From ccb11142d1a4f7393598e3c9c4c9004c6ee17862 Mon Sep 17 00:00:00 2001 From: caozehui <2427765068@qq.com> Date: Fri, 7 Feb 2025 14:30:16 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8F=8Ctoken=E5=A4=84=E7=90=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/controller/AuthController.java | 62 +++++++++++++++---- .../system/auth/filter/AuthGlobalFilter.java | 26 ++++---- .../njcn/gather/system/auth/pojo/Token.java | 2 + .../pojo/constant/SystemValidMessage.java | 4 +- 4 files changed, 70 insertions(+), 24 deletions(-) diff --git a/system/src/main/java/com/njcn/gather/system/auth/controller/AuthController.java b/system/src/main/java/com/njcn/gather/system/auth/controller/AuthController.java index 4abe1578..f4a4a47d 100644 --- a/system/src/main/java/com/njcn/gather/system/auth/controller/AuthController.java +++ b/system/src/main/java/com/njcn/gather/system/auth/controller/AuthController.java @@ -25,10 +25,7 @@ import io.swagger.annotations.ApiOperation; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.apache.logging.log4j.util.Strings; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; import java.util.HashMap; @@ -74,14 +71,21 @@ public class AuthController extends BaseController { if (user == null) { return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, UserValidMessage.LOGIN_FAILED); } else { - String tokenStr = JwtUtil.getAccessToken(user.getId()); + String accessToken = JwtUtil.getAccessToken(user.getId()); + String refreshToken = JwtUtil.getRefreshToken(accessToken); Token token = new Token(); - token.setAccessToken(tokenStr); + token.setAccessToken(accessToken); + token.setRefreshToken(refreshToken); + Map map = new HashMap<>(); map.put("name", user.getName()); + token.setUserInfo(map); + CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME); - customCacheUtil.putWithExpireTime(tokenStr, JSON.toJSONString(user), DateUnit.DAY.getMillis()); + customCacheUtil.putWithExpireTime(accessToken, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2); + customCacheUtil.putWithExpireTime(refreshToken, JSON.toJSONString(user), (DateUnit.DAY.getMillis() * 4)); + return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe); } } @@ -92,14 +96,48 @@ public class AuthController extends BaseController { public HttpResult logout(HttpServletRequest request) { String methodDescribe = getMethodDescribe("logout"); LogUtil.njcnDebug(log, "{},注销登录", methodDescribe); - String authorization = request.getHeader(SecurityConstants.AUTHORIZATION_KEY); - if (StrUtil.isNotBlank(authorization)) { - String tokenStr = authorization.replace(SecurityConstants.AUTHORIZATION_PREFIX, Strings.EMPTY); + String accessTokenStr = request.getHeader(SecurityConstants.AUTHORIZATION_KEY); + String refreshToken = request.getHeader(SecurityConstants.REFRESH_TOKEN_KEY); + if (StrUtil.isNotBlank(accessTokenStr) && StrUtil.isNotBlank(refreshToken)) { + String accessToken = accessTokenStr.replace(SecurityConstants.AUTHORIZATION_PREFIX, Strings.EMPTY); + CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME); - customCacheUtil.remove(tokenStr); - JwtUtil.invalidateToken(tokenStr); + customCacheUtil.remove(accessToken); + customCacheUtil.remove(refreshToken); + return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe); } return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe); } + + @OperateInfo(info = LogEnum.SYSTEM_COMMON) + @ApiOperation("刷新token") + @GetMapping("/refreshToken") + public HttpResult refreshToken(HttpServletRequest request) { + String methodDescribe = getMethodDescribe("refreshToken"); + LogUtil.njcnDebug(log, "{},刷新token", methodDescribe); + String refreshToken = request.getHeader(SecurityConstants.REFRESH_TOKEN_KEY); + + Token token = new Token(); + if (StrUtil.isNotBlank(refreshToken)) { + Map map = JwtUtil.parseToken(refreshToken); + String userId = (String) map.get(SecurityConstants.USER_ID); + SysUser user = sysUserService.getById(userId); + String accessToken = JwtUtil.getAccessToken(userId); + + + String refreshTokenNew = JwtUtil.getRefreshToken(accessToken); + + token.setAccessToken(accessToken); + token.setRefreshToken(refreshTokenNew); + + CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME); + customCacheUtil.remove(refreshToken); + customCacheUtil.putWithExpireTime(accessToken, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2); + customCacheUtil.putWithExpireTime(refreshTokenNew, JSON.toJSONString(user), (DateUnit.DAY.getMillis() * 4)); + return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe); + } else { + return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe); + } + } } diff --git a/system/src/main/java/com/njcn/gather/system/auth/filter/AuthGlobalFilter.java b/system/src/main/java/com/njcn/gather/system/auth/filter/AuthGlobalFilter.java index aa5d8946..34536d54 100644 --- a/system/src/main/java/com/njcn/gather/system/auth/filter/AuthGlobalFilter.java +++ b/system/src/main/java/com/njcn/gather/system/auth/filter/AuthGlobalFilter.java @@ -22,7 +22,7 @@ import java.util.List; @Slf4j @Component public class AuthGlobalFilter implements Filter, Ordered { - private final static List IGNORE_URI = Arrays.asList("/admin/login","/report/generateReport"); + private final static List IGNORE_URI = Arrays.asList("/admin/login", "/report/generateReport", "/admin/refreshToken"); @Override public int getOrder() { @@ -52,23 +52,27 @@ public class AuthGlobalFilter implements Filter, Ordered { if (IGNORE_URI.contains(requestURI)) { filterChain.doFilter(req, res); } else { - String tokenStr = req.getHeader(SecurityConstants.AUTHORIZATION_KEY); - if (StrUtil.isBlank(tokenStr) || !tokenStr.startsWith(SecurityConstants.AUTHORIZATION_PREFIX)) { - res.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - res.getWriter().write(SystemValidMessage.TOKEN_VALID_ERROR); + String accessTokenStr = req.getHeader(SecurityConstants.AUTHORIZATION_KEY); + String refreshToken = req.getHeader(SecurityConstants.REFRESH_TOKEN_KEY); + if (StrUtil.isBlank(accessTokenStr) || !accessTokenStr.startsWith(SecurityConstants.AUTHORIZATION_PREFIX) || StrUtil.isBlank(refreshToken)) { + res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面 return; } - tokenStr = tokenStr.substring(SecurityConstants.AUTHORIZATION_PREFIX.length()); + String accessToken = accessTokenStr.substring(SecurityConstants.AUTHORIZATION_PREFIX.length()); try { - if (StrUtil.isBlank(tokenStr) || !JwtUtil.verifyToken(tokenStr) || JwtUtil.isExpired(tokenStr)) { - res.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - res.getWriter().write(SystemValidMessage.TOKEN_VALID_ERROR); + if (StrUtil.isBlank(accessToken) || !JwtUtil.verifyToken(accessToken) || !JwtUtil.verifyToken(refreshToken)) { + res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面 + } else if (JwtUtil.isExpired(accessToken)) { + if (JwtUtil.isExpired(refreshToken)) { + res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_EXPIRED + "\"}"); //前端重定向到登录页面 + }else{ + res.getWriter().write("{\"code\": 401, \"message\":\"" + SystemValidMessage.TOKEN_EXPIRED + "\"}"); //前端发起refreshToken请求 + } } else { filterChain.doFilter(req, res); } } catch (Exception e) { - res.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - res.getWriter().write(SystemValidMessage.TOKEN_VALID_ERROR); + res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}"); } } } diff --git a/system/src/main/java/com/njcn/gather/system/auth/pojo/Token.java b/system/src/main/java/com/njcn/gather/system/auth/pojo/Token.java index 1c95985d..add2d30d 100644 --- a/system/src/main/java/com/njcn/gather/system/auth/pojo/Token.java +++ b/system/src/main/java/com/njcn/gather/system/auth/pojo/Token.java @@ -9,6 +9,8 @@ public class Token { private String accessToken; + private String refreshToken; + private Map userInfo; } diff --git a/system/src/main/java/com/njcn/gather/system/pojo/constant/SystemValidMessage.java b/system/src/main/java/com/njcn/gather/system/pojo/constant/SystemValidMessage.java index c1f69a11..bf563921 100644 --- a/system/src/main/java/com/njcn/gather/system/pojo/constant/SystemValidMessage.java +++ b/system/src/main/java/com/njcn/gather/system/pojo/constant/SystemValidMessage.java @@ -87,7 +87,9 @@ public interface SystemValidMessage { String AUTO_GENERATE_FORMAT_ERROR = "是否自动生成格式错误,请检查autoGenerate参数"; - String TOKEN_VALID_ERROR = "token校验失败"; + String TOKEN_VALID_ERROR = "非法的token"; + + String TOKEN_EXPIRED = "token已过期,请重新登录"; String USER_ID_FORMAT_ERROR = "用户id格式错误,请检查userId参数"; }