更新代码

src/main/java/org/chenyon/message/MessageController.java

@@ -2,13 +2,19 @@ package org.chenyon.message;
 
 import org.chenyon.user.LoginCheck;
 import org.chenyon.user.UserContext;
+import org.chenyon.wx.AesException;
 import org.rcy.framework.api.entity.PageResult;
 import org.rcy.framework.api.entity.ResultMessage;
+import org.rcy.framework.utils.aes.AESUtils;
+import org.rcy.framework.utils.string.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.xml.parsers.ParserConfigurationException;
+
 @RestController
 @RequestMapping("/message")
 public class MessageController {
@@ -74,7 +80,16 @@ public class MessageController {
 
 
     @PostMapping("/sendMessage")
-    public ResultMessage sendMessage(@RequestBody  MessageVo vo){
+    public ResultMessage sendMessage(@RequestBody  MessageVo vo, HttpServletRequest request) throws Exception {
+        String internalToken = request.getHeader("internalToken");
+        if(StringUtils.isBlank(internalToken)) {
+            return ResultMessage.error("无权限");
+        }
+        String decrypt = AESUtils.decrypt(internalToken, "rent*123");
+        if(!"oa".equals(decrypt)){
+            return ResultMessage.error("无权限");
+        }
+        messageService.send(vo);
         return ResultMessage.success();
     }
 }