import com.supwisdom.dlpay.api.bean.JsonResult
import com.supwisdom.dlpay.mobile.service.MobileUserService
import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.data.redis.core.RedisTemplate
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
import org.springframework.web.bind.annotation.RequestMapping
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
import org.springframework.web.bind.annotation.RequestMethod
+import org.springframework.web.bind.annotation.RequestParam
import java.security.Principal
+@RestController
+@RequestMapping("/mobileapi/i")
+class ApiInit {
+ @Autowired
+ lateinit var redisTemplate: RedisTemplate<String, String>
+ /*
+ * TODO 防止重复调用发验证码
+ * */
+ @RequestMapping("/code")
+ fun code(@RequestParam phone: String): JsonResult {
+ return JsonResult.ok("OK")
+ }
+
+ @RequestMapping("/checkcode")
+ fun check(@RequestParam phone: String,@RequestParam code: String): JsonResult {
+ return JsonResult.ok("OK")
+ }
+
+ @RequestMapping("/register")
+ fun register(@RequestParam uid: String,@RequestParam pwd: String,@RequestParam repwd: String): JsonResult {
+ return JsonResult.ok("OK")
+ }
+}
+
@RestController
-@RequestMapping("/mobileapi")
-class MobileApiController {
+@RequestMapping("/mobileapi/v1")
+class ApiV1 {
@Autowired
- lateinit var userService: MobileUserService
+ lateinit var redisTemplate: RedisTemplate<String, String>
@RequestMapping("/logout")
fun logout(request: HttpServletRequest, response: HttpServletResponse): JsonResult {
SecurityContextHolder.getContext().authentication?.also {
}
return JsonResult.ok("退出成功")
}
-}
-@RestController
-@RequestMapping("/mobileapi/v1")
-class ApiV1 {
@RequestMapping("/infor")
fun getUserInfor(): JsonResult {
- val p = SecurityContextHolder.getContext().authentication
+ val p = SecurityContextHolder.getContext().authentication
+ return JsonResult.ok("OK").put("name", p.name)!!
+ }
+
+
+ @RequestMapping("/register")
+ fun register(): JsonResult {
+ val p = SecurityContextHolder.getContext().authentication
return JsonResult.ok("OK")
}
}
\ No newline at end of file
url = url.replace(context, "")
}
logger.info(url)
- if (!url.startsWith("/api/") && !url.startsWith("/mobileapi/")){
+ if(!url.startsWith("/api/")&&!url.startsWith("/mobileapi/v1/")){
filterChain.doFilter(request, response)
return
}
return
}
val claims = getUtil().verifyToken(jwt)
- if(url == "/mobileapi/logout"){
+ if(url.equals("/mobileapi/v1/logout")){
SecurityContextHolder.clearContext()
apiJwtRepository.deleteById(claims[ReservedClaimNames.JWT_ID].toString())
throw JoseException("JWT has not been register")
}
val tenantId = request.getHeader(Constants.HEADER_TETANTID)
if (tenantId == null) {
- response.sendError(HttpStatus.UNAUTHORIZED.value(), "未定义租户ID")
+ response.status=HttpStatus.UNAUTHORIZED.value()
return
}
if (claims[Constants.JWT_CLAIM_TENANTID] != tenantId) {
- response.sendError(HttpStatus.UNAUTHORIZED.value(), "未定义租户ID")
+ response.status=HttpStatus.UNAUTHORIZED.value()
return
}
val auth = UsernamePasswordAuthenticationToken(claims[Constants.JWT_CLAIM_UID], null,
apiJwtRepository.deleteById(e.jwtContext.jwtClaims.jwtId)
}
response.status=HttpStatus.UNAUTHORIZED.value()
+ return
} catch (e: JoseException) {
SecurityContextHolder.clearContext()
// jwt 失效后返回 401
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.antMatcher("/mobileapi/**")
+
.addFilterAfter(apiFilter,
UsernamePasswordAuthenticationFilter::class.java)
- .authorizeRequests().anyRequest().authenticated()
+ .authorizeRequests().antMatchers("/mobileapi/i/**").permitAll().anyRequest().authenticated()
.and()
.formLogin()
.loginProcessingUrl("/mobileapi/login")
Code Review / epayment / food_payapi.git / commitdiff
