public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) req;
HttpServletResponse response = (HttpServletResponse) resp;
String url = request.getRequestURI();
// 如果
if (url.indexOf("/login.jsp") > -1) {
// 首先判断session里是否有用户
HttpSession session = request.getSession(true);
UserModel user = (UserModel) session.getAttribute("user");
// 1、获取当前主站的cookie值
Cookie[] cookies = request.getCookies();
String cookieValue = null;
// 下面是找到本项目的cookie
if (cookies != null) {
for (int i = 0; i < cookies.length; i++) {
if (cookieDomainName.equals(cookies[i].getName())) {
cookieValue = cookies[i].getValue();
break;
}
}
}
// 2、判断cookie是否为空,如果不是,则翻译cookie
if (cookieValue != null) {
// 先得到的CookieValue进行Base64解码
String cookieValueAfterDecode = new String(Base64.decodeBase64(cookieValue), "utf-8");
// 对解码后的值进行分拆,得到一个数组,如果数组长度不为3,就是非法登陆,清理cookie跳转到登陆页面
String cookieValues[] = cookieValueAfterDecode.split(":");
if (cookieValues.length == 4) {
long validTimeInCookie = new Long(cookieValues[1]);
if (validTimeInCookie > System.currentTimeMillis()) {
String userName = cookieValues[0];
if (userName != null && user != null) {
// 如果cookie里的用户和session用户一至则直接判断跳转
if (userName.equals(user.getLoginName())) {
loginService.jugeUserRole(request, response);
}
} else if (user == null) {
request.setAttribute("userName", userName);
}
}
} else {
// 如果所有判断都失败,则清理cookie并跳转到登陆页面
UserCookieUtil.clearCookie(response);
}
}
}
chain.doFilter(request, response);
}
/**
* 控制模块访问
*
* @param request
* @param response
* @param url
* @return null
* @throws Exception
*/
@RequestMapping(value = "/ConditRightController")
public String conditRightModule(
HttpServletRequest request, HttpServletResponse response, String url, String country)
throws Exception {
JSONObject jsonObject = new JSONObject();
UserModel user = (UserModel) request.getSession().getAttribute("user");
// 获取当前请求的controller路径
String urlPath = (String) authorityFieldModel.getAuthorityFieldMap().get(user.getUserDesc());
// 针对对比分析控制按次用户不能访问
if (user.getUserDesc().equals("按次用户")) {
if (urlPath.contains(url)) {
// 提示
CommonConstantUtil.jsonObject(user, jsonObject);
}
} else {
if (urlPath.contains(url)) {
// 提示
CommonConstantUtil.jsonObject(user, jsonObject);
} else if (urlPath.equals("superUserDownload")) {
// 超级用户可以下载全部
} else {
System.out.println("能否下载:" + authorityFieldModel.getAuthorityFieldMap().get("give"));
// String give = null;
// //加上同步锁
// synchronized (this) {
// give = (String) AuthorityFieldModel.getAuthorityFieldMap().get("give");
// }
// 针对赠送的国家没有下载权限
// if(give!=null){
if (!AuthorityComponentUtil.judgeIsDownload(
(List<ConditionRightModel>) request.getSession().getAttribute("authorityInfo"),
country)) {
String notDownLoad =
(String) authorityFieldModel.getAuthorityFieldMap().get("notGiveDownLoad");
if (notDownLoad.contains(url)) {
// 提示
CommonConstantUtil.jsonObject(user, jsonObject);
}
}
// }
}
}
jsonObject.put("user_desc", user.getUserDesc());
response.getWriter().write(jsonObject.toString());
return null;
}