diff --git a/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java b/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java index 22502208..5e445996 100644 --- a/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java +++ b/web/src/main/java/cn/jlw/Interceptor/AuthenticationInterceptor.java @@ -2,12 +2,21 @@ package cn.jlw.Interceptor; import cn.hutool.core.util.StrUtil; import cn.hutool.extra.spring.SpringUtil; +import cn.jlw.util.ToolUtils; +import com.alibaba.fastjson.JSONArray; import com.auth0.jwt.JWT; +import com.auth0.jwt.JWTVerifier; +import com.auth0.jwt.algorithms.Algorithm; +import com.auth0.jwt.exceptions.JWTDecodeException; +import com.auth0.jwt.exceptions.JWTVerificationException; +import com.auth0.jwt.interfaces.DecodedJWT; import com.google.common.cache.CacheBuilder; import com.google.common.cache.CacheLoader; import com.google.common.cache.LoadingCache; import com.ibeetl.admin.core.rbac.UserLoginInfo; import com.ibeetl.admin.core.service.CoreUserService; +import com.ibeetl.jlw.entity.AbstractToken; +import com.ibeetl.jlw.entity.Student; import com.ibeetl.jlw.service.WebPlatformService; import org.apache.commons.lang3.StringUtils; import org.apache.commons.logging.Log; @@ -21,11 +30,13 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.net.URLEncoder; import java.nio.charset.StandardCharsets; +import java.util.HashMap; import java.util.Map; import java.util.UUID; import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.TimeUnit; +import static cn.jlw.token.TokenService.tokenMap; import static com.ibeetl.admin.core.util.HttpRequestLocal.getOriginRequestToken; import static com.ibeetl.admin.core.util.HttpRequestLocal.jwtTokenSplitTimestamp; import static com.ibeetl.admin.core.util.servlet.ServletUtils.getRequest; @@ -103,78 +114,78 @@ public class AuthenticationInterceptor implements HandlerInterceptor { actionLog.init(httpServletRequest,object); //检查有没有需要用户权限的注解 -// if (StringUtils.isNotBlank(token) && token.split("\\.").length >= 3) { -// // 获取 token 中的 memberId或openId -// String id; -// String attributeName; -// try { -// DecodedJWT decode = JWT.decode(token); -// id = decode.getAudience().get(0); -// attributeName = decode.getClaim(id).as(String.class); -// } catch (JWTDecodeException j) { -// System.out.println("有误的token:"+token); -// actionLog.delByUUId(httpServletRequest); -// -// j.printStackTrace(); -// Mapmap = new HashMap<>(); -// map.put("code",401); -// map.put("msg","登陆超时,请重新登陆"); -// httpServletResponse.reset(); -// httpServletResponse.setContentType("text/html;charset=utf-8"); -// httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); -// return false; -// } -// AbstractToken abstractToken = null; -// try{ -// abstractToken = ToolUtils.deepCopy(tokenMap.get(attributeName + "_" + id)); -// }catch (Exception e){} -// if (abstractToken == null) { -// actionLog.delByUUId(httpServletRequest); -// -// Mapmap = new HashMap<>(); -// map.put("code",401); -// map.put("msg","信息丢失,请重新登陆"); -// httpServletResponse.reset(); -// httpServletResponse.setContentType("text/html;charset=utf-8"); -// httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); -// return false; -// } -// -// // 验证 token -// JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256((abstractToken.getAddTime().getTime())+"")).build(); -// try { -// jwtVerifier.verify(token); -// } catch (JWTVerificationException e) { -// actionLog.delByUUId(httpServletRequest); -// -// e.printStackTrace(); -// Mapmap = new HashMap<>(); -// map.put("code",401); -// map.put("msg","登陆超时,请重新登陆"); -// httpServletResponse.reset(); -// httpServletResponse.setContentType("text/html;charset=utf-8"); -// httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); -// return false; -// } -// -// if (abstractToken instanceof Student) { -// Student student = (Student) abstractToken; -// actionLog.appendStudentInfo(httpServletRequest, token, student.getStudentId(),null); -// } -// else { -// actionLog.appendStudentInfo(httpServletRequest,token, null,null); -// } -// -// -// /** 根据身份,插入到Session。Key是不用的。 -// * 供这里使用 {@link WebPlatformService#getUserInfoFromSessionByIdentity} -// */ -//// attributeName = tokenInterface.getIdentity().getAttributeName(); -// if (StringUtils.isNotBlank(attributeName)) { -// httpServletRequest.setAttribute(attributeName, abstractToken); -// } -// return true; -// } + if (StringUtils.isNotBlank(token) && token.split("\\.").length >= 3) { + // 获取 token 中的 memberId或openId + String id; + String attributeName; + try { + DecodedJWT decode = JWT.decode(token); + id = decode.getAudience().get(0); + attributeName = decode.getClaim(id).as(String.class); + } catch (JWTDecodeException j) { + System.out.println("有误的token:"+token); + actionLog.delByUUId(httpServletRequest); + + j.printStackTrace(); + Mapmap = new HashMap<>(); + map.put("code",401); + map.put("msg","登陆超时,请重新登陆"); + httpServletResponse.reset(); + httpServletResponse.setContentType("text/html;charset=utf-8"); + httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); + return false; + } + AbstractToken abstractToken = null; + try{ + abstractToken = ToolUtils.deepCopy(tokenMap.get(attributeName + "_" + id)); + }catch (Exception e){} + if (abstractToken == null) { + actionLog.delByUUId(httpServletRequest); + + Mapmap = new HashMap<>(); + map.put("code",401); + map.put("msg","信息丢失,请重新登陆"); + httpServletResponse.reset(); + httpServletResponse.setContentType("text/html;charset=utf-8"); + httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); + return false; + } + + // 验证 token + JWTVerifier jwtVerifier = JWT.require(Algorithm.HMAC256((abstractToken.getAddTime().getTime())+"")).build(); + try { + jwtVerifier.verify(token); + } catch (JWTVerificationException e) { + actionLog.delByUUId(httpServletRequest); + + e.printStackTrace(); + Mapmap = new HashMap<>(); + map.put("code",401); + map.put("msg","登陆超时,请重新登陆"); + httpServletResponse.reset(); + httpServletResponse.setContentType("text/html;charset=utf-8"); + httpServletResponse.getWriter().write(JSONArray.toJSONString(map)); + return false; + } + + if (abstractToken instanceof Student) { + Student student = (Student) abstractToken; + actionLog.appendStudentInfo(httpServletRequest, token, student.getStudentId(),null); + } + else { + actionLog.appendStudentInfo(httpServletRequest,token, null,null); + } + + + /** 根据身份,插入到Session。Key是不用的。 + * 供这里使用 {@link WebPlatformService#getUserInfoFromSessionByIdentity} + */ +// attributeName = tokenInterface.getIdentity().getAttributeName(); + if (StringUtils.isNotBlank(attributeName)) { + httpServletRequest.setAttribute(attributeName, abstractToken); + } + return true; + } return true; }