java/HongRuiTang.git

parent: 6c3f7816 | 补丁 | 提交 | ignore whitespace

Pu Zhibing

14 小时以前 1da12c0ab6c5625fcd1295223f39c4249421f5be

修改bug

3个文件已修改

	ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java	63 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-modules/ruoyi-order/pom.xml	10 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	ruoyi-modules/ruoyi-order/src/main/java/com/ruoyi/order/util/kuaishou/KSClientTokenUtil.java	30 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java

@@ -1,5 +1,6 @@
package com.ruoyi.gateway.filter;

import com.alibaba.fastjson.JSON;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -25,12 +26,11 @@

/**
 * 网关鉴权
 * 
 *
 * @author jqs
 */
@Component
public class AuthFilter implements GlobalFilter, Ordered
{
public class AuthFilter implements GlobalFilter, Ordered {
    private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);

    // 排除过滤的 uri 地址，nacos自行添加
@@ -42,26 +42,25 @@


    @Override
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain)
    {
    public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
        ServerHttpRequest request = exchange.getRequest();
        ServerHttpRequest.Builder mutate = request.mutate();
        String url = request.getURI().getPath();
        log.info("requestUrl---"+url);
        log.info("requestUrl---" + url);
        log.info("whiteUrl---" + JSON.toJSONString(ignoreWhite.getWhites()));
        // 跳过不需要验证的路径
        if (StringUtils.matches(url, ignoreWhite.getWhites()))
        {
        if (StringUtils.matches(url, ignoreWhite.getWhites())) {
            //附近商户获取
            if(url.contains("getNearbyShop")||url.contains("pageRecommendGoods")||url.contains("pageActivityGoods")||url.contains("getGoodsInfo")
                    ||url.contains("getShopInfo")||url.contains("pageAppActivityGoods")||url.contains("/app/goods/listShoppingCart")||url.contains("/app/live/page")){
            if (url.contains("getNearbyShop") || url.contains("pageRecommendGoods") || url.contains("pageActivityGoods") || url.contains("getGoodsInfo")
                    || url.contains("getShopInfo") || url.contains("pageAppActivityGoods") || url.contains("/app/goods/listShoppingCart") || url.contains("/app/live/page")) {
                String token = getToken(request);
                if(!StringUtils.isEmpty(token)){
                if (!StringUtils.isEmpty(token)) {
                    Claims claims = JwtUtils.parseToken(token);
                    if(claims!=null){
                    if (claims != null) {
                        String userid = JwtUtils.getUserId(claims);
                        String userkey = JwtUtils.getUserKey(claims);
                        String username = JwtUtils.getUserName(claims);
                        if(!StringUtils.isEmpty(userid)){
                        if (!StringUtils.isEmpty(userid)) {
                            addHeader(mutate, SecurityConstants.USER_KEY, userkey);
                            addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
                            addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
@@ -73,26 +72,22 @@
            return chain.filter(exchange);
        }
        String token = getToken(request);
        log.info("requestToken---"+token);
        if (StringUtils.isEmpty(token))
        {
        log.info("requestToken---" + token);
        if (StringUtils.isEmpty(token)) {
            return unauthorizedResponse(exchange, "需要先登录才能使用该功能");
        }
        Claims claims = JwtUtils.parseToken(token);
        if (claims == null)
        {
        if (claims == null) {
            return unauthorizedResponse(exchange, "需要先登录才能使用该功能！");
        }
        String userkey = JwtUtils.getUserKey(claims);
        boolean islogin = redisService.hasKey(getTokenKey(userkey));
        if (!islogin)
        {
        if (!islogin) {
            return unauthorizedResponse(exchange, "登录状态已过期");
        }
        String userid = JwtUtils.getUserId(claims);
        String username = JwtUtils.getUserName(claims);
        if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username))
        {
        if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) {
            return unauthorizedResponse(exchange, "登录验证失败");
        }

