修改token传参，从header获取，用户名从用户token中获取

cf80b5c5 · 技术部—现金贷—曾丽宾 · 943795eb · cf80b5c5
Commit cf80b5c5 authored Jun 20, 2017 by 技术部—现金贷—曾丽宾
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 9 deletions

UserQueryLogController.java .../controller/external/queryLog/UserQueryLogController.java +26 -9

No files found.
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/queryLog/UserQueryLogController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/queryLog/UserQueryLogController.java
@@ -37,6 +37,7 @@ import org.apache.poi.hssf.usermodel.HSSFRow;
 import org.apache.poi.hssf.usermodel.HSSFSheet;
 import org.apache.poi.hssf.usermodel.HSSFWorkbook;

+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 /**
@@ -71,9 +72,14 @@ public class UserQueryLogController {

  private static final String privateKey="MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJiLDU8pacJuQrLMcr5uUekpNH+q07c6rue+NJ1yikJKY4mqOLcH6okyt/TfbjaZgkhB4XdhJNBlN+uLkSQ2CiqfRj8piksAq6rz2M90iQHeW+Ku97D22l9sBPgHXhaChZ0wfmiioG3SXLd/4mOgEzl0oVM6uFySEUOhoHdQBpqJAgMBAAECgYA3DfCWwoaWEr9l0p4TFrPfZ+y3qwrQVZCsuRw6Ow2lUT3NgK8JeATw0WpNKZqYgBziQUzDjj8AK5fcHjobDJnsKGqC2VQ+j05hQZztoHTrYxOx6xrGxIzqmbt/dPsw779xXSRJu3DuUeCm6CrGZpVpPX/NtXBxIhXRY2KRNa1SZQJBAPMboc+M6/OeGPQqFvXg9jgEWcosBpy6HtukfjONQAVuM5e0pZa8SQCLhcoHgbbqcEhbDAJEqr9x9eZjjFPSt08CQQCgoe/hOVf0s5oo1IM1TVEUkGOIzVVlyTMwu0p4jwt3987D7BKZe7mCl41quWDwL4JIQ0GcivVMpJzYsDBZHRqnAkBMgCKAHHlXdSWnF+OXxg3U/NGAhDAke5EgTvgDouxFiTMlBwygjWlviXg1Zf1UoRtqOXRi9lbA3cyijirnacSTAkBmve0ug30MmOvbfcHGkANyQcBIOf2LMxu46bKCVgwh2bC4hACJhydqrgDX6GZmehy8l7gZpo+rTAa+WkMyXHk1AkEArt6ElkyNI7TDu0By59Zin05tuZJr6QoMXs9bVH+xP3OBG1KfPYTBc9yb5MOjXIxAjyGGeDpUfhuUDBe56GTOBA==";
  @RequestMapping("/queryLog")
-  public JsonResult queryLog(@RequestParam(required=false) String beginDate,@RequestParam(required=false) String endDate, Integer pageId, Integer pageSize,String token) {
+  public JsonResult queryLog(HttpServletRequest request,@RequestParam(required=false) String beginDate,@RequestParam(required=false) String endDate, Integer pageId, Integer pageSize) {

-    if(!checkUserToken(token)){
+    String token=request.getHeader("x-auth-token");
+    if(token==null||token.equals("")){
+      return JsonResult.buildErrorStateResult("缺少授权信息",null);
+    }
+
+    if(checkUserToken(token).equals("")){
      return JsonResult.buildErrorStateResult("未授权查询",null);
    }
      try{
@@ -115,14 +121,19 @@ public class UserQueryLogController {
  }

  @RequestMapping("/queryUserInfo")
-  public JsonResult queryForResult(String key,String keyValues,String userName, String columns,Integer pageId,Integer pageSize,String token) {
+  public JsonResult queryForResult(HttpServletRequest request,String key,String keyValues, String columns,Integer pageId,Integer pageSize) {

+    String token=request.getHeader("x-auth-token");
+    if(token==null||token.equals("")){
+      return JsonResult.buildErrorStateResult("缺少授权信息",null);
+    }
    //columns=>  userId,phoneNo,idNo,bankCard,address
    //key=>phoneNo、idNo、userId
    //checkKeysType;
    //后台参数校验
    //校验用户权限
-    if(!checkUserToken(token)){
+    String userName=checkUserToken(token);
+    if(userName.equals("")){
      return JsonResult.buildErrorStateResult("未授权查询",null);
    }
    String[] values=keyValues.split(";");
@@ -292,9 +303,14 @@ public class UserQueryLogController {
  }

  @RequestMapping("/exportUserInfo")
-  public JsonResult exportExcel(final HttpServletResponse response,String key,String keyValues,String userName, String columns,String token){
+  public JsonResult exportExcel(final HttpServletResponse response,HttpServletRequest request,String key,String keyValues, String columns){

-    if(!checkUserToken(token)){
+    String token=request.getHeader("x-auth-token");
+    if(token==null||token.equals("")){
+      return JsonResult.buildErrorStateResult("缺少授权信息",null);
+    }
+    String userName=checkUserToken(token);
+    if(userName.equals("")){
      return JsonResult.buildErrorStateResult("未授权查询",null);
    }

@@ -451,7 +467,7 @@ public class UserQueryLogController {
    return JsonResult.buildSuccessResult("导出成功",null);
  }

-  private boolean checkUserToken(String token){
+  private String checkUserToken(String token){

    HashMap<String, String> parameters = new HashMap<>();
    parameters.put("token", token);
@@ -460,11 +476,12 @@ public class UserQueryLogController {
    try{
      JsonObject resultUser = new JsonParser().parse(resultStr).getAsJsonObject();
      if(resultUser.get("code").getAsString().equals("0000")&&resultUser.get("data").getAsJsonObject()!=null){
-        return true;
+        String userName=resultUser.get("data").getAsJsonObject().get("user").getAsString();
+        return userName;
      }
    }catch(Exception e){

    }
-    return false;
+    return "";
  }
 }