针对service、mapper编写切面方法，对返回值做加密处理

本文链接：https://blog.youkuaiyun.com/lu1171901273/article/details/130987222

1、判断返回值的类型，如果匹配上，再做对数据进行加密。如果不想加密的话，再过滤特殊的路径

package com.interceptor;


import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.reflect.MethodSignature;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList;

@Aspect
@Component
public class DataMaskingMapperAspect222 {

//    @Around("execution(* com.test..*Mapper.*(..))")
    @Around("execution(* com.test..*Service.*(..))")
    public Object afterReturning(ProceedingJoinPoint joinPoint) throws Throwable {
        Object result = joinPoint.proceed();
        ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
        if (attributes != null) {
            HttpServletRequest request = attributes.getRequest();
            String requestPath = request.getRequestURI();
            System.out.println("Request Path: " + requestPath);
            // 请求路径  如果匹配，直接返回
            if("/api/getCaptcha".equals(requestPath)){
                return result;
            }
        }

        // 获取方法签名
        MethodSignature signature = (MethodSignature) joinPoint.getSignature();

        // 获取方法返回值的类型
        Class<?> returnType = signature.getReturnType();

        // 打印返回值类型信息
        System.out.println("Return type: " + returnType.getName());

        if (result instanceof User) {
            User user = (User) result;
            user.setMobile(DataMaskingUtil.maskPhoneNumber(user.getMobile()));
            user.setIdcardNo(DataMaskingUtil.maskIdNumber(user.getIdcardNo()));
            user.setEmail(DataMaskingUtil.maskEmail(user.getEmail()));
            return user;
        }


        if (result instanceof ArrayList) {
            ArrayList arrayList = (ArrayList) result;
            if (arrayList != null && arrayList.size() > 0) {
                for (Object listObjt : arrayList) {

                    if (listObjt instanceof UserInfo) {
                        UserInfo user = (UserInfo) listObjt;
                        user.setMobile(DataMaskingUtil.maskPhoneNumber(user.getMobile()));
                        user.setEmail(DataMaskingUtil.maskEmail(user.getEmail()));
                        user.setIdNumber(DataMaskingUtil.maskIdNumber(user.getIdNumber()));
                    }

                }
                return arrayList;
            }
        }
        return result;

        // 如果有其他需要脱敏的数据类型，可以在这里添加处理逻辑
    }


}

package com.xiaoniu56.security.interceptor;

import org.apache.commons.lang3.StringUtils;

public class DataMaskingUtil {

    public static String maskPhoneNumber(String phoneNumber) {
        if (StringUtils.isEmpty(phoneNumber) || phoneNumber.length() < 7) {
            return phoneNumber;
        }
        return phoneNumber.substring(0, 3) + "****" + phoneNumber.substring(7);
    }

    public static String maskIdNumber(String idNumber) {
        if (StringUtils.isEmpty(idNumber) || idNumber.length() < 10) {
            return idNumber;
        }
        return idNumber.substring(0, 6) + "****" + idNumber.substring(idNumber.length() - 4);
    }

    public static String maskEmail(String email) {
        if (StringUtils.isEmpty(email)) {
            return email;
        }
        int atIndex = email.indexOf('@');
        if (atIndex <= 1) {
            return email;
        }
        return email.substring(0, 1) + "****" + email.substring(atIndex);
    }

    // 其他脱敏方法
}