From d3b5fbde186a47c0dc8b0b58d5688ae5691ed9e6 Mon Sep 17 00:00:00 2001
From: peter <14100000001@qq.com>
Date: Sat, 10 Jan 2026 23:46:21 +0800
Subject: [PATCH] 签章
---
src/main/java/com/nq/common/interceptor/ApiUserAuthorityInterceptor.java | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
1 files changed, 48 insertions(+), 0 deletions(-)
diff --git a/src/main/java/com/nq/common/interceptor/ApiUserAuthorityInterceptor.java b/src/main/java/com/nq/common/interceptor/ApiUserAuthorityInterceptor.java
index 64e5abf..b4a51b8 100644
--- a/src/main/java/com/nq/common/interceptor/ApiUserAuthorityInterceptor.java
+++ b/src/main/java/com/nq/common/interceptor/ApiUserAuthorityInterceptor.java
@@ -68,6 +68,24 @@
if ("/user/buchahbds.do".equals(url)) {
return true;
}
+ if ("/user/viewAgreementPdf.do".equals(url)) {
+ // PDF查看需要验证用户,允许通过cookie或header的token访问
+ User currentUser = getCurrentUser(httpServletRequest);
+ if (currentUser == null) {
+ // 没有有效token,返回错误
+ httpServletResponse.setCharacterEncoding("UTF-8");
+ httpServletResponse.setContentType("application/json;charset=UTF-8");
+ PrintWriter writer = httpServletResponse.getWriter();
+ Map map = Maps.newHashMap();
+ map.put("success", Boolean.valueOf(false));
+ map.put("msg", "請先登錄,無權限訪問user");
+ writer.print(JsonUtil.obj2String(map));
+ writer.flush();
+ writer.close();
+ return false;
+ }
+ return true; // 已登录,允许访问
+ }
User currentUser = getCurrentUser(httpServletRequest);
if (null == currentUser) {
// httpServletResponse.reset();
@@ -188,6 +206,17 @@
String property = PropertiesUtil.getProperty("user.cookie.name");
System.out.println(property);
String loginToken = request.getHeader(property);
+
+ // 如果header中没有token,尝试从cookie获取
+ if (loginToken == null) {
+ loginToken = getTokenFromCookie(request);
+ }
+
+ // 如果cookie中也没有token,尝试从URL参数获取(用于iframe等场景)
+ if (loginToken == null) {
+ loginToken = request.getParameter("token");
+ }
+
if (loginToken == null) {
System.out.println("loginToken is null");
return null;
@@ -202,4 +231,23 @@
// System.out.println(userJson);
return (User) JsonUtil.string2Obj(userJson, User.class);
}
+
+ /**
+ * 从Cookie中获取token
+ *
+ * @param request 请求
+ * @return token
+ */
+ private String getTokenFromCookie(HttpServletRequest request) {
+ javax.servlet.http.Cookie[] cookies = request.getCookies();
+ if (cookies != null) {
+ String cookieName = PropertiesUtil.getProperty("user.cookie.name");
+ for (javax.servlet.http.Cookie cookie : cookies) {
+ if (cookieName != null && cookieName.equals(cookie.getName())) {
+ return cookie.getValue();
+ }
+ }
+ }
+ return null;
+ }
}
--
Gitblit v1.9.3