判断商家是否被锁定,如果被锁定,直接跳转到出错页面, filter取到springConfig

package com.enterprise.web.filter;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import net.sf.json.JSONObject;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.support.PropertiesLoaderUtils;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.context.support.WebApplicationContextUtils;

import com.enterprise.util.HttpClientUtil;
import com.enterprise.util.RedisUtil;

/**
 * 商家账号是否锁定
 */
public class BizLoginCheckFilter implements Filter {
	private static final Logger LOG = LoggerFactory.getLogger(BizLoginCheckFilter.class);
	
	private final static String BIZ_LOCK = "BIZ_LOGIN_LOCK_";
	
	private ApplicationContext ctx;
	private RedisUtil redisUtil;
	private String userDomain;
	
	public void destroy() {}

	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
		HttpServletRequest httpRequest = (HttpServletRequest)request;
		HttpServletResponse httpResponse = (HttpServletResponse)response;
		HttpSession session = httpRequest.getSession(false);
		if (session != null) {
			if (session.getAttribute("SPRING_SECURITY_CONTEXT") != null) {
				SecurityContext context = (SecurityContext) session.getAttribute("SPRING_SECURITY_CONTEXT");
				Authentication authentication = context.getAuthentication();
				if (authentication != null) {
					Object principal = authentication.getPrincipal();
					if (principal instanceof UserDetails) {
		                final String username = ((UserDetails) principal).getUsername();
		                if (StringUtils.isNotBlank(username)) {
		        			//是否被锁定
		        			if (isLockedFromRedis(username)) {
		        				httpResponse.sendRedirect(userDomain + "/bizAccessDenied.html");
		        				return;
		        			}
		        		}
					}
				}
			}
		}
		chain.doFilter(request, response);
	}
	
	private boolean isLockedFromRedis(final String username) {
		String bizLockVal = null;
		try {
			bizLockVal = redisUtil.get(BIZ_LOCK + username);
		} catch (Exception e) {
			LOG.error(">>>>>>>>>read "+username+" from redis isLocked failed:" + e.getMessage());
			return isLockedFromDB(username);
		}
		if (StringUtils.isNotBlank(bizLockVal) && "1".equals(bizLockVal)) {
			return true;
		}
		return false;
	}
	
	private boolean isLockedFromDB(String username) {
		String url = userDomain + "/api/merchant/isLockedShop.html";
		Map<String, String> params = new HashMap<String, String>();
		params.put("username", username);
		try {
			String resultJson = HttpClientUtil.doPost(url, params, "UTF-8");
			if (StringUtils.isNotBlank(resultJson)) {
				JSONObject jsonObject = JSONObject.fromObject(resultJson);
				//0:成功,1:失败
				if (0 == jsonObject.getInt("code")) {
					//0:未锁定, 1:锁定 
					return jsonObject.getInt("data") == 1?true:false;
				}
			}
			LOG.info(">>>>>>>>>>>>>>[CAS] Biz isLocked接口[username="+username+"]返回值: " + resultJson);
		} catch (IOException e) {
			LOG.error(">>>>>>>>>>>>>>[CAS] Biz isLocked接口[username="+username+"]异常: " + e.getMessage());
		} catch (Exception e) {
			LOG.error(">>>>>>>>>>>>>>[CAS] Biz isLocked接口[username="+username+"]异常: " + e.getMessage());
		}
		return false;
	}
	
	public void init(FilterConfig filterConfig) throws ServletException {
		if(ctx == null){
			ctx = WebApplicationContextUtils.getWebApplicationContext(filterConfig.getServletContext());
			redisUtil = (RedisUtil)ctx.getBean("redisUtil");
			try {
				Properties loaderUtils = PropertiesLoaderUtils.loadProperties(new ClassPathResource("domain.properties"));
				userDomain = loaderUtils.getProperty("user.domain");
			} catch (IOException e) {
				userDomain = "http://user.qbao.com";
			}
		}
	}
	
}

 

你可能感兴趣的:(判断商家是否被锁定,如果被锁定,直接跳转到出错页面, filter取到springConfig)