提交 babf046d 编写于 作者: Tyl666's avatar Tyl666

【JWT鉴权续期】代码逻辑修改,添加路由地址,将方法提到公共逻辑区

上级 3c034da5
...@@ -10,6 +10,7 @@ import cn.ibizlab.core.uaa.service.ISysPSSystemService; ...@@ -10,6 +10,7 @@ import cn.ibizlab.core.uaa.service.ISysPSSystemService;
import cn.ibizlab.core.uaa.service.ISysRolePermissionService; import cn.ibizlab.core.uaa.service.ISysRolePermissionService;
import cn.ibizlab.core.uaa.service.ISysRoleService; import cn.ibizlab.core.uaa.service.ISysRoleService;
import cn.ibizlab.core.uaa.service.ISysUserRoleService; import cn.ibizlab.core.uaa.service.ISysUserRoleService;
import cn.ibizlab.util.domain.Token;
import cn.ibizlab.util.errors.BadRequestAlertException; import cn.ibizlab.util.errors.BadRequestAlertException;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import lombok.SneakyThrows; import lombok.SneakyThrows;
...@@ -17,6 +18,7 @@ import lombok.extern.slf4j.Slf4j; ...@@ -17,6 +18,7 @@ import lombok.extern.slf4j.Slf4j;
import org.apache.commons.io.IOUtils; import org.apache.commons.io.IOUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cache.annotation.CacheEvict; import org.springframework.cache.annotation.CacheEvict;
import org.springframework.cache.annotation.CachePut;
import org.springframework.cache.annotation.Cacheable; import org.springframework.cache.annotation.Cacheable;
import org.springframework.cache.annotation.Caching; import org.springframework.cache.annotation.Caching;
import org.springframework.context.annotation.Lazy; import org.springframework.context.annotation.Lazy;
...@@ -326,4 +328,27 @@ public class UAACoreService { ...@@ -326,4 +328,27 @@ public class UAACoreService {
return sign; return sign;
} }
@CachePut(value = "ibzuaa_users", key = "'token:'+#p0")
public Token setToken(String oldToken, String newToken) {
Token tok = new Token(newToken, oldToken, new Date());
return tok;
}
@Cacheable(value = "ibzuaa_users", key = "'token:'+#p0")
public Token getToken(String oldToken) {
return null;
}
@CacheEvict(value = "ibzuaa_users", key = "'token:'+#p0")
public Token removeToken(String token) {
return null;
}
public boolean isExpired(Token tok,Long expiration){
if (System.currentTimeMillis() - tok.getDate().getTime() >= (expiration / 4)) {
return true;
}
return false;
}
} }
...@@ -2,21 +2,17 @@ ...@@ -2,21 +2,17 @@
package cn.ibizlab.api.rest.extensions; package cn.ibizlab.api.rest.extensions;
import cn.ibizlab.core.uaa.domain.SysUser; import cn.ibizlab.core.uaa.domain.SysUser;
import cn.ibizlab.core.uaa.extensions.service.SysAppService;
import cn.ibizlab.core.uaa.extensions.service.UAACoreService; import cn.ibizlab.core.uaa.extensions.service.UAACoreService;
import cn.ibizlab.core.uaa.service.ISysUserService; import cn.ibizlab.core.uaa.service.ISysUserService;
import cn.ibizlab.util.domain.IBZUSER;
import cn.ibizlab.util.domain.Token; import cn.ibizlab.util.domain.Token;
import cn.ibizlab.util.errors.BadRequestAlertException; import cn.ibizlab.util.errors.BadRequestAlertException;
import cn.ibizlab.util.helper.CachedBeanCopier; import cn.ibizlab.util.helper.CachedBeanCopier;
import cn.ibizlab.util.security.*; import cn.ibizlab.util.security.*;
import cn.ibizlab.util.service.AuthenticationUserService; import cn.ibizlab.util.service.AuthenticationUserService;
import cn.ibizlab.util.service.IBZUSERService;
import cn.ibizlab.util.service.TokenReflashService;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.toolkit.Wrappers; import io.jsonwebtoken.ExpiredJwtException;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression; import org.springframework.boot.autoconfigure.condition.ConditionalOnExpression;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
