From c998c5bad3797e0aa8f26b186ee29e3700c2eddf Mon Sep 17 00:00:00 2001
From: topsun <linuxunis@163.com>
Date: Tue, 18 Apr 2023 23:31:54 +0800
Subject: [PATCH] =?UTF-8?q?=E9=80=9A=E8=BF=87=E5=AD=98=E5=82=A8=E7=9A=84to?=
 =?UTF-8?q?ken=E8=BF=9B=E8=A1=8Ctoken=E7=9A=84=E6=A0=A1=E9=AA=8C?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../interceptor/InterceptorConfig.java        |  13 ++++++-
 .../interceptor/JwtInterceptor.java           |  36 ++++++++++++++++--
 .../service/VerificationCodeService.java      |  12 ++----
 .../service/VerificationCodeService.class     | Bin 4445 -> 4456 bytes
 .../{Utils.java => RedisPrefixUtils.java}     |   4 +-
 5 files changed, 51 insertions(+), 14 deletions(-)
 rename online-taxi-public/internal-common/src/main/java/com/internal/util/{Utils.java => RedisPrefixUtils.java} (83%)

diff --git a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java
index 4b1571e..aa31e3f 100644
--- a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java
+++ b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/InterceptorConfig.java
@@ -1,15 +1,26 @@
 package com.taxi.apipassenger.interceptor;
 
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @Configuration
 public class InterceptorConfig implements WebMvcConfigurer {
+
+    /**
+     * 在拦截器初始化时，JwtInterceptor的bean已经生成
+     * @return
+     */
+    @Bean
+    public JwtInterceptor jwtInterceptor(){
+        return new JwtInterceptor();
+    }
+
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
 //        WebMvcConfigurer.super.addInterceptors(registry);
-        registry.addInterceptor(new JwtInterceptor())
+        registry.addInterceptor(jwtInterceptor())
                 .addPathPatterns("/**")//拦截的路径
                 .excludePathPatterns("/noauthTest")
                 .excludePathPatterns("/verification-code-check")
diff --git a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java
index f339337..134d51d 100644
--- a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java
+++ b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/interceptor/JwtInterceptor.java
@@ -2,11 +2,14 @@ package com.taxi.apipassenger.interceptor;
 
 import com.auth0.jwt.exceptions.TokenExpiredException;
 import com.internal.dto.ResponseResult;
+import com.internal.dto.TokenResult;
 import com.internal.util.JwtUtils;
+import com.internal.util.RedisPrefixUtils;
 import net.sf.json.JSONObject;
-import org.springframework.lang.Nullable;
+import org.apache.commons.lang.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.web.servlet.HandlerInterceptor;
-import org.springframework.web.servlet.ModelAndView;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -15,15 +18,20 @@ import java.security.SignatureException;
 
 public class JwtInterceptor implements HandlerInterceptor {
 
+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
         boolean resultBoolean = true;
         String resultStr = "";
         String token = request.getHeader("Authorization");
 
+        //解析token
+        TokenResult tokenResult = null;
         try {
             //解析token
-            JwtUtils.parseToken(token);
+            tokenResult =JwtUtils.parseToken(token);
         } catch (SignatureException exception) {
             resultStr = "token sign error ";
             resultBoolean = false;
@@ -33,6 +41,28 @@ public class JwtInterceptor implements HandlerInterceptor {
         }catch (Exception exception){
             resultBoolean = false;
         }
+        if(tokenResult == null){
+            resultStr = "token sign error ";
+            resultBoolean = false;
+        }else{
+            //拼接tokenKey
+            String phone = tokenResult.getPassengerPhone();
+            String identity = tokenResult.getIdentity();
+            String tokenKey  = RedisPrefixUtils.getTokenPrefixKey(phone,identity);
+            //从redis中取出token
+            String redisToke = stringRedisTemplate.opsForValue().get(tokenKey);
+            if(StringUtils.isBlank(redisToke)){
+                resultStr = "token invalid ";
+                resultBoolean = false;
+            }else{
+                if(!token.trim().equals(redisToke)){
+                    resultStr = "token invalid ";
+                    resultBoolean = false;
+                }
+            }
+        }
+
+        //
         if(!resultBoolean){
             PrintWriter outPrintWriter = response.getWriter();
             JSONObject jsonObject = JSONObject.fromObject(ResponseResult.fail(resultStr));
diff --git a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java
index 0d3e459..d1ce1e9 100644
--- a/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java
+++ b/online-taxi-public/api-passenger/src/main/java/com/taxi/apipassenger/service/VerificationCodeService.java
@@ -3,21 +3,17 @@ package com.taxi.apipassenger.service;
 import com.internal.contant.CommonStatusEnum;
 import com.internal.contant.IdentityConstant;
 import com.internal.dto.ResponseResult;
-import com.internal.dto.TokenResult;
 import com.internal.request.VerificationCodeDTO;
 import com.internal.response.CheckCodeResponse;
 import com.internal.response.NumberResponse;
 import com.internal.util.JwtUtils;
-import com.internal.util.Utils;
+import com.internal.util.RedisPrefixUtils;
 import com.taxi.apipassenger.remote.ServicePassengerUserClient;
 import com.taxi.apipassenger.remote.ServiceVerificatoncodeClient;
-import net.sf.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.StringRedisTemplate;
-import org.springframework.stereotype.Indexed;
 import org.springframework.stereotype.Service;
 
