微调
This commit is contained in:
caozehui
@@ -44,9 +44,4 @@ public interface UserValidMessage {
|
||||
|
||||
String LOGIN_FAILED = "登录失败,用户名或密码错误";
|
||||
|
||||
String TOKEN_VALID_ERROR = "非法的token";
|
||||
|
||||
String TOKEN_EXPIRED = "token已过期,请重新登录";
|
||||
|
||||
String ACCESS_TOKEN_EXPIRED = "access-token已过期";
|
||||
}
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
package com.njcn.gather.user.user.controller;
|
||||
|
||||
import cn.hutool.core.date.DateUnit;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.extra.spring.SpringUtil;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.njcn.common.bean.CustomCacheUtil;
|
||||
import com.njcn.common.pojo.annotation.OperateInfo;
|
||||
@@ -39,26 +39,8 @@ import java.util.Map;
|
||||
public class AuthController extends BaseController {
|
||||
|
||||
private final ISysUserService sysUserService;
|
||||
private final CustomCacheUtil customCacheUtil;
|
||||
|
||||
// @RequestMapping("/login")
|
||||
// public HttpResult<Token> login() {
|
||||
// Token token = new Token();
|
||||
// token.setAccessToken("bqddxxwqmfncffacvbpkuxvwvqrhln");
|
||||
// HttpResult<Token> result = new HttpResult<>();
|
||||
// result.setMessage("成功");
|
||||
// result.setCode("A0000");
|
||||
// result.setData(token);
|
||||
// return result;
|
||||
// }
|
||||
//
|
||||
// @RequestMapping("/logout")
|
||||
// public HttpResult<String> logout() {
|
||||
// HttpResult<String> result = new HttpResult<>();
|
||||
// result.setMessage("成功");
|
||||
// result.setCode("A0000");
|
||||
// result.setData("退出成功");
|
||||
// return result;
|
||||
// }
|
||||
|
||||
@OperateInfo(info = LogEnum.SYSTEM_COMMON, operateType = OperateType.AUTHENTICATE)
|
||||
@PostMapping("/login")
|
||||
@@ -67,7 +49,7 @@ public class AuthController extends BaseController {
|
||||
String methodDescribe = getMethodDescribe("login");
|
||||
LogUtil.njcnDebug(log, "{},登录参数为:{}", methodDescribe, param);
|
||||
SysUser user = sysUserService.getUserByLoginNameAndPassword(param.getUsername(), param.getPassword());
|
||||
if (user == null) {
|
||||
if (ObjectUtil.isNull(user)) {
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, UserValidMessage.LOGIN_FAILED);
|
||||
} else {
|
||||
String accessToken = JwtUtil.getAccessToken(user.getId());
|
||||
@@ -81,10 +63,7 @@ public class AuthController extends BaseController {
|
||||
|
||||
token.setUserInfo(map);
|
||||
|
||||
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
|
||||
customCacheUtil.putWithExpireTime(accessToken, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2);
|
||||
|
||||
//sysLogAuditService.saveAuthLog(user.getName(), 1);
|
||||
customCacheUtil.putWithExpireTime(accessToken, JSON.toJSONString(user), DateUnit.DAY.getMillis() * Integer.MAX_VALUE);
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe);
|
||||
}
|
||||
}
|
||||
@@ -97,13 +76,8 @@ public class AuthController extends BaseController {
|
||||
LogUtil.njcnDebug(log, "{},注销登录", methodDescribe);
|
||||
String accessToken = RequestUtil.getAccessToken();
|
||||
if (StrUtil.isNotBlank(accessToken)) {
|
||||
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
|
||||
customCacheUtil.remove(accessToken);
|
||||
|
||||
Map<String, Object> map = JwtUtil.parseToken(accessToken);
|
||||
SysUser user = sysUserService.getById((String) map.get(SecurityConstants.USER_ID));
|
||||
//sysLogAuditService.saveAuthLog(user.getName(), 2);
|
||||
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, null, methodDescribe);
|
||||
}
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
|
||||
@@ -124,19 +98,15 @@ public class AuthController extends BaseController {
|
||||
SysUser user = sysUserService.getById(userId);
|
||||
String accessTokenNew = JwtUtil.getAccessToken(userId);
|
||||
|
||||
String refreshTokenNew = JwtUtil.getRefreshToken(accessTokenNew);
|
||||
//String refreshTokenNew = JwtUtil.getRefreshToken(accessTokenNew);
|
||||
|
||||
token.setAccessToken(accessTokenNew);
|
||||
token.setRefreshToken(refreshTokenNew);
|
||||
token.setRefreshToken(accessToken);
|
||||
|
||||
CustomCacheUtil customCacheUtil = SpringUtil.getBean(CustomCacheUtil.CACHE_NAME);
|
||||
customCacheUtil.remove(accessToken);
|
||||