...@@ -27,12 +23,11 @@ import org.springframework.validation.annotation.Validated; ...@@ -27,12 +23,11 @@ import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import javax.validation.constraints.NotNull; import javax.validation.constraints.NotNull;
import java.util.Date;
import java.util.List;
/** /**
* 客户端登录认证 * 客户端登录认证
*/ */
@Slf4j
@RestController @RestController
@RequestMapping("/") @RequestMapping("/")
@ConditionalOnExpression("'${spring.application.name:ibzuaa-api}'.startsWith('ibzuaa')") @ConditionalOnExpression("'${spring.application.name:ibzuaa-api}'.startsWith('ibzuaa')")
...@@ -61,8 +56,6 @@ public class ClientAuthenticationResource ...@@ -61,8 +56,6 @@ public class ClientAuthenticationResource
@Autowired @Autowired
private ISysUserService userService;; private ISysUserService userService;;
@Autowired
private TokenReflashService tokenReflashService;
@Value("${ibiz.auth.pwencrymode:0}") @Value("${ibiz.auth.pwencrymode:0}")
private int pwencrymode; private int pwencrymode;
...@@ -84,26 +77,31 @@ public class ClientAuthenticationResource ...@@ -84,26 +77,31 @@ public class ClientAuthenticationResource
@PostMapping(value = "v7/refreshToken") @PostMapping(value = "v7/refreshToken")
public String refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) { public String refreshToken(@Validated @RequestBody @NotNull(message = "token不能为空") String oldToken) {
String username = null;
AuthenticationUser user = null;
try {
// 查询token里面的用户名 // 查询token里面的用户名
String username = jwtTokenUtil.getUsernameFromToken(oldToken); username = jwtTokenUtil.getUsernameFromToken(oldToken);
// 根据用户名取缓存的用户对象 // 根据用户名取缓存的用户对象
AuthenticationUser user = userDetailsService.loadUserByUsername(username); user = userDetailsService.loadUserByUsername(username);
if (jwtTokenUtil.validateToken(oldToken, user)) { }catch (ExpiredJwtException e){
log.error(e.getMessage());
}
if (!jwtTokenUtil.validateToken(oldToken, user)) {
throw new BadRequestAlertException("token已失效", "", ""); throw new BadRequestAlertException("token已失效", "", "");
} }
Token tok = tokenReflashService.getToken(oldToken); Token tok = uaaCoreService.getToken(oldToken);
if (ObjectUtils.isEmpty(tok)) { if (ObjectUtils.isEmpty(tok)) {
// 如果为空则生成一个新token // 如果为空则生成一个新token
String newToken = jwtTokenUtil.generateToken(user); String newToken = jwtTokenUtil.generateToken(user);
// 存入缓存中 // 存入缓存中
tok = tokenReflashService.setToken(oldToken, newToken); tok = uaaCoreService.setToken(oldToken, newToken);
}else { }else {
// 如果token存活时间超过半个小时,则续期,否则还是返回原来的token // 如果token存活时间超过半个小时,则续期,否则还是返回原来的token
if (System.currentTimeMillis() - tok.getDate().getTime() >= (expiration / 4)) { if (uaaCoreService.isExpired(tok,expiration)) {
String newToken = jwtTokenUtil.generateToken(user); String newToken = jwtTokenUtil.generateToken(user);
// 存入缓存中 // 存入缓存中
tok = tokenReflashService.setToken(oldToken, newToken); tok = uaaCoreService.setToken(oldToken, newToken);
} }
} }
return tok.getNewToken(); return tok.getNewToken();
......
package cn.ibizlab.util.service;
import cn.ibizlab.util.domain.Token;
import lombok.extern.slf4j.Slf4j;
import org.springframework.cache.annotation.CacheEvict;
import org.springframework.cache.annotation.CachePut;
import org.springframework.cache.annotation.Cacheable;
import org.springframework.stereotype.Service;
import java.util.Date;
@Slf4j
@Service
public class TokenReflashService {
@CachePut(value = "ibzuaa_users", key = "'token:'+#p0")
public Token setToken(String oldToken, String newToken) {
Token tok = new Token(newToken, oldToken, new Date());
return tok;
}
@Cacheable(value = "ibzuaa_users", key = "'token:'+#p0")
public Token getToken(String oldToken) {
return null;
}
@CacheEvict(value = "ibzuaa_users", key = "'token:'+#p0")
public Token removeToken(String token) {
return null;
}
}
Markdown 格式
0% or
您添加了 0 到此讨论。请谨慎行事。
先完成此消息的编辑!
想要评论请 注册