added: 管理员锁定的拦截

2025-06-08 02:04:04 +08:00 · 2023-02-17 14:15:50 +08:00 · 2023-02-17 14:15:50 +08:00 · aed4c60296
commit aed4c60296
parent bd5cf234f1
5 changed files with 35 additions and 5 deletions
--- a/src/main/java/xyz/playedu/api/PlayEduThreadLocal.java
+++ b/src/main/java/xyz/playedu/api/PlayEduThreadLocal.java
@ -1,5 +1,7 @@
 package xyz.playedu.api;

+import xyz.playedu.api.domain.AdminUser;
+
 import java.util.LinkedHashMap;

 public class PlayEduThreadLocal {
@ -37,6 +39,14 @@ public class PlayEduThreadLocal {
        put("admin_user_id", userId);
    }

+    public static AdminUser getAdminUser() {
+        return (AdminUser) get("admin_user");
+    }
+
+    public static void setAdminUser(AdminUser adminUser) {
+        put("admin_user", adminUser);
+    }
+
    public static void remove() {
        THREAD_LOCAL.remove();
    }
--- a/src/main/java/xyz/playedu/api/controller/backend/LoginController.java
+++ b/src/main/java/xyz/playedu/api/controller/backend/LoginController.java
@ -61,7 +61,6 @@ public class LoginController {
    public JsonResponse logout() throws JwtLogoutException {
        jwtService.logout(RequestUtil.token(), SystemConstant.JWT_PRV_ADMIN_USER);
        return JsonResponse.success("success");
-
    }

 }
--- a/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java
+++ b/src/main/java/xyz/playedu/api/middleware/AdminAuthMiddleware.java
@ -10,6 +10,8 @@ import org.springframework.web.servlet.HandlerInterceptor;
 import xyz.playedu.api.PlayEduThreadLocal;
 import xyz.playedu.api.bus.BackendBus;
 import xyz.playedu.api.constant.SystemConstant;
+import xyz.playedu.api.domain.AdminUser;
+import xyz.playedu.api.service.AdminUserService;
 import xyz.playedu.api.service.JWTService;
 import xyz.playedu.api.types.JWTPayload;
 import xyz.playedu.api.types.JsonResponse;
@ -24,6 +26,9 @@ public class AdminAuthMiddleware implements HandlerInterceptor {
    @Autowired
    private JWTService jwtService;

+    @Autowired
+    private AdminUserService adminUserService;
+
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        if (BackendBus.inUnAuthWhitelist(request.getRequestURI())) {
@ -32,15 +37,22 @@ public class AdminAuthMiddleware implements HandlerInterceptor {

        String token = RequestUtil.token();
        if (token.length() == 0) {
-            responseTransform(response, 401, "请登录");
-            return false;
+            return responseTransform(response, 401, "请登录");
        }

        try {
            JWTPayload payload = jwtService.parse(token, SystemConstant.JWT_PRV_ADMIN_USER);

-            // 用户信息写入context
+            AdminUser adminUser = adminUserService.findById(payload.getSub());
+            if (adminUser == null) {
+                return responseTransform(response, 404, "管理员不存在");
+            }
+            if (adminUser.getIsBanLogin() == 1) {
+                return responseTransform(response, 403, "当前管理员禁止登录");
+            }
+
            PlayEduThreadLocal.setAdminUserId(payload.getSub());
+            PlayEduThreadLocal.setAdminUser(adminUser);

            return HandlerInterceptor.super.preHandle(request, response, handler);
        } catch (Exception e) {
@ -49,10 +61,11 @@ public class AdminAuthMiddleware implements HandlerInterceptor {
        }
    }

-    private void responseTransform(HttpServletResponse response, int code, String msg) throws IOException {
+    private boolean responseTransform(HttpServletResponse response, int code, String msg) throws IOException {
        response.setStatus(code);
        response.setContentType("application/json;charset=utf-8");
        response.getWriter().print(JSON.toJSONString(JsonResponse.error(msg)));
+        return false;
    }

    @Override
--- a/src/main/java/xyz/playedu/api/service/AdminUserService.java
+++ b/src/main/java/xyz/playedu/api/service/AdminUserService.java
@ -14,4 +14,6 @@ public interface AdminUserService extends IService<AdminUser> {
    PaginationResult<AdminUser> paginate(int page, int size, Wrapper<AdminUser> queryWrapper);

    AdminUser findByEmail(String email);
+
+    AdminUser findById(Integer id);
 }
--- a/src/main/java/xyz/playedu/api/service/impl/AdminUserServiceImpl.java
+++ b/src/main/java/xyz/playedu/api/service/impl/AdminUserServiceImpl.java
@ -37,6 +37,12 @@ public class AdminUserServiceImpl extends ServiceImpl<AdminUserMapper, AdminUser
        return this.getBaseMapper().selectOne(queryWrapper);
    }

+    @Override
+    public AdminUser findById(Integer id) {
+        QueryWrapper<AdminUser> queryWrapper = new QueryWrapper<>();
+        queryWrapper.eq("id", id);
+        return this.getBaseMapper().selectOne(queryWrapper);
+    }
 }