package com.ssm.interceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import com.ssm.common.SessionTimeOutException;
import com.ssm.model.system.SysUser;
import com.ssm.util.Util;
import com.ssm.web.WithoutUserLogin;

/**
 * 对有所有com.ssm包下的controller 进行拦截，当session中不存在 SysUser
 * 拦截进入 session-timeout页面
 * @author Administrator
 *
 */
@Component
public class LoginInterceptor extends HandlerInterceptorAdapter{

	@Override
	public boolean preHandle(HttpServletRequest request,
			HttpServletResponse response, Object handler) throws Exception {
		
		HandlerMethod method = (HandlerMethod)handler;
		if(method.getMethod().isAnnotationPresent(WithoutUserLogin.class))
			return true;
		
		SysUser sysUser = Util.getUserSession(request);
		if(sysUser == null){
			throw new SessionTimeOutException("session 超时");
		}
		else 
			return true;
		
		/*HttpSession session = request.getSession();
		if(session != null){
			SysUser sysUser = (SysUser) session.getAttribute(Const.USER_SESSION_KEY);
			if(sysUser == null)
				throw new SessionTimeOutException("session 超时");
			else 
				return true;
		} */
	}
	
	
}