From 2a1e2ebb3ce800fc6aa8067db0cc3b0ab9253604 Mon Sep 17 00:00:00 2001
From: hjl <1657978663@qq.com>
Date: 星期五, 24 五月 2024 10:32:36 +0800
Subject: [PATCH] feat: 代码提交
---
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java | 261 +++++++++------------
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java | 149 ++++++------
ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java | 111 +++-----
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java | 40 +-
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java | 113 ++++----
5 files changed, 310 insertions(+), 364 deletions(-)
diff --git a/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java b/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
index 435cb6e..2b3e9a9 100644
--- a/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
+++ b/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java
@@ -1,11 +1,5 @@
package com.ruoyi.common.redis.service;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.concurrent.TimeUnit;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.BoundSetOperations;
import org.springframework.data.redis.core.HashOperations;
@@ -13,64 +7,62 @@
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.stereotype.Component;
+import java.util.*;
+import java.util.concurrent.TimeUnit;
+
/**
* spring redis 工具类
- *
+ *
* @author ruoyi
**/
-@SuppressWarnings(value = { "unchecked", "rawtypes" })
+@SuppressWarnings(value = {"unchecked", "rawtypes"})
@Component
-public class RedisService
-{
+public class RedisService {
@Autowired
public RedisTemplate redisTemplate;
/**
* 缓存基本的对象,Integer、String、实体类等
*
- * @param key 缓存的键值
+ * @param key 缓存的键值
* @param value 缓存的值
*/
- public <T> void setCacheObject(final String key, final T value)
- {
+ public <T> void setCacheObject(final String key, final T value) {
redisTemplate.opsForValue().set(key, value);
}
/**
* 缓存基本的对象,Integer、String、实体类等
*
- * @param key 缓存的键值
- * @param value 缓存的值
- * @param timeout 时间
+ * @param key 缓存的键值
+ * @param value 缓存的值
+ * @param timeout 时间
* @param timeUnit 时间颗粒度
*/
- public <T> void setCacheObject(final String key, final T value, final Long timeout, final TimeUnit timeUnit)
- {
+ public <T> void setCacheObject(final String key, final T value, final Long timeout, final TimeUnit timeUnit) {
redisTemplate.opsForValue().set(key, value, timeout, timeUnit);
}
/**
* 设置有效时间
*
- * @param key Redis键
+ * @param key Redis键
* @param timeout 超时时间
* @return true=设置成功;false=设置失败
*/
- public boolean expire(final String key, final long timeout)
- {
+ public boolean expire(final String key, final long timeout) {
return expire(key, timeout, TimeUnit.SECONDS);
}
/**
* 设置有效时间
*
- * @param key Redis键
+ * @param key Redis键
* @param timeout 超时时间
- * @param unit 时间单位
+ * @param unit 时间单位
* @return true=设置成功;false=设置失败
*/
- public boolean expire(final String key, final long timeout, final TimeUnit unit)
- {
+ public boolean expire(final String key, final long timeout, final TimeUnit unit) {
return redisTemplate.expire(key, timeout, unit);
}
@@ -80,8 +72,7 @@
* @param key Redis键
* @return 有效时间
*/
- public long getExpire(final String key)
- {
+ public long getExpire(final String key) {
return redisTemplate.getExpire(key);
}
@@ -91,8 +82,7 @@
* @param key 键
* @return true 存在 false不存在
*/
- public Boolean hasKey(String key)
- {
+ public Boolean hasKey(String key) {
return redisTemplate.hasKey(key);
}
@@ -102,8 +92,7 @@
* @param key 缓存键值
* @return 缓存键值对应的数据
*/
- public <T> T getCacheObject(final String key)
- {
+ public <T> T getCacheObject(final String key) {
ValueOperations<String, T> operation = redisTemplate.opsForValue();
return operation.get(key);
}
@@ -113,8 +102,7 @@
*
* @param key
*/
- public boolean deleteObject(final String key)
- {
+ public boolean deleteObject(final String key) {
return redisTemplate.delete(key);
}
@@ -124,20 +112,18 @@
* @param collection 多个对象
* @return
*/
- public boolean deleteObject(final Collection collection)
- {
+ public boolean deleteObject(final Collection collection) {
return redisTemplate.delete(collection) > 0;
}
/**
* 缓存List数据
*
- * @param key 缓存的键值
+ * @param key 缓存的键值
* @param dataList 待缓存的List数据
