微调
This commit is contained in:
caozehui
@@ -1,163 +0,0 @@
|
||||
package com.njcn.gather.system.auth.controller;
|
||||
|
||||
import cn.hutool.core.date.DateUnit;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.extra.spring.SpringUtil;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.njcn.common.bean.CustomCacheUtil;
|
||||
import com.njcn.common.pojo.annotation.OperateInfo;
|
||||
import com.njcn.common.pojo.constant.OperateType;
|
||||
import com.njcn.common.pojo.constant.SecurityConstants;
|
||||
import com.njcn.common.pojo.enums.common.LogEnum;
|
||||
import com.njcn.common.pojo.enums.response.CommonResponseEnum;
|
||||
import com.njcn.common.pojo.response.HttpResult;
|
||||
import com.njcn.common.utils.JwtUtil;
|
||||
import com.njcn.common.utils.LogUtil;
|
||||
import com.njcn.gather.system.auth.pojo.Token;
|
||||
import com.njcn.gather.system.config.pojo.po.SysTestConfig;
|
||||
import com.njcn.gather.system.config.service.ISysTestConfigService;
|
||||
import com.njcn.gather.system.dictionary.service.IDictDataService;
|
||||
import com.njcn.gather.system.log.pojo.enums.LogOperationTypeEnum;
|
||||
import com.njcn.gather.system.log.pojo.po.SysLogAudit;
|
||||
import com.njcn.gather.system.log.service.ISysLogAuditService;
|
||||
import com.njcn.gather.user.pojo.constant.UserValidMessage;
|
||||
import com.njcn.gather.user.user.pojo.param.SysUserParam;
|
||||
import com.njcn.gather.user.user.pojo.po.SysUser;
|
||||
import com.njcn.gather.user.user.service.ISysUserService;
|
||||
import com.njcn.web.controller.BaseController;
|
||||
import com.njcn.web.utils.HttpResultUtil;
|
||||
import com.njcn.web.utils.HttpServletUtil;
|
||||
import com.njcn.web.utils.RequestUtil;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.logging.log4j.util.Strings;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.time.LocalDateTime;
|
||||
import java.time.format.DateTimeFormatter;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
|
||||
@Slf4j
|
||||
@RestController
|
||||
@Api(tags = "登录/注销")
|
||||
@RequestMapping("/admin")
|
||||
@RequiredArgsConstructor
|
||||
public class AuthController extends BaseController {
|
||||
|
||||
private final ISysUserService sysUserService;
|
||||
private final ISysLogAuditService sysLogAuditService;
|
||||
private final ISysTestConfigService sysTestConfigService;
|
||||
|
||||
// @RequestMapping("/login")
|
||||
// public HttpResult<Token> login() {
|
||||
// Token token = new Token();
|
||||
// token.setAccessToken("bqddxxwqmfncffacvbpkuxvwvqrhln");
|
||||
// HttpResult<Token> result = new HttpResult<>();
|
||||
// result.setMessage("成功");
|
||||
// result.setCode("A0000");
|
||||
// result.setData(token);
|
||||
// return result;
|
||||
// }
|
||||
//
|
||||
// @RequestMapping("/logout")
|
||||
// public HttpResult<String> logout() {
|
||||
// HttpResult<String> result = new HttpResult<>();
|
||||
// result.setMessage("成功");
|
||||
// result.setCode("A0000");
|
||||
// result.setData("退出成功");
|
||||
// return result;
|
||||
// }
|
||||
|
||||
@OperateInfo(info = LogEnum.SYSTEM_COMMON, operateType = OperateType.AUTHENTICATE)
|
||||
@PostMapping("/login")
|
||||
@ApiOperation("登录")
|
||||
public HttpResult<Object> login(@RequestBody SysUserParam.LoginParam param) {
|
||||
String methodDescribe = getMethodDescribe("login");
|
||||
LogUtil.njcnDebug(log, "{},登录参数为:{}", methodDescribe, param);
|
||||
SysUser user = sysUserService.getUserByLoginNameAndPassword(param.getUsername(), param.getPassword());
|
||||
if (user == null) {
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, UserValidMessage.LOGIN_FAILED);
|
||||
} else {
|
||||
String accessToken = JwtUtil.getAccessToken(user.getId());
|
||||
String refreshToken = JwtUtil.getRefreshToken(accessToken);
|
||||
Token token = new Token();
|
||||
token.setAccessToken(accessToken);
|
||||
token.setRefreshToken(refreshToken);
|
||||
|
||||
Map<String, Object> map = new HashMap<>();
|
||||
map.put("name", user.getName());
|
||||
|
||||
token.setUserInfo(map);
|
||||
|
||||
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
