msb-public-java
/
RuoYi-Cloud
mirror of https://gitee.com/y_project/RuoYi-Cloud.git
1
0
Code Issues Projects Releases Wiki Activity

jwt token改为直接使用user_key

Browse Source
pull/241/head
hehui 3 years ago
parent afa23c2111
commit 14de2a5ff0
5 changed files with 47 additions and 63 deletions
Show Stats Download Patch File Download Diff File

14
ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
Unescape View File

@ -41,14 +41,14 @@ public class TokenController
}
@DeleteMapping("logout")
public R<?> logout(HttpServletRequest request)
public R<?> logout()
{
String token = SecurityUtils.getToken(request);
if (StringUtils.isNotEmpty(token))
String userKey = SecurityUtils.getUserKey();
if (StringUtils.isNotEmpty(userKey))
{
String username = JwtUtils.getUserName(token);
String username = SecurityUtils.getUsername();
// 删除用户缓存记录
AuthUtil.logoutByToken(token);
AuthUtil.logout();
// 记录用户退出日志
sysLoginService.logout(username);
}
@ -56,9 +56,9 @@ public class TokenController
}
@PostMapping("refresh")
public R<?> refresh(HttpServletRequest request)
public R<?> refresh()
{
LoginUser loginUser = tokenService.getLoginUser(request);
LoginUser loginUser = tokenService.getLoginUser();
if (StringUtils.isNotNull(loginUser))
{
// 刷新令牌有效期

21
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java
Unescape View File

@ -38,20 +38,20 @@ public class AuthLogic
*/
public void logout()
{
String token = SecurityUtils.getToken();
if (token == null)
String userKey = SecurityUtils.getUserKey();
if (userKey == null)
{
return;
}
logoutByToken(token);
logoutByToken(userKey);
}
/**
* Token
*/
public void logoutByToken(String token)
public void logoutByToken(String userKey)
{
tokenService.delLoginUser(token);
tokenService.delLoginUser(userKey);
}
/**
@ -69,8 +69,8 @@ public class AuthLogic
*/
public LoginUser getLoginUser()
{
String token = SecurityUtils.getToken();
if (token == null)
String userKey = SecurityUtils.getUserKey();
if (userKey == null)
{
throw new NotLoginException("未提供token");
}
@ -85,12 +85,12 @@ public class AuthLogic
/**
* ,
*
* @param token
* @param userKey
* @return
*/
public LoginUser getLoginUser(String token)
public LoginUser getLoginUser(String userKey)
{
return tokenService.getLoginUser(token);
return tokenService.getLoginUser(userKey);
}
/**
@ -118,7 +118,6 @@ public class AuthLogic
* , : NotPermissionException
*
* @param permission
* @return
*/
public void checkPermi(String permission)
{

10
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java
Unescape View File

@ -27,11 +27,11 @@ public class AuthUtil
/**
* Token
*
* @param tokenValue token
* @param userKey token
*/
public static void logoutByToken(String token)
public static void logoutByToken(String userKey)
{
authLogic.logoutByToken(token);
authLogic.logoutByToken(userKey);
}
/**
@ -45,9 +45,9 @@ public class AuthUtil
/**
*
*/
public static LoginUser getLoginUser(String token)
public static LoginUser getLoginUser(String userKey)
{
return authLogic.getLoginUser(token);
return authLogic.getLoginUser(userKey);
}
/**

6
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java
Unescape View File

@ -32,10 +32,10 @@ public class HeaderInterceptor implements AsyncHandlerInterceptor
SecurityContextHolder.setUserName(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USERNAME));
SecurityContextHolder.setUserKey(ServletUtils.getHeader(request, SecurityConstants.USER_KEY));
String token = SecurityUtils.getToken();
if (StringUtils.isNotEmpty(token))
String userKey = SecurityUtils.getUserKey();
if (StringUtils.isNotEmpty(userKey))
{
LoginUser loginUser = AuthUtil.getLoginUser(token);
LoginUser loginUser = AuthUtil.getLoginUser(userKey);
if (StringUtils.isNotNull(loginUser))
{
AuthUtil.verifyLoginUserExpire(loginUser);

59
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
Unescape View File

@ -1,11 +1,5 @@
package com.ruoyi.common.security.service;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.utils.JwtUtils;
@ -16,6 +10,12 @@ import com.ruoyi.common.core.utils.uuid.IdUtils;
import com.ruoyi.common.redis.service.RedisService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.model.LoginUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
/**
* token
@ -32,7 +32,7 @@ public class TokenService
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
private final static long expireTime = CacheConstants.EXPIRATION;
private final static long EXPIRE_TIME = CacheConstants.EXPIRATION;
private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY;
@ -53,15 +53,15 @@ public class TokenService
refreshToken(loginUser);
// Jwt存储信息
Map<String, Object> claimsMap = new HashMap<String, Object>();
Map<String, Object> claimsMap = new HashMap<>();
claimsMap.put(SecurityConstants.USER_KEY, token);
claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
// 接口返回信息
Map<String, Object> rspMap = new HashMap<String, Object>();
Map<String, Object> rspMap = new HashMap<>();
rspMap.put("access_token", JwtUtils.createToken(claimsMap));
rspMap.put("expires_in", expireTime);
rspMap.put("expires_in", EXPIRE_TIME);
return rspMap;
}
@ -72,19 +72,7 @@ public class TokenService
*/
public LoginUser getLoginUser()
{
return getLoginUser(ServletUtils.getRequest());
}
/**
*
*
* @return
*/
public LoginUser getLoginUser(HttpServletRequest request)
{
// 获取请求携带的令牌
String token = SecurityUtils.getToken(request);
return getLoginUser(token);
return getLoginUser(SecurityUtils.getUserKey());
}
/**
@ -92,19 +80,17 @@ public class TokenService
*
* @return
*/
public LoginUser getLoginUser(String token)
public LoginUser getLoginUser(String userKey)
{
LoginUser user = null;
try
{
if (StringUtils.isNotEmpty(token))
if (StringUtils.isNotEmpty(userKey))
{
String userkey = JwtUtils.getUserKey(token);
user = redisService.getCacheObject(getTokenKey(userkey));
return user;
user = redisService.getCacheObject(getTokenKey(userKey));
}
}
catch (Exception e)
catch (Exception ignored)
{
}
return user;
@ -124,11 +110,10 @@ public class TokenService
/**
*
*/
public void delLoginUser(String token)
public void delLoginUser(String userkey)
{
if (StringUtils.isNotEmpty(token))
if (StringUtils.isNotEmpty(userkey))
{
String userkey = JwtUtils.getUserKey(token);
redisService.deleteObject(getTokenKey(userkey));
}
}
@ -156,14 +141,14 @@ public class TokenService
public void refreshToken(LoginUser loginUser)
{
loginUser.setLoginTime(System.currentTimeMillis());
loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_MINUTE);
// 根据uuid将loginUser缓存
String userKey = getTokenKey(loginUser.getToken());
redisService.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
String tokenKey = getTokenKey(loginUser.getToken());
redisService.setCacheObject(tokenKey, loginUser, EXPIRE_TIME, TimeUnit.MINUTES);
}
private String getTokenKey(String token)
private String getTokenKey(String userKey)
{
return ACCESS_TOKEN + token;
return ACCESS_TOKEN + userKey;
}
}
Write Preview
Loading…
Cancel
Save