diff --git a/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/InterceptorConfig.java b/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/InterceptorConfig.java index 9834d68..b2f50d2 100644 --- a/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/InterceptorConfig.java +++ b/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/InterceptorConfig.java @@ -23,6 +23,7 @@ public class InterceptorConfig implements WebMvcConfigurer { ("/noauthTest") ,("/verification-code") ,("/verification-code-check") + ,("/token-refresh") ); } } diff --git a/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java b/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java index bfc6961..370a0d6 100644 --- a/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java +++ b/api-passenger/src/main/java/com/mashibing/apipassenger/interceptor/JwtInterceptor.java @@ -1,8 +1,5 @@ package com.mashibing.apipassenger.interceptor; -import com.auth0.jwt.exceptions.AlgorithmMismatchException; -import com.auth0.jwt.exceptions.SignatureVerificationException; -import com.auth0.jwt.exceptions.TokenExpiredException; import com.mashibing.internalcommon.constant.TokenConstants; import com.mashibing.internalcommon.dto.ResponseResult; import com.mashibing.internalcommon.dto.TokenResult; @@ -49,14 +46,14 @@ public class JwtInterceptor implements HandlerInterceptor { result = false; }else{ String phone = tokenResult.getPhone(); - String indentiny = tokenResult.getIndentiny(); + String identity = tokenResult.getIdentity(); // 从redis中取出token - String rdisAccessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny,TokenConstants.ACCESS_TOKEN_TYPE); - String redisAccessToken = redisTemplate.opsForValue().get(rdisAccessTokenKey); + String accessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, identity,TokenConstants.ACCESS_TOKEN_TYPE); + String redisAccessToken = redisTemplate.opsForValue().get(accessTokenKey); // 判断 redis 中是否存在值 if( (StringUtils.isBlank(redisAccessToken)) || !StringUtils.equals(token.trim(),redisAccessToken.trim()) ){ - resutltString = "token invalid "; + resutltString = "access token invalid "; result = false; }else{ resutltString = "token verfiy pass "; diff --git a/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java b/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java index 5d041fd..460f901 100644 --- a/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java +++ b/api-passenger/src/main/java/com/mashibing/apipassenger/service/TokenService.java @@ -33,10 +33,10 @@ public class TokenService { return ResponseResult.fail(CommonStatusEnum.FAIL.getCode(),CommonStatusEnum.FAIL.getValue()); } String phone = tokenResult.getPhone(); - String indentiny = tokenResult.getIndentiny(); + String identity = tokenResult.getIdentity(); // 读取 redis 中 refreshToken - String refreshTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny, TokenConstants.REFRESH_TOKEN_TYPE); + String refreshTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, identity, TokenConstants.REFRESH_TOKEN_TYPE); String redisRefreshToken = redisTemplate.opsForValue().get(refreshTokenKey); // 校验 两token 是否合法 @@ -45,12 +45,14 @@ public class TokenService { } // 生成新的双token,存入redis中 - String refreshToken = JwtUtils.gerneratorToken(phone, indentiny, TokenConstants.REFRESH_TOKEN_TYPE); - String accessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, indentiny, TokenConstants.ACCESS_TOKEN_TYPE); - String accessToken = JwtUtils.gerneratorToken(phone, indentiny, TokenConstants.ACCESS_TOKEN_TYPE); + String refreshToken = JwtUtils.gerneratorToken(phone, identity, TokenConstants.REFRESH_TOKEN_TYPE); + String accessTokenKey = RedisPrefixUtils.getRdisTokenKey(phone, identity, TokenConstants.ACCESS_TOKEN_TYPE); + String accessToken = JwtUtils.gerneratorToken(phone, identity, TokenConstants.ACCESS_TOKEN_TYPE); redisTemplate.opsForValue().set(accessTokenKey,accessToken,30,TimeUnit.DAYS); redisTemplate.opsForValue().set(refreshTokenKey,refreshToken,31,TimeUnit.DAYS); +// redisTemplate.opsForValue().set(accessTokenKey,accessToken,10,TimeUnit.SECONDS); +// redisTemplate.opsForValue().set(refreshTokenKey,refreshToken,30,TimeUnit.SECONDS); TokenResponse tokenResponse = new TokenResponse(); tokenResponse.setAccessToken(accessToken); diff --git a/api-passenger/src/main/java/com/mashibing/apipassenger/service/VerificationCodeService.java b/api-passenger/src/main/java/com/mashibing/apipassenger/service/VerificationCodeService.java index 2e1652b..14455ec 100644 --- a/api-passenger/src/main/java/com/mashibing/apipassenger/service/VerificationCodeService.java +++ b/api-passenger/src/main/java/com/mashibing/apipassenger/service/VerificationCodeService.java @@ -60,8 +60,8 @@ public class VerificationCodeService { public ResponseResult checkCode(String passengerPhone,String verificationCode){ // 根据 key前缀+号码 从redis取出对应 校验码比较 - String redisVeriCodeKey = RedisPrefixUtils.getRdisVeriCodeKey(passengerPhone); - String codeRedis = redisTemplate.opsForValue().get(redisVeriCodeKey); + String veriCodeKey = RedisPrefixUtils.getRdisVeriCodeKey(passengerPhone); + String codeRedis = redisTemplate.opsForValue().get(veriCodeKey); // 校验 验证码 是否相同 if(StringUtils.isBlank(codeRedis) || !StringUtils.equals(codeRedis,verificationCode) ){ @@ -72,18 +72,20 @@ public class VerificationCodeService { VerificationCodeDTO verificationCodeDTO = new VerificationCodeDTO(); verificationCodeDTO.setPassengerPhone(passengerPhone); servicePassengerUserCLient.loginOrRegister(verificationCodeDTO); - redisTemplate.opsForValue().set(redisVeriCodeKey,""); - Boolean delete = redisTemplate.delete(redisVeriCodeKey);// 使用后删除key +// redisTemplate.opsForValue().set(redisVeriCodeKey,""); +// Boolean delete = redisTemplate.delete(redisVeriCodeKey);// 使用后删除key // 颁布 accessToken & refreshToken 令牌 String accessToken = JwtUtils.gerneratorToken(passengerPhone, IndentinyConstant.PASSENGER_IDENTITY,TokenConstants.ACCESS_TOKEN_TYPE); String refreshToken = JwtUtils.gerneratorToken(passengerPhone, IndentinyConstant.PASSENGER_IDENTITY,TokenConstants.REFRESH_TOKEN_TYPE); // 将 accessToken & refreshToken 存入 redis 中 - String redisAccessTokenKey = RedisPrefixUtils.getRdisTokenKey(passengerPhone, IndentinyConstant.PASSENGER_IDENTITY,TokenConstants.ACCESS_TOKEN_TYPE); - String redisRefreshTokenKey = RedisPrefixUtils.getRdisTokenKey(passengerPhone, IndentinyConstant.PASSENGER_IDENTITY,TokenConstants.REFRESH_TOKEN_TYPE); - redisTemplate.opsForValue().set(redisAccessTokenKey,accessToken,30,TimeUnit.DAYS); - redisTemplate.opsForValue().set(redisRefreshTokenKey,refreshToken,31,TimeUnit.DAYS); + String accessTokenKey = RedisPrefixUtils.getRdisTokenKey(passengerPhone, IndentinyConstant.PASSENGER_IDENTITY,TokenConstants.ACCESS_TOKEN_TYPE); + String refreshTokenKey = RedisPrefixUtils.getRdisTokenKey(passengerPhone, IndentinyConstant.PASSENGER_IDENTITY,TokenConstants.REFRESH_TOKEN_TYPE); + redisTemplate.opsForValue().set(accessTokenKey,accessToken,30,TimeUnit.DAYS); + redisTemplate.opsForValue().set(refreshTokenKey,refreshToken,31,TimeUnit.DAYS); +// redisTemplate.opsForValue().set(accessTokenKey,accessToken,10,TimeUnit.SECONDS); +// redisTemplate.opsForValue().set(refreshTokenKey,refreshToken,30,TimeUnit.SECONDS); TokenResponse