注解2

 

@Aspect
@Component
@Order(1)
@Slf4j
public class Auth4PasswordAspect extends BaseAspect {

/**
* 指定有该注解，且在controller包下或子包下的接口
*/
@Pointcut(value = "@within(com.dahuatech.service.b2b.core.annotation.Auth4Password) && execution( * com.dahuatech.b2b.dt.controller.*..*(..))")
public void b2bAuthenticatePointCut() {
}

@Around("b2bAuthenticatePointCut()")
public Object doAround(ProceedingJoinPoint joinPoint) throws Throwable {
// 是否验证通过
if (!validate(joinPoint)) {
throw new BizException(I18ReturnCode.CHECK_CSRF_TOKEN, loginUrl);
}

return joinPoint.proceed();
}

private synchronized boolean validate(ProceedingJoinPoint joinPoint) {
// 请求uri地址
String uri = req.getRequestURI();

// 记录ip和uri
ThreadContextUtil.putBaseInfo(req);

// 判断是否过滤，不需要验证
MethodSignature signature = (MethodSignature) joinPoint.getSignature();
Method method = signature.getMethod();
if (method.isAnnotationPresent(AuthPass.class)) {
return true;
}

// 保存至线程中
UserContextUtil.setUser(loginUser);

return true;
}

/**
* 执行完切面后，将线程共享中的数据源名称清空
*
* @param joinPoint
*/
@After("b2bAuthenticatePointCut()")
public void after(JoinPoint joinPoint) {
}
}