* @return 缓存的对象
*/
- public <T> long setCacheList(final String key, final List<T> dataList)
- {
+ public <T> long setCacheList(final String key, final List<T> dataList) {
Long count = redisTemplate.opsForList().rightPushAll(key, dataList);
return count == null ? 0 : count;
}
@@ -148,24 +134,21 @@
* @param key 缓存的键值
* @return 缓存键值对应的数据
*/
- public <T> List<T> getCacheList(final String key)
- {
+ public <T> List<T> getCacheList(final String key) {
return redisTemplate.opsForList().range(key, 0, -1);
}
/**
* 缓存Set
*
- * @param key 缓存键值
+ * @param key 缓存键值
* @param dataSet 缓存的数据
* @return 缓存数据的对象
*/
- public <T> BoundSetOperations<String, T> setCacheSet(final String key, final Set<T> dataSet)
- {
+ public <T> BoundSetOperations<String, T> setCacheSet(final String key, final Set<T> dataSet) {
BoundSetOperations<String, T> setOperation = redisTemplate.boundSetOps(key);
Iterator<T> it = dataSet.iterator();
- while (it.hasNext())
- {
+ while (it.hasNext()) {
setOperation.add(it.next());
}
return setOperation;
@@ -177,8 +160,7 @@
* @param key
* @return
*/
- public <T> Set<T> getCacheSet(final String key)
- {
+ public <T> Set<T> getCacheSet(final String key) {
return redisTemplate.opsForSet().members(key);
}
@@ -188,8 +170,7 @@
* @param key
* @param dataMap
*/
- public <T> void setCacheMap(final String key, final Map<String, T> dataMap)
- {
+ public <T> void setCacheMap(final String key, final Map<String, T> dataMap) {
if (dataMap != null) {
redisTemplate.opsForHash().putAll(key, dataMap);
}
@@ -201,32 +182,29 @@
* @param key
* @return
*/
- public <T> Map<String, T> getCacheMap(final String key)
- {
+ public <T> Map<String, T> getCacheMap(final String key) {
return redisTemplate.opsForHash().entries(key);
}
/**
* 往Hash中存入数据
*
- * @param key Redis键
- * @param hKey Hash键
+ * @param key Redis键
+ * @param hKey Hash键
* @param value 值
*/
- public <T> void setCacheMapValue(final String key, final String hKey, final T value)
- {
+ public <T> void setCacheMapValue(final String key, final String hKey, final T value) {
redisTemplate.opsForHash().put(key, hKey, value);
}
/**
* 获取Hash中的数据
*
- * @param key Redis键
+ * @param key Redis键
* @param hKey Hash键
* @return Hash中的对象
*/
- public <T> T getCacheMapValue(final String key, final String hKey)
- {
+ public <T> T getCacheMapValue(final String key, final String hKey) {
HashOperations<String, String, T> opsForHash = redisTemplate.opsForHash();
return opsForHash.get(key, hKey);
}
@@ -234,24 +212,22 @@
/**
* 获取多个Hash中的数据
*
- * @param key Redis键
+ * @param key Redis键
* @param hKeys Hash键集合
* @return Hash对象集合
*/
- public <T> List<T> getMultiCacheMapValue(final String key, final Collection<Object> hKeys)
- {
+ public <T> List<T> getMultiCacheMapValue(final String key, final Collection<Object> hKeys) {
return redisTemplate.opsForHash().multiGet(key, hKeys);
}
/**
* 删除Hash中的某条数据
*
- * @param key Redis键
+ * @param key Redis键
* @param hKey Hash键
* @return 是否成功
*/
- public boolean deleteCacheMapValue(final String key, final String hKey)
- {
+ public boolean deleteCacheMapValue(final String key, final String hKey) {
return redisTemplate.opsForHash().delete(key, hKey) > 0;
}
@@ -261,8 +237,11 @@
* @param pattern 字符串前缀
* @return 对象列表
*/
- public Collection<String> keys(final String pattern)
- {
+ public Collection<String> keys(final String pattern) {
return redisTemplate.keys(pattern);
}
+
+ public Set getKeysPrefix(String accessToken) {
+ return redisTemplate.keys(accessToken);
+ }
}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java
index 403347e..542b9ef 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java
@@ -1,11 +1,5 @@
package com.ruoyi.common.security.auth;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
-
-import com.ruoyi.system.api.model.LoginUserParent;
-import org.springframework.util.PatternMatchUtils;
import com.ruoyi.common.core.context.SecurityContextHolder;
import com.ruoyi.common.core.exception.auth.NotLoginException;
import com.ruoyi.common.core.exception.auth.NotPermissionException;
@@ -19,18 +13,27 @@
import com.ruoyi.common.security.service.TokenService;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.model.LoginUser;