customCacheUtil.putWithExpireTime(accessTokenNew, JSON.toJSONString(user), DateUnit.DAY.getMillis() * 2);
|
||||
customCacheUtil.putWithExpireTime(accessTokenNew, JSON.toJSONString(user), DateUnit.DAY.getMillis() * Integer.MAX_VALUE);
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, token, methodDescribe);
|
||||
} else {
|
||||
return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.FAIL, null, methodDescribe);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
@@ -1,9 +1,12 @@
|
||||
package com.njcn.gather.user.user.filter;
|
||||
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.njcn.common.pojo.constant.SecurityConstants;
|
||||
import com.njcn.common.pojo.enums.response.CommonResponseEnum;
|
||||
import com.njcn.common.pojo.response.HttpResult;
|
||||
import com.njcn.common.utils.JwtUtil;
|
||||
import com.njcn.gather.user.pojo.constant.UserValidMessage;
|
||||
import com.njcn.web.utils.HttpResultUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.stereotype.Component;
|
||||
@@ -35,16 +38,6 @@ public class AuthGlobalFilter implements Filter, Ordered {
|
||||
HttpServletRequest req = (HttpServletRequest) request;
|
||||
HttpServletResponse res = (HttpServletResponse) response;
|
||||
|
||||
//设置允许跨域的配置
|
||||
// 这里填写允许进行跨域的主机ip(正式上线时可以动态配置具体允许的域名和IP)
|
||||
//rep.setHeader("Access-Control-Allow-Origin", "*");
|
||||
// 允许的访问方法
|
||||
//rep.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE, PATCH");
|
||||
// Access-Control-Max-Age 用于 CORS 相关配置的缓存
|
||||
//rep.setHeader("Access-Control-Max-Age", "3600");
|
||||
//rep.setHeader("Access-Control-Allow-Headers", "token,Origin, X-Requested-With, Content-Type, Accept");
|
||||
|
||||
|
||||
res.setCharacterEncoding("UTF-8");
|
||||
res.setContentType("application/json; charset=utf-8");
|
||||
|
||||
@@ -55,24 +48,29 @@ public class AuthGlobalFilter implements Filter, Ordered {
|
||||
String accessTokenStr = req.getHeader(SecurityConstants.AUTHORIZATION_KEY);
|
||||
String isRefreshToken = req.getHeader(SecurityConstants.IS_REFRESH_TOKEN);
|
||||
if (StrUtil.isBlank(accessTokenStr) || !accessTokenStr.startsWith(SecurityConstants.AUTHORIZATION_PREFIX)) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + UserValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面
|
||||
HttpResult httpResult = new HttpResult<>(CommonResponseEnum.PARSE_TOKEN_ERROR.getCode(), CommonResponseEnum.PARSE_TOKEN_ERROR.getMessage());
|
||||
res.getWriter().write(JSON.toJSONString(httpResult)); //前端重定向到登录页面
|
||||
return;
|
||||
}
|
||||
String accessToken = accessTokenStr.substring(SecurityConstants.AUTHORIZATION_PREFIX.length());
|
||||
try {
|
||||
if (StrUtil.isBlank(accessToken) || !JwtUtil.verifyToken(accessToken)) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + UserValidMessage.TOKEN_VALID_ERROR + "\"}"); //前端重定向到登录页面
|
||||
HttpResult httpResult = new HttpResult<>(CommonResponseEnum.PARSE_TOKEN_ERROR.getCode(), CommonResponseEnum.PARSE_TOKEN_ERROR.getMessage());
|
||||
res.getWriter().write(JSON.toJSONString(httpResult));
|
||||
} else if (JwtUtil.isExpired(accessToken)) {
|
||||
if ("true".equals(isRefreshToken)) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + UserValidMessage.TOKEN_EXPIRED + "\"}"); //前端重定向到登录页面
|
||||
HttpResult httpResult = new HttpResult<>(CommonResponseEnum.PARSE_TOKEN_ERROR.getCode(), CommonResponseEnum.PARSE_TOKEN_ERROR.getMessage());
|
||||
res.getWriter().write(JSON.toJSONString(httpResult));
|
||||
} else {
|
||||
res.getWriter().write("{\"code\": 401, \"message\":\"" + UserValidMessage.ACCESS_TOKEN_EXPIRED + "\"}"); //前端发起refreshToken请求
|
||||
HttpResult httpResult = new HttpResult<>(CommonResponseEnum.TOKEN_EXPIRE_JWT.getCode(), CommonResponseEnum.TOKEN_EXPIRE_JWT.getMessage());
|
||||
res.getWriter().write(JSON.toJSONString(httpResult));
|
||||
}
|
||||
} else {
|
||||
filterChain.doFilter(req, res);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
res.getWriter().write("{\"code\": 4001, \"message\":\"" + UserValidMessage.TOKEN_VALID_ERROR + "\"}");
|
||||
HttpResult httpResult = new HttpResult<>(CommonResponseEnum.PARSE_TOKEN_ERROR.getCode(), CommonResponseEnum.PARSE_TOKEN_ERROR.getMessage());
|
||||
res.getWriter().write(JSON.toJSONString(httpResult));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user