@@ -105,10 +100,8 @@
        return chain.filter(exchange.mutate().request(mutate.build()).build());
    }

    private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value)
    {
        if (value == null)
        {
    private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value) {
        if (value == null) {
            return;
        }
        String valueStr = value.toString();
@@ -116,13 +109,11 @@
        mutate.header(name, valueEncode);
    }

    private void removeHeader(ServerHttpRequest.Builder mutate, String name)
    {
    private void removeHeader(ServerHttpRequest.Builder mutate, String name) {
        mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
    }

    private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg)
    {
    private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) {
        log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
        return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
    }
@@ -130,28 +121,24 @@
    /**
     * 获取缓存key
     */
    private String getTokenKey(String token)
    {
    private String getTokenKey(String token) {
        return CacheConstants.LOGIN_TOKEN_KEY + token;
    }

    /**
     * 获取请求token
     */
    private String getToken(ServerHttpRequest request)
    {
    private String getToken(ServerHttpRequest request) {
        String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION);
        // 如果前端设置了令牌前缀，则裁剪掉前缀
        if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
        {
        if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
            token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
        }
        return token;
    }

    @Override
    public int getOrder()
    {
    public int getOrder() {
        return -200;
    }
}

 ruoyi-modules/ruoyi-order/pom.xml

@@ -192,6 +192,16 @@
                </executions>
            </plugin>
        </plugins>

        <resources>
            <resource>
                <directory>${project.basedir}/src/main/resources/lib/</directory>
                <targetPath>/BOOT-INF/lib/</targetPath>
                <includes>
                    <include>**/*.jar</include>
                </includes>
            </resource>
        </resources>
    </build>
    <repositories>
        <!--抖音sdk-->

 ruoyi-modules/ruoyi-order/src/main/java/com/ruoyi/order/util/kuaishou/KSClientTokenUtil.java

@@ -1,12 +1,10 @@
package com.ruoyi.order.util.kuaishou;

import com.aliyun.tea.TeaException;
import com.kuaishou.locallife.open.api.KsLocalLifeApiException;
import com.alibaba.fastjson.JSON;
import com.kuaishou.locallife.open.api.client.oauth.OAuthAccessTokenKsClient;
import com.kuaishou.locallife.open.api.response.oauth.KsAccessTokenPreviousVersionResponse;
import com.ruoyi.common.redis.service.RedisService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Component;

import java.util.concurrent.TimeUnit;

@@ -25,21 +23,15 @@
    public static void getClientToken(RedisService redisService, String code) {
        try {
            OAuthAccessTokenKsClient client = new OAuthAccessTokenKsClient(KuaiShouConfig.appKey, KuaiShouConfig.appSecret);
            try {
                KsAccessTokenPreviousVersionResponse response = client.getAccessToken(code);
                String token = response.getAccessToken();
                Long expiration_time = response.getExpiresIn();
                String refreshToken = response.getRefreshToken();
                Long refreshTokenExpiresIn = response.getRefreshTokenExpiresIn();
                redisService.setCacheObject("ks_access_token", token, expiration_time, TimeUnit.SECONDS);
                redisService.setCacheObject("ks_refresh_token", refreshToken, refreshTokenExpiresIn, TimeUnit.SECONDS);
            } catch (KsLocalLifeApiException e) {
                throw new RuntimeException(e);
            }
        } catch (TeaException e) {
            e.printStackTrace();
            System.out.println(e.getMessage());
        } catch (Exception e) {
            KsAccessTokenPreviousVersionResponse response = client.getAccessToken(code);
            log.info("快手获取client_token结果：" + JSON.toJSONString(response));
            String token = response.getAccessToken();
            Long expiration_time = response.getExpiresIn();
            String refreshToken = response.getRefreshToken();
            Long refreshTokenExpiresIn = response.getRefreshTokenExpiresIn();
            redisService.setCacheObject("ks_access_token", token, expiration_time, TimeUnit.SECONDS);
            redisService.setCacheObject("ks_refresh_token", refreshToken, refreshTokenExpiresIn, TimeUnit.SECONDS);
        }  catch (Exception e) {
            e.printStackTrace();
            System.out.println(e.getMessage());
        }
@@ -60,7 +52,7 @@
            Long refreshTokenExpiresIn = response.getRefreshTokenExpiresIn();
            redisService.setCacheObject("ks_access_token", token, expiration_time, TimeUnit.SECONDS);
            redisService.setCacheObject("ks_refresh_token", refreshToken, refreshTokenExpiresIn, TimeUnit.SECONDS);
        } catch (KsLocalLifeApiException e) {
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

