diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java index 3b93514e..b8cb8691 100644 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java +++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java @@ -41,14 +41,14 @@ public class TokenController } @DeleteMapping("logout") - public R logout(HttpServletRequest request) + public R logout() { - String token = SecurityUtils.getToken(request); - if (StringUtils.isNotEmpty(token)) + String userKey = SecurityUtils.getUserKey(); + if (StringUtils.isNotEmpty(userKey)) { - String username = JwtUtils.getUserName(token); + String username = SecurityUtils.getUsername(); // 删除用户缓存记录 - AuthUtil.logoutByToken(token); + AuthUtil.logout(); // 记录用户退出日志 sysLoginService.logout(username); } @@ -56,9 +56,9 @@ public class TokenController } @PostMapping("refresh") - public R refresh(HttpServletRequest request) + public R refresh() { - LoginUser loginUser = tokenService.getLoginUser(request); + LoginUser loginUser = tokenService.getLoginUser(); if (StringUtils.isNotNull(loginUser)) { // 刷新令牌有效期 diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java index 2d8bb999..55f9d0b2 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java @@ -38,20 +38,20 @@ public class AuthLogic */ public void logout() { - String token = SecurityUtils.getToken(); - if (token == null) + String userKey = SecurityUtils.getUserKey(); + if (userKey == null) { return; } - logoutByToken(token); + logoutByToken(userKey); } /** * 会话注销,根据指定Token */ - public void logoutByToken(String token) + public void logoutByToken(String userKey) { - tokenService.delLoginUser(token); + tokenService.delLoginUser(userKey); } /** @@ -69,8 +69,8 @@ public class AuthLogic */ public LoginUser getLoginUser() { - String token = SecurityUtils.getToken(); - if (token == null) + String userKey = SecurityUtils.getUserKey(); + if (userKey == null) { throw new NotLoginException("未提供token"); } @@ -85,12 +85,12 @@ public class AuthLogic /** * 获取当前用户缓存信息, 如果未登录,则抛出异常 * - * @param token 前端传递的认证信息 + * @param userKey 前端传递的认证信息 * @return 用户缓存信息 */ - public LoginUser getLoginUser(String token) + public LoginUser getLoginUser(String userKey) { - return tokenService.getLoginUser(token); + return tokenService.getLoginUser(userKey); } /** @@ -118,7 +118,6 @@ public class AuthLogic * 验证用户是否具备某权限, 如果验证未通过,则抛出异常: NotPermissionException * * @param permission 权限字符串 - * @return 用户是否具备某权限 */ public void checkPermi(String permission) { diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java index f0738dfc..1a8afa04 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java @@ -27,11 +27,11 @@ public class AuthUtil /** * 会话注销,根据指定Token * - * @param tokenValue 指定token + * @param userKey 指定token */ - public static void logoutByToken(String token) + public static void logoutByToken(String userKey) { - authLogic.logoutByToken(token); + authLogic.logoutByToken(userKey); } /** @@ -45,9 +45,9 @@ public class AuthUtil /** * 获取当前登录用户信息 */ - public static LoginUser getLoginUser(String token) + public static LoginUser getLoginUser(String userKey) { - return authLogic.getLoginUser(token); + return authLogic.getLoginUser(userKey); } /** diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java index 3453e1d1..95e7442c 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java @@ -32,10 +32,10 @@ public class HeaderInterceptor implements AsyncHandlerInterceptor SecurityContextHolder.setUserName(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USERNAME)); SecurityContextHolder.setUserKey(ServletUtils.getHeader(request, SecurityConstants.USER_KEY)); - String token = SecurityUtils.getToken(); - if (StringUtils.isNotEmpty(token)) + String userKey = SecurityUtils.getUserKey(); + if (StringUtils.isNotEmpty(userKey)) { - LoginUser loginUser = AuthUtil.getLoginUser(token); + LoginUser loginUser = AuthUtil.getLoginUser(userKey); if (StringUtils.isNotNull(loginUser)) { AuthUtil.verifyLoginUserExpire(loginUser); diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java index b3093c9c..6d294a31 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java @@ -1,11 +1,5 @@ package com.ruoyi.common.security.service; -import java.util.HashMap; -import java.util.Map; -import java.util.concurrent.TimeUnit; -import javax.servlet.http.HttpServletRequest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; import com.ruoyi.common.core.constant.CacheConstants; import com.ruoyi.common.core.constant.SecurityConstants; import com.ruoyi.common.core.utils.JwtUtils; @@ -16,6 +10,12 @@ import com.ruoyi.common.core.utils.uuid.IdUtils; import com.ruoyi.common.redis.service.RedisService; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.api.model.LoginUser; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import java.util.HashMap; +import java.util.Map; +import java.util.concurrent.TimeUnit; /** * token验证处理 @@ -32,7 +32,7 @@ public class TokenService protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND; - private final static long expireTime = CacheConstants.EXPIRATION; + private final static long EXPIRE_TIME = CacheConstants.EXPIRATION; private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY; @@ -53,15 +53,15 @@ public class TokenService refreshToken(loginUser); // Jwt存储信息 - Map claimsMap = new HashMap(); + Map claimsMap = new HashMap<>(); claimsMap.put(SecurityConstants.USER_KEY, token); claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId); claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName); // 接口返回信息 - Map rspMap = new HashMap(); + Map rspMap = new HashMap<>(); rspMap.put("access_token", JwtUtils.createToken(claimsMap)); - rspMap.put("expires_in", expireTime); + rspMap.put("expires_in", EXPIRE_TIME); return rspMap; } @@ -72,19 +72,7 @@ public class TokenService */ public LoginUser getLoginUser() { - return getLoginUser(ServletUtils.getRequest()); - } - - /** - * 获取用户身份信息 - * - * @return 用户信息 - */ - public LoginUser getLoginUser(HttpServletRequest request) - { - // 获取请求携带的令牌 - String token = SecurityUtils.getToken(request); - return getLoginUser(token); + return getLoginUser(SecurityUtils.getUserKey()); } /** @@ -92,19 +80,17 @@ public class TokenService * * @return 用户信息 */ - public LoginUser getLoginUser(String token) + public LoginUser getLoginUser(String userKey) { LoginUser user = null; try { - if (StringUtils.isNotEmpty(token)) + if (StringUtils.isNotEmpty(userKey)) { - String userkey = JwtUtils.getUserKey(token); - user = redisService.getCacheObject(getTokenKey(userkey)); - return user; + user = redisService.getCacheObject(getTokenKey(userKey)); } } - catch (Exception e) + catch (Exception ignored) { } return user; @@ -124,11 +110,10 @@ public class TokenService /** * 删除用户缓存信息 */ - public void delLoginUser(String token) + public void delLoginUser(String userkey) { - if (StringUtils.isNotEmpty(token)) + if (StringUtils.isNotEmpty(userkey)) { - String userkey = JwtUtils.getUserKey(token); redisService.deleteObject(getTokenKey(userkey)); } } @@ -156,14 +141,14 @@ public class TokenService public void refreshToken(LoginUser loginUser) { loginUser.setLoginTime(System.currentTimeMillis()); - loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE); + loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_MINUTE); // 根据uuid将loginUser缓存 - String userKey = getTokenKey(loginUser.getToken()); - redisService.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES); + String tokenKey = getTokenKey(loginUser.getToken()); + redisService.setCacheObject(tokenKey, loginUser, EXPIRE_TIME, TimeUnit.MINUTES); } - private String getTokenKey(String token) + private String getTokenKey(String userKey) { - return ACCESS_TOKEN + token; + return ACCESS_TOKEN + userKey; } } \ No newline at end of file