Skip to content

S
smart_gov_platform
Commit 0a008faa authored by 赵啸非's avatar 赵啸非
Browse files
Options

修改基类中权限验证模块,子工程通过实现IAuthService接口来定制化配置,如果没有则加载基类默认实现

parent 920d7784
Hide whitespace changes
Inline Side-by-side
Showing with 917 additions and 0 deletions
portal-manager/src/main/java/com/mortals/xhx/base/framework/security/AuthTokenService.java base-manager/src/main/java/com/mortals/xhx/base/framework/security/AuthTokenServiceImpl.java
View file @ 0a008faa
package com.mortals.xhx.base.framework.security; package com.mortals.xhx.base.framework.security;
import cn.hutool.core.util.IdUtil; import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.mortals.framework.ap.SysConstains;
import com.mortals.framework.service.IAuthTokenService;
import com.mortals.framework.service.ICacheService; import com.mortals.framework.service.ICacheService;
import com.mortals.framework.service.IUser;
import com.mortals.framework.util.DateUtils;
import com.mortals.framework.util.StringUtils; import com.mortals.framework.util.StringUtils;
import com.mortals.xhx.common.key.Constant;
import com.mortals.xhx.module.user.model.UserEntity;
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Claims;
import lombok.extern.apachecommons.CommonsLog; import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import java.util.Base64;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
/** /**
* token验证处理 * token验证处理
* *
* @author zxfei * @author zxfei
*/ */
//@Component
@CommonsLog @Service
public class AuthTokenService { @Order(1)
@Slf4j
public class AuthTokenServiceImpl implements IAuthTokenService {
// 令牌自定义标识 // 令牌自定义标识
@Value("${token.header}") @Value("${token.header:Authorization}")
private String header; private String header;
// 令牌秘钥 // 令牌秘钥
@Value("${token.secret}") @Value("${token.secret:026db82420614469897fcc2dc1b4ce38}")
private String secret; private String secret;
// 令牌有效期(默认30分钟) // 令牌有效期(默认60分钟)
@Value("${token.expireTime}") @Value("${token.expireTime:60}")
private int expireTime; private int expireTime;
protected static final long MILLIS_SECOND = 1000; // 令牌前缀
@Value("${token.prefix:}")
private String tokenPrefix;
protected static final Long MILLIS_SECOND = 1000l;
protected static final Long MILLIS_MINUTE = 60 * MILLIS_SECOND;
protected static final Long MILLIS_HOUR = 60 * MILLIS_MINUTE;
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND; protected static final Long MILLIS_DAY = 24 * MILLIS_HOUR;
protected static final Long MILLIS_WEEK = 7 * MILLIS_DAY;
private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L; private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
...@@ -51,16 +69,134 @@ public class AuthTokenService { ...@@ -51,16 +69,134 @@ public class AuthTokenService {
* *
* @return 用户信息 * @return 用户信息
*/ */
public UserEntity getLoginUser(HttpServletRequest request) { @Override
public IUser getLoginUser(HttpServletRequest request) {
// 获取请求携带的令牌 // 获取请求携带的令牌
String token = getToken(request); String token = getToken(request);
if (StringUtils.isNotEmpty(token)) { if (StringUtils.isNotEmpty(token)) {
try { try {
Claims claims = parseToken(token); Claims claims = parseToken(token);
String uuid = (String) claims.get(Constant.LOGIN_USER_KEY); String uuid = (String) claims.get(SysConstains.LOGIN_USER_KEY);
String userKey = getTokenKey(uuid); String userKey = getTokenKey(uuid);
UserEntity userEntity = cacheService.get(userKey, UserEntity.class); String userStr = cacheService.get(userKey);
return userEntity; if (StringUtils.isNotEmpty(userStr)) {
JSONObject userObj = JSON.parseObject(userStr);
Long userId = userObj.getLongValue("id");
Integer userType = userObj.getIntValue("userType");
Long customerId = userObj.getLongValue("customerId");
Long siteId = userObj.getLongValue("siteId");
Long loginTime = userObj.getLongValue("loginTime");
Long expireTime = userObj.getLongValue("expireTime");
String loginName = userObj.getString("loginName");
String realName = userObj.getString("realName");
String siteIds = userObj.getString("siteIds");
String menuUrl = userObj.getString("menuUrl");
Boolean isManager = userObj.getBoolean("manager");
Boolean isSystemUser = userObj.getBoolean("systemUser");
return new IUser() {
@Override
public Long getId() {
return userId;
}
@Override
public Long getDeptId() {
return null;
}
@Override
public String getDeptName() {
return null;
}
@Override
public Long getCustomerId() {
return customerId;
}
@Override
public Long getSiteId() {
return siteId;
}
@Override
public String getSiteIds() {
return siteIds;
}
@Override
public Long getCustomerJoinId() {
return null;
}
@Override
public String getCustomerNum() {
return null;
}
@Override
public String getLoginName() {
return loginName;
}
@Override
public String getRealName() {
return realName;
}
@Override
public boolean isAdmin() {
return userId == 1L;
}
@Override
public boolean isSystemUser() {
return isSystemUser;
}
@Override
public boolean isManager() {
return isManager;
}
@Override
public Integer getUserType() {
return userType;
}
@Override
public String getToken() {
return token;
}
@Override
public Long getLoginTime() {
return loginTime;
}
@Override
public Long getExpireTime() {
return expireTime;
}
@Override
public void setExpireTime(Long expireTime) {
}
@Override
public String getMenuUrl() {
return menuUrl;
}
};
}
// return cacheService.get(userKey, IUser.class);
} catch (Exception e) { } catch (Exception e) {
log.error("解析jwt token异常!", e); log.error("解析jwt token异常!", e);
return null; return null;
...@@ -72,7 +208,8 @@ public class AuthTokenService { ...@@ -72,7 +208,8 @@ public class AuthTokenService {
/** /**
* 设置用户信息 * 设置用户信息
*/ */
public void setUser(UserEntity user) { @Override
public void setUser(IUser user) {
if (StringUtils.isNotNull(user) && StringUtils.isNotEmpty(user.getToken())) { if (StringUtils.isNotNull(user) && StringUtils.isNotEmpty(user.getToken())) {
refreshToken(user); refreshToken(user);
} }
...@@ -81,6 +218,7 @@ public class AuthTokenService { ...@@ -81,6 +218,7 @@ public class AuthTokenService {
/** /**
* 删除用户身份信息 * 删除用户身份信息
*/ */
@Override
public void delUser(String token) { public void delUser(String token) {
if (StringUtils.isNotEmpty(token)) { if (StringUtils.isNotEmpty(token)) {
String userKey = getTokenKey(token); String userKey = getTokenKey(token);
...@@ -94,12 +232,13 @@ public class AuthTokenService { ...@@ -94,12 +232,13 @@ public class AuthTokenService {
* @param user 用户信息 * @param user 用户信息
* @return 令牌 * @return 令牌
*/ */
public String createToken(UserEntity user) { @Override
String token = IdUtil.fastSimpleUUID(); public String createToken(IUser user) {
user.setToken(token); // String token = IdUtil.fastSimpleUUID();
// user.setToken(token);
refreshToken(user); refreshToken(user);
Map<String, Object> claims = new HashMap<>(); Map<String, Object> claims = new HashMap<>();
claims.put(Constant.LOGIN_USER_KEY, token); claims.put(SysConstains.LOGIN_USER_KEY, user.getToken());
return createToken(claims); return createToken(claims);
} }
...@@ -109,10 +248,12 @@ public class AuthTokenService { ...@@ -109,10 +248,12 @@ public class AuthTokenService {
* @param user * @param user
* @return 令牌 * @return 令牌
*/ */
public void verifyToken(UserEntity user) { @Override
public void verifyToken(IUser user) {
long expireTime = user.getExpireTime(); long expireTime = user.getExpireTime();
long currentTime = System.currentTimeMillis(); long currentTime = System.currentTimeMillis();
if (expireTime - currentTime <= MILLIS_MINUTE_TEN) { if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
log.info("不足十分钟,刷新过期时间");
refreshToken(user); refreshToken(user);
} }
} }
...@@ -122,13 +263,13 @@ public class AuthTokenService { ...@@ -122,13 +263,13 @@ public class AuthTokenService {
* *
* @param user 信息 * @param user 信息
*/ */
public void refreshToken(UserEntity user) { public void refreshToken(IUser user) {
user.setLoginTime(System.currentTimeMillis()); //user.setLoginTime(System.currentTimeMillis());
user.setExpireTime(user.getLoginTime() + expireTime * MILLIS_MINUTE); user.setExpireTime(user.getLoginTime() == null ? System.currentTimeMillis() : user.getLoginTime() + expireTime * MILLIS_MINUTE);
// 根据uuid将user缓存 // 根据uuid将user缓存
String userKey = getTokenKey(user.getToken()); String userKey = getTokenKey(user.getToken());
//设置有效时间 单位秒 //设置有效时间 单位秒
cacheService.setnx(userKey, user, expireTime * MILLIS_MINUTE * MILLIS_SECOND); cacheService.setnx(userKey, user, expireTime * MILLIS_MINUTE);
} }
...@@ -140,8 +281,10 @@ public class AuthTokenService { ...@@ -140,8 +281,10 @@ public class AuthTokenService {
*/ */
private String createToken(Map<String, Object> claims) { private String createToken(Map<String, Object> claims) {
String token = Jwts.builder() String token = Jwts.builder()
.setExpiration(DateUtils.addCurrDate(7))
.setClaims(claims) .setClaims(claims)
.signWith(SignatureAlgorithm.HS512, secret).compact(); .signWith(SignatureAlgorithm.HS256, Base64.getEncoder()
.encodeToString(secret.getBytes())).compact();
return token; return token;
} }
...@@ -151,9 +294,10 @@ public class AuthTokenService { ...@@ -151,9 +294,10 @@ public class AuthTokenService {
* @param token 令牌 * @param token 令牌
* @return 数据声明 * @return 数据声明
*/ */
private Claims parseToken(String token) { @Override
public Claims parseToken(String token) {
return Jwts.parser() return Jwts.parser()
.setSigningKey(secret) .setSigningKey(Base64.getEncoder().encodeToString(secret.getBytes()))
.parseClaimsJws(token) .parseClaimsJws(token)
.getBody(); .getBody();
} }
...@@ -164,6 +308,7 @@ public class AuthTokenService { ...@@ -164,6 +308,7 @@ public class AuthTokenService {
* @param token 令牌 * @param token 令牌
* @return 用户名 * @return 用户名
*/ */
@Override
public String getUserNumFromToken(String token) { public String getUserNumFromToken(String token) {
Claims claims = parseToken(token); Claims claims = parseToken(token);
return claims.getSubject(); return claims.getSubject();
...@@ -175,15 +320,16 @@ public class AuthTokenService { ...@@ -175,15 +320,16 @@ public class AuthTokenService {
* @param request * @param request
* @return token * @return token
*/ */
private String getToken(HttpServletRequest request) { @Override
public String getToken(HttpServletRequest request) {
String token = request.getHeader(header); String token = request.getHeader(header);
if (StringUtils.isNotEmpty(token) && token.startsWith(Constant.TOKEN_PREFIX)) { if (StringUtils.isNotEmpty(token) && token.startsWith(tokenPrefix)) {
token = token.replace(Constant.TOKEN_PREFIX, ""); token = token.replace(tokenPrefix, "");
} }
return token; return token;
} }
private String getTokenKey(String uuid) { private String getTokenKey(String uuid) {
return Constant.LOGIN_TOKEN_KEY + uuid; return SysConstains.LOGIN_TOKEN_KEY + uuid;
} }
} }
base-manager/src/test/java/com/mortals/httpclient/product/ProductController.http 0 → 100644
View file @ 0a008faa
###产品列表
POST {{baseUrl}}/product/list
Authorization: {{authToken}}
Content-Type: application/json
{
"page":1,
"size":10
}
###产品更新与保存
POST {{baseUrl}}/product/save
Authorization: {{authToken}}
Content-Type: application/json
{
"productName":"yvxcva",
