diff --git a/platform-common/src/main/java/com/lyms/platform/common/base/ExceptionHandlerController.java b/platform-common/src/main/java/com/lyms/platform/common/base/ExceptionHandlerController.java index 96df0a3..c0a6a9e 100644 --- a/platform-common/src/main/java/com/lyms/platform/common/base/ExceptionHandlerController.java +++ b/platform-common/src/main/java/com/lyms/platform/common/base/ExceptionHandlerController.java @@ -3,6 +3,7 @@ package com.lyms.platform.common.base; import com.lyms.platform.common.constants.ErrorCodeConstants; import com.lyms.platform.common.core.resolve.MessageResolver; import com.lyms.platform.common.exception.BusinessException; +import com.lyms.platform.common.exception.ForbiddenException; import com.lyms.platform.common.exception.ParameterException; import com.lyms.platform.common.exception.TokenException; import com.lyms.platform.common.result.BaseResponse; @@ -106,11 +107,21 @@ public class ExceptionHandlerController { setHttpResponseHeader(httpServletResponse); Map resultMap = new HashMap<>(); resultMap.put("errorcode", ErrorCodeConstants.TOKEN_EXPIRE); -// resultMap.put("errormsg", "您当前用户登录状态异常,暂时无法访问,请重新登录"); resultMap.put("errormsg", "登录过期,请重新登录"); return resultMap; } + @ResponseStatus(HttpStatus.FORBIDDEN) + @ExceptionHandler(ForbiddenException.class) + @ResponseBody + public Map buildExcExpire(HttpServletResponse httpServletResponse) { + setHttpResponseHeader(httpServletResponse); + Map resultMap = new HashMap<>(); + resultMap.put("errorcode", ErrorCodeConstants.TOKEN_EXPIRE); + resultMap.put("errormsg", "Forbidden"); + return resultMap; + } + /** * 处理spring mvc 缺少请求参数的异常提示 * diff --git a/platform-common/src/main/java/com/lyms/platform/common/exception/ForbiddenException.java b/platform-common/src/main/java/com/lyms/platform/common/exception/ForbiddenException.java new file mode 100644 index 0000000..b4c346d --- /dev/null +++ b/platform-common/src/main/java/com/lyms/platform/common/exception/ForbiddenException.java @@ -0,0 +1,42 @@ +package com.lyms.platform.common.exception; + +/** + * Created by Administrator on 2015/9/29 0029. + */ +public class ForbiddenException extends RuntimeException { + + /** + * + */ + private static final long serialVersionUID = 1L; + + private String code; + + private String message; + + public ForbiddenException() { + + } + + public ForbiddenException(String code, String message) { + this.code = code; + this.message = message; + } + + public String getCode() { + return code; + } + + public void setCode(String code) { + this.code = code; + } + + @Override + public String getMessage() { + return message; + } + + public void setMessage(String message) { + this.message = message; + } +} diff --git a/platform-operate-api/src/main/java/com/lyms/platform/operate/web/inteceptor/TokenValidateInteceptor.java b/platform-operate-api/src/main/java/com/lyms/platform/operate/web/inteceptor/TokenValidateInteceptor.java index c43d8b1..c978064 100644 --- a/platform-operate-api/src/main/java/com/lyms/platform/operate/web/inteceptor/TokenValidateInteceptor.java +++ b/platform-operate-api/src/main/java/com/lyms/platform/operate/web/inteceptor/TokenValidateInteceptor.java @@ -5,8 +5,10 @@ import com.lyms.platform.common.annotation.TokenRequired; import com.lyms.platform.common.base.BaseController; import com.lyms.platform.common.base.ContextHolder; import com.lyms.platform.common.base.LoginContext; +import com.lyms.platform.common.exception.ForbiddenException; import com.lyms.platform.common.exception.TokenException; import com.lyms.platform.common.utils.LogUtil; +import com.lyms.platform.common.utils.PropertiesUtils; import com.lyms.platform.operate.web.session.SessionProvider; import com.lyms.platform.permission.service.UsersService; import org.apache.commons.lang.StringUtils; @@ -30,6 +32,9 @@ import java.lang.annotation.Annotation; */ public class TokenValidateInteceptor extends HandlerInterceptorAdapter { + public static final String XT_VERSION = PropertiesUtils.getPropertyValue("xt_version"); + + @Autowired private SessionProvider sessionProvider; @@ -40,10 +45,21 @@ public class TokenValidateInteceptor extends HandlerInterceptorAdapter { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { - String referer = request.getHeader("Referer"); - String url = request.getRequestURL().toString(); - System.out.println("referer====="+referer); - System.out.println("url====="+url); + if (XT_VERSION != null && XT_VERSION.equals("xt_version")) + { + String referer = request.getHeader("Referer"); + String url = request.getRequestURL().toString(); + System.out.println("referer====="+referer); + System.out.println("url====="+url); + if (StringUtils.isNotEmpty(referer) && !referer.contains("area-xtrm.healthbaby.com.cn")) + { + throw new ForbiddenException(); + } + else if (StringUtils.isEmpty(referer) && !url.contains("area-xtrm.healthbaby.com.cn")) + { + throw new ForbiddenException(); + } + } if (!isSiteController(handler)) return true; diff --git a/platform-operate-api/src/main/resources/config.properties b/platform-operate-api/src/main/resources/config.properties index 2ab3ebe..4daddcd 100644 --- a/platform-operate-api/src/main/resources/config.properties +++ b/platform-operate-api/src/main/resources/config.properties @@ -8,6 +8,8 @@ center_token=e0c56363-00d6-42ee-bbe0-23c553583062 #His系统版本 0:未使用,1:桓台,2:新乐,3:青龙县医院,4:秦皇岛妇幼,5:抚宁妇幼, 6: 德州妇幼,7:南充中心医院 his_version=21 +xt_version= + #TCP服务器端口 nio_server_port=8000 #TCP服务器是否启动 1:true,2:false