public boolean onPreHandle(ServletRequest request, ServletResponse response, Object mappedValue)
throws Exception {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse resp = (HttpServletResponse) response;
if ("GET".equals(req.getMethod()) && !Strings.isBlank(req.getParameter("token"))) {
String token = req.getParameter("token");
try {
token = Toolkit._3DES_decode(CrossScreen.csKEY, Toolkit.hexstr2bytearray(token));
NutMap map = Json.fromJson(NutMap.class, token);
Long t = map.getLong("t", -1);
if (System.currentTimeMillis() - t > timeout * 1000) {
resp.sendError(403); // TODO 提示token已经过期
return false;
}
Integer uid = (Integer) map.get("uid");
if (uid != null) {
// 有登陆用户
Toolkit.doLogin(new CrossScreenUserToken(uid), uid);
if (sysLogService == null) {
try {
sysLogService = Mvcs.ctx().getDefaultIoc().get(SysLogService.class);
} catch (Throwable e) {
}
}
sysLogService.async(SysLog.c("method", "用户登陆", null, uid, "用户通过跨屏二维码登陆"));
}
resp.sendRedirect(map.getString("url"));
return false;
} catch (Exception e) {
log.debug("bad token?", e);
resp.sendError(502);
return false;
}
} else {
resp.sendError(403);
return false;
}
}
