记得上下班打卡 | git大法好,push需谨慎

Commit a7321f5f authored by 张国柄's avatar 张国柄

登录TOKEN REDIS存储校验调整;

parent 854b0a3c
......@@ -29,7 +29,6 @@ import org.springframework.util.DigestUtils;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import java.nio.charset.StandardCharsets;
import java.util.Arrays;
import java.util.HashMap;
......@@ -43,12 +42,12 @@ import java.util.Objects;
@RequestMapping("")
public class AdamLoginController {
@Autowired
Environment environment;
@Autowired
JwtValidator jwtValidator;
Environment env;
@Autowired
RedisUtil redisUtil;
@Autowired
JwtValidator jwtValidator;
@Autowired
DefaultAcsClient defaultAcsClient;
@Autowired
IAdamUserService adamUserService;
......@@ -130,13 +129,7 @@ public class AdamLoginController {
loginInfoVo.setMemberSimpleVo(adamRdmService.getMemberSimpleVo());
// }
loginInfoVo.setUserInfo(userInfoVo);
Map<String, Object> claimsMap = new HashMap<>();
claimsMap.put("sub", userInfoVo.getUid());
// TODO: 2021/5/25 修改手机号更新TOKEN
claimsMap.put("mobile", userInfoVo.getMobile());
claimsMap.put("nickname", userInfoVo.getNickname());
loginInfoVo.setToken(this.ssoProcess(claimsMap));
loginInfoVo.setToken(this.ssoProcess(userInfoVo));
return ResponseDto.success(loginInfoVo);
}
......@@ -164,12 +157,7 @@ public class AdamLoginController {
loginInfoVo.setMemberSimpleVo(adamRdmService.getMemberSimpleVo());
// }
loginInfoVo.setUserInfo(userInfoVo);
Map<String, Object> claimsMap = new HashMap<>();
claimsMap.put("sub", userInfoVo.getUid());
claimsMap.put("mobile", userInfoVo.getMobile());
claimsMap.put("nickname", userInfoVo.getNickname());
loginInfoVo.setToken(this.ssoProcess(claimsMap));
loginInfoVo.setToken(this.ssoProcess(userInfoVo));
return ResponseDto.success(AdamLoginInfoVo.getNew());
}
......@@ -191,51 +179,44 @@ public class AdamLoginController {
loginInfoVo.setUserMemberVo(adamRdmService.getUserMemberVoByUid(uid));
loginInfoVo.setMemberSimpleVo(adamRdmService.getMemberSimpleVo());
} else {// 新账号注册
if (!this.checkSmsCode(parameter.getMobile(), parameter.getCode())) return ResponseDto.failure(ErrorMapping.get("10002"));
if (!this.checkSmsCode(parameter.getMobile(), parameter.getCode()))
return ResponseDto.failure(ErrorMapping.get("10002"));
AdamUserInfoVo registerUserInfo = adamUserService.register(parameter);
loginInfoVo.setUserInfo(registerUserInfo);
loginInfoVo.setThirdPartInfo(adamRdmService.getThirdPartVoListByUid(registerUserInfo.getUid()));
loginInfoVo.setMemberSimpleVo(adamRdmService.getMemberSimpleVo());
}
Map<String, Object> claimsMap = new HashMap<>();
claimsMap.put("sub", loginInfoVo.getUserInfo().getUid());
claimsMap.put("mobile", loginInfoVo.getUserInfo().getMobile());
claimsMap.put("nickname", loginInfoVo.getUserInfo().getNickname());
loginInfoVo.setToken(this.ssoProcess(claimsMap));
loginInfoVo.setToken(this.ssoProcess(loginInfoVo.getUserInfo()));
return ResponseDto.success(loginInfoVo);
}
@ApiOperationSupport(order = 6)
@ApiOperation(value = "登出")
@PostMapping(value = {"out"})
public ResponseDto<Object> logout(HttpServletRequest request) {
String uToken = request.getHeader(CurrentUtil.uToken);
log.info("###logout:uid:{}\ntoken:{}\nuToken:{}", CurrentUtil.getCurrentUid(), CurrentUtil.getToken(), uToken);
public void logout() {
log.info("###logout:uid:{}\ntoken:{}", CurrentUtil.getCurrentUid(), CurrentUtil.getToken());
String ssoKeyUidM5Token = jwtValidator.getSsoRedisKey().concat(CurrentUtil.getCurrentUid()).concat(
DigestUtils.md5DigestAsHex(uToken.getBytes(StandardCharsets.UTF_8))
);
redisUtil.set(ssoKeyUidM5Token, false);
return ResponseDto.success();
redisUtil.del(jwtValidator.getSsoRedisKey().concat(CurrentUtil.getCurrentUid()));
}
@ApiOperationSupport(order = 7)
@ApiOperation(value = "注销")
@PostMapping(value = {"close"})
public ResponseDto<Object> close(HttpServletRequest request) {
public ResponseDto<Object> close() {