|
||||
customCacheUtil.putWithExpireTime(accessToken, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2);
|
||||
|
||||
sysLogAuditService.saveAuthLog(user.getName(), 1);
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe);
|
||||
}
|
||||
}
|
||||
|
||||
@OperateInfo(info = LogEnum.SYSTEM_SERIOUS, operateType = OperateType.LOGOUT)
|
||||
@ApiOperation("注销登录")
|
||||
@PostMapping("/logout")
|
||||
public HttpResult<Object> logout() {
|
||||
String methodDescribe = getMethodDescribe("logout");
|
||||
LogUtil.njcnDebug(log, "{},注销登录", methodDescribe);
|
||||
String accessToken = RequestUtil.getAccessToken();
|
||||
if (StrUtil.isNotBlank(accessToken)) {
|
||||
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
|
||||
customCacheUtil.remove(accessToken);
|
||||
|
||||
Map<String, Object> map = JwtUtil.parseToken(accessToken);
|
||||
SysUser user = sysUserService.getById((String) map.get(SecurityConstants.USER_ID));
|
||||
sysLogAuditService.saveAuthLog(user.getName(), 2);
|
||||
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe);
|
||||
}
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
|
||||
}
|
||||
|
||||
@OperateInfo(info = LogEnum.SYSTEM_COMMON)
|
||||
@ApiOperation("刷新token")
|
||||
@GetMapping("/refreshToken")
|
||||
public HttpResult<Object> refreshToken() {
|
||||
String methodDescribe = getMethodDescribe("refreshToken");
|
||||
LogUtil.njcnDebug(log, "{},刷新token", methodDescribe);
|
||||
String accessToken = RequestUtil.getAccessToken();
|
||||
|
||||
Token token = new Token();
|
||||
if (StrUtil.isNotBlank(accessToken)) {
|
||||
Map<String, Object> map = JwtUtil.parseToken(accessToken);
|
||||
String userId = (String) map.get(SecurityConstants.USER_ID);
|
||||
SysUser user = sysUserService.getById(userId);
|
||||
String accessTokenNew = JwtUtil.getAccessToken(userId);
|
||||
|
||||
String refreshTokenNew = JwtUtil.getRefreshToken(accessTokenNew);
|
||||
|
||||
token.setAccessToken(accessTokenNew);
|
||||
token.setRefreshToken(refreshTokenNew);
|
||||
|
||||
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
|
||||
customCacheUtil.remove(accessToken);
|
||||
customCacheUtil.putWithExpireTime(accessTokenNew, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2);
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe);
|
||||
} else {
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
|
||||
}
|
||||
}
|
||||
|
||||
@OperateInfo(info = LogEnum.SYSTEM_COMMON)
|
||||
@ApiOperation("获取当前场景")
|
||||
@GetMapping("/getCurrentScene")
|
||||
public HttpResult<String> getCurrentScene() {
|
||||
String methodDescribe = getMethodDescribe("getCurrentScene");
|
||||
LogUtil.njcnDebug(log, "{},获取当前场景", methodDescribe);
|
||||
String currrentScene= sysTestConfigService.getCurrrentScene();
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, currrentScene, methodDescribe);
|
||||
}
|
||||
}
|
||||
@@ -1,80 +0,0 @@
|
||||
package com.njcn.gather.system.auth.filter;
|
||||
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.njcn.common.pojo.constant.SecurityConstants;
|
||||
import com.njcn.common.utils.JwtUtil;
|
||||
import com.njcn.gather.system.pojo.constant.SystemValidMessage;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.servlet.*;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* @author caozehui
|
||||
* @data 2024/11/18
|
||||
*/
|
||||
@Slf4j
|
||||
@Component
|
||||
public class AuthGlobalFilter implements Filter, Ordered {
|
||||
private final static List<String> IGNORE_URI = Arrays.asList("/admin/login", "/report/generateReport");
|
||||
|
||||
@Override
|
||||
public int getOrder() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
|
||||
|
||||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
HttpServletResponse res = (HttpServletResponse) response;
|
||||
|
||||
//设置允许跨域的配置
|
||||
// 这里填写允许进行跨域的主机ip(正式上线时可以动态配置具体允许的域名和IP)
|
||||
//rep.setHeader("Access-Control-Allow-Origin", "*");
|
||||
// 允许的访问方法
|
||||
//rep.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE, PATCH");
|
||||
// Access-Control-Max-Age 用于 CORS 相关配置的缓存
|
||||
