hurixing vor 2 Jahren
Ursprung
Commit
26fa073617

+ 2 - 2
hcp-app/src/main/resources/application-dev.yml

@@ -58,8 +58,8 @@ jwt:
   tokenHeader: userToken
   tokenPrefix: Bearer
   secret: 123456
-  expiration: 60
-  rememberExpiration: 60
+  expiration: 604800
+  rememberExpiration: 604800
 
 mybatis-plus:
   config-location: classpath:mybatis-config.xml

+ 1 - 1
hcp-core/src/main/java/com/yingyangfly/core/enums/RedisStatusEnums.java

@@ -2,7 +2,7 @@ package com.yingyangfly.core.enums;
 
 public enum RedisStatusEnums {
 
-    REDIS_EXPIRATION_TIME_1(1800,"后台登录token过期时间");
+    REDIS_EXPIRATION_TIME_1(7200,"token过期时间");
     private final Integer code;
     private final String info;
 

+ 30 - 4
hcp-core/src/main/java/com/yingyangfly/core/security/filter/JwtAuthenticationFilter.java

@@ -40,6 +40,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
     @Resource
     private RedisClient redisClient;
 
+    private static final String APP_PREFIX = "app:";
+    private static final String SYS_PREFIX = "sys:";
+
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
         String authHeader = request.getHeader(jwtUtil.getJwtProperties().getTokenHeader());
@@ -49,21 +52,44 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
             chain.doFilter(request, response);
             return;
         }
-        String tokenInRedis = redisClient.get(username, "");
+        // 获取请求来源 (app获取pc端)
+        String requestSource = jwtUtil.getRequestSourceFromToken(authToken);
+        if (ObjectUtils.isEmpty(requestSource)) {
+            handleUnauthorized(response);
+            return;
+        }
+        String tokenKey = "app".equals(requestSource) ? String.format("%s%s",APP_PREFIX,username) : String.format("%s%s",SYS_PREFIX,username);
+        // 判断 token是否过期
+        String tokenInRedis = redisClient.get(tokenKey, "");
         if (ObjectUtils.isEmpty(tokenInRedis)){
-            response.getWriter().println(JSONUtil.parse(ResultResponse.fail(String.valueOf(HttpServletResponse.SC_UNAUTHORIZED),"没有权限")));
-            response.getWriter().flush();
+            handleUnauthorized(response);
+            return;
+        }
+        // 判断 token 是否相同
+        if (!tokenInRedis.equals(authHeader)){
+            handleUnauthorized(response);
             return;
         }
         try {
             UserDetails userDetails = userDetailsService.loadUserByUsername(username);
             if (jwtUtil.validateToken(authToken, userDetails)) {
                 tokenUtil.setCurrentUser(userDetails,request);
-                redisClient.set(username,authHeader, RedisStatusEnums.REDIS_EXPIRATION_TIME_1.getCode());
+                // 刷新token过期时间
+                redisClient.set(tokenKey,authHeader, RedisStatusEnums.REDIS_EXPIRATION_TIME_1.getCode());
             }
         } catch (Exception e) {
             log.error(e.getMessage());
         }
         chain.doFilter(request, response);
     }
+
+    // 错误处理的方法
+    private void handleUnauthorized(HttpServletResponse response) throws IOException {
+        response.setHeader("Access-Control-Allow-Origin", "*");
+        response.setHeader("Cache-Control", "no-cache");
+        response.setCharacterEncoding("UTF-8");
+        response.setContentType("application/json");
+        response.getWriter().println(JSONUtil.parse(ResultResponse.fail(String.valueOf(HttpServletResponse.SC_UNAUTHORIZED), "登录已过期")));
+        response.getWriter().flush();
+    }
 }

+ 18 - 1
hcp-core/src/main/java/com/yingyangfly/core/security/util/JwtUtil.java

@@ -35,6 +35,7 @@ public class JwtUtil {
     protected JwtProperties jwtProperties;
     private  final String CLAIM_KEY_USERNAME = "sub";
     private  final String CLAIM_KEY_CREATED = "created";
+    private final String CLAIM_KEY_REQUEST_SOURCE = "requestSource";
 
 
     /**
@@ -89,6 +90,21 @@ public class JwtUtil {
         return username;
     }
 
+    /**
+     * 从token中获取访问来源
+     */
+    public String getRequestSourceFromToken(String token) {
+        String requestSource;
+        try {
+            Claims claims = getClaimsFromToken(token);
+            requestSource = claims.get(CLAIM_KEY_REQUEST_SOURCE,String.class);
+        } catch (Exception e) {
+            requestSource = null;
+        }
+        return requestSource;
+    }
+
+
     /**
      * 验证token是否还有效
      *
@@ -119,10 +135,11 @@ public class JwtUtil {
     /**
      * 根据用户信息生成token
      */
-    public String generateToken(UserDetails userDetails,boolean isRememberMe) {
+    public String generateToken(UserDetails userDetails,boolean isRememberMe,String requestSource) {
         Map<String, Object> claims = new HashMap<>();
         claims.put(CLAIM_KEY_USERNAME, userDetails.getUsername());
         claims.put(CLAIM_KEY_CREATED, new Date());
+        claims.put(CLAIM_KEY_REQUEST_SOURCE,requestSource);
         return generateToken(claims,isRememberMe);
     }
 