log.info("###close:uid:{}", CurrentUtil.getCurrentUid());
adamUserService.close(CurrentUtil.getCurrentUid());
return this.logout(request);
this.logout();
return ResponseDto.success();
}
/* ---------------------------- Internal Method ---------------------------- */
private boolean checkSmsCode(String mobile, String code) {
if (Arrays.asList("dev", "test").contains(environment.getProperty("spring.profiles.active"))) {
if (Arrays.asList("dev", "test").contains(env.getProperty("spring.profiles.active"))) {
return "111111".equals(code);
}
......@@ -275,18 +256,20 @@ public class AdamLoginController {
return null;
}
private String ssoProcess(Map<String, Object> claimsMap) {
String uid = (String) claimsMap.get("sub");
String uidSso = jwtValidator.getSsoRedisKey().concat(uid);
// redisUtil.delKeysByPrefix(uidSso);
private String ssoProcess(AdamUserInfoVo userInfoVo) {
Map<String, Object> claimsMap = new HashMap<>();
claimsMap.put("sub", userInfoVo.getUid());
// TODO: 2021/5/25 修改手机号更新TOKEN
claimsMap.put("mobile", userInfoVo.getMobile());
claimsMap.put("nickname", userInfoVo.getNickname());
String token = jwtValidator.create(claimsMap);
String ssoKey = uidSso.concat(DigestUtils.md5DigestAsHex(token.getBytes(StandardCharsets.UTF_8)));
redisUtil.set(ssoKey, true, jwtValidator.getExpireTtl() * 60);
redisUtil.set(
jwtValidator.getSsoRedisKey().concat(userInfoVo.getUid()),
DigestUtils.md5DigestAsHex(token.getBytes(StandardCharsets.UTF_8)),
jwtValidator.getExpireTtl() * 60
);
return token;
}
......
......@@ -212,7 +212,7 @@ public class AdamRdmServiceImpl implements IAdamRdmService {
@Override
public void delUserMemberVoByUid(String uid) {
redisUtil.del(AdamRedisConst.INFO_USER_MEMBER.concat(uid));;
redisUtil.del(AdamRedisConst.INFO_USER_MEMBER.concat(uid));
}
@Override
......
......@@ -85,20 +85,17 @@ public class KylinStationController {
@ApiOperation(value = "登出")
@PostMapping("out")
public ResponseDto<String> out() {
public void out() {
String checkUserId = CurrentUtil.getCurrentUid();
String token = CurrentUtil.getToken();
String ssoKeyUidM5Token = jwtValidator.getSsoRedisKey().concat(CurrentUtil.getCurrentUid()).concat(
DigestUtils.md5DigestAsHex(token.getBytes(StandardCharsets.UTF_8))
);
log.info("###logout:checkUserId:{}\nssoKey:{}\ntoken:{}", checkUserId, ssoKeyUidM5Token, token);
String ssoUidM5TokenKey = jwtValidator.getSsoRedisKey()
.concat(checkUserId).concat(":").concat(DigestUtils.md5DigestAsHex(token.getBytes(StandardCharsets.UTF_8)));
redisUtil.set(ssoKeyUidM5Token, false);
log.info("###logout:checkUserId:{}\nssoKey:{}\ntoken:{}", checkUserId, ssoUidM5TokenKey, token);
return ResponseDto.success();
redisUtil.set(ssoUidM5TokenKey, 0);
}
/* ------------------------------------------------------------------ */
......@@ -400,20 +397,18 @@ public class KylinStationController {
}
private ResponseDto<KylinStationLoginVo> loginAuthentication(KylinCheckUserVo checkUserVo) {
String uid = checkUserVo.getCheckUserId();
String ssoKeyUid = jwtValidator.getSsoRedisKey().concat(uid);
Map<String, Object> claimsMap = new HashMap<>();
claimsMap.put("sub", uid);
claimsMap.put("sub", checkUserVo.getCheckUserId());
claimsMap.put("mobile", checkUserVo.getMobile());
claimsMap.put("nickname", checkUserVo.getName());
String token = jwtValidator.create(claimsMap);
String ssoKeyUidM5Token = ssoKeyUid.concat(DigestUtils.md5DigestAsHex(token.getBytes(StandardCharsets.UTF_8)));
String ssoUidM5TokenKey = jwtValidator.getSsoRedisKey()
.concat(checkUserVo.getCheckUserId())
.concat(":").concat(DigestUtils.md5DigestAsHex(token.getBytes(StandardCharsets.UTF_8)));
redisUtil.set(ssoKeyUidM5Token, true, jwtValidator.getExpireTtl() * 60);
redisUtil.set(ssoUidM5TokenKey, 1, jwtValidator.getExpireTtl() * 60);
KylinStationLoginVo stationLoginVo = KylinStationLoginVo.getNew();
stationLoginVo.setUid(checkUserVo.getCheckUserId());
......