tokenResponse = new TokenResponse(); diff --git a/internal-common/src/main/java/com/mashibing/internalcommon/dto/TokenResult.java b/internal-common/src/main/java/com/mashibing/internalcommon/dto/TokenResult.java index d18d687..e611640 100644 --- a/internal-common/src/main/java/com/mashibing/internalcommon/dto/TokenResult.java +++ b/internal-common/src/main/java/com/mashibing/internalcommon/dto/TokenResult.java @@ -7,6 +7,6 @@ public class TokenResult { private String phone; - private String indentiny; + private String identity; } diff --git a/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java b/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java index 88cfa8c..3e959a4 100644 --- a/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java +++ b/internal-common/src/main/java/com/mashibing/internalcommon/util/JwtUtils.java @@ -3,16 +3,12 @@ package com.mashibing.internalcommon.util; import com.auth0.jwt.JWT; import com.auth0.jwt.JWTCreator; import com.auth0.jwt.algorithms.Algorithm; -import com.auth0.jwt.exceptions.AlgorithmMismatchException; -import com.auth0.jwt.exceptions.SignatureVerificationException; -import com.auth0.jwt.exceptions.TokenExpiredException; -import com.auth0.jwt.interfaces.Claim; import com.auth0.jwt.interfaces.DecodedJWT; -import com.mashibing.internalcommon.dto.ResponseResult; import com.mashibing.internalcommon.dto.TokenResult; import java.util.Calendar; -import java.util.Date; +import java.util.HashMap; +import java.util.Map; public class JwtUtils { @@ -21,28 +17,36 @@ public class JwtUtils { private static final String JWT_KEY_PHONE = "phone"; - private static final String JWT_KEY_INDENTINY = "indentiny"; + private static final String JWT_KEY_IDENTITY = "identity"; private static final String JWT_TOKEN_TYPE = "tokenType"; + private static final String JWT_TOKEN_TIME = "tokenTime"; /** * 获取 token字符串 */ - public static String gerneratorToken(String passengerPhone,String indentiny,String tokenType){ + public static String gerneratorToken(String passengerPhone,String identity,String tokenType){ + + Map map = new HashMap<>(); + map.put(JWT_KEY_PHONE,passengerPhone); + map.put(JWT_KEY_IDENTITY, identity); + map.put(JWT_TOKEN_TYPE, tokenType); + // 防止每次生成的token一样。 + map.put(JWT_TOKEN_TIME, Calendar.getInstance().getTime().toString()); + // 使用 JWT 创建 token合成对象 builder + JWTCreator.Builder builder = JWT.create(); + + // 将 map集合中有效数据部份 合成到 builder中 + map.forEach( + (k,v) -> { + builder.withClaim(k,v); + } + ); // // 准备 token过期时间 Date 类型 -移交服务端进行控制 // Calendar calendar = Calendar.getInstance(); // calendar.add(Calendar.DATE,1); // Date date = calendar.getTime(); - - // 使用 JWT 创建 token合成对象 builder - JWTCreator.Builder builder = JWT.create(); - - // 将 有效数据部份 合成到 builder中 - builder.withClaim(JWT_KEY_PHONE,passengerPhone); - builder.withClaim(JWT_KEY_INDENTINY,indentiny); - builder.withClaim(JWT_TOKEN_TYPE,tokenType); - - // 设置 超时时间 -移交服务端进行控制 +// // 设置 超时时间 -移交服务端进行控制 // builder.withExpiresAt(date); // 使用 builder对象的 sign 方法生成 token @@ -61,11 +65,11 @@ public class JwtUtils { DecodedJWT verify = JWT.require(Algorithm.HMAC256(SIGN)).build().verify(token); // 获取有效数据内容 String phone = verify.getClaim(JWT_KEY_PHONE).asString(); - String indentiny = verify.getClaim(JWT_KEY_INDENTINY).asString(); + String indentiny = verify.getClaim(JWT_KEY_IDENTITY).asString(); TokenResult result = new TokenResult(); result.setPhone(phone); - result.setIndentiny(indentiny); + result.setIdentity(indentiny); return result; } @@ -93,7 +97,7 @@ public class JwtUtils { } - return null; + return tokenResult; } }