"productCode":"iw93os",
"productRemark":"1789r9",
}
> {%
client.global.set("Product_id", JSON.parse(response.body).data.id);
%}
###产品查看
GET {{baseUrl}}/product/info?id={{Product_id}}
Authorization: {{authToken}}
Accept: application/json
###产品编辑
GET {{baseUrl}}/product/edit?id={{Product_id}}
Authorization: {{authToken}}
Accept: application/json
###产品删除
GET {{baseUrl}}/product/delete?id={{Product_id}}
Authorization: {{authToken}}
Accept: application/json
base-manager/src/test/java/com/mortals/httpclient/skin/SkinBaseController.http 0 → 100644
View file @ 0a008faa
###系统基础皮肤列表
POST {{baseUrl}}/skin/base/list
Authorization: {{authToken}}
Content-Type: application/json
{
"page":1,
"size":10,
"id": 7
}
###系统基础皮肤更新与保存
POST {{baseUrl}}/skin/base/save
Authorization: {{authToken}}
Content-Type: application/json
{
"categoryId":1,
"productId":1,
"name": "321311",
"productName":"22",
"skinFieldList": [
{
"fieldCode":"2psfz0",
"fieldName":"wp1zqc",
"fieldType":"1",
"fieldValue":"srpx1u"
}
]
}
> {%
client.global.set("SkinBase_id", JSON.parse(response.body).data.id);
%}
###系统基础皮肤查看
GET {{baseUrl}}/skin/base/info?id={{SkinBase_id}}
Authorization: {{authToken}}
Accept: application/json
###系统基础皮肤编辑
GET {{baseUrl}}/skin/base/edit?id={{SkinBase_id}}
Authorization: {{authToken}}
Accept: application/json
###系统基础皮肤删除
GET {{baseUrl}}/skin/base/delete?id={{SkinBase_id}}
Authorization: {{authToken}}
Accept: application/json
base-manager/src/test/java/com/mortals/httpclient/skin/SkinCategoryController.http 0 → 100644
View file @ 0a008faa
###系统皮肤分类列表
POST {{baseUrl}}/skin/category/list
Authorization: {{authToken}}
Content-Type: application/json
{
"page":1,
"size":10
}
###系统皮肤分类更新与保存
POST {{baseUrl}}/skin/category/save
Authorization: {{authToken}}
Content-Type: application/json
{
"name":"4k05km",
}
> {%
client.global.set("SkinCategory_id", JSON.parse(response.body).data.id);
%}
###系统皮肤分类查看
GET {{baseUrl}}/skin/category/info?id={{SkinCategory_id}}
Authorization: {{authToken}}
Accept: application/json
###系统皮肤分类编辑
GET {{baseUrl}}/skin/category/edit?id={{SkinCategory_id}}
Authorization: {{authToken}}
Accept: application/json
###系统皮肤分类删除
GET {{baseUrl}}/skin/category/delete?id={{SkinCategory_id}}
Authorization: {{authToken}}
Accept: application/json
base-manager/src/test/java/com/mortals/httpclient/skin/SkinFieldController.http 0 → 100644
View file @ 0a008faa
###皮肤属性字段配置列表
POST {{baseUrl}}/skin/field/list
Authorization: {{authToken}}
Content-Type: application/json
{
"page":1,
"size":10
}
###皮肤属性字段配置更新与保存
POST {{baseUrl}}/skin/field/save
Authorization: {{authToken}}
Content-Type: application/json
{
"skinId":116,
"templateId":815,
"fieldCode":"jgcw4o",
"fieldName":"oc7yyf",
"fieldType":"sgykcs",
"fieldValue":"09epx1",
"fieldLen":100,
"fieldNull":1,
"fieldOrderNo":"ii8ch4",
"remark":"v92dun",
"enabled":1,
}
> {%
client.global.set("SkinField_id", JSON.parse(response.body).data.id);
%}
###皮肤属性字段配置查看
GET {{baseUrl}}/skin/field/info?id={{SkinField_id}}
Authorization: {{authToken}}
Accept: application/json
###皮肤属性字段配置编辑
GET {{baseUrl}}/skin/field/edit?id={{SkinField_id}}
Authorization: {{authToken}}
Accept: application/json
###皮肤属性字段配置删除
GET {{baseUrl}}/skin/field/delete?id={{SkinField_id}}
Authorization: {{authToken}}
Accept: application/json
base-manager/src/test/java/com/mortals/httpclient/skin/SkinTemplateController.http 0 → 100644
View file @ 0a008faa
###系统皮肤模板列表
POST {{baseUrl}}/skin/template/list
Authorization: {{authToken}}
Content-Type: application/json
{
"page":1,
"size":10
}
###系统皮肤模板更新与保存
POST {{baseUrl}}/skin/template/save
Authorization: {{authToken}}
Content-Type: application/json
{
"productId":643,
"productName":"yn0md7",
"templateName":"sv9pym",
}
> {%
