Skip to content
项目
群组
代码片段
帮助
当前项目
正在载入...
登录 / 注册
切换导航面板
D
dataease
项目
项目
详情
活动
周期分析
仓库
仓库
文件
提交
分支
标签
贡献者
图表
比较
统计图
议题
0
议题
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
CI / CD
CI / CD
流水线
作业
日程
统计图
Wiki
Wiki
代码片段
代码片段
成员
成员
折叠边栏
关闭边栏
活动
图像
聊天
创建新问题
作业
提交
问题看板
Open sidebar
zhu
dataease
Commits
2a766461
提交
2a766461
authored
3月 10, 2021
作者:
fit2cloud-chenyw
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
fix: 修复token续命bug
上级
fec733f2
隐藏空白字符变更
内嵌
并排
正在显示
7 个修改的文件
包含
80 行增加
和
14 行删除
+80
-14
F2CRealm.java
backend/src/main/java/io/dataease/auth/config/F2CRealm.java
+4
-3
JWTFilter.java
backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
+8
-2
AuthServer.java
...end/src/main/java/io/dataease/auth/server/AuthServer.java
+5
-0
ShiroServiceImpl.java
.../java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+1
-0
JWTUtils.java
backend/src/main/java/io/dataease/auth/util/JWTUtils.java
+42
-3
SysUserService.java
...src/main/java/io/dataease/service/sys/SysUserService.java
+1
-0
ehcache.xml
backend/src/main/resources/ehcache/ehcache.xml
+19
-6
没有找到文件。
backend/src/main/java/io/dataease/auth/config/F2CRealm.java
浏览文件 @
2a766461
...
...
@@ -13,8 +13,9 @@ import org.apache.shiro.authz.AuthorizationInfo;
import
org.apache.shiro.authz.SimpleAuthorizationInfo
;
import
org.apache.shiro.realm.AuthorizingRealm
;
import
org.apache.shiro.subject.PrincipalCollection
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.context.annotation.Lazy
;
import
org.springframework.stereotype.Component
;
import
javax.annotation.Resource
;
import
java.util.Set
;
import
java.util.stream.Collectors
;
...
...
@@ -23,7 +24,8 @@ import java.util.stream.Collectors;
@Component
public
class
F2CRealm
extends
AuthorizingRealm
{
@Resource
@Autowired
@Lazy
//shiro组件加载过早 让authUserService等一等再注入 否则 注入的可能不是代理对象
private
AuthUserService
authUserService
;
...
...
@@ -36,7 +38,6 @@ public class F2CRealm extends AuthorizingRealm {
@Override
protected
AuthorizationInfo
doGetAuthorizationInfo
(
PrincipalCollection
principals
)
{
Long
userId
=
JWTUtils
.
tokenInfoByToken
(
principals
.
toString
()).
getUserId
();
//SysUserEntity user = authUserService.getUserById(userId);
SimpleAuthorizationInfo
simpleAuthorizationInfo
=
new
SimpleAuthorizationInfo
();
Set
<
String
>
role
=
authUserService
.
roles
(
userId
).
stream
().
collect
(
Collectors
.
toSet
());
simpleAuthorizationInfo
.
addRoles
(
role
);
...
...
backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
浏览文件 @
2a766461
...
...
@@ -45,8 +45,8 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
protected
boolean
executeLogin
(
ServletRequest
request
,
ServletResponse
response
)
throws
Exception
{
HttpServletRequest
httpServletRequest
=
(
HttpServletRequest
)
request
;
String
authorization
=
httpServletRequest
.
getHeader
(
"Authorization"
);
if
(
JWTUtils
.
needRefresh
(
authorization
)){
// 当没有出现登录超时 且需要刷新token 则执行刷新token
if
(
!
JWTUtils
.
loginExpire
(
authorization
)
&&
JWTUtils
.
needRefresh
(
authorization
)){
authorization
=
refreshToken
(
request
,
response
);
}
JWTToken
token
=
new
JWTToken
(
authorization
);
...
...
