From d39a1c06b0ade3a4c7251d9178dd0dc353fbca96 Mon Sep 17 00:00:00 2001 From: Mlxa0324 Date: Sat, 7 Jan 2023 13:44:43 +0800 Subject: [PATCH] =?UTF-8?q?=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../admin/core/util/HttpRequestLocal.java | 48 ++++++++++++++++++- .../AuthenticationInterceptor.java | 6 +++ .../Interceptor/RedisTokenInterceptor.java | 8 +--- 3 files changed, 55 insertions(+), 7 deletions(-) diff --git a/admin-core/src/main/java/com/ibeetl/admin/core/util/HttpRequestLocal.java b/admin-core/src/main/java/com/ibeetl/admin/core/util/HttpRequestLocal.java index 50284586..23ab4755 100644 --- a/admin-core/src/main/java/com/ibeetl/admin/core/util/HttpRequestLocal.java +++ b/admin-core/src/main/java/com/ibeetl/admin/core/util/HttpRequestLocal.java @@ -83,7 +83,7 @@ public class HttpRequestLocal { * * @return */ - public String getRequestToken() { + public static String getRequestToken() { HttpServletRequest request = getRequest(); final String tokenHeader = request.getHeader(AUTHORIZATION); final Cookie cookies[] = request.getCookies(); @@ -125,6 +125,52 @@ public class HttpRequestLocal { final String[] jwtStrings = jwtTokenSplitTimestamp(originToken); return jwtStrings[0]; } + /** + * 从request域中获取token值 + * 获取带有时间戳的token值,用于其他地方自己去处理时间戳 + * + * @return + */ + public static String getOriginRequestToken() { + HttpServletRequest request = getRequest(); + final String tokenHeader = request.getHeader(AUTHORIZATION); + final Cookie cookies[] = request.getCookies(); + + String cookieTokenValue = null; + + + try { + // Cookie里取最新时间创建的Token + Comparator cookieComparator = (o1, o2) -> + defaultIfNull(jwtTokenSplitTimestamp(o2.getValue())[1], "") + .compareTo(defaultIfNull(jwtTokenSplitTimestamp(o1.getValue())[1], "")); + List cookieList = isNull(cookies) ? Lists.newArrayList() : Arrays.stream(cookies) + .sorted(cookieComparator).collect(Collectors.toList()); + + Cookie cookie = cookieList.stream().findFirst().orElseGet(null); + + if (cookie != null) { + cookieTokenValue = cookie.getValue(); + } + } catch (Exception e) { } + + + // 获取url中的_role_tag 时间戳属性,匹配cookie中的时间戳值。来拿到token + String roleTag = defaultIfNull(request.getParameter("_role_tag"), request.getHeader("_role_tag")); + + + Optional first = isNull(cookies) ? Optional.empty() : Arrays.stream(cookies) + // 时间戳结尾判断 + .filter(item -> item.getValue().endsWith("." + roleTag)).findFirst(); + + String cookieValue = null; + if (first.isPresent()) { + cookieValue = first.get().getValue(); + } + + + return defaultIfBlank(defaultIfBlank(tokenHeader, cookieValue), cookieTokenValue); + } public Object getSessionValue(String key){ String headerToken = getRequestToken(); diff --git a/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java b/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java index 05b14b57..ae036dad 100644 --- a/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java +++ b/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java @@ -1,5 +1,6 @@ package cn.jlw.Interceptor; +import cn.hutool.core.util.StrUtil; import cn.hutool.extra.spring.SpringUtil; import cn.jlw.util.ToolUtils; import com.alibaba.fastjson.JSONArray; @@ -36,6 +37,7 @@ import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.TimeUnit; import static cn.jlw.token.TokenService.tokenMap; +import static com.ibeetl.admin.core.util.HttpRequestLocal.getOriginRequestToken; import static com.ibeetl.admin.core.util.HttpRequestLocal.jwtTokenSplitTimestamp; import static com.ibeetl.admin.core.util.servlet.ServletUtils.getRequest; @@ -212,6 +214,10 @@ public class AuthenticationInterceptor implements HandlerInterceptor { } } + // 再获取一遍token吧 + if (StrUtil.isBlank(token)) { + token = getOriginRequestToken(); + } String[] jwtStrings = jwtTokenSplitTimestamp(token); String loginTime = jwtStrings[1]; diff --git a/web/src/main/java/cn/jlw/Interceptor/RedisTokenInterceptor.java b/web/src/main/java/cn/jlw/Interceptor/RedisTokenInterceptor.java index 2a9b329e..92a99ccc 100644 --- a/web/src/main/java/cn/jlw/Interceptor/RedisTokenInterceptor.java +++ b/web/src/main/java/cn/jlw/Interceptor/RedisTokenInterceptor.java @@ -1,6 +1,5 @@ package cn.jlw.Interceptor; -import cn.hutool.core.bean.BeanUtil; import com.ibeetl.admin.core.entity.CoreUser; import com.ibeetl.admin.core.util.UserHolder; import org.apache.commons.lang3.StringUtils; @@ -13,8 +12,7 @@ import javax.servlet.http.HttpServletResponse; import java.util.Map; import java.util.concurrent.TimeUnit; -import static com.ibeetl.admin.core.service.CorePlatformService.LOGIN_USER_TTL; -import static com.ibeetl.admin.core.service.CorePlatformService.TOKEN_KEY; +import static com.ibeetl.admin.core.service.CorePlatformService.*; import static com.ibeetl.admin.core.util.HttpRequestLocal.AUTHORIZATION; import static com.ibeetl.admin.core.util.HttpRequestLocal.jwtTokenSplitTimestamp; @@ -65,10 +63,8 @@ public class RedisTokenInterceptor implements HandlerInterceptor { if(userMap.isEmpty()){ return true; } - //将查询出来的Hash数据转成CoreUser对象 - CoreUser coreUser = BeanUtil.fillBeanWithMap(userMap, new CoreUser(), false); //将CoreUser存到ThreadLocal线程中 - UserHolder.saveUser(coreUser); + UserHolder.saveUser((CoreUser) userMap.get(ACCESS_CURRENT_USER)); //刷新Redis中token的有效时间 stringRedisTemplate.expire(redisTokenKey, LOGIN_USER_TTL, TimeUnit.DAYS); return true;