public boolean onPreHandle(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception { HttpServletRequest req = (HttpServletRequest) request; HttpServletResponse resp = (HttpServletResponse) response; if ("GET".equals(req.getMethod()) && !Strings.isBlank(req.getParameter("token"))) { String token = req.getParameter("token"); try { token = Toolkit._3DES_decode(CrossScreen.csKEY, Toolkit.hexstr2bytearray(token)); NutMap map = Json.fromJson(NutMap.class, token); Long t = map.getLong("t", -1); if (System.currentTimeMillis() - t > timeout * 1000) { resp.sendError(403); // TODO 提示token已经过期 return false; } Integer uid = (Integer) map.get("uid"); if (uid != null) { // 有登陆用户 Toolkit.doLogin(new CrossScreenUserToken(uid), uid); if (sysLogService == null) { try { sysLogService = Mvcs.ctx().getDefaultIoc().get(SysLogService.class); } catch (Throwable e) { } } sysLogService.async(SysLog.c("method", "用户登陆", null, uid, "用户通过跨屏二维码登陆")); } resp.sendRedirect(map.getString("url")); return false; } catch (Exception e) { log.debug("bad token?", e); resp.sendError(502); return false; } } else { resp.sendError(403); return false; } }