+ 2 - 2
hcp-core/src/main/java/com/yingyangfly/core/security/util/TokenUtil.java

@@ -117,8 +117,8 @@ public class TokenUtil extends JwtUtil{
      * 根据用户信息生成token
      */
     @Override
-    public String generateToken(UserDetails userDetails,boolean isRememberMe){
-        return String.format("%s %s",jwtProperties.getTokenPrefix(),super.generateToken(userDetails,isRememberMe));
+    public String generateToken(UserDetails userDetails,boolean isRememberMe,String requestSource){
+        return String.format("%s %s",jwtProperties.getTokenPrefix(),super.generateToken(userDetails,isRememberMe,requestSource));
     }
 
     public void setAuthentication(UserDetails userDetails){

+ 5 - 5
hcp-core/src/main/java/com/yingyangfly/core/service/impl/AppUserService.java

@@ -150,7 +150,7 @@ public class AppUserService extends ServiceImpl<AppUserMapper, AppUser> implemen
         if (!bCryptPasswordEncoder.matches(dto.getPassWord(), userDetails.getPassword())) {
             throw new BadCredentialsException("密码不正确");
         }
-        String token = tokenUtil.generateToken(userDetails, dto.getRememberMe());
+        String token = tokenUtil.generateToken(userDetails, dto.getRememberMe(),"app");
         //记录登录历史
         LoginRecord loginRecord = new LoginRecord();
         loginRecord.setCreateTime(new Date());
@@ -501,15 +501,15 @@ public class AppUserService extends ServiceImpl<AppUserMapper, AppUser> implemen
                 return ResultResponse.fail("不存在此用户信息");
             }
         }
-        String token = tokenUtil.generateToken(userDetails, false);
+        String token = tokenUtil.generateToken(userDetails, false,"app");
 
         // 判断是否存在旧的token,存在删除
-        String oldToken = redisClient.get(mobile, "");
+        String oldToken = redisClient.get(String.format("%s%s","app:",mobile), "");
         if (ObjectUtils.isNotNull(oldToken)){
-            redisClient.del(mobile);
+            redisClient.del(String.format("%s%s","app:",mobile));
         }
         // 将生成的token 存储到redis中并设置过期时间
-        redisClient.set(mobile,token, RedisStatusEnums.REDIS_EXPIRATION_TIME_1.getCode());
+        redisClient.set(String.format("%s%s","app:",mobile),token, RedisStatusEnums.REDIS_EXPIRATION_TIME_1.getCode());
 
         //记录登录历史
         LoginRecord loginRecord = new LoginRecord();

+ 4 - 4
hcp-core/src/main/java/com/yingyangfly/core/service/impl/SysUserService.java

@@ -79,14 +79,14 @@ public class SysUserService extends  ServiceImpl<SysUserMapper,SysUser> {
             throw new BadCredentialsException("密码不正确");
         }
         tokenUtil.setAuthentication(userDetails);
-        String token = tokenUtil.generateToken(userDetails, dto.getRememberMe());
+        String token = tokenUtil.generateToken(userDetails, dto.getRememberMe(),"sys");
         // 判断是否存在旧的token,存在删除
-        String oldToken = redisClient.get(dto.getLoginName(), "");
+        String oldToken = redisClient.get(String.format("%s%s","sys:",dto.getLoginName()), "");
         if (ObjectUtils.isNotNull(oldToken)){
-            redisClient.del(dto.getLoginName());
+            redisClient.del(String.format("%s%s","sys:",dto.getLoginName()));
         }
         // 将生成的token 存储到redis中并设置过期时间
-        redisClient.set(dto.getLoginName(),token, RedisStatusEnums.REDIS_EXPIRATION_TIME_1.getCode());
+        redisClient.set(String.format("%s%s","sys:",dto.getLoginName()),token, RedisStatusEnums.REDIS_EXPIRATION_TIME_1.getCode());
         return token;
     }
 

+ 2 - 2
hcp-large-screen/src/main/resources/application-dev.yml

@@ -22,9 +22,9 @@ spring:
   datasource:
     type: com.alibaba.druid.pool.DruidDataSource
     name: master
-    url: jdbc:mysql://localhost:3306/hcp0524?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8
+    url: jdbc:mysql://47.93.254.212:3306/hcp?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8
     username: root
-    password: root
+    password: SkyMedic$240307
     driver-class-name: com.mysql.cj.jdbc.Driver
     filters: stat
     maxActive: 100