finikes alpha 7

src/main/java/com/finikes/oc/base/controller/PassportController.java

@@ -2,6 +2,7 @@ package com.finikes.oc.base.controller;
 
 import com.finikes.oc.BaseDTO;
 import com.finikes.oc.BizException;
+import com.finikes.oc.Passports;
 import com.finikes.oc.base.dao.PassportDAO;
 import com.finikes.oc.base.dto.PassportHouseInfoResponseDTO;
 import com.finikes.oc.base.dto.RegisterResponseDTO;
@@ -107,9 +108,8 @@ public class PassportController {
 
     @ResponseBody
     @RequestMapping(value = "/", method = RequestMethod.GET)
-    public BaseDTO getPassportAndHouse(@RequestParam("id") String id) {
-        int _id = Integer.parseInt(id);
-        Passport passport = passportDAO.findById(_id);
+    public BaseDTO getPassportAndHouse(HttpServletRequest request) {
+        Passport passport = Passports.getPassport(request);
         if (passport == null || passport.getState() != 1) {
             // 不能查看
             return new BaseDTO("300", "没有用户");
@@ -117,7 +117,7 @@ public class PassportController {
 
         PassportHouseInfoResponseDTO dto = new PassportHouseInfoResponseDTO();
         dto.setMobile(passport.getMobile());
-        HouseRelation relation = houseRelationDAO.findByPassport(_id);
+        HouseRelation relation = houseRelationDAO.findByPassport(passport.getId());
         if (relation != null && relation.getState() == 1) {
             House house = houseDAO.findById(relation.getHouseId());
             String houseAddress = getHouseFullName(house);

src/main/java/com/finikes/oc/filter/AuthFilter.java

@@ -16,7 +16,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
-//@Component
+@Component
 public class AuthFilter implements Filter {
     @Autowired
     private ResourceDAO resourceDAO;
@@ -33,40 +33,52 @@ public class AuthFilter implements Filter {
         HttpServletRequest httpServletRequest = (HttpServletRequest) request;
         Passport passport = Passports.getPassport(httpServletRequest);
         String url = httpServletRequest.getRequestURI();
-        System.out.println("AAAA " + url);
         String httpMethod = httpServletRequest.getMethod();
-        System.out.println("BBBB " + httpMethod);
-        if (!pass(passport, url, httpMethod)) {
+        if (pass(passport, url, httpMethod) == 0) {
             response.setCharacterEncoding("UTF-8");
             response.setContentType("application/json; charset=utf-8");
             response.getWriter().print("{\"code\":\"200\", \"message\":\"没有权限\"}");
             return;
         }
+        if (pass(passport, url, httpMethod) == -1) {
+            response.setCharacterEncoding("UTF-8");
+            response.setContentType("application/json; charset=utf-8");
+            response.getWriter().print("{\"code\":\"201\", \"message\":\"没有登录\"}");
+            return;
+        }
         chain.doFilter(request, httpServletResponse);
     }
 
-    private boolean pass(Passport passport, String url, String httpMethod) {
+    private int pass(Passport passport, String url, String httpMethod) {
+        if (url.startsWith("/verificationCode") || url.startsWith("/passport")) {
+            return 1;
+        }
+
         if (passport == null) {
-            return false;
+            return -1;
         }
 
         Resource resource = resourceDAO.findByUrlAndMethod(url, httpMethod);
         if (resource == null) {
-            return false;
+            return 1;
         }
 
         Manager manager = managerDAO.findByPassport(passport.getId());
         if (manager == null) {
-            return false;
+            return 0;
         }
 
         int roleId = manager.getRoleId();
         int resourceId = resource.getId();
         Authority authority = authorityDAO.findByRoleAndResource(roleId, resourceId);
         if (authority == null) {
-            return false;
+            return 0;
+        }
+
+        if (authority.isState()) {
+            return 1;
         }
 
-        return authority.isState();
+        return 0;
     }
 }