jlutt
/
dyDeliver


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144
							package com.dderp.common.base;

import com.dderp.common.api.NoSqlKeysService;
import com.dderp.common.api.StoreService;
import com.dderp.common.datas.ERPHeader;
import com.dderp.common.datas.HttpCode;
import com.dderp.common.datas.RedisKeys;
import com.dderp.common.entity.site.ERPTokenUser;
import com.dderp.common.entity.store.StoreInfo;
import com.dderp.common.tool.ERPUtils;
import com.dySweetFishPlugin.redis.RedisService;
import com.dySweetFishPlugin.sql.RMapUtils;
import com.sweetfish.convert.json.JsonConvert;
import com.sweetfish.net.http.*;
import com.sweetfish.util.AnyValue;
import com.sweetfish.util.AutoLoad;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

import javax.annotation.Resource;
import java.io.File;
import java.io.IOException;

import static com.sweetfish.net.Server.RESNAME_SERVER_ROOT;

@AutoLoad(false)
@HttpUserType(ERPTokenUser.class)
public class ERPStoreAppHttpServlet extends HttpServlet {

    protected final Logger logger = LogManager.getLogger(this.getClass().getSimpleName());

    @Resource
    protected NoSqlKeysService keysService;

    @Resource
    protected RedisService redisService;

    @Resource
    protected StoreService storeService;

    @Resource(name = RESNAME_SERVER_ROOT)
    File webRoot;

    @Resource(name = "property.deliver.Store.commonkey")
    private String ssoStoreTokenCommonKey;

    @Resource
    JsonConvert jsonConvert;

    @Override
    public void init(HttpContext context, AnyValue config) {
        super.init(context, config);
    }

    /**
     * 获取当前用户
     *
     * @param request http请求
     * @return 当前用户信息
     */
    public ERPTokenUser currentUser(HttpRequest request) {
        //先判断请求中是否有
        ERPTokenUser user = request.currentUser();
        if (user != null) {
            return user;
        }

        //没有则判断token
        String token = ERPUtils.parseHttpToken(request);

        return ERPUtils.parseERPUserFromToken(token, ssoStoreTokenCommonKey, jsonConvert);
    }

    @Override
    protected void preExecute(HttpRequest request, HttpResponse response) throws IOException {
        //注册一个监听器
        response.recycleListener((req, resp) -> {
            //记录超过5秒的请求
            long e = System.currentTimeMillis() - req.getCreatetime();
            if (e > 50000) {
                logger.info("http-execute-cost-time: " + e + " ms. request = " + req);
            }
        });
        //设置当前用户
        ERPTokenUser userInfo = currentUser(request);
        request.setCurrentUser(userInfo);
        response.nextEvent();
    }

    @Override
    protected void authenticate(HttpRequest request, HttpResponse response) throws IOException {
        ERPTokenUser info = request.currentUser();

        long supplierCode = request.getLongHeader(ERPHeader.HTTPHEADER_SUPPLIER, 0);

        if (info == null) {
            //判断是否登录
            if ("/xdoc/index".equalsIgnoreCase(request.getRequestURI())) {
                File api = new File(webRoot, "apilogin.html");
                response.finishFile(api, null);
            } else {
                response.finishJson(RMapUtils.error(HttpCode.UNAUTHORIZED.value(), "未登录"));
            }
            return;
        } else {
            //判断门店是否作废
            StoreInfo storeInfo = storeService.getStoreInfo(info.getIdBindOrg(), supplierCode, false, false, false);
            if (storeInfo == null) {
                response.finishJson(RMapUtils.error(HttpCode.UNAUTHORIZED.value(), "未登录"));
                return;
            }

            if (storeInfo.getVoidFlag() == 1) {
                response.finishJson(RMapUtils.error(HttpCode.UNAUTHORIZED.value(), "未登录"));
                return;
            }
        }
        //验证通过调用执行方法
        response.nextEvent();
    }

    @Override
    public boolean checkRequestCount(HttpRequest request, HttpResponse response, int limitCount, long limitTime) {
        String ip = request.getRemoteAddr();
        String url = request.getRequestURI();

        String key = keysService.getRedisKey(RedisKeys.KEY_REQUESTLIMIT, 0L, true).concat(url).concat(ip);
        long count = redisService.incrby(key, 1);
        if (count == 1) {
            redisService.pexpire(key, limitTime);
        }
        if (count > limitCount) {
            logger.info("用户IP[" + ip + "]访问地址[" + url + "]超过了限定的次数[" + limitCount + "]");
            response.finishJson(RMapUtils.error(HttpCode.MULTI_STATUS.value(), "请求超过了限定的次数"));
            return false;
        }
        return true;
    }

    @Override
    public void responseMethodReturn(HttpRequest request, HttpResponse response, String requestMethod, String actMethod) {
        response.finishJson(RMapUtils.error(HttpCode.BAD_REQUEST.value(), request.getRequestURI() + "Method(" + requestMethod + ") Error (" + actMethod + ")"));
    }
}