+import com.ruoyi.system.api.model.LoginUserParent;
+import org.springframework.util.PatternMatchUtils;
+
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
/**
* Token 权限验证,逻辑实现类
- *
+ *
* @author ruoyi
*/
-public class AuthLogic
-{
- /** 所有权限标识 */
+public class AuthLogic {
+ /**
+ * 所有权限标识
+ */
private static final String ALL_PERMISSION = "*:*:*";
- /** 管理员角色权限标识 */
+ /**
+ * 管理员角色权限标识
+ */
private static final String SUPER_ADMIN = "admin";
public TokenService tokenService = SpringUtils.getBean(TokenService.class);
@@ -38,11 +41,9 @@
/**
* 会话注销
*/
- public void logout()
- {
+ public void logout() {
String token = SecurityUtils.getToken();
- if (token == null)
- {
+ if (token == null) {
return;
}
logoutByToken(token);
@@ -51,41 +52,36 @@
/**
* 会话注销,根据指定Token
*/
- public void logoutByToken(String token)
- {
+ public void logoutByToken(String token) {
tokenService.delLoginUser(token);
}
+
/**
* 家长端会话注销,根据指定Token
*/
- public void logoutByToken1(String token)
- {
+ public void logoutByToken1(String token) {
tokenService.delLoginUser1(token);
}
/**
* 检验用户是否已经登录,如未登录,则抛出异常
*/
- public void checkLogin()
- {
+ public void checkLogin() {
getLoginUser();
}
/**
* 获取当前用户缓存信息, 如果未登录,则抛出异常
- *
+ *
* @return 用户缓存信息
*/
- public LoginUser getLoginUser()
- {
+ public LoginUser getLoginUser() {
String token = SecurityUtils.getToken();
- if (token == null)
- {
+ if (token == null) {
throw new NotLoginException("未提供token");
}
LoginUser loginUser = SecurityUtils.getLoginUser();
- if (loginUser == null)
- {
+ if (loginUser == null) {
throw new NotLoginException("无效的token");
}
return loginUser;
@@ -93,83 +89,94 @@
/**
* 获取当前用户缓存信息, 如果未登录,则抛出异常
- *
+ *
* @param token 前端传递的认证信息
* @return 用户缓存信息
*/
- public LoginUser getLoginUser(String token)
- {
+ public LoginUser getLoginUser(String token) {
return tokenService.getLoginUser(token);
}
+
/**
* 获取当前用户缓存信息, 如果未登录,则抛出异常
*
* @param token 前端传递的认证信息
* @return 用户缓存信息
*/
- public LoginUserParent getLoginUser1(String token)
- {
+ public LoginUserParent getLoginUser1(String token) {
return tokenService.getLoginUser1(token);
}
/**
- * 验证当前用户有效期, 如果相差不足120分钟,自动刷新缓存
- *
- * @param loginUser 当前用户信息
+ * 获取当前用户缓存信息, 如果未登录,则抛出异常
+ * 学习端
+ *
+ * @param token 前端传递的认证信息
+ * @return 用户缓存信息
*/
- public void verifyLoginUserExpire(LoginUser loginUser)
- {
- tokenService.verifyToken(loginUser);
+ public LoginUserParent getLoginUserStudy(String token) {
+ return tokenService.getLoginUserStudy(token);
}
+
/**
* 验证当前用户有效期, 如果相差不足120分钟,自动刷新缓存
*
* @param loginUser 当前用户信息
*/
- public void verifyLoginUserExpire1(LoginUserParent loginUser)
- {
+ public void verifyLoginUserExpire(LoginUser loginUser) {
+ tokenService.verifyToken(loginUser);
+ }
+
+ /**
+ * 验证当前用户有效期, 如果相差不足120分钟,自动刷新缓存
+ *
+ * @param loginUser 当前用户信息
+ */
+ public void verifyLoginUserExpire1(LoginUserParent loginUser) {
tokenService.verifyToken1(loginUser);
}
/**
+ * 验证当前用户有效期, 如果相差不足120分钟,自动刷新缓存
+ *
+ * @param loginUser 当前用户信息
+ */
+ public void verifyLoginUserStudyExpire(LoginUserParent loginUser) {
+ tokenService.verifyTokenStudy(loginUser);
+ }
+
+ /**
* 验证用户是否具备某权限
- *
+ *
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
- public boolean hasPermi(String permission)
- {
+ public boolean hasPermi(String permission) {
return hasPermi(getPermiList(), permission);
}
/**
* 验证用户是否具备某权限, 如果验证未通过,则抛出异常: NotPermissionException
- *
+ *
* @param permission 权限字符串
* @return 用户是否具备某权限
*/
- public void checkPermi(String permission)
- {
- if (!hasPermi(getPermiList(), permission))
- {
+ public void checkPermi(String permission) {
+ if (!hasPermi(getPermiList(), permission)) {
throw new NotPermissionException(permission);
}
}
/**
* 根据注解(@RequiresPermissions)鉴权, 如果验证未通过,则抛出异常: NotPermissionException
- *
+ *
* @param requiresPermissions 注解对象
*/
- public void checkPermi(RequiresPermissions requiresPermissions)
- {
+ public void checkPermi(RequiresPermissions requiresPermissions) {
SecurityContextHolder.setPermission(StringUtils.join(requiresPermissions.value(), ","));
- if (requiresPermissions.logical() == Logical.AND)
- {
+ if (requiresPermissions.logical() == Logical.AND) {
checkPermiAnd(requiresPermissions.value());
