diff --git a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java index 4b1571e..aa31e3f 100644 --- a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java +++ b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java @@ -1,15 +1,26 @@ package com.taxi.apipassenger.interceptor; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @Configuration public class InterceptorConfig implements WebMvcConfigurer { + + /** + * 在拦截器初始化时,JwtInterceptor的bean已经生成 + * @return + */ + @Bean + public JwtInterceptor jwtInterceptor(){ + return new JwtInterceptor(); + } + @Override public void addInterceptors(InterceptorRegistry registry) { // WebMvcConfigurer.super.addInterceptors(registry); - registry.addInterceptor(new JwtInterceptor()) + registry.addInterceptor(jwtInterceptor()) .addPathPatterns("/**")//拦截的路径 .excludePathPatterns("/noauthTest") .excludePathPatterns("/verification-code-check") diff --git a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java index f339337..134d51d 100644 --- a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java +++ b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java @@ -2,11 +2,14 @@ package com.taxi.apipassenger.interceptor; import com.auth0.jwt.exceptions.TokenExpiredException; import com.internal.dto.ResponseResult; +import com.internal.dto.TokenResult; import com.internal.util.JwtUtils; +import com.internal.util.RedisPrefixUtils; import net.sf.json.JSONObject; -import org.springframework.lang.Nullable; +import org.apache.commons.lang.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.web.servlet.HandlerInterceptor; -import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -15,15 +18,20 @@ import java.security.SignatureException; public class JwtInterceptor implements HandlerInterceptor { + @Autowired + private StringRedisTemplate stringRedisTemplate; + @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { boolean resultBoolean = true; String resultStr = ""; String token = request.getHeader("Authorization"); + //解析token + TokenResult tokenResult = null; try { //解析token - JwtUtils.parseToken(token); + tokenResult =JwtUtils.parseToken(token); } catch (SignatureException exception) { resultStr = "token sign error "; resultBoolean = false; @@ -33,6 +41,28 @@ public class JwtInterceptor implements HandlerInterceptor { }catch (Exception exception){ resultBoolean = false; } + if(tokenResult == null){ + resultStr = "token sign error "; + resultBoolean = false; + }else{ + //拼接tokenKey + String phone = tokenResult.getPassengerPhone(); + String identity = tokenResult.getIdentity(); + String tokenKey = RedisPrefixUtils.getTokenPrefixKey(phone,identity); + //从redis中取出token + String redisToke = stringRedisTemplate.opsForValue().get(tokenKey); + if(StringUtils.isBlank(redisToke)){ + resultStr = "token invalid "; + resultBoolean = false; + }else{ + if(!token.trim().equals(redisToke)){ + resultStr = "token invalid "; + resultBoolean = false; + } + } + } + + // if(!resultBoolean){ PrintWriter outPrintWriter = response.getWriter(); JSONObject jsonObject = JSONObject.fromObject(ResponseResult.fail(resultStr)); diff --git a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java index 0d3e459..d1ce1e9 100644 --- a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java +++ b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java @@ -3,21 +3,17 @@ package com.taxi.apipassenger.service; import com.internal.contant.CommonStatusEnum; import com.internal.contant.IdentityConstant; import com.internal.dto.ResponseResult; -import com.internal.dto.TokenResult; import com.internal.request.VerificationCodeDTO; import com.internal.response.CheckCodeResponse; import com.internal.response.NumberResponse; import com.internal.util.JwtUtils; -import com.internal.util.Utils; +import com.internal.util.RedisPrefixUtils; import com.taxi.apipassenger.remote.ServicePassengerUserClient; import com.taxi.apipassenger.remote.ServiceVerificatoncodeClient; -import net.sf.json.JSONObject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.StringRedisTemplate; -import org.springframework.stereotype.Indexed; import org.springframework.stereotype.Service; -import java.lang.invoke.ConstantCallSite; import java.util.concurrent.TimeUnit; @Service @@ -40,7 +36,7 @@ public class VerificationCodeService { int numberCode = responseResult.getData().getNumberCode(); System.out.println("访问service-verificationcode服务,获取验证码:" + numberCode); //key,value,过期时间 - String key = Utils.getVerificationCodePrefixKey(passenegerPhone); + String key = RedisPrefixUtils.getVerificationCodePrefixKey(passenegerPhone); //存入redis stringRedisTemplate.opsForValue().set(key, numberCode + "", 2, TimeUnit.MINUTES); @@ -56,7 +52,7 @@ public class VerificationCodeService { */ public ResponseResult checkCode(String passenegerPhone, String verificationCode) { //一、根据手机号,reids-key规则,查询验证码 - String key = Utils.getVerificationCodePrefixKey(passenegerPhone); + String key = RedisPrefixUtils.getVerificationCodePrefixKey(passenegerPhone); String codeRedis = stringRedisTemplate.opsForValue().get(key); System.out.println("redis中的code:" + codeRedis); @@ -76,7 +72,7 @@ public class VerificationCodeService { IdentityConstant.PASSENGER_IDENTITY); //将token存入redis - String tokenKey = Utils.getTokenPrefixKey(passenegerPhone, + String tokenKey = RedisPrefixUtils.getTokenPrefixKey(passenegerPhone, IdentityConstant.PASSENGER_IDENTITY); stringRedisTemplate.opsForValue().set(tokenKey,token,30,TimeUnit.DAYS); diff --git a/online-taxi-public/api-passenger/target/classes/com/taxi/apipassenger/service/VerificationCodeService.class b/online-taxi-public/api-passenger/target/classes/com/taxi/apipassenger/service/VerificationCodeService.class index 8d1afd2..dd3782e 100644 Binary files a/online-taxi-public/api-passenger/target/classes/com/taxi/apipassenger/service/VerificationCodeService.class and b/online-taxi-public/api-passenger/target/classes/com/taxi/apipassenger/service/VerificationCodeService.class differ diff --git a/online-taxi-public/internal-common/src/main/java/com/internal/util/Utils.java b/online-taxi-public/internal-common/src/main/java/com/internal/util/RedisPrefixUtils.java similarity index 83% rename from online-taxi-public/internal-common/src/main/java/com/internal/util/Utils.java rename to online-taxi-public/internal-common/src/main/java/com/internal/util/RedisPrefixUtils.java index 57b2935..373d4c4 100644 --- a/online-taxi-public/internal-common/src/main/java/com/internal/util/Utils.java +++ b/online-taxi-public/internal-common/src/main/java/com/internal/util/RedisPrefixUtils.java @@ -1,13 +1,13 @@ package com.internal.util; -public class Utils { +public class RedisPrefixUtils { public static String getVerificationCodePrefixKey(String passenegerPhone) { return ApiPassengerConstant.verificationCodePrefix + passenegerPhone; } /** - * 根据手机号和身份标识,来生成token + * 根据手机号和身份标识,来生成tokenKey * @param passenegerPhone * @param identity * @return