@@ -81,7 +81,13 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
AuthUserService
authUserService
=
CommonBeanFactory
.
getBean
(
AuthUserService
.
class
);
SysUserEntity
user
=
authUserService
.
getUserById
(
tokenInfo
.
getUserId
());
String
password
=
user
.
getPassword
();
// 删除老token操作时间
JWTUtils
.
removeTokenExpire
(
token
);
String
newToken
=
JWTUtils
.
sign
(
tokenInfo
,
password
);
// 记录新token操作时间
JWTUtils
.
addTokenExpire
(
newToken
);
JWTToken
jwtToken
=
new
JWTToken
(
newToken
);
this
.
getSubject
(
request
,
response
).
login
(
jwtToken
);
// 设置响应的Header头新Token
...
...
backend/src/main/java/io/dataease/auth/server/AuthServer.java
浏览文件 @
2a766461
...
...
@@ -49,6 +49,8 @@ public class AuthServer implements AuthApi {
Map
<
String
,
Object
>
result
=
new
HashMap
<>();
TokenInfo
tokenInfo
=
TokenInfo
.
builder
().
userId
(
user
.
getUserId
()).
username
(
username
).
lastLoginTime
(
System
.
currentTimeMillis
()).
build
();
String
token
=
JWTUtils
.
sign
(
tokenInfo
,
realPwd
);
// 记录token操作时间
JWTUtils
.
addTokenExpire
(
token
);
result
.
put
(
"token"
,
token
);
ServletUtils
.
setToken
(
token
);
return
result
;
...
...
@@ -79,6 +81,9 @@ public class AuthServer implements AuthApi {
@Override
public
String
test
()
{
SysUserEntity
userById
=
authUserService
.
getUserById
(
4L
);
String
nickName
=
userById
.
getNickName
();
System
.
out
.
println
(
nickName
);
return
"apple"
;
}
}
backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
浏览文件 @
2a766461
...
...
@@ -35,6 +35,7 @@ public class ShiroServiceImpl implements ShiroService {
// filterChainDefinitionMap.put("/404", "anon");
// 登陆
// filterChainDefinitionMap.put("/api/auth/logout", "anon");
filterChainDefinitionMap
.
put
(
"/api/auth/test"
,
"anon"
);
filterChainDefinitionMap
.
put
(
"/api/auth/login"
,
"anon"
);
// 退出
...
...
backend/src/main/java/io/dataease/auth/util/JWTUtils.java
浏览文件 @
2a766461
...
...
@@ -6,9 +6,12 @@ import com.auth0.jwt.algorithms.Algorithm;
import
com.auth0.jwt.exceptions.JWTDecodeException
;
import
com.auth0.jwt.interfaces.DecodedJWT
;
import
io.dataease.auth.entity.TokenInfo
;
import
io.dataease.commons.utils.CommonBeanFactory
;
import
io.dataease.commons.utils.ServletUtils
;
import
org.apache.commons.lang3.ObjectUtils
;
import
org.apache.commons.lang3.StringUtils
;
import
org.springframework.cache.Cache
;
import
org.springframework.cache.CacheManager
;
import
javax.servlet.http.HttpServletResponse
;
import
java.util.Date
;
...
...
@@ -19,7 +22,7 @@ public class JWTUtils {
// token过期时间5min (过期会自动刷新续命 目的是避免一直都是同一个token )
private
static
final
long
EXPIRE_TIME
=
1
*
60
*
1000
;
// 登录间隔时间10min 超过这个时间强制重新登录
private
static
final
long
Login_Interval
=
10
*
60
*
1000
;
private
static
final
long
Login_Interval
=
2
*
60
*
1000
;
/**
...
...
@@ -36,9 +39,10 @@ public class JWTUtils {
.
withClaim
(
"userId"
,
tokenInfo
.
getUserId
())
.
build
();
DecodedJWT
jwt
=
verifier
.
verify
(
token
);
Long
lastLoginTime
=
jwt
.
getClaim
(
"lastLoginTime"
).
asLong
();
//Long lastLoginTime = jwt.getClaim("lastLoginTime").asLong();
Long
lastOperateTime
=
tokenLastOperateTime
(
token
);
long
now
=
System
.
currentTimeMillis
();
if
(
now
-
last
Login
Time
>
Login_Interval
){
if
(
now
-
last
Operate
Time
>
Login_Interval
){
// 登录超时
HttpServletResponse
response
=
ServletUtils
.
response
();
response
.
addHeader
(
"Access-Control-Expose-Headers"
,
"authentication-status"
);
...
...