- }
- else
- {
+ } else {
checkPermiOr(requiresPermissions.value());
}
}
@@ -179,13 +186,10 @@
*
* @param permissions 权限列表
*/
- public void checkPermiAnd(String... permissions)
- {
+ public void checkPermiAnd(String... permissions) {
Set<String> permissionList = getPermiList();
- for (String permission : permissions)
- {
- if (!hasPermi(permissionList, permission))
- {
+ for (String permission : permissions) {
+ if (!hasPermi(permissionList, permission)) {
throw new NotPermissionException(permission);
}
}
@@ -193,78 +197,64 @@
/**
* 验证用户是否含有指定权限,只需包含其中一个
- *
+ *
* @param permissions 权限码数组
*/
- public void checkPermiOr(String... permissions)
- {
+ public void checkPermiOr(String... permissions) {
Set<String> permissionList = getPermiList();
- for (String permission : permissions)
- {
- if (hasPermi(permissionList, permission))
- {
+ for (String permission : permissions) {
+ if (hasPermi(permissionList, permission)) {
return;
}
}
- if (permissions.length > 0)
- {
+ if (permissions.length > 0) {
throw new NotPermissionException(permissions);
}
}
/**
* 判断用户是否拥有某个角色
- *
+ *
* @param role 角色标识
* @return 用户是否具备某角色
*/
- public boolean hasRole(String role)
- {
+ public boolean hasRole(String role) {
return hasRole(getRoleList(), role);
}
/**
* 判断用户是否拥有某个角色, 如果验证未通过,则抛出异常: NotRoleException
- *
+ *
* @param role 角色标识
*/
- public void checkRole(String role)
- {
- if (!hasRole(role))
- {
+ public void checkRole(String role) {
+ if (!hasRole(role)) {
throw new NotRoleException(role);
}
}
/**
* 根据注解(@RequiresRoles)鉴权
- *
+ *
* @param requiresRoles 注解对象
*/
- public void checkRole(RequiresRoles requiresRoles)
- {
- if (requiresRoles.logical() == Logical.AND)
- {
+ public void checkRole(RequiresRoles requiresRoles) {
+ if (requiresRoles.logical() == Logical.AND) {
checkRoleAnd(requiresRoles.value());
- }
- else
- {
+ } else {
checkRoleOr(requiresRoles.value());
}
}
/**
* 验证用户是否含有指定角色,必须全部拥有
- *
+ *
* @param roles 角色标识数组
*/
- public void checkRoleAnd(String... roles)
- {
+ public void checkRoleAnd(String... roles) {
Set<String> roleList = getRoleList();
- for (String role : roles)
- {
- if (!hasRole(roleList, role))
- {
+ for (String role : roles) {
+ if (!hasRole(roleList, role)) {
throw new NotRoleException(role);
}
}
@@ -272,129 +262,106 @@
/**
* 验证用户是否含有指定角色,只需包含其中一个
- *
+ *
* @param roles 角色标识数组
*/
- public void checkRoleOr(String... roles)
- {
+ public void checkRoleOr(String... roles) {
Set<String> roleList = getRoleList();
- for (String role : roles)
- {
- if (hasRole(roleList, role))
- {
+ for (String role : roles) {
+ if (hasRole(roleList, role)) {
return;
}
}
- if (roles.length > 0)
- {
+ if (roles.length > 0) {
throw new NotRoleException(roles);
}
}
/**
* 根据注解(@RequiresLogin)鉴权
- *
+ *
* @param at 注解对象
*/
- public void checkByAnnotation(RequiresLogin at)
- {
+ public void checkByAnnotation(RequiresLogin at) {
this.checkLogin();
}
/**
* 根据注解(@RequiresRoles)鉴权
- *
+ *
* @param at 注解对象
*/
- public void checkByAnnotation(RequiresRoles at)
- {
+ public void checkByAnnotation(RequiresRoles at) {
String[] roleArray = at.value();
- if (at.logical() == Logical.AND)
- {
+ if (at.logical() == Logical.AND) {
this.checkRoleAnd(roleArray);
- }
- else
- {
+ } else {
this.checkRoleOr(roleArray);
}
}
/**
* 根据注解(@RequiresPermissions)鉴权
- *
+ *
* @param at 注解对象
*/
- public void checkByAnnotation(RequiresPermissions at)
- {
+ public void checkByAnnotation(RequiresPermissions at) {
String[] permissionArray = at.value();
- if (at.logical() == Logical.AND)
- {
+ if (at.logical() == Logical.AND) {
this.checkPermiAnd(permissionArray);
- }
- else
- {
+ } else {
this.checkPermiOr(permissionArray);
}
}
/**
* 获取当前账号的角色列表
- *
+ *
* @return 角色列表
*/
- public Set<String> getRoleList()
- {
- try
- {
+ public Set<String> getRoleList() {
+ try {
LoginUser loginUser = getLoginUser();
return loginUser.getRoles();
- }
- catch (Exception e)
- {
+ } catch (Exception e) {
return new HashSet<>();
}
}
/**
* 获取当前账号的权限列表
- *
+ *
* @return 权限列表
*/
- public Set<String> getPermiList()
- {
- try
- {
+ public Set<String> getPermiList() {
+ try {
LoginUser loginUser = getLoginUser();
return loginUser.getPermissions();