//rep.setHeader("Access-Control-Max-Age", "3600");
|
||||
//rep.setHeader("Access-Control-Allow-Headers", "token,Origin, X-Requested-With, Content-Type, Accept");
|
||||
|
||||
|
||||
res.setCharacterEncoding("UTF-8");
|
||||
res.setContentType("application/json; charset=utf-8");
|
||||
|
||||
String requestURI = req.getRequestURI();
|
||||
if (IGNORE_URI.contains(requestURI)) {
|
||||
filterChain.doFilter(req, res);
|
||||
} else {
|
||||
String accessTokenStr = req.getHeader(SecurityConstants.AUTHORIZATION_KEY);
|
||||
String isRefreshToken = req.getHeader(SecurityConstants.IS_REFRESH_TOKEN);
|
||||
if (StrUtil.isBlank(accessTokenStr) || !accessTokenStr.startsWith(SecurityConstants.AUTHORIZATION_PREFIX)) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面
|
||||
return;
|
||||
}
|
||||
String accessToken = accessTokenStr.substring(SecurityConstants.AUTHORIZATION_PREFIX.length());
|
||||
try {
|
||||
if (StrUtil.isBlank(accessToken) || !JwtUtil.verifyToken(accessToken)) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面
|
||||
} else if (JwtUtil.isExpired(accessToken)) {
|
||||
if ("true".equals(isRefreshToken)) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_EXPIRED + "\"}"); //前端重定向到登录页面
|
||||
} else {
|
||||
res.getWriter().write("{\"code\": 401, \"message\":\"" + SystemValidMessage.ACCESS_TOKEN_EXPIRED + "\"}"); //前端发起refreshToken请求
|
||||
}
|
||||
} else {
|
||||
filterChain.doFilter(req, res);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,16 +0,0 @@
|
||||
package com.njcn.gather.system.auth.pojo;
|
||||
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Data
|
||||
public class Token {
|
||||
|
||||
private String accessToken;
|
||||
|
||||
private String refreshToken;
|
||||
|
||||
private Map<String, Object> userInfo;
|
||||
|
||||
}
|
||||
@@ -27,7 +27,7 @@ import org.springframework.web.bind.annotation.*;
|
||||
@Slf4j
|
||||
@Api(tags = "检测相关配置")
|
||||
@RestController
|
||||
@RequestMapping("/sysTestConfig")
|
||||
@RequestMapping("/sysTestConfig")
|
||||
@RequiredArgsConstructor
|
||||
public class SysTestConfigController extends BaseController {
|
||||
private final ISysTestConfigService sysTestConfigService;
|
||||
@@ -71,5 +71,15 @@ public class SysTestConfigController extends BaseController {
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
|
||||
}
|
||||
}
|
||||
|
||||
@OperateInfo(info = LogEnum.SYSTEM_COMMON)
|
||||
@ApiOperation("获取当前场景")
|
||||
@GetMapping("/getCurrentScene")
|
||||
public HttpResult<String> getCurrentScene() {
|
||||
String methodDescribe = getMethodDescribe("getCurrentScene");
|
||||
LogUtil.njcnDebug(log, "{},获取当前场景", methodDescribe);
|
||||
String currrentScene = sysTestConfigService.getCurrrentScene();
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, currrentScene, methodDescribe);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -48,8 +48,9 @@ public class LogAdvice implements ApplicationListener<ContextRefreshedEvent> {
|
||||
|
||||
private BlockingQueue<SysLogAudit> logQueue = new LinkedBlockingDeque<>();
|
||||
|
||||
@Pointcut(value = "execution(* com.njcn.gather..controller.*(..))")
|
||||
//@Pointcut(value = "execution(* com.njcn.gather..controller.*.*(..)) && !execution(* com.njcn.gather..controller.AuthController.*(..))")
|
||||
// @Pointcut(value = "execution(* com.njcn.gather..controller.*(..))")
|
||||
// @Pointcut(value = "execution(* com.njcn.gather..controller.*.*(..)) && !execution(* com.njcn.gather..controller.AuthController.*(..))")
|
||||
@Pointcut(value = "execution(* com.njcn.gather..controller.*.*(..))")
|
||||
public void logPointcut() {
|
||||
}
|
||||
|
||||
|
||||
@@ -87,11 +87,5 @@ public interface SystemValidMessage {
|
||||
|
||||
String AUTO_GENERATE_FORMAT_ERROR = "是否自动生成格式错误,请检查autoGenerate参数";
|
||||
|
||||
String TOKEN_VALID_ERROR = "非法的token";
|
||||
|
||||
String TOKEN_EXPIRED = "token已过期,请重新登录";
|
||||
|
||||
String ACCESS_TOKEN_EXPIRED = "access-token已过期";
|
||||
|
||||
String USER_ID_FORMAT_ERROR = "用户id格式错误,请检查userId参数";
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user