From ede2289eb8fb676632a7783fece32507f8bd3dd7 Mon Sep 17 00:00:00 2001
From: xuhy <3313886187@qq.com>
Date: 星期四, 13 二月 2025 17:26:50 +0800
Subject: [PATCH] 权限修改
---
ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java | 22 +++++++++++++++++-----
ruoyi-applet/src/main/java/com/ruoyi/web/controller/api/WxLoginController.java | 2 ++
ruoyi-applet/src/main/java/com/ruoyi/web/controller/interceptor/MybatisInterceptor.java | 4 ++--
ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java | 1 +
ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java | 19 +++++++++++++++++--
5 files changed, 39 insertions(+), 9 deletions(-)
diff --git a/ruoyi-applet/src/main/java/com/ruoyi/web/controller/api/WxLoginController.java b/ruoyi-applet/src/main/java/com/ruoyi/web/controller/api/WxLoginController.java
index f6158e2..562b8fe 100644
--- a/ruoyi-applet/src/main/java/com/ruoyi/web/controller/api/WxLoginController.java
+++ b/ruoyi-applet/src/main/java/com/ruoyi/web/controller/api/WxLoginController.java
@@ -128,6 +128,8 @@
tenant.setAccount(appletUserDecodeData.getPhoneNumber());
tenant.setPassword(SecurityUtils.encryptPassword(appletUserDecodeData.getPhoneNumber().substring(5)));
tenant.setOpenId(appletUserDecodeData.getOpenId());
+ // 手机号中间四位替换为*
+ tenant.setResidentName(appletUserDecodeData.getPhoneNumber().replaceAll("(\\d{3})\\d{4}(\\d{4})", "$1****$2"));
tTenantService.save(tenant);
}
LoginUserApplet loginUserApplet = new LoginUserApplet();
diff --git a/ruoyi-applet/src/main/java/com/ruoyi/web/controller/interceptor/MybatisInterceptor.java b/ruoyi-applet/src/main/java/com/ruoyi/web/controller/interceptor/MybatisInterceptor.java
index ae4b66e..57a4ff0 100644
--- a/ruoyi-applet/src/main/java/com/ruoyi/web/controller/interceptor/MybatisInterceptor.java
+++ b/ruoyi-applet/src/main/java/com/ruoyi/web/controller/interceptor/MybatisInterceptor.java
@@ -56,7 +56,7 @@
//注入创建时间
if ("createTime".equals(field.getName())) {
field.setAccessible(true);
- field.set(parameter, new Date());
+// field.set(parameter, new Date());
field.setAccessible(false);
}
} catch (Exception e) {
@@ -79,7 +79,7 @@
}
if ("updateTime".equals(field.getName())) {
field.setAccessible(true);
- field.set(parameter, new Date());
+// field.set(parameter, new Date());
field.setAccessible(false);
}
} catch (Exception e) {
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
index 1a4e0fa..5f90047 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@@ -118,6 +118,7 @@
"/applet/changepwd", "/captchaImage","/getCode","/loginCode",
"/operations/getBySingleNum/**",
"/user/getUserInfoByNumber/**",
+ "/wxLogin/**",
"/open/**"
).permitAll()
// 静态资源,可匿名访问
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
index 3eb2495..9015708 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
@@ -5,6 +5,8 @@
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+
+import com.ruoyi.common.core.domain.model.LoginUserApplet;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
@@ -32,12 +34,22 @@
throws ServletException, IOException
{
LoginUser loginUser = tokenService.getLoginUser(request);
- if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
+ LoginUserApplet applet = tokenService.getLoginUserApplet(request);
+ if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())||
+ StringUtils.isNotNull(applet))
{
- tokenService.verifyToken(loginUser);
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
- authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
- SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+ if (StringUtils.isNotNull(loginUser)){
+ tokenService.verifyToken(loginUser);
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
+ authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+ SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+ }
+ if (StringUtils.isNotNull(applet)){
+ tokenService.verifyTokenApplet(applet);
+ UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(applet, null, applet.getAuthorities());
+ authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
+ SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+ }
}
chain.doFilter(request, response);
}
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java
index 9bed984..51fb581 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java
@@ -108,7 +108,7 @@
*
* @return 用户信息
*/
- public LoginUser getLoginUserApplet(HttpServletRequest request)
+ public LoginUserApplet getLoginUserApplet(HttpServletRequest request)
{
// 获取请求携带的令牌
String token = getToken(request);
@@ -120,7 +120,7 @@
// 解析对应的权限以及用户信息
String uuid = (String) claims.get(Constants.LOGIN_USER_APPLET_KEY);
String userKey = getTokenKey(uuid);
- LoginUser user = redisCache.getCacheObject(userKey);
+ LoginUserApplet user = redisCache.getCacheObject(userKey);
return user;
}
catch (Exception e)
@@ -204,6 +204,21 @@
refreshToken(loginUser);
}
}
+ /**
+ * 小程序验证令牌有效期,相差不足20分钟,自动刷新缓存
+ *
+ * @param loginUser
+ * @return 令牌
+ */
+ public void verifyTokenApplet(LoginUserApplet loginUser)
+ {
+ long expireTime = loginUser.getExpireTime();
+ long currentTime = System.currentTimeMillis();
+ if (expireTime - currentTime <= MILLIS_MINUTE_TEN)
+ {
+ refreshTokenApplet(loginUser);
+ }
+ }
/**
* 刷新令牌有效期
--
Gitblit v1.7.1