From 8c6ed6820e53c27fa40973da285fd39a66424540 Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期三, 07 五月 2025 14:03:08 +0800
Subject: [PATCH] 提交等保部分功能修改
---
ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java | 6 +++
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java | 2
ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java | 13 +++++-
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java | 2 +
ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/util/TaskUtil.java | 60 ++++++++++++++++++++++++++++++
ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java | 25 ++++++++++++
6 files changed, 104 insertions(+), 4 deletions(-)
diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
index da2ac38..c6928db 100644
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
@@ -67,6 +67,12 @@
Partner partner = partnerClient.getPartnerById(userInfo.getSysUser().getObjectId()).getData();
map.put("partnerName", partner.getName());
}
+ long time = userInfo.getSysUser().getPassWordUpdate().getTime();
+ map.put("password", false);
+ //30天提示修改密码
+ if(System.currentTimeMillis() >= (time + 2592000000L)){
+ map.put("password", true);
+ }
// 修改用户最后登录时间
SysUser sysUser = new SysUser();
sysUser.setUserId(userInfo.getSysUser().getUserId());
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
index d30a11f..432952c 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java
@@ -62,9 +62,12 @@
claimsMap.put(SecurityConstants.USER_TYPE, "system");
claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
+ String token1 = JwtUtils.createToken(claimsMap);
+ String userKey = getUserKey(loginUser.getUserid());
+ redisService.setCacheObject(userKey, token1, expireTime, TimeUnit.MINUTES);
// 接口返回信息
Map<String, Object> rspMap = new HashMap<String, Object>();
- rspMap.put("access_token", JwtUtils.createToken(claimsMap));
+ rspMap.put("access_token", token1);
rspMap.put("expires_in", expireTime);
return rspMap;
}
@@ -208,8 +211,8 @@
loginUser.setLoginTime(System.currentTimeMillis());
loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
// 根据uuid将loginUser缓存
- String userKey = getTokenKey(loginUser.getToken());
- redisService.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
+ String tokenKey = getTokenKey(loginUser.getToken());
+ redisService.setCacheObject(tokenKey, loginUser, expireTime, TimeUnit.MINUTES);
}
public void refreshToken1(LoginUserApplet dto) {
@@ -223,4 +226,8 @@
private String getTokenKey(String token) {
return ACCESS_TOKEN + token;
}
+
+ private String getUserKey(Long userid) {
+ return ACCESS_TOKEN + userid;
+ }
}
\ No newline at end of file
diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
index ff02153..692591f 100644
--- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
+++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java
@@ -25,6 +25,7 @@
import io.jsonwebtoken.Claims;
import reactor.core.publisher.Mono;
+import java.time.LocalDateTime;
import java.util.HashMap;
import java.util.Map;
@@ -86,6 +87,10 @@
addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
addHeader(mutate, SecurityConstants.USER_TYPE, userType);
+ //管理后台记录用户最后一次的操作时间,用于判定30分钟无操作后删除token,退出登录
+ if("system".equals(userType)){
+ addLastTime(userid, url);
+ }
// 内部请求来源参数清除
removeHeader(mutate, SecurityConstants.FROM_SOURCE);
return chain.filter(exchange.mutate().request(mutate.build()).build());
@@ -109,6 +114,26 @@
return ServletUtils.webFluxResponseWriter(exchange.getResponse(), msg, HttpStatus.UNAUTHORIZED);
}
+
+ /**
+ * 记录用户最后一次操作的时间
+ * @param userid
+ * @param url
+ */
+ private void addLastTime(String userid, String url){
+ Object lastTime = redisService.getCacheObject("lastTime:" + userid);
+ if(null == lastTime){
+ redisService.setCacheObject("lastTime:" + userid, System.currentTimeMillis());
+ }else{
+ Long last = Long.valueOf(lastTime.toString());
+ //操作登录或者时间差值小于30分钟,写入新的数据到缓存中
+ if("/auth/login".equals(url) || System.currentTimeMillis() - last < 1800000L){
+ redisService.setCacheObject("lastTime:" + userid, System.currentTimeMillis());
+ }
+ }
+ }
+
+
/**
* 获取缓存key
*/
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java
index 3fc922f..c23ae19 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java
@@ -7,6 +7,7 @@
import com.ruoyi.common.security.annotation.EnableRyFeignClients;
import com.ruoyi.common.swagger.annotation.EnableCustomSwagger2;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
+import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.annotation.EnableTransactionManagement;
/**
@@ -18,6 +19,7 @@
@MapperScan({"com.ruoyi.system.mapper"})
@EnableCustomSwagger2
@EnableRyFeignClients
+@EnableScheduling//开启定时任务
@SpringBootApplication
@EnableTransactionManagement
public class RuoYiSystemApplication
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
index e14b510..acca8a1 100644
--- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java
@@ -130,6 +130,7 @@
user.setCreateBy(SecurityUtils.getUsername());
user.setPassword(SecurityUtils.encryptPassword(user.getPassword()));
user.setRoleType(1);
+ user.setPassWordUpdate(new Date());
userService.insertUser(user);
SysUserRole sysUserRole = new SysUserRole();
sysUserRole.setRoleId(user.getRoleId());
@@ -503,7 +504,6 @@
sysUserVo.setSysUser(sysUser);
sysUserVo.setRoles(roles);
sysUserVo.setPermissions(permissions);
-
return R.ok(sysUserVo);
}
diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/util/TaskUtil.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/util/TaskUtil.java
new file mode 100644
index 0000000..31c030d
--- /dev/null
+++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/util/TaskUtil.java
@@ -0,0 +1,60 @@
+package com.ruoyi.system.util;
+
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.ruoyi.common.core.utils.JwtUtils;
+import com.ruoyi.common.redis.service.RedisService;
+import com.ruoyi.common.security.auth.AuthUtil;
+import com.ruoyi.system.api.domain.SysUser;
+import com.ruoyi.system.service.ISysUserService;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Component;
+
+import javax.annotation.Resource;
+import java.util.List;
+
+
+/**
+ * @author zhibing.pu
+ * @date 2023/7/11 8:39
+ */
+@Component
+public class TaskUtil {
+
+ @Resource
+ private ISysUserService sysUserService;
+
+ @Resource
+ private RedisService redisService;
+
+
+ /**
+ * 每分钟检测后台用户是否有30分钟未进行操作
+ */
+ @Scheduled(fixedRate = 60000)
+ public void taskLogout() {
+ List<SysUser> list = sysUserService.list(new LambdaQueryWrapper<SysUser>().eq(SysUser::getDelFlag, "0").eq(SysUser::getStatus, "0"));
+ for (SysUser sysUser : list) {
+ Object lastTime = redisService.getCacheObject("lastTime:" + sysUser.getUserId());
+ if(null == lastTime){
+ Object cacheObject = redisService.getCacheObject("login_tokens:" + sysUser.getUserId());
+ if(null != cacheObject){
+ String token = cacheObject.toString();
+ // 删除用户缓存记录
+ AuthUtil.logoutByToken(token);
+ }
+ }else{
+ Long last = Long.valueOf(lastTime.toString());
+ //操作登录或者时间差值小于30分钟,写入新的数据到缓存中
+ if(System.currentTimeMillis() - last >= 1800000L){
+ Object cacheObject = redisService.getCacheObject("login_tokens:" + sysUser.getUserId());
+ if(null != cacheObject){
+ String token = cacheObject.toString();
+ // 删除用户缓存记录
+ AuthUtil.logoutByToken(token);
+ }
+ }
+ }
+ }
+ }
+
+}
--
Gitblit v1.7.1