diff --git a/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java b/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java index 5e445996..22502208 100644 --- a/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java +++ b/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java @@ -2,21 +2,12 @@ package cn.jlw.Interceptor; import cn.hutool.core.util.StrUtil; import cn.hutool.extra.spring.SpringUtil; -import cn.jlw.util.ToolUtils; -import com.alibaba.fastjson.JSONArray; import com.auth0.jwt.JWT; -import com.auth0.jwt.JWTVerifier; -import com.auth0.jwt.algorithms.Algorithm; -import com.auth0.jwt.exceptions.JWTDecodeException; -import com.auth0.jwt.exceptions.JWTVerificationException; -import com.auth0.jwt.interfaces.DecodedJWT; import com.google.common.cache.CacheBuilder; import com.google.common.cache.CacheLoader; import com.google.common.cache.LoadingCache; import com.ibeetl.admin.core.rbac.UserLoginInfo; import com.ibeetl.admin.core.service.CoreUserService; -import com.ibeetl.jlw.entity.AbstractToken; -import com.ibeetl.jlw.entity.Student; import com.ibeetl.jlw.service.WebPlatformService; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; @@ -30,13 +21,11 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; -import java.util.HashMap; import java.util.Map; import java.util.UUID; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.TimeUnit; -import static cn.jlw.token.TokenService.tokenMap; import static com.ibeetl.admin.core.util.HttpRequestLocal.getOriginRequestToken; import static com.ibeetl.admin.core.util.HttpRequestLocal.jwtTokenSplitTimestamp; import static com.ibeetl.admin.core.util.servlet.ServletUtils.getRequest; @@ -114,78 +103,78 @@ public class AuthenticationInterceptor implements HandlerInterceptor { actionLog.init(httpServletRequest,object); //检查有没有需要用户权限的注解 - if (StringUtils.isNotBlank(token) && token.split("\\.").length >= 3) { - // 获取 token 中的 memberId或openId - String id; - String attributeName; - try { - DecodedJWT decode = JWT.decode(token); - id = decode.getAudience().get(0); - attributeName = decode.getClaim(id).as(String.class); - } catch (JWTDecodeException j) { - System.out.println("有误的token:"+token); - actionLog.delByUUId(httpServletRequest); - - j.printStackTrace(); - Mapmap = new HashMap<>(); - map.put("code",401); - map.put("msg","登陆超时,请重新登陆"); - httpServletResponse.reset(); - httpServletResponse.setContentType("text/html;charset=utf-8"); - httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); - return false; - } - AbstractToken abstractToken = null; - try{ - abstractToken = ToolUtils.deepCopy(tokenMap.get(attributeName + "_" + id)); - }catch (Exception e){} - if (abstractToken == null) { - actionLog.delByUUId(httpServletRequest); - - Mapmap = new HashMap<>(); - map.put("code",401); - map.put("msg","信息丢失,请重新登陆"); - httpServletResponse.reset(); - httpServletResponse.setContentType("text/html;charset=utf-8"); - httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); - return false; - } - - // 验证 token - JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256((abstractToken.getAddTime().getTime())+"")).build(); - try { - jwtVerifier.verify(token); - } catch (JWTVerificationException e) { - actionLog.delByUUId(httpServletRequest); - - e.printStackTrace(); - Mapmap = new HashMap<>(); - map.put("code",401); - map.put("msg","登陆超时,请重新登陆"); - httpServletResponse.reset(); - httpServletResponse.setContentType("text/html;charset=utf-8"); - httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); - return false; - } - - if (abstractToken instanceof Student) { - Student student = (Student) abstractToken; - actionLog.appendStudentInfo(httpServletRequest, token, student.getStudentId(),null); - } - else { - actionLog.appendStudentInfo(httpServletRequest,token, null,null); - } - - - /** 根据身份,插入到Session。Key是不用的。 - * 供这里使用 {@link WebPlatformService#getUserInfoFromSessionByIdentity} - */ -// attributeName = tokenInterface.getIdentity().getAttributeName(); - if (StringUtils.isNotBlank(attributeName)) { - httpServletRequest.setAttribute(attributeName, abstractToken); - } - return true; - } +// if (StringUtils.isNotBlank(token) && token.split("\\.").length >= 3) { +// // 获取 token 中的 memberId或openId +// String id; +// String attributeName; +// try { +// DecodedJWT decode = JWT.decode(token); +// id = decode.getAudience().get(0); +// attributeName = decode.getClaim(id).as(String.class); +// } catch (JWTDecodeException j) { +// System.out.println("有误的token:"+token); +// actionLog.delByUUId(httpServletRequest); +// +// j.printStackTrace(); +// Mapmap = new HashMap<>(); +// map.put("code",401); +// map.put("msg","登陆超时,请重新登陆"); +// httpServletResponse.reset(); +// httpServletResponse.setContentType("text/html;charset=utf-8"); +// httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); +// return false; +// } +// AbstractToken abstractToken = null; +// try{ +// abstractToken = ToolUtils.deepCopy(tokenMap.get(attributeName + "_" + id)); +// }catch (Exception e){} +// if (abstractToken == null) { +// actionLog.delByUUId(httpServletRequest); +// +// Mapmap = new HashMap<>(); +// map.put("code",401); +// map.put("msg","信息丢失,请重新登陆"); +// httpServletResponse.reset(); +// httpServletResponse.setContentType("text/html;charset=utf-8"); +// httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); +// return false; +// } +// +// // 验证 token +// JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256((abstractToken.getAddTime().getTime())+"")).build(); +// try { +// jwtVerifier.verify(token); +// } catch (JWTVerificationException e) { +// actionLog.delByUUId(httpServletRequest); +// +// e.printStackTrace(); +// Mapmap = new HashMap<>(); +// map.put("code",401); +// map.put("msg","登陆超时,请重新登陆"); +// httpServletResponse.reset(); +// httpServletResponse.setContentType("text/html;charset=utf-8"); +// httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); +// return false; +// } +// +// if (abstractToken instanceof Student) { +// Student student = (Student) abstractToken; +// actionLog.appendStudentInfo(httpServletRequest, token, student.getStudentId(),null); +// } +// else { +// actionLog.appendStudentInfo(httpServletRequest,token, null,null); +// } +// +// +// /** 根据身份,插入到Session。Key是不用的。 +// * 供这里使用 {@link WebPlatformService#getUserInfoFromSessionByIdentity} +// */ +//// attributeName = tokenInterface.getIdentity().getAttributeName(); +// if (StringUtils.isNotBlank(attributeName)) { +// httpServletRequest.setAttribute(attributeName, abstractToken); +// } +// return true; +// } return true; }