api token新增权限控制

音乐界面新增下载按钮音乐列表新增返回功能新增音乐文件夹功能新增在文件夹内双击播放则按顺序播放当前文件夹内的歌新增音乐文件夹列表的图标
2020-10-26 16:50:16 +08:00
parent 180346963c
commit 3d60754263
17 changed files with 953 additions and 84 deletions
--- a/src/main/java/com/yutou/tools/utils/APIFilter.java
+++ b/src/main/java/com/yutou/tools/utils/APIFilter.java
@@ -1,6 +1,11 @@
 package com.yutou.tools.utils;

+import com.alibaba.fastjson.JSONArray;
+import com.yutou.tools.mybatis.dao.PermissionDao;
 import com.yutou.tools.mybatis.dao.UKeyDao;
+import com.yutou.tools.mybatis.model.Permission;
+import com.yutou.tools.mybatis.model.PermissionExample;
+import com.yutou.tools.mybatis.model.UKey;
 import com.yutou.tools.mybatis.model.UKeyExample;
 import org.springframework.stereotype.Component;
 import org.springframework.util.StringUtils;
@@ -13,22 +18,25 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.Enumeration;
+import java.util.List;

@Component
@WebFilter
 public class APIFilter implements Filter {
-    private static boolean isDebug=true;
+    public static boolean isDebug = false;
    @Resource
    UKeyDao keyDao;
+    @Resource
+    PermissionDao permissionDao;

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
-        if(isDebug){
+       /* if(isDebug){
            filterChain.doFilter(servletRequest, servletResponse);
            return;
-        }
+        }*/
        HttpServletRequest request = (HttpServletRequest) servletRequest;
-        HttpServletResponse response= (HttpServletResponse) servletResponse;
+        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String token = request.getParameter("token");
        Cookie cookie = Tools.getCookie(request, "user");
        System.out.println("接收到请求：" + request.getRequestURI() + " " + token);
@@ -37,8 +45,29 @@ public class APIFilter implements Filter {
        if (!StringUtils.isEmpty(token)) {
            UKeyExample example = new UKeyExample();
            example.createCriteria().andKeyEqualTo(token);
-            if (keyDao.selectByExample(example).size() > 0) {
-                isToken = true;
+            List<UKey> list = keyDao.selectByExample(example);
+            if (list.size() > 0) {
+                String url = null;
+                String tmp = request.getRequestURI();
+                try {
+                    url = tmp.split(tmp.split("/")[tmp.split("/").length - 1])[0];
+                } catch (Exception ignored) {
+                }
+
+                UKey key = list.get(0);
+                JSONArray powers = JSONArray.parseArray(key.getPower());
+                if(powers.toJavaList(String.class).contains("-1")){
+                    isToken=true;
+                }else {
+                    PermissionExample pExample = new PermissionExample();
+                    pExample.createCriteria().andUrlEqualTo(url);
+                    List<Permission> permissions = permissionDao.selectByExample(pExample);
+                    if (permissions != null && permissions.size() > 0) {
+                        if (powers.toJavaList(Integer.class).contains(permissions.get(0).getId())) {
+                            isToken = true;
+                        }
+                    }
+                }
            }
        }
        if (cookie != null) {
@@ -50,7 +79,7 @@ public class APIFilter implements Filter {
        if (!isCookie && !isToken) {
            //response.sendRedirect("/");
            System.out.println("请求无令牌，拦截");
-            if(!request.getRequestURI().contains("/login/")&&!request.getRequestURI().equals("/favicon.ico")){
+            if (!request.getRequestURI().contains("/login/") && !request.getRequestURI().equals("/favicon.ico")) {
                response.sendRedirect("/");
                return;
            }
--- a/src/main/java/com/yutou/tools/utils/MusicTools.java
+++ b/src/main/java/com/yutou/tools/utils/MusicTools.java
@@ -1,6 +1,7 @@
 package com.yutou.tools.utils;

 import com.yutou.tools.home.nas.Data.MusicData;
+import com.yutou.tools.home.nas.MusicController;
 import ealvatag.audio.AudioFile;
 import ealvatag.audio.AudioFileIO;
 import ealvatag.audio.exceptions.CannotReadException;
@@ -77,16 +78,52 @@ public class MusicTools {
    }
    public List<MusicData> getPath(String path){
        if(musicMap.containsKey(path)){
-            return musicMap.get(path);
+            List<MusicData> list=new ArrayList<>();
+            MusicData tmp=musicMap.get(path).isEmpty()?null:musicMap.get(path).get(0);
+            if(tmp!=null){
+                if(!tmp.getFile().getParent().equals(MusicController.defaultMusicPath)) {
+                    MusicData t2 = new MusicData();
+                    t2.setTitle("返回");
+                    t2.setFile(new File(tmp.getLastDir()));
+                    list.add(t2);
+                }
+
+            }
+            getDirList(path, list);
+            list.addAll(musicMap.get(path));
+            return list;
+        }else{
+            if(path.contains(MusicController.defaultMusicPath)){
+                List<MusicData> list=new ArrayList<>();
+                MusicData t2 = new MusicData();
+                t2.setTitle("返回");
+                t2.setFile(new File(path).getParentFile());
+                list.add(t2);
+                getDirList(path, list);
+                return list;
+            }
+
        }
        return new ArrayList<>();
    }

+    private void getDirList(String path, List<MusicData> list) {
+        File file=new File(path);
+        for (File listFile : file.listFiles()) {
+            if(listFile.isDirectory()){
+                MusicData data=new MusicData();
+                data.setTitle(listFile.getName());
+                data.setFile(listFile);
+                list.add(data);
+            }
+        }
+    }
+
    private void add(File file) {
        MusicData data = getMetadata(file);
        if (data != null) {
            musicList.add(data);
-            String path=file.getAbsolutePath().replace(file.getName(),"");
+            String path=file.getAbsolutePath().replace(File.separator+file.getName(),"");
            List<MusicData> list;
            if(musicMap.containsKey(path)){
                list=musicMap.get(path);
@@ -100,7 +137,10 @@ public class MusicTools {

    public MusicData getMetadata(File file) {
        try {
-            if (file.getName().endsWith(".lrc") || file.getName().endsWith(".jpg")) {
+            if (file.getName().endsWith(".lrc")
+                    || file.getName().endsWith(".jpg")
+                    || file.getName().endsWith(".ini")
+            ) {
                return null;
            }
            AudioFile audioFile = AudioFileIO.read(file);
--- a/src/main/java/com/yutou/tools/utils/Tools.java
+++ b/src/main/java/com/yutou/tools/utils/Tools.java
@@ -262,11 +262,20 @@ public class Tools {
            downloadInterface.onError(e);
        }
    }
+
+    /**
+     * 构造给前端的文件
+     * @param file 文件路径
+     * @return 前端获取的文件
+     */
    public static ResponseEntity<FileSystemResource> getFile(File file){
        HttpHeaders headers = new HttpHeaders();
-        System.out.println(file.getName());
        headers.add("Cache-Control", "no-cache, no-store, must-revalidate");
-        headers.add("Content-Disposition", "attachment; filename=" + file.getName());
+        try {
+            headers.add("Content-Disposition", "attachment; filename=" +URLEncoder.encode(file.getName(),"UTF-8"));
+        } catch (UnsupportedEncodingException e) {
+            headers.add("Content-Disposition", "attachment; filename=" +file.getName());
+        }
        headers.add("Pragma", "no-cache");
        headers.add("Expires", "0");
        headers.add("Last-Modified", new Date().toString());