tianzeOrg
/
tianze-pro
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1

Browse Source
beetlsql3-dev
Mlxa0324 2 years ago
parent cd97872fb1
commit 0f6b9636ea
1 changed files with 72 additions and 83 deletions
Show Stats Download Patch File Download Diff File

155
web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java
Unescape Escape View File

@ -2,21 +2,12 @@ package cn.jlw.Interceptor;
import cn.hutool.core.util.StrUtil;
import cn.hutool.extra.spring.SpringUtil;
import cn.jlw.util.ToolUtils;
import com.alibaba.fastjson.JSONArray;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.ibeetl.admin.core.rbac.UserLoginInfo;
import com.ibeetl.admin.core.service.CoreUserService;
import com.ibeetl.jlw.entity.AbstractToken;
import com.ibeetl.jlw.entity.Student;
import com.ibeetl.jlw.service.WebPlatformService;
import org.apache.commons.lang3.StringUtils;
import org.apache.commons.logging.Log;
@ -30,13 +21,11 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.net.URLEncoder;
import java.nio.charset.StandardCharsets;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.TimeUnit;
import static cn.jlw.token.TokenService.tokenMap;
import static com.ibeetl.admin.core.util.HttpRequestLocal.getOriginRequestToken;
import static com.ibeetl.admin.core.util.HttpRequestLocal.jwtTokenSplitTimestamp;
import static com.ibeetl.admin.core.util.servlet.ServletUtils.getRequest;
@ -114,78 +103,78 @@ public class AuthenticationInterceptor implements HandlerInterceptor {
actionLog.init(httpServletRequest,object);
//检查有没有需要用户权限的注解
if (StringUtils.isNotBlank(token) && token.split("\\.").length >= 3) {
// 获取 token 中的 memberId或openId
String id;
String attributeName;
try {
DecodedJWT decode = JWT.decode(token);
id = decode.getAudience().get(0);
attributeName = decode.getClaim(id).as(String.class);
} catch (JWTDecodeException j) {
System.out.println("有误的token"+token);
actionLog.delByUUId(httpServletRequest);
j.printStackTrace();
Map<String,Object>map = new HashMap<>();
map.put("code",401);
map.put("msg","登陆超时,请重新登陆");
httpServletResponse.reset();
httpServletResponse.setContentType("text/html;charset=utf-8");
httpServletResponse.getWriter().write(JSONArray.toJSONString(map));
return false;
}
AbstractToken abstractToken = null;
try{
abstractToken = ToolUtils.deepCopy(tokenMap.get(attributeName + "_" + id));
}catch (Exception e){}
if (abstractToken == null) {
actionLog.delByUUId(httpServletRequest);
Map<String,Object>map = new HashMap<>();
map.put("code",401);
map.put("msg","信息丢失,请重新登陆");
httpServletResponse.reset();
httpServletResponse.setContentType("text/html;charset=utf-8");
httpServletResponse.getWriter().write(JSONArray.toJSONString(map));
return false;
}
// 验证 token
JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256((abstractToken.getAddTime().getTime())+"")).build();
try {
jwtVerifier.verify(token);
} catch (JWTVerificationException e) {
actionLog.delByUUId(httpServletRequest);
e.printStackTrace();
Map<String,Object>map = new HashMap<>();
map.put("code",401);
map.put("msg","登陆超时,请重新登陆");
httpServletResponse.reset();
httpServletResponse.setContentType("text/html;charset=utf-8");
httpServletResponse.getWriter().write(JSONArray.toJSONString(map));
return false;
}
if (abstractToken instanceof Student) {
Student student = (Student) abstractToken;
actionLog.appendStudentInfo(httpServletRequest, token, student.getStudentId(),null);
}
else {
actionLog.appendStudentInfo(httpServletRequest,token, null,null);
}
/** SessionKey
* 使 {@link WebPlatformService#getUserInfoFromSessionByIdentity}
*/
// attributeName = tokenInterface.getIdentity().getAttributeName();
if (StringUtils.isNotBlank(attributeName)) {
httpServletRequest.setAttribute(attributeName, abstractToken);
}
return true;
}
// if (StringUtils.isNotBlank(token) && token.split("\\.").length >= 3) {
// // 获取 token 中的 memberId或openId
// String id;
// String attributeName;
// try {
// DecodedJWT decode = JWT.decode(token);
// id = decode.getAudience().get(0);
// attributeName = decode.getClaim(id).as(String.class);
// } catch (JWTDecodeException j) {
// System.out.println("有误的token"+token);
// actionLog.delByUUId(httpServletRequest);
//
// j.printStackTrace();
// Map<String,Object>map = new HashMap<>();
// map.put("code",401);
// map.put("msg","登陆超时,请重新登陆");
// httpServletResponse.reset();
// httpServletResponse.setContentType("text/html;charset=utf-8");
// httpServletResponse.getWriter().write(JSONArray.toJSONString(map));
// return false;
// }
// AbstractToken abstractToken = null;
// try{
// abstractToken = ToolUtils.deepCopy(tokenMap.get(attributeName + "_" + id));
// }catch (Exception e){}
// if (abstractToken == null) {
// actionLog.delByUUId(httpServletRequest);
//
// Map<String,Object>map = new HashMap<>();
// map.put("code",401);
// map.put("msg","信息丢失,请重新登陆");
// httpServletResponse.reset();
// httpServletResponse.setContentType("text/html;charset=utf-8");
// httpServletResponse.getWriter().write(JSONArray.toJSONString(map));
// return false;
// }
//
// // 验证 token
// JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256((abstractToken.getAddTime().getTime())+"")).build();
// try {
// jwtVerifier.verify(token);
// } catch (JWTVerificationException e) {
// actionLog.delByUUId(httpServletRequest);
//
// e.printStackTrace();
// Map<String,Object>map = new HashMap<>();
// map.put("code",401);
// map.put("msg","登陆超时,请重新登陆");
// httpServletResponse.reset();
// httpServletResponse.setContentType("text/html;charset=utf-8");
// httpServletResponse.getWriter().write(JSONArray.toJSONString(map));
// return false;
// }
//
// if (abstractToken instanceof Student) {
// Student student = (Student) abstractToken;
// actionLog.appendStudentInfo(httpServletRequest, token, student.getStudentId(),null);
// }
// else {
// actionLog.appendStudentInfo(httpServletRequest,token, null,null);
// }
//
//
// /** 根据身份插入到Session。Key是不用的。
// * 供这里使用 {@link WebPlatformService#getUserInfoFromSessionByIdentity}
// */
//// attributeName = tokenInterface.getIdentity().getAttributeName();
// if (StringUtils.isNotBlank(attributeName)) {
// httpServletRequest.setAttribute(attributeName, abstractToken);
// }
// return true;
// }
return true;
}

Write Preview
Loading…
Cancel
Save