diff --git a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java index 6b64b32f..79353b3d 100644 --- a/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java +++ b/servers/boe-server-all/src/main/java/com/xboe/module/course/api/CourseWareApi.java @@ -7,16 +7,13 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import cn.hutool.core.map.MapUtil; -import cn.hutool.system.UserInfo; -import com.fasterxml.jackson.databind.JsonNode; -import com.fasterxml.jackson.databind.ObjectMapper; -import com.xboe.config.JwtUtils; +import cn.hutool.json.JSONUtil; import com.xboe.constants.CacheName; +import com.xboe.data.outside.IOutSideDataService; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.data.redis.core.StringRedisTemplate; +import org.springframework.data.redis.core.RedisTemplate; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @@ -39,15 +36,18 @@ import com.xboe.module.course.service.ICourseFileService; public class CourseWareApi extends ApiBaseController { private String cookieName = "PLAYSIGN_TIME"; - + @Autowired + IOutSideDataService outsideDataService; @Resource private ICourseFileService courseFileService; @Resource private XFileUploader fileUploader; - @Autowired - StringRedisTemplate redisTemplate; + + @Resource + RedisTemplate redisTemplate; + private static Set allowUrlSet = new HashSet(); static { @@ -103,12 +103,10 @@ public class CourseWareApi extends ApiBaseController { if (StringUtils.isBlank(sign)) { return badRequest("非法请求"); - // return; } String httpReferer = request.getHeader("referer"); if (StringUtils.isBlank(httpReferer)) { return badRequest("非法请求"); - // return "非法请求"; } boolean has=false; @@ -120,7 +118,6 @@ public class CourseWareApi extends ApiBaseController { if(!has) { return badRequest("页面不存在"); - //return "非法请求"; } String token = request.getHeader("Xboe-Access-Token"); if (StringUtils.isEmpty(token)) { @@ -130,21 +127,19 @@ public class CourseWareApi extends ApiBaseController { String cookieTime = getSignTimeCookie(request); if (StringUtils.isBlank(cookieTime)) { return badRequest("不支持的请求"); - // return; } String userInfo = CacheName.NAME_INFO + ":"+ token; - String userNoStr = redisTemplate.opsForValue().get(userInfo); - if (StringUtils.isBlank(userNoStr)){ + Object o = redisTemplate.opsForValue().get(userInfo); + String userNoStr = o.toString(); + if (StringUtils.isBlank(userNoStr)) { return badRequest("token验证错误"); } - Map map = JwtUtils.parseToken(token); - String userNo = MapUtil.getStr(map, "userNo"); - + HashMap bean = JSONUtil.toBean(userNoStr, HashMap.class); + Object userNo = bean.get("userNo"); byte[] signBytes = Base64.getDecoder().decode(sign); // byte[] signBytes = RSAUtil.decryptBase64(sign); byte[] signDecryt = RSAUtil.decryptByPrivateKey(ConfigSecretKey.TEMP_PRIVATESTR, signBytes); String signStr = new String(signDecryt); - // System.out.println("解密后的字符串:"+signStr); // 第一个/前端是时间 int index = signStr.indexOf("/"); if (index <= 0) {