преди 2 месеца · d44833dd57
--- a/src/main/java/common/interceptor/LoginInterceptor.java
+++ b/src/main/java/common/interceptor/LoginInterceptor.java
@@ -0,0 +1,29 @@
 
				+package common.interceptor;
			
 
				+
			
 
				+import com.jfinal.aop.Interceptor;
			
 
				+import com.jfinal.aop.Invocation;
			
 
				+import com.jfinal.core.Controller;
			
 
				+import com.jfinal.kit.StrKit;
			
 
				+import common.utils.http.MyRet;
			
 
				+
			
 
				+public class LoginInterceptor implements Interceptor {
			
 
				+    @Override
			
 
				+    public void intercept(Invocation invocation) {
			
 
				+        Controller controller = invocation.getController();
			
 
				+
			
 
				+        String serverToken = (String)controller.getSession().getAttribute("dl-token");
			
 
				+        String clientToken = controller.getHeader("dl-token");
			
 
				+        String id = controller.getSessionAttr("id");
			
 
				+        String mobileNumber = controller.getSessionAttr("mobile_number");
			
 
				+
			
 
				+        if (StrKit.notBlank(serverToken, clientToken) && clientToken.equals(serverToken) && StrKit.notBlank(id, mobileNumber)) {
			
 
				+            invocation.invoke();
			
 
				+        } else {
			
 
				+            MyRet ret = MyRet.fail("登录信息已过期，请重新登录。");
			
 
				+            
			
 
				+            ret.setCode(MyRet.CODE_NO_LOGIN);
			
 
				+
			
 
				+            controller.renderJson(ret);
			
 
				+        }
			
 
				+    }
			
 
				+}
			
--- a/src/main/java/modules/user/UserController.java
+++ b/src/main/java/modules/user/UserController.java
@@ -1,9 +1,11 @@
 
				 package modules.user;
			
 
				 
			
 
				 import com.alibaba.fastjson.JSONObject;
			
 
				+import com.jfinal.aop.Before;
			
 
				 import com.jfinal.aop.Inject;
			
 
				 import com.jfinal.kit.HashKit;
			
 
				 import com.jfinal.kit.StrKit;
			
 
				+import common.interceptor.LoginInterceptor;
			
 
				 import common.interceptor.empty.EmptyInterface;
			
 
				 import common.model.User;
			
 
				 import common.utils.http.MyController;
			
@@ -157,6 +159,21 @@ public class UserController extends MyController {
 
				         
			
 
				         renderJson(ret);
			
 
				     }
			
 
				+
			
 
				+    @Before(LoginInterceptor.class)
			
 
				+    public void getUserInfo() {
			
 
				+        User user = service.findUserByMobileNumber(this.<String>getSessionAttr("mobile_number"));
			
 
				+
			
 
				+        if (user == null) {
			
 
				+            removeSessionAttr("dl-token");
			
 
				+            removeSessionAttr("role");
			
 
				+            removeSessionAttr("mobile_number");
			
 
				+            
			
 
				+            renderJson(MyRet.fail("登录信息失效，请重新登录。").setCode(MyRet.CODE_NO_LOGIN));
			
 
				+        } else {
			
 
				+            renderJson(MyRet.fail("获取成功").setData(user));
			
 
				+        }
			
 
				+    }
			
 
				     
			
 
				     private MyRet checkVerifyCode(String userVerifyCode) {
			
 
				         // 3. 验证码校验
			
--- a/src/test/rest/UserControllerTest.http
+++ b/src/test/rest/UserControllerTest.http
@@ -18,6 +18,7 @@ Content-Type: application/json
 
				 }
			
 
				 
			
 
				 ### 登录，可以选择传入pwd_md5（密码登录）或verify_code（验证码登录）。如果两者都传入了，后台会优先使用pwd_md5
			
 
				+### 登录成功后会返token回来，后面请求需要用户状态的接口都需要携带到headers里面，key是dl-token
			
 
				 POST {{ baseUrl }}/user/login
			
 
				 Content-Type: application/json
			
 
				 
			
@@ -26,3 +27,9 @@ Content-Type: application/json
 
				   "pwd_md5": "e10adc3949ba59abbe56e057f20f883e",
			
 
				   "verify_code": ""
			
 
				 }
			
 
				+
			
 
				+### 获取登录用户的信息
			
 
				+POST {{ baseUrl }}/user/getUserInfo
			
 
				+Content-Type: application/json
			
 
				+dl-token: -4950684203106611805
			
 
				+