'commit'

src/main/java/com/dsideal/QingLong/DataShare/Controller/DataShareController.java

@@ -351,6 +351,19 @@ public class DataShareController extends Controller {
             Kv kv = Kv.by("token", token);
             kv.set("success", true);
             kv.set("message", "获取成功！");
+            /*
+             identity_id=1 系统管理员
+             identity_id=2 市州管理员
+             identity_id=3 县区管理员
+             identity_id=4 单位/学校管理员
+             identity_id=5 教师
+             identity_id=6 学生
+             identity_id=7 家长
+             identity_id=8 第三方接入的系统
+
+             header的Authorization中放入token，再通过header传过来，
+             */
+            kv.set("identity_id", DataShareModel.ShareSystemIdentityId);//第三方业务系统，视为8号身份人群
             renderJson(kv);
             return;
         }

src/main/java/com/dsideal/QingLong/DataShare/Model/DataShareModel.java

@@ -13,6 +13,8 @@ import com.jfinal.plugin.activerecord.SqlPara;
 import java.util.*;
 
 public class DataShareModel {
+    public static final int ShareSystemIdentityId = 8;
+
     public Page<Record> listSystem(String keyword, int exclude, int page, int limit) {
         if (StrKit.isBlank(keyword)) keyword = "";
         Kv kv = Kv.by("keyword", keyword);

src/main/java/com/dsideal/QingLong/Interceptor/IsLoginInterceptor.java

@@ -1,10 +1,11 @@
 package com.dsideal.QingLong.Interceptor;
 
-import com.dsideal.QingLong.Util.CommonUtil;
+import com.dsideal.QingLong.DataShare.Model.DataShareModel;
 import com.dsideal.QingLong.Util.SessionKit;
 import com.jfinal.aop.Interceptor;
 import com.jfinal.aop.Invocation;
 import com.jfinal.core.Controller;
+import com.jfinal.plugin.activerecord.Record;
 
 /**
  * 是不是登录正确？
@@ -13,6 +14,8 @@ import com.jfinal.core.Controller;
  */
 
 public class IsLoginInterceptor implements Interceptor {
+    DataShareModel dm = new DataShareModel();
+
     @Override
     public void intercept(Invocation inv) {
         //正常的登录验证逻辑代码
@@ -31,18 +34,30 @@ public class IsLoginInterceptor implements Interceptor {
             inv.invoke();
         }
 
-        //1、读取Session
-        boolean isTrue;
-        if ((SessionKit.get(con.getRequest(), con.getResponse(), "person_id") == null)) {
-            isTrue = false;
+
+        boolean isTrue = false;
+        //检查是不是header的Authorization中有合法Token
+        String Authorization = con.getRequest().getHeader("Authorization");
+        if (Authorization != null) {
+            Record record = dm.checkToken(Authorization);
+            System.out.println(record);
+            if (record.getBoolean("success")) {
+                isTrue = true;
+            }
         } else {
-            isTrue = true;
+            //1、读取Session
+            if ((SessionKit.get(con.getRequest(), con.getResponse(), "person_id") == null)) {
+                isTrue = false;
+            } else {
+                isTrue = true;
+            }
         }
+
         if (isTrue) {
             inv.invoke();
         } else {
-            //con.renderJson(CommonUtil.returnMessageJson(false, "此接口需要登录后操作！"));
-            con.redirect("/QingLong/");
+            con.renderJson(com.dsideal.QingLong.Util.CommonUtil.returnMessageJson(false, "此接口需要登录后操作！"));
+            //con.redirect("/QingLong/");
         }
     }
 }

src/main/java/com/dsideal/QingLong/Interceptor/IsSysAdminInterceptor.java

@@ -1,10 +1,12 @@
 package com.dsideal.QingLong.Interceptor;
 
+import com.dsideal.QingLong.DataShare.Model.DataShareModel;
 import com.dsideal.QingLong.Util.CommonUtil;
 import com.dsideal.QingLong.Util.SessionKit;
 import com.jfinal.aop.Interceptor;
 import com.jfinal.aop.Invocation;
 import com.jfinal.core.Controller;
+import com.jfinal.plugin.activerecord.Record;
 
 /**
  * 需要是系统管理员身份校验
@@ -13,6 +15,8 @@ import com.jfinal.core.Controller;
  */
 
 public class IsSysAdminInterceptor implements Interceptor {
+    DataShareModel dm = new DataShareModel();
+
     @Override
     public void intercept(Invocation inv) {
         IsSysAdminInterface annotation = inv.getMethod().getAnnotation(IsSysAdminInterface.class);
@@ -30,6 +34,17 @@ public class IsSysAdminInterceptor implements Interceptor {
             inv.invoke();
         }
         boolean isTrue = false;
+
+        //如果携带了token
+        int identityId = -1;
+        String Authorization = con.getRequest().getHeader("Authorization");
+        if (Authorization != null) {
+            Record record = dm.checkToken(Authorization);
+            if (record.getBoolean("success")) {
+                identityId = DataShareModel.ShareSystemIdentityId;
+            }
+        }
+
         String[] value = annotation.value();
         if (SessionKit.get(con.getRequest(), con.getResponse(), "identity_id") != null) {
             for (String v : value) {
@@ -37,6 +52,10 @@ public class IsSysAdminInterceptor implements Interceptor {
                     isTrue = true;
                     break;
                 }
+                if (identityId == Integer.parseInt(v)) {
+                    isTrue = true;
+                    break;
+                }
             }
         }
         if (isTrue) {