client.global.set("SkinTemplate_id", JSON.parse(response.body).data.id);
%}
###系统皮肤模板查看
GET {{baseUrl}}/skin/template/info?id={{SkinTemplate_id}}
Authorization: {{authToken}}
Accept: application/json
###系统皮肤模板编辑
GET {{baseUrl}}/skin/template/edit?id={{SkinTemplate_id}}
Authorization: {{authToken}}
Accept: application/json
###系统皮肤模板删除
GET {{baseUrl}}/skin/template/delete?id={{SkinTemplate_id}}
Authorization: {{authToken}}
Accept: application/json
base-manager/src/main/java/com/mortals/xhx/base/framework/security/AuthTokenService.java portal-manager/src/main/java/com/mortals/xhx/base/framework/security/AuthTokenServiceImpl.java
View file @ 0a008faa
package com.mortals.xhx.base.framework.security; package com.mortals.xhx.base.framework.security;
import cn.hutool.core.util.IdUtil; import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.mortals.framework.ap.SysConstains;
import com.mortals.framework.service.IAuthTokenService;
import com.mortals.framework.service.ICacheService; import com.mortals.framework.service.ICacheService;
import com.mortals.framework.service.IUser;
import com.mortals.framework.util.DateUtils;
import com.mortals.framework.util.StringUtils; import com.mortals.framework.util.StringUtils;
import com.mortals.xhx.base.system.user.model.UserEntity;
import com.mortals.xhx.common.key.Constant;
import io.jsonwebtoken.Claims; import io.jsonwebtoken.Claims;
import lombok.extern.apachecommons.CommonsLog; import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component; import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Service;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import java.util.Base64;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
/** /**
* token验证处理 * token验证处理
* *
* @author zxfei * @author zxfei
*/ */
//@Component
@CommonsLog @Service
public class AuthTokenService { @Order(1)
@Slf4j
public class AuthTokenServiceImpl implements IAuthTokenService {
// 令牌自定义标识 // 令牌自定义标识
@Value("${token.header}") @Value("${token.header:Authorization}")
private String header; private String header;
// 令牌秘钥 // 令牌秘钥
@Value("${token.secret}") @Value("${token.secret:026db82420614469897fcc2dc1b4ce38}")
private String secret; private String secret;
// 令牌有效期(默认30分钟) // 令牌有效期(默认60分钟)
@Value("${token.expireTime}") @Value("${token.expireTime:60}")
private int expireTime; private int expireTime;
protected static final long MILLIS_SECOND = 1000; // 令牌前缀
@Value("${token.prefix:}")
private String tokenPrefix;
protected static final Long MILLIS_SECOND = 1000l;
protected static final Long MILLIS_MINUTE = 60 * MILLIS_SECOND;
protected static final Long MILLIS_HOUR = 60 * MILLIS_MINUTE;
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND; protected static final Long MILLIS_DAY = 24 * MILLIS_HOUR;
protected static final Long MILLIS_WEEK = 7 * MILLIS_DAY;
private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L; private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
...@@ -52,16 +68,134 @@ public class AuthTokenService { ...@@ -52,16 +68,134 @@ public class AuthTokenService {
* *
* @return 用户信息 * @return 用户信息
*/ */
public UserEntity getLoginUser(HttpServletRequest request) { @Override
public IUser getLoginUser(HttpServletRequest request) {
// 获取请求携带的令牌 // 获取请求携带的令牌
String token = getToken(request); String token = getToken(request);
if (StringUtils.isNotEmpty(token)) { if (StringUtils.isNotEmpty(token)) {
try { try {
Claims claims = parseToken(token); Claims claims = parseToken(token);
String uuid = (String) claims.get(Constant.LOGIN_USER_KEY); String uuid = (String) claims.get(SysConstains.LOGIN_USER_KEY);
String userKey = getTokenKey(uuid); String userKey = getTokenKey(uuid);
UserEntity userEntity = cacheService.get(userKey, UserEntity.class); String userStr = cacheService.get(userKey);
return userEntity; if (StringUtils.isNotEmpty(userStr)) {
JSONObject userObj = JSON.parseObject(userStr);
Long userId = userObj.getLongValue("id");
Integer userType = userObj.getIntValue("userType");
Long customerId = userObj.getLongValue("customerId");
Long siteId = userObj.getLongValue("siteId");
Long loginTime = userObj.getLongValue("loginTime");
Long expireTime = userObj.getLongValue("expireTime");
String loginName = userObj.getString("loginName");
String realName = userObj.getString("realName");
String siteIds = userObj.getString("siteIds");
String menuUrl = userObj.getString("menuUrl");
Boolean isManager = userObj.getBoolean("manager");
Boolean isSystemUser = userObj.getBoolean("systemUser");
return new IUser() {
@Override
public Long getId() {
return userId;
}
@Override
public Long getDeptId() {
return null;
}
@Override
public String getDeptName() {
return null;
}
@Override
public Long getCustomerId() {
return customerId;
}
@Override
public Long getSiteId() {
return siteId;
}
@Override
public String getSiteIds() {
return siteIds;
}
@Override
public Long getCustomerJoinId() {
return null;
}
@Override
public String getCustomerNum() {
return null;
}
@Override
public String getLoginName() {
return loginName;
}
@Override
public String getRealName() {
return realName;
}
@Override
public boolean isAdmin() {
return userId == 1L;
}
@Override
public boolean isSystemUser() {
return isSystemUser;
}
@Override
public boolean isManager() {
return isManager;
}
@Override
public Integer getUserType() {
return userType;
}
@Override
public String getToken() {
return token;
}
@Override
public Long getLoginTime() {
return loginTime;
}
@Override
public Long getExpireTime() {
return expireTime;
}
@Override
public void setExpireTime(Long expireTime) {
}
@Override
public String getMenuUrl() {
return menuUrl;
}
};
}
// return cacheService.get(userKey, IUser.class);
} catch (Exception e) { } catch (Exception e) {
log.error("解析jwt token异常!", e); log.error("解析jwt token异常!", e);
return null; return null;
...@@ -73,7 +207,8 @@ public class AuthTokenService { ...@@ -73,7 +207,8 @@ public class AuthTokenService {
/** /**
* 设置用户信息 * 设置用户信息
*/ */
public void setUser(UserEntity user) { @Override
public void setUser(IUser user) {
if (StringUtils.isNotNull(user) && StringUtils.isNotEmpty(user.getToken())) { if (StringUtils.isNotNull(user) && StringUtils.isNotEmpty(user.getToken())) {
refreshToken(user); refreshToken(user);
} }
...@@ -82,6 +217,7 @@ public class AuthTokenService { ...@@ -82,6 +217,7 @@ public class AuthTokenService {
/** /**
* 删除用户身份信息 * 删除用户身份信息
*/ */
@Override
public void delUser(String token) { public void delUser(String token) {
if (StringUtils.isNotEmpty(token)) { if (StringUtils.isNotEmpty(token)) {
String userKey = getTokenKey(token); String userKey = getTokenKey(token);
...@@ -95,12 +231,13 @@ public class AuthTokenService { ...@@ -95,12 +231,13 @@ public class AuthTokenService {
* @param user 用户信息 * @param user 用户信息
* @return 令牌 * @return 令牌
*/ */
public String createToken(UserEntity user) { @Override
String token = IdUtil.fastSimpleUUID(); public String createToken(IUser user) {
user.setToken(token); // String token = IdUtil.fastSimpleUUID();
// user.setToken(token);
refreshToken(user); refreshToken(user);
Map<String, Object> claims = new HashMap<>(); Map<String, Object> claims = new HashMap<>();
claims.put(Constant.LOGIN_USER_KEY, token); claims.put(SysConstains.LOGIN_USER_KEY, user.getToken());
return createToken(claims); return createToken(claims);
} }
...@@ -110,10 +247,12 @@ public class AuthTokenService { ...@@ -110,10 +247,12 @@ public class AuthTokenService {
* @param user * @param user
* @return 令牌 * @return 令牌
*/ */
public void verifyToken(UserEntity user) { @Override
public void verifyToken(IUser user) {
long expireTime = user.getExpireTime(); long expireTime = user.getExpireTime();
long currentTime = System.currentTimeMillis(); long currentTime = System.currentTimeMillis();
if (expireTime - currentTime <= MILLIS_MINUTE_TEN) { if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
log.info("不足十分钟,刷新过期时间");
refreshToken(user); refreshToken(user);
} }
} }
...@@ -123,13 +262,13 @@ public class AuthTokenService { ...@@ -123,13 +262,13 @@ public class AuthTokenService {
* *
* @param user 信息 * @param user 信息
*/ */
public void refreshToken(UserEntity user) { public void refreshToken(IUser user) {
user.setLoginTime(System.currentTimeMillis()); //user.setLoginTime(System.currentTimeMillis());
user.setExpireTime(user.getLoginTime() + expireTime * MILLIS_MINUTE); user.setExpireTime(user.getLoginTime() == null ? System.currentTimeMillis() : user.getLoginTime() + expireTime * MILLIS_MINUTE);
// 根据uuid将user缓存 // 根据uuid将user缓存
String userKey = getTokenKey(user.getToken()); String userKey = getTokenKey(user.getToken());
//设置有效时间 单位秒 //设置有效时间 单位秒
cacheService.setnx(userKey, user, expireTime * MILLIS_MINUTE * MILLIS_SECOND); cacheService.setnx(userKey, user, expireTime * MILLIS_MINUTE);
} }
...@@ -141,8 +280,10 @@ public class AuthTokenService { ...@@ -141,8 +280,10 @@ public class AuthTokenService {
*/ */
private String createToken(Map<String, Object> claims) { private String createToken(Map<String, Object> claims) {
String token = Jwts.builder() String token = Jwts.builder()
.setExpiration(DateUtils.addCurrDate(7))
.setClaims(claims) .setClaims(claims)
.signWith(SignatureAlgorithm.HS512, secret).compact(); .signWith(SignatureAlgorithm.HS256, Base64.getEncoder()
.encodeToString(secret.getBytes())).compact();
return token; return token;
} }
...@@ -152,9 +293,10 @@ public class AuthTokenService { ...@@ -152,9 +293,10 @@ public class AuthTokenService {
* @param token 令牌 * @param token 令牌
* @return 数据声明 * @return 数据声明
*/ */
private Claims parseToken(String token) { @Override
public Claims parseToken(String token) {
return Jwts.parser() return Jwts.parser()
.setSigningKey(secret) .setSigningKey(Base64.getEncoder().encodeToString(secret.getBytes()))
.parseClaimsJws(token) .parseClaimsJws(token)
.getBody(); .getBody();
} }
...@@ -165,6 +307,7 @@ public class AuthTokenService { ...@@ -165,6 +307,7 @@ public class AuthTokenService {
* @param token 令牌 * @param token 令牌
* @return 用户名 * @return 用户名
*/ */
@Override
public String getUserNumFromToken(String token) { public String getUserNumFromToken(String token) {
Claims claims = parseToken(token); Claims claims = parseToken(token);
return claims.getSubject(); return claims.getSubject();
...@@ -176,15 +319,16 @@ public class AuthTokenService { ...@@ -176,15 +319,16 @@ public class AuthTokenService {
* @param request * @param request
* @return token * @return token
*/ */
private String getToken(HttpServletRequest request) { @Override
public String getToken(HttpServletRequest request) {
String token = request.getHeader(header); String token = request.getHeader(header);
if (StringUtils.isNotEmpty(token) && token.startsWith(Constant.TOKEN_PREFIX)) { if (StringUtils.isNotEmpty(token) && token.startsWith(tokenPrefix)) {
token = token.replace(Constant.TOKEN_PREFIX, ""); token = token.replace(tokenPrefix, "");
} }
return token; return token;
} }
private String getTokenKey(String uuid) { private String getTokenKey(String uuid) {
return Constant.LOGIN_TOKEN_KEY + uuid; return SysConstains.LOGIN_TOKEN_KEY + uuid;
} }
} }
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment