学员修改密码api

2025-12-25 20:35:35 +08:00 · 2023-03-13 14:15:06 +08:00
parent b2db35c9be
commit e16212e5ad
10 changed files with 147 additions and 9 deletions
--- a/src/main/java/xyz/playedu/api/middleware/FrontMiddleware.java
+++ b/src/main/java/xyz/playedu/api/middleware/FrontMiddleware.java
@@ -3,13 +3,22 @@ package xyz.playedu.api.middleware;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.web.servlet.HandlerInterceptor;
 import xyz.playedu.api.PlayEduFContext;
+import xyz.playedu.api.constant.FrontendConstant;
+import xyz.playedu.api.constant.SystemConstant;
+import xyz.playedu.api.domain.User;
+import xyz.playedu.api.service.JWTService;
+import xyz.playedu.api.service.UserService;
+import xyz.playedu.api.types.JWTPayload;
 import xyz.playedu.api.types.JsonResponse;
 import xyz.playedu.api.util.HelperUtil;
+import xyz.playedu.api.util.RequestUtil;

 import java.io.IOException;
+import java.util.Arrays;

 /**
 * @Author 杭州白书科技有限公司
@@ -19,12 +28,45 @@ import java.io.IOException;
@Slf4j
 public class FrontMiddleware implements HandlerInterceptor {

+    @Autowired
+    private JWTService jwtService;
+
+    @Autowired
+    private UserService userService;
+
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        if ("OPTIONS".equals(request.getMethod())) {
            return HandlerInterceptor.super.preHandle(request, response, handler);
        }
-        return false;
+
+        if (Arrays.stream(FrontendConstant.UN_AUTH_URI_WHITELIST).toList().contains(request.getRequestURI())) {
+            return HandlerInterceptor.super.preHandle(request, response, handler);
+        }
+
+        String token = RequestUtil.token();
+        if (token.length() == 0) {
+            return responseTransform(response, 401, "请登录");
+        }
+
+        try {
+            JWTPayload payload = jwtService.parse(token, SystemConstant.JWT_PRV_ADMIN_USER);
+
+            User user = userService.find(payload.getSub());
+            if (user == null) {
+                return responseTransform(response, 404, "管理员不存在");
+            }
+            if (user.getIsLock() == 1) {
+                return responseTransform(response, 403, "当前学员已锁定");
+            }
+
+            PlayEduFContext.setUserId(user.getId());
+            PlayEduFContext.setUser(user);
+
+            return HandlerInterceptor.super.preHandle(request, response, handler);
+        } catch (Exception e) {
+            return responseTransform(response, 401, "请重新登录");
+        }
    }

    private boolean responseTransform(HttpServletResponse response, int code, String msg) throws IOException {