			@@ -1,5 +1,6 @@
			package com.ruoyi.gateway.filter;

			import com.alibaba.fastjson.JSON;
			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;
			import org.springframework.beans.factory.annotation.Autowired;
			@@ -25,12 +26,11 @@

			/**
			* 网关鉴权
			*
			*
			* @author jqs
			*/
			@Component
			public class AuthFilter implements GlobalFilter, Ordered
			{
			public class AuthFilter implements GlobalFilter, Ordered {
			private static final Logger log = LoggerFactory.getLogger(AuthFilter.class);

			// 排除过滤的 uri 地址，nacos自行添加
			@@ -42,26 +42,25 @@


			@Override
			public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain)
			{
			public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
			ServerHttpRequest request = exchange.getRequest();
			ServerHttpRequest.Builder mutate = request.mutate();
			String url = request.getURI().getPath();
			log.info("requestUrl---"+url);
			log.info("requestUrl---" + url);
			log.info("whiteUrl---" + JSON.toJSONString(ignoreWhite.getWhites()));
			// 跳过不需要验证的路径
			if (StringUtils.matches(url, ignoreWhite.getWhites()))
			{
			if (StringUtils.matches(url, ignoreWhite.getWhites())) {
			//附近商户获取
			if(url.contains("getNearbyShop")\|\|url.contains("pageRecommendGoods")\|\|url.contains("pageActivityGoods")\|\|url.contains("getGoodsInfo")
			\|\|url.contains("getShopInfo")\|\|url.contains("pageAppActivityGoods")\|\|url.contains("/app/goods/listShoppingCart")\|\|url.contains("/app/live/page")){
			if (url.contains("getNearbyShop") \|\| url.contains("pageRecommendGoods") \|\| url.contains("pageActivityGoods") \|\| url.contains("getGoodsInfo")
			\|\| url.contains("getShopInfo") \|\| url.contains("pageAppActivityGoods") \|\| url.contains("/app/goods/listShoppingCart") \|\| url.contains("/app/live/page")) {
			String token = getToken(request);
			if(!StringUtils.isEmpty(token)){
			if (!StringUtils.isEmpty(token)) {
			Claims claims = JwtUtils.parseToken(token);
			if(claims!=null){
			if (claims != null) {
			String userid = JwtUtils.getUserId(claims);
			String userkey = JwtUtils.getUserKey(claims);
			String username = JwtUtils.getUserName(claims);
			if(!StringUtils.isEmpty(userid)){
			if (!StringUtils.isEmpty(userid)) {
			addHeader(mutate, SecurityConstants.USER_KEY, userkey);
			addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
			addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
			@@ -73,26 +72,22 @@
			return chain.filter(exchange);
			}
			String token = getToken(request);
			log.info("requestToken---"+token);
			if (StringUtils.isEmpty(token))
			{
			log.info("requestToken---" + token);
			if (StringUtils.isEmpty(token)) {
			return unauthorizedResponse(exchange, "需要先登录才能使用该功能");
			}
			Claims claims = JwtUtils.parseToken(token);
			if (claims == null)
			{
			if (claims == null) {
			return unauthorizedResponse(exchange, "需要先登录才能使用该功能！");
			}
			String userkey = JwtUtils.getUserKey(claims);
			boolean islogin = redisService.hasKey(getTokenKey(userkey));
			if (!islogin)
			{
			if (!islogin) {
			return unauthorizedResponse(exchange, "登录状态已过期");
			}
			String userid = JwtUtils.getUserId(claims);
			String username = JwtUtils.getUserName(claims);
			if (StringUtils.isEmpty(userid) \|\| StringUtils.isEmpty(username))
			{
			if (StringUtils.isEmpty(userid) \|\| StringUtils.isEmpty(username)) {
			return unauthorizedResponse(exchange, "登录验证失败");
			}

			@@ -105,10 +100,8 @@
			return chain.filter(exchange.mutate().request(mutate.build()).build());
			}

			private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value)
			{
			if (value == null)
			{
			private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value) {
			if (value == null) {
			return;
			}
			String valueStr = value.toString();
			@@ -116,13 +109,11 @@
			mutate.header(name, valueEncode);
			}

			private void removeHeader(ServerHttpRequest.Builder mutate, String name)
			{
			private void removeHeader(ServerHttpRequest.Builder mutate, String name) {
			mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
			}

			private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg)
			{
			private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, String msg) {
			log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath());
			return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
			}
			@@ -130,28 +121,24 @@
			/**
			* 获取缓存key
			*/
			private String getTokenKey(String token)
			{
			private String getTokenKey(String token) {
			return CacheConstants.LOGIN_TOKEN_KEY + token;
			}

			/**
			* 获取请求token
			*/
			private String getToken(ServerHttpRequest request)
			{
			private String getToken(ServerHttpRequest request) {
			String token = request.getHeaders().getFirst(TokenConstants.AUTHENTICATION);
			// 如果前端设置了令牌前缀，则裁剪掉前缀
			if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
			{
			if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX)) {
			token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
			}
			return token;
			}

			@Override
			public int getOrder()
			{
			public int getOrder() {
			return -200;
			}
			}

			@@ -192,6 +192,16 @@
			</executions>
			</plugin>
			</plugins>

			<resources>
			<resource>
			<directory>${project.basedir}/src/main/resources/lib/</directory>
			<targetPath>/BOOT-INF/lib/</targetPath>
			<includes>
			<include>*/.jar</include>
			</includes>
			</resource>
			</resources>
			</build>
			<repositories>
			<!--抖音sdk-->

			@@ -1,12 +1,10 @@
			package com.ruoyi.order.util.kuaishou;

			import com.aliyun.tea.TeaException;
			import com.kuaishou.locallife.open.api.KsLocalLifeApiException;
			import com.alibaba.fastjson.JSON;
			import com.kuaishou.locallife.open.api.client.oauth.OAuthAccessTokenKsClient;
			import com.kuaishou.locallife.open.api.response.oauth.KsAccessTokenPreviousVersionResponse;
			import com.ruoyi.common.redis.service.RedisService;
			import lombok.extern.slf4j.Slf4j;
			import org.springframework.stereotype.Component;

			import java.util.concurrent.TimeUnit;

			@@ -25,21 +23,15 @@
			public static void getClientToken(RedisService redisService, String code) {
			try {
			OAuthAccessTokenKsClient client = new OAuthAccessTokenKsClient(KuaiShouConfig.appKey, KuaiShouConfig.appSecret);
			try {
			KsAccessTokenPreviousVersionResponse response = client.getAccessToken(code);
			String token = response.getAccessToken();
			Long expiration_time = response.getExpiresIn();
			String refreshToken = response.getRefreshToken();
			Long refreshTokenExpiresIn = response.getRefreshTokenExpiresIn();
			redisService.setCacheObject("ks_access_token", token, expiration_time, TimeUnit.SECONDS);
			redisService.setCacheObject("ks_refresh_token", refreshToken, refreshTokenExpiresIn, TimeUnit.SECONDS);
			} catch (KsLocalLifeApiException e) {
			throw new RuntimeException(e);
			}
			} catch (TeaException e) {
			e.printStackTrace();
			System.out.println(e.getMessage());
			} catch (Exception e) {
			KsAccessTokenPreviousVersionResponse response = client.getAccessToken(code);
			log.info("快手获取client_token结果：" + JSON.toJSONString(response));
			String token = response.getAccessToken();
			Long expiration_time = response.getExpiresIn();
			String refreshToken = response.getRefreshToken();
			Long refreshTokenExpiresIn = response.getRefreshTokenExpiresIn();
			redisService.setCacheObject("ks_access_token", token, expiration_time, TimeUnit.SECONDS);
			redisService.setCacheObject("ks_refresh_token", refreshToken, refreshTokenExpiresIn, TimeUnit.SECONDS);
			} catch (Exception e) {
			e.printStackTrace();
			System.out.println(e.getMessage());
			}
			@@ -60,7 +52,7 @@
			Long refreshTokenExpiresIn = response.getRefreshTokenExpiresIn();
			redisService.setCacheObject("ks_access_token", token, expiration_time, TimeUnit.SECONDS);
			redisService.setCacheObject("ks_refresh_token", refreshToken, refreshTokenExpiresIn, TimeUnit.SECONDS);
			} catch (KsLocalLifeApiException e) {
			} catch (Exception e) {
			e.printStackTrace();
			}
			}