ClientApps/CN_Gather
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

双token处理

Browse Source
This commit is contained in:
caozehui
2025-02-07 14:30:16 +08:00
parent 1cc1a9ecf2
commit ccb11142d1
4 changed files with 70 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
system/src/main/java/com/njcn/gather/system/auth/controller/AuthController.java
View File

@@ -25,10 +25,7 @@ import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.apache.logging.log4j.util.Strings;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
@@ -74,14 +71,21 @@ public class AuthController extends BaseController {
if (user == null) {
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, UserValidMessage.LOGIN_FAILED);
} else {
String tokenStr = JwtUtil.getAccessToken(user.getId());
String accessToken = JwtUtil.getAccessToken(user.getId());
String refreshToken = JwtUtil.getRefreshToken(accessToken);
Token token = new Token();
token.setAccessToken(tokenStr);
token.setAccessToken(accessToken);
token.setRefreshToken(refreshToken);
Map<String, Object> map = new HashMap<>();
map.put("name", user.getName());
token.setUserInfo(map);
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
customCacheUtil.putWithExpireTime(tokenStr, JSON.toJSONString(user), DateUnit.DAY.getMillis());
customCacheUtil.putWithExpireTime(accessToken, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2);
customCacheUtil.putWithExpireTime(refreshToken, JSON.toJSONString(user), (DateUnit.DAY.getMillis() * 4));
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe);
}
}
@@ -92,14 +96,48 @@ public class AuthController extends BaseController {
public HttpResult<Object> logout(HttpServletRequest request) {
String methodDescribe = getMethodDescribe("logout");
LogUtil.njcnDebug(log, "{},注销登录", methodDescribe);
String authorization = request.getHeader(SecurityConstants.AUTHORIZATION_KEY);
if (StrUtil.isNotBlank(authorization)) {
String tokenStr = authorization.replace(SecurityConstants.AUTHORIZATION_PREFIX, Strings.EMPTY);
String accessTokenStr = request.getHeader(SecurityConstants.AUTHORIZATION_KEY);
String refreshToken = request.getHeader(SecurityConstants.REFRESH_TOKEN_KEY);
if (StrUtil.isNotBlank(accessTokenStr) && StrUtil.isNotBlank(refreshToken)) {
String accessToken = accessTokenStr.replace(SecurityConstants.AUTHORIZATION_PREFIX, Strings.EMPTY);
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
customCacheUtil.remove(tokenStr);
JwtUtil.invalidateToken(tokenStr);
customCacheUtil.remove(accessToken);
customCacheUtil.remove(refreshToken);
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe);
}
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
}
@OperateInfo(info = LogEnum.SYSTEM_COMMON)
@ApiOperation("刷新token")
@GetMapping("/refreshToken")
public HttpResult<Object> refreshToken(HttpServletRequest request) {
String methodDescribe = getMethodDescribe("refreshToken");
LogUtil.njcnDebug(log, "{}刷新token", methodDescribe);
String refreshToken = request.getHeader(SecurityConstants.REFRESH_TOKEN_KEY);
Token token = new Token();
if (StrUtil.isNotBlank(refreshToken)) {
Map<String, Object> map = JwtUtil.parseToken(refreshToken);
String userId = (String) map.get(SecurityConstants.USER_ID);
SysUser user = sysUserService.getById(userId);
String accessToken = JwtUtil.getAccessToken(userId);
String refreshTokenNew = JwtUtil.getRefreshToken(accessToken);
token.setAccessToken(accessToken);
token.setRefreshToken(refreshTokenNew);
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
customCacheUtil.remove(refreshToken);
customCacheUtil.putWithExpireTime(accessToken, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2);
customCacheUtil.putWithExpireTime(refreshTokenNew, JSON.toJSONString(user), (DateUnit.DAY.getMillis() * 4));
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe);
} else {
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
}
}
}

26
system/src/main/java/com/njcn/gather/system/auth/filter/AuthGlobalFilter.java
View File

@@ -22,7 +22,7 @@ import java.util.List;
@Slf4j
@Component
public class AuthGlobalFilter implements Filter, Ordered {
private final static List<String> IGNORE_URI = Arrays.asList("/admin/login","/report/generateReport");
private final static List<String> IGNORE_URI = Arrays.asList("/admin/login", "/report/generateReport", "/admin/refreshToken");
@Override
public int getOrder() {
@@ -52,23 +52,27 @@ public class AuthGlobalFilter implements Filter, Ordered {
if (IGNORE_URI.contains(requestURI)) {
filterChain.doFilter(req, res);
} else {
String tokenStr = req.getHeader(SecurityConstants.AUTHORIZATION_KEY);
if (StrUtil.isBlank(tokenStr) || !tokenStr.startsWith(SecurityConstants.AUTHORIZATION_PREFIX)) {
res.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
res.getWriter().write(SystemValidMessage.TOKEN_VALID_ERROR);
String accessTokenStr = req.getHeader(SecurityConstants.AUTHORIZATION_KEY);
String refreshToken = req.getHeader(SecurityConstants.REFRESH_TOKEN_KEY);
if (StrUtil.isBlank(accessTokenStr) || !accessTokenStr.startsWith(SecurityConstants.AUTHORIZATION_PREFIX) || StrUtil.isBlank(refreshToken)) {
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面
return;
}
tokenStr = tokenStr.substring(SecurityConstants.AUTHORIZATION_PREFIX.length());
String accessToken = accessTokenStr.substring(SecurityConstants.AUTHORIZATION_PREFIX.length());
try {
if (StrUtil.isBlank(tokenStr) || !JwtUtil.verifyToken(tokenStr) || JwtUtil.isExpired(tokenStr)) {
res.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
res.getWriter().write(SystemValidMessage.TOKEN_VALID_ERROR);
if (StrUtil.isBlank(accessToken) || !JwtUtil.verifyToken(accessToken) || !JwtUtil.verifyToken(refreshToken)) {
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面
} else if (JwtUtil.isExpired(accessToken)) {
if (JwtUtil.isExpired(refreshToken)) {
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_EXPIRED + "\"}"); //前端重定向到登录页面
}else{
res.getWriter().write("{\"code\": 401, \"message\":\"" + SystemValidMessage.TOKEN_EXPIRED + "\"}"); //前端发起refreshToken请求
}
} else {
filterChain.doFilter(req, res);
}
} catch (Exception e) {
res.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
res.getWriter().write(SystemValidMessage.TOKEN_VALID_ERROR);
res.getWriter().write("{\"code\": 4001, \"message\":\"" + SystemValidMessage.TOKEN_VALID_ERROR + "\"}");
}
}
}

2
system/src/main/java/com/njcn/gather/system/auth/pojo/Token.java
View File

@@ -9,6 +9,8 @@ public class Token {
private String accessToken;
private String refreshToken;
private Map<String, Object> userInfo;
}

4
system/src/main/java/com/njcn/gather/system/pojo/constant/SystemValidMessage.java
View File

@@ -87,7 +87,9 @@ public interface SystemValidMessage {
String AUTO_GENERATE_FORMAT_ERROR = "是否自动生成格式错误请检查autoGenerate参数";
String TOKEN_VALID_ERROR = "token校验失败";
String TOKEN_VALID_ERROR = "非法的token";
String TOKEN_EXPIRED = "token已过期请重新登录";
String USER_ID_FORMAT_ERROR = "用户id格式错误请检查userId参数";
}