- }
- catch (Exception e)
- {
+ } catch (Exception e) {
return new HashSet<>();
}
}
/**
* 判断是否包含权限
- *
+ *
* @param authorities 权限列表
- * @param permission 权限字符串
+ * @param permission 权限字符串
* @return 用户是否具备某权限
*/
- public boolean hasPermi(Collection<String> authorities, String permission)
- {
+ public boolean hasPermi(Collection<String> authorities, String permission) {
return authorities.stream().filter(StringUtils::hasText)
.anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(x, permission));
}
/**
* 判断是否包含角色
- *
+ *
* @param roles 角色列表
- * @param role 角色
+ * @param role 角色
* @return 用户是否具备某角色权限
*/
- public boolean hasRole(Collection<String> roles, String role)
- {
+ public boolean hasRole(Collection<String> roles, String role) {
return roles.stream().filter(StringUtils::hasText)
.anyMatch(x -> SUPER_ADMIN.contains(x) || PatternMatchUtils.simpleMatch(x, role));
}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java
index 34d153e..47f0533 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java
@@ -7,11 +7,10 @@
/**
* Token 权限验证工具类
- *
+ *
* @author ruoyi
*/
-public class AuthUtil
-{
+public class AuthUtil {
/**
* 底层的 AuthLogic 对象
*/
@@ -20,177 +19,181 @@
/**
* 会话注销
*/
- public static void logout()
- {
+ public static void logout() {
authLogic.logout();
}
/**
* 会话注销,根据指定Token
- *
+ *
* @param token 指定token
*/
- public static void logoutByToken(String token)
- {
+ public static void logoutByToken(String token) {
authLogic.logoutByToken(token);
}
+
/**
* 家长端会话注销,根据指定Token
*
* @param token 指定token
*/
- public static void logoutByToken1(String token)
- {
+ public static void logoutByToken1(String token) {
authLogic.logoutByToken1(token);
}
/**
* 检验当前会话是否已经登录,如未登录,则抛出异常
*/
- public static void checkLogin()
- {
+ public static void checkLogin() {
authLogic.checkLogin();
}
/**
* 获取当前登录用户信息
- *
+ *
* @param token 指定token
* @return 用户信息
*/
- public static LoginUser getLoginUser(String token)
- {
+ public static LoginUser getLoginUser(String token) {
return authLogic.getLoginUser(token);
}
+
/**
* 获取当前登录用户信息
*
* @param token 指定token
* @return 用户信息
*/
- public static LoginUserParent getLoginUser1(String token)
- {
+ public static LoginUserParent getLoginUser1(String token) {
return authLogic.getLoginUser1(token);
}
/**
- * 验证当前用户有效期
- *
- * @param loginUser 用户信息
+ * 获取当前登录用户信息-学习端
+ *
+ * @param token 指定token
+ * @return 用户信息
*/
- public static void verifyLoginUserExpire(LoginUser loginUser)
- {
- authLogic.verifyLoginUserExpire(loginUser);
+ public static LoginUserParent getLoginUserStudy(String token) {
+ return authLogic.getLoginUserStudy(token);
}
+
/**
* 验证当前用户有效期
*
* @param loginUser 用户信息
*/
- public static void verifyLoginUserExpire1(LoginUserParent loginUser)
- {
+ public static void verifyLoginUserExpire(LoginUser loginUser) {
+ authLogic.verifyLoginUserExpire(loginUser);
+ }
+
+ /**
+ * 验证当前用户有效期
+ *
+ * @param loginUser 用户信息
+ */
+ public static void verifyLoginUserExpire1(LoginUserParent loginUser) {
authLogic.verifyLoginUserExpire1(loginUser);
}
/**
+ * 验证当前用户有效期 -学习端
+ *
+ * @param loginUser 用户信息
+ */
+ public static void verifyLoginUserStudyExpire(LoginUserParent loginUser) {
+ authLogic.verifyLoginUserStudyExpire(loginUser);
+ }
+
+ /**
* 当前账号是否含有指定角色标识, 返回true或false
- *
+ *
* @param role 角色标识
* @return 是否含有指定角色标识
*/
- public static boolean hasRole(String role)
- {
+ public static boolean hasRole(String role) {
return authLogic.hasRole(role);
}
/**
* 当前账号是否含有指定角色标识, 如果验证未通过,则抛出异常: NotRoleException
- *
+ *
* @param role 角色标识
*/
- public static void checkRole(String role)
- {
+ public static void checkRole(String role) {
authLogic.checkRole(role);
}
/**
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotRoleException
- *
+ *
* @param requiresRoles 角色权限注解
*/
- public static void checkRole(RequiresRoles requiresRoles)
- {
+ public static void checkRole(RequiresRoles requiresRoles) {
authLogic.checkRole(requiresRoles);
}
/**
* 当前账号是否含有指定角色标识 [指定多个,必须全部验证通过]
- *
+ *
* @param roles 角色标识数组
*/
- public static void checkRoleAnd(String... roles)
- {
+ public static void checkRoleAnd(String... roles) {
authLogic.checkRoleAnd(roles);
}
/**
* 当前账号是否含有指定角色标识 [指定多个,只要其一验证通过即可]
- *
+ *
* @param roles 角色标识数组
*/
- public static void checkRoleOr(String... roles)
- {
+ public static void checkRoleOr(String... roles) {
authLogic.checkRoleOr(roles);
}
/**
* 当前账号是否含有指定权限, 返回true或false
- *
+ *
* @param permission 权限码
* @return 是否含有指定权限
*/
- public static boolean hasPermi(String permission)
- {
+ public static boolean hasPermi(String permission) {
return authLogic.hasPermi(permission);
}
/**
* 当前账号是否含有指定权限, 如果验证未通过,则抛出异常: NotPermissionException
- *
+ *
* @param permission 权限码
*/
- public static void checkPermi(String permission)
- {
+ public static void checkPermi(String permission) {
authLogic.checkPermi(permission);
}
/**
* 根据注解传入参数鉴权, 如果验证未通过,则抛出异常: NotPermissionException
- *
+ *
* @param requiresPermissions 权限注解
*/
- public static void checkPermi(RequiresPermissions requiresPermissions)
- {
+ public static void checkPermi(RequiresPermissions requiresPermissions) {
authLogic.checkPermi(requiresPermissions);
}
/**
* 当前账号是否含有指定权限 [指定多个,必须全部验证通过]
- *
+ *
* @param permissions 权限码数组
*/
- public static void checkPermiAnd(String... permissions)
- {
+ public static void checkPermiAnd(String... permissions) {
authLogic.checkPermiAnd(permissions);
}
/**
* 当前账号是否含有指定权限 [指定多个,只要其一验证通过即可]
- *
+ *
* @param permissions 权限码数组
*/
- public static void checkPermiOr(String... permissions)
- {
+ public static void checkPermiOr(String... permissions) {
authLogic.checkPermiOr(permissions);
}
}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java
index b8ac863..b4d032b 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java
@@ -1,11 +1,5 @@
package com.ruoyi.common.security.interceptor;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import com.ruoyi.system.api.model.LoginUserParent;
-import org.springframework.web.method.HandlerMethod;
-import org.springframework.web.servlet.AsyncHandlerInterceptor;
import com.ruoyi.common.core.constant.SecurityConstants;
import com.ruoyi.common.core.context.SecurityContextHolder;
import com.ruoyi.common.core.utils.ServletUtils;
@@ -13,6 +7,12 @@
import com.ruoyi.common.security.auth.AuthUtil;
import com.ruoyi.common.security.utils.SecurityUtils;
import com.ruoyi.system.api.model.LoginUser;
+import com.ruoyi.system.api.model.LoginUserParent;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.AsyncHandlerInterceptor;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
/**
* 自定义请求头拦截器,将Header数据封装到线程变量中方便获取
@@ -20,13 +20,10 @@
*
* @author ruoyi
*/
-public class HeaderInterceptor implements AsyncHandlerInterceptor
-{
+public class HeaderInterceptor implements AsyncHandlerInterceptor {
@Override
- public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception
- {
- if (!(handler instanceof HandlerMethod))
- {
+ public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+ if (!(handler instanceof HandlerMethod)) {
return true;
}
@@ -35,28 +32,31 @@
SecurityContextHolder.setUserKey(ServletUtils.getHeader(request, SecurityConstants.USER_KEY));
String token = SecurityUtils.getToken();
- if (StringUtils.isNotEmpty(token))
- {
+ if (StringUtils.isNotEmpty(token)) {
LoginUser loginUser = AuthUtil.getLoginUser(token);
- if (StringUtils.isNotNull(loginUser))
- {
+ if (StringUtils.isNotNull(loginUser)) {
AuthUtil.verifyLoginUserExpire(loginUser);
SecurityContextHolder.set(SecurityConstants.LOGIN_USER, loginUser);
}
LoginUserParent loginUser1 = AuthUtil.getLoginUser1(token);
- if (StringUtils.isNotNull(loginUser1))
- {
+ if (StringUtils.isNotNull(loginUser1)) {
AuthUtil.verifyLoginUserExpire1(loginUser1);
SecurityContextHolder.set(SecurityConstants.LOGIN_USER, loginUser);
}
+// LoginUserParent loginUserStudy = AuthUtil.getLoginUserStudy(token);
+// if (StringUtils.isNotNull(loginUserStudy)) {
+// AuthUtil.verifyLoginUserStudyExpire(loginUserStudy);
+// SecurityContextHolder.set(SecurityConstants.USER_STUDY_KEY, loginUserStudy);
+// } else {
+// return false;
+// }
}
return true;
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
- throws Exception
- {
+ throws Exception {
SecurityContextHolder.remove();
}
}
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
index d114fd9..38eed13 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
@@ -1,7 +1,9 @@
package com.ruoyi.common.security.service;
+import com.alibaba.fastjson2.JSONObject;
import com.ruoyi.common.core.constant.CacheConstants;
import com.ruoyi.common.core.constant.SecurityConstants;
+import com.ruoyi.common.core.exception.GlobalException;
import com.ruoyi.common.core.utils.JwtUtils;
import com.ruoyi.common.core.utils.ServletUtils;
import com.ruoyi.common.core.utils.StringUtils;
@@ -17,6 +19,7 @@
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
+import java.util.Set;
import java.util.concurrent.TimeUnit;
/**
@@ -25,8 +28,7 @@
* @author ruoyi
*/
@Component
-public class TokenService
-{
+public class TokenService {
@Autowired
private RedisService redisService;
@@ -43,8 +45,7 @@
/**
* 创建令牌
*/
- public Map<String, Object> createToken(LoginUser loginUser)
- {
+ public Map<String, Object> createToken(LoginUser loginUser) {
String token = IdUtils.fastUUID();
Long userId = loginUser.getSysUser().getUserId();
String userName = loginUser.getSysUser().getUserName();
@@ -66,8 +67,8 @@
rspMap.put("expires_in", expireTime);
return rspMap;
}
- public Map<String, Object> createToken1(LoginUserParent loginUser)
- {
+
+ public Map<String, Object> createToken1(LoginUserParent loginUser) {
String token = IdUtils.fastUUID();
Integer userId = loginUser.getUserid();
String name = loginUser.getName();
@@ -86,8 +87,7 @@
return rspMap;
}
- public Map<String, Object> createTokenStudy(LoginUserParent loginUser)
- {
+ public Map<String, Object> createTokenStudy(LoginUserParent loginUser) {
String token = IdUtils.fastUUID();
Integer userId = loginUser.getUserid();
String name = loginUser.getName();
@@ -111,8 +111,7 @@
*
* @return 用户信息
*/
- public LoginUser getLoginUser()
- {
+ public LoginUser getLoginUser() {
return getLoginUser(ServletUtils.getRequest());
}
@@ -121,19 +120,18 @@
*
* @return 用户信息
*/
- public LoginUser getLoginUser(HttpServletRequest request)
- {
+ public LoginUser getLoginUser(HttpServletRequest request) {
// 获取请求携带的令牌
String token = SecurityUtils.getToken(request);
return getLoginUser(token);
}
+
/**
* 家长端/学习端获取用户身份信息
*
* @return 用户信息
*/
- public LoginUserParent getLoginUser1()
- {
+ public LoginUserParent getLoginUser1() {
return getLoginUser1(ServletUtils.getRequest());
}
@@ -142,9 +140,12 @@
*
* @return 用户信息
*/
- public LoginUserParent getLoginUserStudy()
- {
- return getLoginUserStudy(ServletUtils.getRequest());
+ public LoginUserParent getLoginUserStudy() {
+ LoginUserParent userStudy = getLoginUserStudy(ServletUtils.getRequest());
+ if (null == userStudy) {
+ throw new GlobalException("登录失效,请重新登录!");
+ }
+ return userStudy;
}
/**
@@ -152,8 +153,7 @@
*
* @return 用户信息
*/
- public LoginUserParent getLoginUser1(HttpServletRequest request)
- {
+ public LoginUserParent getLoginUser1(HttpServletRequest request) {
// 获取请求携带的令牌
String token = SecurityUtils.getToken(request);
return getLoginUser1(token);
@@ -164,8 +164,7 @@
*
* @return 用户信息
*/
- public LoginUserParent getLoginUserStudy(HttpServletRequest request)
- {
+ public LoginUserParent getLoginUserStudy(HttpServletRequest request) {
// 获取请求携带的令牌
String token = SecurityUtils.getToken(request);
return getLoginUserStudy(token);
@@ -176,42 +175,33 @@
*
* @return 用户信息
*/
- public LoginUser getLoginUser(String token)
- {
+ public LoginUser getLoginUser(String token) {
LoginUser user = null;
- try
- {
- if (StringUtils.isNotEmpty(token))
- {
+ try {
+ if (StringUtils.isNotEmpty(token)) {
String userkey = JwtUtils.getUserKey(token);
user = redisService.getCacheObject(getTokenKey(userkey));
return user;
}
- }
- catch (Exception e)
- {
+ } catch (Exception e) {
}
return user;
}
+
/**
* 家长端 学习端 获取用户身份信息
*
* @return 用户信息
*/
- public LoginUserParent getLoginUser1(String token)
- {
+ public LoginUserParent getLoginUser1(String token) {
LoginUserParent user = null;
- try
- {
- if (StringUtils.isNotEmpty(token))
- {
+ try {
+ if (StringUtils.isNotEmpty(token)) {
String userkey = JwtUtils.getUserKey1(token);
user = redisService.getCacheObject(getTokenKey(userkey));
return user;
}
- }
- catch (Exception e)
- {
+ } catch (Exception e) {
e.printStackTrace();
}
return user;
@@ -222,20 +212,15 @@
*
* @return 用户信息
*/
- public LoginUserParent getLoginUserStudy(String token)
- {
+ public LoginUserParent getLoginUserStudy(String token) {
LoginUserParent user = null;
- try
- {
- if (StringUtils.isNotEmpty(token))
- {
+ try {
+ if (StringUtils.isNotEmpty(token)) {
String userkey = JwtUtils.getUserKeyStudy(token);
user = redisService.getCacheObject(getTokenKey(userkey));
return user;
}
- }
- catch (Exception e)
- {
+ } catch (Exception e) {
e.printStackTrace();
}
return user;
@@ -244,10 +229,8 @@
/**
* 设置用户身份信息
*/
- public void setLoginUser(LoginUser loginUser)
- {
- if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken()))
- {
+ public void setLoginUser(LoginUser loginUser) {
+ if (StringUtils.isNotNull(loginUser) && StringUtils.isNotEmpty(loginUser.getToken())) {
refreshToken(loginUser);
}
}
@@ -255,21 +238,18 @@
/**
* 删除用户缓存信息
*/
- public void delLoginUser(String token)
- {
- if (StringUtils.isNotEmpty(token))
- {
+ public void delLoginUser(String token) {
+ if (StringUtils.isNotEmpty(token)) {
String userkey = JwtUtils.getUserKey(token);
redisService.deleteObject(getTokenKey(userkey));
}
}
+
/**
* 家长端删除用户缓存信息
*/
- public void delLoginUser1(String token)
- {
- if (StringUtils.isNotEmpty(token))
- {
+ public void delLoginUser1(String token) {
+ if (StringUtils.isNotEmpty(token)) {
String userkey = JwtUtils.getUserKey1(token);
redisService.deleteObject(getTokenKey(userkey));
}
@@ -280,27 +260,35 @@
*
* @param loginUser
*/
- public void verifyToken(LoginUser loginUser)
- {
+ public void verifyToken(LoginUser loginUser) {
long expireTime = loginUser.getExpireTime();
long currentTime = System.currentTimeMillis();
- if (expireTime - currentTime <= MILLIS_MINUTE_TEN)
- {
+ if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
refreshToken(loginUser);
}
}
+
/**
* 验证令牌有效期,相差不足120分钟,自动刷新缓存
*
* @param loginUser
*/
- public void verifyToken1(LoginUserParent loginUser)
- {
+ public void verifyToken1(LoginUserParent loginUser) {
long expireTime = loginUser.getExpireTime();
long currentTime = System.currentTimeMillis();
- if (expireTime - currentTime <= MILLIS_MINUTE_TEN)
- {
+ if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
refreshToken1(loginUser);
+ }
+ }
+
+ /**
+ * 验证令牌有效期,相差不足120分钟,自动刷新缓存
+ */
+ public void verifyTokenStudy(LoginUserParent loginUser) {
+ long expireTime = loginUser.getExpireTime();
+ long currentTime = System.currentTimeMillis();
+ if (expireTime - currentTime <= MILLIS_MINUTE_TEN) {
+ refreshTokenStudy(loginUser);
}
}
@@ -309,8 +297,7 @@
*
* @param loginUser 登录信息
*/
- public void refreshToken(LoginUser loginUser)
- {
+ public void refreshToken(LoginUser loginUser) {
loginUser.setLoginTime(System.currentTimeMillis());
loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
// 根据uuid将loginUser缓存
@@ -321,8 +308,7 @@
/**
* 家长端用户登录
*/
- public void refreshToken1(LoginUserParent dto)
- {
+ public void refreshToken1(LoginUserParent dto) {
dto.setLoginTime(System.currentTimeMillis());
dto.setExpireTime(dto.getLoginTime() + expireTime * MILLIS_MINUTE);
// 根据uuid将loginUser缓存
@@ -333,8 +319,20 @@
/**
* 学习端用户登录
*/
- public void refreshTokenStudy(LoginUserParent dto)
- {
+ public void refreshTokenStudy(LoginUserParent dto) {
+ // 获取所有 login_tokens: 前缀的登录缓存
+ Set redisCache = redisService.getKeysPrefix(ACCESS_TOKEN + "*");
+ for (Object key : redisCache) {
+ String strKey = String.valueOf(key);
+ // 根据 login_tokens:加密token 获取用户登录信息
+ Object redisCacheUserInfo = redisService.getCacheObject(strKey);
+ LoginUserParent redisUserInfo = JSONObject.parseObject(JSONObject.toJSONString(redisCacheUserInfo), LoginUserParent.class);
+ // 单点逻辑
+ if (dto.getPhone().equals(redisUserInfo.getPhone())) {
+ redisService.deleteObject(strKey);
+ }
+ }
+ // 单点登录逻辑
dto.setLoginTime(System.currentTimeMillis());
dto.setExpireTime(dto.getLoginTime() + expireTime * MILLIS_MINUTE);
// 根据uuid将loginUser缓存
@@ -342,8 +340,7 @@
redisService.setCacheObject(userKey, dto, expireTime, TimeUnit.MINUTES);
}
- private String getTokenKey(String token)
- {
+ private String getTokenKey(String token) {
return ACCESS_TOKEN + token;
}
}
\ No newline at end of file
--
Gitblit v1.7.1