@@ -74,6 +78,17 @@ public class JWTUtils {
return
new
Date
().
getTime
()
>=
exp
.
getTime
();
}
/**
* 当前token是否登录超时
* @param token
* @return
*/
public
static
boolean
loginExpire
(
String
token
){
Long
now
=
System
.
currentTimeMillis
();
Long
lastOperateTime
=
tokenLastOperateTime
(
token
);
return
now
-
lastOperateTime
>
Login_Interval
;
}
public
static
Date
getExp
(
String
token
)
{
try
{
DecodedJWT
jwt
=
JWT
.
decode
(
token
);
...
...
@@ -106,4 +121,28 @@ public class JWTUtils {
return
null
;
}
}
/**
* 获取当前token上次操作时间
* @param token
* @return
*/
public
static
Long
tokenLastOperateTime
(
String
token
){
CacheManager
cacheManager
=
CommonBeanFactory
.
getBean
(
CacheManager
.
class
);
Cache
tokens_expire
=
cacheManager
.
getCache
(
"tokens_expire"
);
Long
expTime
=
tokens_expire
.
get
(
token
,
Long
.
class
);
return
expTime
;
}
public
static
void
removeTokenExpire
(
String
token
){
CacheManager
cacheManager
=
CommonBeanFactory
.
getBean
(
CacheManager
.
class
);
Cache
tokens_expire
=
cacheManager
.
getCache
(
"tokens_expire"
);
tokens_expire
.
evict
(
token
);
}
public
static
void
addTokenExpire
(
String
token
){
CacheManager
cacheManager
=
CommonBeanFactory
.
getBean
(
CacheManager
.
class
);
Cache
tokens_expire
=
cacheManager
.
getCache
(
"tokens_expire"
);
tokens_expire
.
put
(
token
,
System
.
currentTimeMillis
());
}
}
backend/src/main/java/io/dataease/service/sys/SysUserService.java
浏览文件 @
2a766461
...
...
@@ -111,6 +111,7 @@ public class SysUserService {
return
sysUserMapper
.
updateByPrimaryKeySelective
(
sysUser
);
}
@CacheEvict
(
value
=
USER_CACHE_NAME
,
key
=
"'user' + #request.userId"
)
public
int
adminUpdatePwd
(
SysUserPwdRequest
request
){
SysUser
sysUser
=
new
SysUser
();
sysUser
.
setUserId
(
request
.
getUserId
());
...
...
backend/src/main/resources/ehcache/ehcache.xml
浏览文件 @
2a766461
...
...
@@ -7,10 +7,10 @@
user.dir - 用户当前工作目录
java.io.tmpdir - 默认临时文件路径
-->
<!-- <diskStore path="D:/home/Tmp_Ehcache"/>--
>
<diskStore
path=
"/opt/dataease/data/ehcache"
/
>
<!--
name:缓存名称。
maxElementsInMemory:缓存最大数目
maxElementsInMemory:
jvm
缓存最大数目
maxElementsOnDisk:硬盘最大缓存个数。
eternal:对象是否永久有效,一但设置了,timeout将不起作用。
overflowToDisk:是否保存到磁盘,当系统宕机时
...
...
@@ -39,10 +39,23 @@
name=
"users_info"
eternal=
"false"
maxElementsInMemory=
"100"
overflowToDisk=
"false"
diskPersistent=
"false"
timeToIdleSeconds=
"0"
timeToLiveSeconds=
"300"
maxElementsOnDisk=
"1000"
overflowToDisk=
"true"
diskPersistent=
"true"
timeToIdleSeconds=
"1800"
timeToLiveSeconds=
"3600"
memoryStoreEvictionPolicy=
"LRU"
/>
<cache
name=
"tokens_expire"
eternal=
"false"
maxElementsInMemory=
"100"
maxElementsOnDisk=
"1000"
overflowToDisk=
"true"
diskPersistent=
"true"
timeToIdleSeconds=
"1800"
timeToLiveSeconds=
"3600"
memoryStoreEvictionPolicy=
"LRU"
/>
...
...
编写
预览
Markdown
格式
0%
重试
或
添加新文件
添加附件
取消
您添加了
0
人
到此讨论。请谨慎行事。
请先完成此评论的编辑!
取消
请
注册
或者
登录
后发表评论