Home Explore Help
Sign In
ytrd-project-management
/
BaseMonitor
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

登陆时间内刷新token过期时间,web端和app端

wyyay 2 years ago
parent
53488905eb
commit
9a0bc7f2a0
4 changed files with 52 additions and 3 deletions
Split View Show Diff Stats
  1. 5 0
      base-common/src/main/java/com/ozs/common/constant/Constants.java
  2. 1 1
      base-framework/src/main/java/com/ozs/framework/config/SecurityConfig.java
  3. 7 1
      base-framework/src/main/java/com/ozs/framework/security/filter/JwtAuthenticationTokenFilter.java
  4. 39 1
      base-framework/src/main/java/com/ozs/framework/web/service/TokenService.java

+ 5 - 0
base-common/src/main/java/com/ozs/common/constant/Constants.java
View File 

@@ -84,6 +84,11 @@ public class Constants
 
      */
 
     public static final String LOGIN_USER_KEY = "login_user_key";
 
 
+    /**
 
+     * app令牌前缀
 
+     */
 
+    public static final String LOGIN_USER_KEY_APP = "login_user_key_app";
 
+
 
     /**
 
      * 地址灾害令牌前缀
 
      */

+ 1 - 1
base-framework/src/main/java/com/ozs/framework/config/SecurityConfig.java
View File 

@@ -115,7 +115,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
                 // 过滤请求
 
                 .authorizeRequests()
 
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
 
-                .antMatchers("/login", "/register", "/captchaImage", "/sdk/**").permitAll()
 
+                .antMatchers("/login", "/loginApp","/register", "/captchaImage", "/sdk/**").permitAll()
 
                 // 静态资源,可匿名访问
 
                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
 
                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

+ 7 - 1
base-framework/src/main/java/com/ozs/framework/security/filter/JwtAuthenticationTokenFilter.java
View File 

@@ -36,7 +36,13 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
 
         if (!request.getRequestURI().contains("/websocket") || !request.getRequestURI().contains("/sdk")) {
 
             LoginUser loginUser = tokenService.getLoginUser(request);
 
             if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
 
-                tokenService.verifyToken(loginUser);
 
+                //tokenService.verifyToken(loginUser);
 
+                if(tokenService.getTagByToken(request)){
 
+                    tokenService.refreshTokenApp(loginUser);
 
+                }else{
 
+                    tokenService.refreshToken(loginUser);
 
+                }
 
+
 
                 UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
 
                 authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
 
                 SecurityContextHolder.getContext().setAuthentication(authenticationToken);

+ 39 - 1
base-framework/src/main/java/com/ozs/framework/web/service/TokenService.java
View File 

@@ -71,6 +71,9 @@ public class TokenService
 
                 Claims claims = parseToken(token);
 
                 // 解析对应的权限以及用户信息
 
                 String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
 
+                if(StringUtils.isEmpty(uuid)){
 
+                    uuid = (String) claims.get(Constants.LOGIN_USER_KEY_APP);
 
+                }
 
                 String userKey = getTokenKey(uuid);
 
                 LoginUser user = redisCache.getCacheObject(userKey);
 
                 return user;
 
@@ -136,7 +139,7 @@ public class TokenService
 
         refreshTokenApp(loginUser);
 
 
         Map<String, Object> claims = new HashMap<>();
 
-        claims.put(Constants.LOGIN_USER_KEY, token);
 
+        claims.put(Constants.LOGIN_USER_KEY_APP, token);
 
         return createToken(claims);
 
     }
 
 
@@ -270,4 +273,39 @@ public class TokenService
 
         }
 
         return null;
 
     }
 
+    public LoginUser getLoginedUserByTokenApp(String token) {
 
+        try {
 
+            Claims claims = parseToken(token);
 
+            // 解析对应的权限以及用户信息
 
+            String uuid = (String) claims.get(Constants.LOGIN_USER_KEY_APP);
 
+            String userKey = getTokenKey(uuid);
 
+            return redisCache.getCacheObject(userKey);
 
+        } catch (Exception e) {
 
+            e.printStackTrace();
 
+        }
 
+        return null;
 
+    }
 
+    /**
 
+     * 判断是不是app token
 
+     *
 
+     * @param
 
+     * @return token
 
+     */
 
+    public boolean getTagByToken(HttpServletRequest request) {
 
+        try {
 
+            String token = getToken(request);
 
+            if(StringUtils.isNotEmpty(token)){
 
+                Claims claims = parseToken(token);
 
+                // 解析对应的权限以及用户信息
 
+                String uuid = (String) claims.get(Constants.LOGIN_USER_KEY_APP);
 
+                if(StringUtils.isNotEmpty(uuid)){
 
+                    return true;
 
+                }
 
+            }
 
+
 
+        } catch (Exception e) {
 
+            e.printStackTrace();
 
+        }
 
+        return false;
 
+    }
 
 }