-import java.lang.invoke.ConstantCallSite;
 import java.util.concurrent.TimeUnit;
 
 @Service
@@ -40,7 +36,7 @@ public class VerificationCodeService {
         int numberCode = responseResult.getData().getNumberCode();
         System.out.println("访问service-verificationcode服务，获取验证码：" + numberCode);
         //key,value,过期时间
-        String key = Utils.getVerificationCodePrefixKey(passenegerPhone);
+        String key = RedisPrefixUtils.getVerificationCodePrefixKey(passenegerPhone);
         //存入redis
         stringRedisTemplate.opsForValue().set(key, numberCode + "", 2, TimeUnit.MINUTES);
 
@@ -56,7 +52,7 @@ public class VerificationCodeService {
      */
     public ResponseResult checkCode(String passenegerPhone, String verificationCode) {
         //一、根据手机号，reids-key规则，查询验证码
-        String key = Utils.getVerificationCodePrefixKey(passenegerPhone);
+        String key = RedisPrefixUtils.getVerificationCodePrefixKey(passenegerPhone);
         String codeRedis = stringRedisTemplate.opsForValue().get(key);
         System.out.println("redis中的code:" + codeRedis);
 
@@ -76,7 +72,7 @@ public class VerificationCodeService {
                         IdentityConstant.PASSENGER_IDENTITY);
                 
                 //将token存入redis
-                String tokenKey = Utils.getTokenPrefixKey(passenegerPhone,
+                String tokenKey = RedisPrefixUtils.getTokenPrefixKey(passenegerPhone,
                         IdentityConstant.PASSENGER_IDENTITY);
                 stringRedisTemplate.opsForValue().set(tokenKey,token,30,TimeUnit.DAYS);
                 
diff --git a/online-taxi-public/api-passenger/target/classes/com/taxi/apipassenger/service/VerificationCodeService.class b/online-taxi-public/api-passenger/target/classes/com/taxi/apipassenger/service/VerificationCodeService.class
index 8d1afd214ebbf234120f92be0f52f7e8fe487ec6..dd3782e6422dcb7f11340ad4e3c6f4c3b7a1feb9 100644
GIT binary patch
delta 158
zcmcbs^g?OFbWS;?<osOy%)FA+qP)Z${nC=m9Q~lwl+5CQqSUm^ip{GyZ?Z6oOm5*@
zAgRQ_!Jy0_!l1$+&!Ea+!Jy7y$DqlO%AmX1mfwca)0}}7C@9Wg$zaG}!(hc=%U};w
z;0+{$85|g*7@QfB8C)1L8C)4k8Qd9afikTOz6`S&{27)o1Td^-2xQpE5W=vNA$0N~
Gf!P4{2qifH

delta 147
zcmaE%bXRG^bWUOM<osOy%)FA+qP)Z${nC=m9R1B(Id8HsN=)wOTOg^%z`>x-Ai|)*
zAkU!5V8NixV8@`#kjh}V*@NGP(bJlNmBEHVoWYjCkimh$ioub=p23O1o57hOn8Af1
yiou;BnZbi0lfjdr6ewED;Lp&?5XdkaD7%Cqgkd#9D8ojE2!@>uk(18~%mx5*l_6FD

diff --git a/online-taxi-public/internal-common/src/main/java/com/internal/util/Utils.java b/online-taxi-public/internal-common/src/main/java/com/internal/util/RedisPrefixUtils.java
similarity index 83%
rename from online-taxi-public/internal-common/src/main/java/com/internal/util/Utils.java
rename to online-taxi-public/internal-common/src/main/java/com/internal/util/RedisPrefixUtils.java
index 57b2935..373d4c4 100644
--- a/online-taxi-public/internal-common/src/main/java/com/internal/util/Utils.java
+++ b/online-taxi-public/internal-common/src/main/java/com/internal/util/RedisPrefixUtils.java
@@ -1,13 +1,13 @@
 package com.internal.util;
 
-public class Utils {
+public class RedisPrefixUtils {
 
     public static String getVerificationCodePrefixKey(String passenegerPhone) {
         return ApiPassengerConstant.verificationCodePrefix + passenegerPhone;
     }
 
     /**
-     * 根据手机号和身份标识，来生成token
+     * 根据手机号和身份标识，来生成tokenKey
      * @param passenegerPhone
      * @param identity
      * @return