......@@ -35,6 +35,8 @@ public class GlobalAuthFilter extends ZuulFilter {
private List<String> excludeUrl;
private List<String> excludeUrlPattern;
private static final String KYLIN_STATION_JWT_VALID = "/kylin/station/**";
private static final String CONTENT_TYPE = "application/json;charset=utf-8";
private static final String AUTHORIZATION = "authorization";
private static final String TOKEN_STATUS = "token_status";
......@@ -80,6 +82,8 @@ public class GlobalAuthFilter extends ZuulFilter {
ctx.addZuulRequestHeader(TOKEN_STATUS, TOKEN_ILLEGAL);
}
ctx.addZuulRequestHeader(CurrentUtil.uToken, token);
} else {
ctx.addZuulRequestHeader(TOKEN_STATUS, TOKEN_ILLEGAL);
}
String requestURI = ctxRequest.getRequestURI();
......@@ -106,36 +110,43 @@ public class GlobalAuthFilter extends ZuulFilter {
@Override
public Object run() {
RequestContext ctx = RequestContext.getCurrentContext();
Map<String, String> zuulRequestHeaders = ctx.getZuulRequestHeaders();
String uToken = zuulRequestHeaders.get(CurrentUtil.uToken);
log.debug("lns.headers:{}", zuulRequestHeaders);
log.debug("headers:{}", zuulRequestHeaders);
String uToken = zuulRequestHeaders.get(CurrentUtil.uToken), uid;
if (StringUtils.isEmpty(uToken) || StringUtils.isEmpty(uid = zuulRequestHeaders.get(CurrentUtil.uID))) {
this.respHandler(ctx, zuulRequestHeaders.get(TOKEN_STATUS));
if (StringUtils.isEmpty(uToken)) {
respHandler(ctx, TOKEN_ILLEGAL);
} else {
String uid = zuulRequestHeaders.get(CurrentUtil.uID);
if (StringUtils.isEmpty(uid)) {
respHandler(ctx, zuulRequestHeaders.get(TOKEN_STATUS));
return null;
}
if (PathMatchUtil.isPathMatch(KYLIN_STATION_JWT_VALID, ctx.getRequest().getRequestURI())) {// 专业版APP
// adam:identity:sso:${uid}:MD5(${token})=${1-在线|0-离线}
String ssoUidM5TokenKey = jwtValidator.getSsoRedisKey()
.concat(uid).concat(":").concat(DigestUtils.md5DigestAsHex(uToken.getBytes(StandardCharsets.UTF_8)));
Integer online = (Integer) redisUtil.get(ssoUidM5TokenKey);
if (null == online || online != 1) {
this.respHandler(ctx, TOKEN_INVALID);
} else {
String ssoKeyUidM5Token = jwtValidator.getSsoRedisKey().concat(uid).concat(
DigestUtils.md5DigestAsHex(uToken.getBytes(StandardCharsets.UTF_8))
);
if (redisUtil.hasKey(ssoKeyUidM5Token)) {// 是否存在SSO
if ((boolean) redisUtil.get(ssoKeyUidM5Token)) {// 是否在线
ctx.setSendZuulResponse(true);
}
} else {
// adam:identity:sso:${uid}=MD5(${token})
String ssoKey = jwtValidator.getSsoRedisKey().concat(uid);
ctx.setSendZuulResponse(true);
} else {
String md5Token = (String) redisUtil.get(ssoKey);
respHandler(ctx, TOKEN_INVALID);
}
if (StringUtils.isEmpty(md5Token)) {
// 已离线
this.respHandler(ctx, TOKEN_INVALID);
} else {
// 与在线TOKEN比对
if (md5Token.equals(DigestUtils.md5DigestAsHex(uToken.getBytes(StandardCharsets.UTF_8)))) {
// 一致则放行
ctx.setSendZuulResponse(true);
} else {
respHandler(ctx, TOKEN_KICK);
// 不一致则被踢下线
this.respHandler(ctx, TOKEN_KICK);
}
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment