AOP实现--外部访问接口请求校验

@Component
@Aspect
public class ApiRequestCheck {

   protected Logger logger = LoggerFactory.getLogger(this.getClass());
   /**
    * signature
    */
   private static final String SIGNATURE = "90FA06DF546D28D7504E7F5C2246AE2A";

   @Pointcut("execution(* com.uec.cmp.frontend.api..*.*(..))")
   public void checkRequest(){}

   @Around("checkRequest()")
   private Object concurrentHandler(ProceedingJoinPoint point) {
      ResultApi api = ResultApi.getError();
      api.setMsg("签名不正确,或没有签名");
      try {
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
         String signature = request.getHeader("signature");
         logger.info("request header 的 signature 参数"+signature);

         if (StringUtils.isNotBlank(signature) && SIGNATURE.equals(signature)){
            Object proceed = point.proceed();

            return proceed;
         } else {
            return api;
         }

      } catch (Throwable e){
         logger.error(e.getMessage(), e);
      }
      return api;
   }
}

只是简单的校验了一个签名字符串

posted @ 2019-04-18 21:57  暮色听雨声  阅读(270)  评论(0编辑  收藏