLogin.class);
+ AjaxLogin annotation = handlerMethod.getMethod().getAnnotation(AjaxLogin.class);
+ if (ObjectUtils.anyNotNull(classAnnotation, annotation)) {
+ String token = request.getHeader("Authorization");
+ if (StringUtils.isBlank(token)) {
+ AjaxResult ajaxResult = AjaxResult.error("请登录后操作");
+ ServletUtils.renderString(response, JSON.marshal(ajaxResult));
+ return false;
+ }
+ try {
+ Claims claims = JWTUtil.parseJWT(token);
+ request.setAttribute("member", claims.getSubject());
+ } catch (Exception e) {
+ AjaxResult ajaxResult = AjaxResult.error("没有权限");
+ ServletUtils.renderString(response, JSON.marshal(ajaxResult));
+ return false;
+ }
+ }
+ return true;
+ }
return super.preHandle(request, response, handler);
}
}