qingcheng-houduan/src/main/java/com/greenorange/promotion/aop/PermissionCheck.java

package com.greenorange.promotion.aop;

import cn.hutool.core.date.DateUtil;
import com.auth0.jwt.JWT;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.Claim;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.StringUtils;
import com.greenorange.promotion.annotation.RequiresPermission;
import com.greenorange.promotion.common.ErrorCode;
import com.greenorange.promotion.exception.ThrowUtils;
import com.greenorange.promotion.model.entity.UserInfo;
import com.greenorange.promotion.model.enums.UserRoleEnum;
import com.greenorange.promotion.service.user.UserInfoService;
import com.greenorange.promotion.utils.JWTUtils;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.apache.catalina.User;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import java.util.Date;
import java.util.Objects;


/**
 * 权限校验AOP
 */

@Slf4j
@Aspect
@Component
public class PermissionCheck {


    @Resource
    private UserInfoService userInfoService;


    @Resource
    private JWTUtils jwtUtils;

 
    /***
     * 执行拦截
     **/
    @Around("@annotation(requiresPermission)")
    public Object check(ProceedingJoinPoint joinPoint, RequiresPermission requiresPermission) throws Throwable {
//        // 获取请求对象
//        HttpServletRequest request = ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest();
//        // 接口的权限
//        String mustRole = requiresPermission.mustRole();
//        // 获取接口权限的枚举类
//        UserRoleEnum interfaceRoleEnum = UserRoleEnum.getEnumByValue(mustRole);
//        ThrowUtils.throwIf(interfaceRoleEnum == null, ErrorCode.NO_AUTH_ERROR);
//        // 获取用户权限
//        String token = request.getHeader("Authorization");
//        ThrowUtils.throwIf(StringUtils.isBlank(token), ErrorCode.NO_AUTH_ERROR, "JWT为空");
//        // 解析token
//        DecodedJWT decodedJWT = jwtUtils.verify(token);
//        String userAccount = decodedJWT.getClaim("userAccount").asString();
//        String userPassword = decodedJWT.getClaim("userPassword").asString();
//        // 将账号存入request，用于记录日志
//        request.setAttribute("userAccount", userAccount);
////        // 打印token的过期时间
////        Date expiresAt = decodedJWT.getExpiresAt();
////        String formatExpiresAt = DateUtil.format(expiresAt, "yyyy-MM-dd HH:mm:ss");
////        log.info("Token过期时间为:" + formatExpiresAt);
//        LambdaQueryWrapper<UserInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>();
//        lambdaQueryWrapper.eq(UserInfo::getUserAccount, userAccount).eq(UserInfo::getUserPassword, userPassword);
//        UserInfo userInfo = userInfoService.getOne(lambdaQueryWrapper);
//        ThrowUtils.throwIf(userInfo == null, ErrorCode.OPERATION_ERROR, "用户不存在");
//
//        // 获取用户权限的枚举类
//        String userRole = userInfo.getUserRole();
//        UserRoleEnum userRoleEnum = UserRoleEnum.getEnumByValue(userRole);
//
//        // 接口权限只能是 USER，ADMIN，BOSS，用户权限是 ADMIN，BOSS，USER，BAN
//        // 校验角色
//        ThrowUtils.throwIf(UserRoleEnum.USER.equals(userRoleEnum) && !UserRoleEnum.USER.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);
//        ThrowUtils.throwIf(UserRoleEnum.BAN.equals(userRoleEnum), ErrorCode.NO_AUTH_ERROR, "用户已被封禁");
//        ThrowUtils.throwIf(UserRoleEnum.ADMIN.equals(userRoleEnum) && UserRoleEnum.BOSS.equals(interfaceRoleEnum), ErrorCode.NO_AUTH_ERROR);

        return joinPoint.proceed();
    }
 
}