mirror of https://github.com/elunez/eladmin
liaojinlong
parent
d49aedda01
commit
97621e36bf
|
|
@ -20,6 +20,7 @@ import me.zhengjie.annotation.AnonymousAccess;
|
||||||
import me.zhengjie.modules.security.config.bean.SecurityProperties;
|
import me.zhengjie.modules.security.config.bean.SecurityProperties;
|
||||||
import me.zhengjie.modules.security.security.*;
|
import me.zhengjie.modules.security.security.*;
|
||||||
import me.zhengjie.modules.security.service.OnlineUserService;
|
import me.zhengjie.modules.security.service.OnlineUserService;
|
||||||
|
import me.zhengjie.modules.security.service.UserCacheClean;
|
||||||
import me.zhengjie.utils.enums.RequestMethodEnum;
|
import me.zhengjie.utils.enums.RequestMethodEnum;
|
||||||
import org.springframework.context.ApplicationContext;
|
import org.springframework.context.ApplicationContext;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
|
|
@ -58,6 +59,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
private final ApplicationContext applicationContext;
|
private final ApplicationContext applicationContext;
|
||||||
private final SecurityProperties properties;
|
private final SecurityProperties properties;
|
||||||
private final OnlineUserService onlineUserService;
|
private final OnlineUserService onlineUserService;
|
||||||
|
private final UserCacheClean userCacheClean;
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
GrantedAuthorityDefaults grantedAuthorityDefaults() {
|
GrantedAuthorityDefaults grantedAuthorityDefaults() {
|
||||||
|
|
@ -181,6 +183,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
}
|
}
|
||||||
|
|
||||||
private TokenConfigurer securityConfigurerAdapter() {
|
private TokenConfigurer securityConfigurerAdapter() {
|
||||||
return new TokenConfigurer(tokenProvider, properties, onlineUserService);
|
return new TokenConfigurer(tokenProvider, properties, onlineUserService, userCacheClean);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ package me.zhengjie.modules.security.security;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import me.zhengjie.modules.security.config.bean.SecurityProperties;
|
import me.zhengjie.modules.security.config.bean.SecurityProperties;
|
||||||
import me.zhengjie.modules.security.service.OnlineUserService;
|
import me.zhengjie.modules.security.service.OnlineUserService;
|
||||||
|
import me.zhengjie.modules.security.service.UserCacheClean;
|
||||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||||
|
|
@ -32,10 +33,11 @@ public class TokenConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFi
|
||||||
private final TokenProvider tokenProvider;
|
private final TokenProvider tokenProvider;
|
||||||
private final SecurityProperties properties;
|
private final SecurityProperties properties;
|
||||||
private final OnlineUserService onlineUserService;
|
private final OnlineUserService onlineUserService;
|
||||||
|
private final UserCacheClean userCacheClean;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public void configure(HttpSecurity http) {
|
public void configure(HttpSecurity http) {
|
||||||
TokenFilter customFilter = new TokenFilter(tokenProvider, properties, onlineUserService);
|
TokenFilter customFilter = new TokenFilter(tokenProvider, properties, onlineUserService, userCacheClean);
|
||||||
http.addFilterBefore(customFilter, UsernamePasswordAuthenticationFilter.class);
|
http.addFilterBefore(customFilter, UsernamePasswordAuthenticationFilter.class);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ package me.zhengjie.modules.security.security;
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import io.jsonwebtoken.ExpiredJwtException;
|
import io.jsonwebtoken.ExpiredJwtException;
|
||||||
import me.zhengjie.modules.security.config.bean.SecurityProperties;
|
import me.zhengjie.modules.security.config.bean.SecurityProperties;
|
||||||
|
import me.zhengjie.modules.security.service.UserCacheClean;
|
||||||
import me.zhengjie.modules.security.service.dto.OnlineUserDto;
|
import me.zhengjie.modules.security.service.dto.OnlineUserDto;
|
||||||
import me.zhengjie.modules.security.service.OnlineUserService;
|
import me.zhengjie.modules.security.service.OnlineUserService;
|
||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
|
|
@ -33,6 +34,7 @@ import javax.servlet.ServletRequest;
|
||||||
import javax.servlet.ServletResponse;
|
import javax.servlet.ServletResponse;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.Objects;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @author /
|
* @author /
|
||||||
|
|
@ -44,16 +46,19 @@ public class TokenFilter extends GenericFilterBean {
|
||||||
private final TokenProvider tokenProvider;
|
private final TokenProvider tokenProvider;
|
||||||
private final SecurityProperties properties;
|
private final SecurityProperties properties;
|
||||||
private final OnlineUserService onlineUserService;
|
private final OnlineUserService onlineUserService;
|
||||||
|
private final UserCacheClean userCacheClean;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param tokenProvider Token
|
* @param tokenProvider Token
|
||||||
* @param properties JWT
|
* @param properties JWT
|
||||||
* @param onlineUserService 用户在线
|
* @param onlineUserService 用户在线
|
||||||
|
* @param userCacheClean 用户缓存清理工具
|
||||||
*/
|
*/
|
||||||
public TokenFilter(TokenProvider tokenProvider, SecurityProperties properties, OnlineUserService onlineUserService) {
|
public TokenFilter(TokenProvider tokenProvider, SecurityProperties properties, OnlineUserService onlineUserService, UserCacheClean userCacheClean) {
|
||||||
this.properties = properties;
|
this.properties = properties;
|
||||||
this.onlineUserService = onlineUserService;
|
this.onlineUserService = onlineUserService;
|
||||||
this.tokenProvider = tokenProvider;
|
this.tokenProvider = tokenProvider;
|
||||||
|
this.userCacheClean = userCacheClean;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
@ -64,10 +69,16 @@ public class TokenFilter extends GenericFilterBean {
|
||||||
// 对于 Token 为空的不需要去查 Redis
|
// 对于 Token 为空的不需要去查 Redis
|
||||||
if (StrUtil.isNotBlank(token)) {
|
if (StrUtil.isNotBlank(token)) {
|
||||||
OnlineUserDto onlineUserDto = null;
|
OnlineUserDto onlineUserDto = null;
|
||||||
|
boolean cleanUserCache = false;
|
||||||
try {
|
try {
|
||||||
onlineUserDto = onlineUserService.getOne(properties.getOnlineKey() + token);
|
onlineUserDto = onlineUserService.getOne(properties.getOnlineKey() + token);
|
||||||
} catch (ExpiredJwtException e) {
|
} catch (ExpiredJwtException e) {
|
||||||
log.error(e.getMessage());
|
log.error(e.getMessage());
|
||||||
|
cleanUserCache = true;
|
||||||
|
} finally {
|
||||||
|
if (cleanUserCache || Objects.isNull(onlineUserDto)) {
|
||||||
|
userCacheClean.cleanUserCache(String.valueOf(tokenProvider.getClaims(token).get(TokenProvider.AUTHORITIES_KEY)));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
if (onlineUserDto != null && StringUtils.hasText(token)) {
|
if (onlineUserDto != null && StringUtils.hasText(token)) {
|
||||||
Authentication authentication = tokenProvider.getAuthentication(token);
|
Authentication authentication = tokenProvider.getAuthentication(token);
|
||||||
|
|
|
||||||
|
|
@ -51,7 +51,7 @@ public class TokenProvider implements InitializingBean {
|
||||||
|
|
||||||
private final SecurityProperties properties;
|
private final SecurityProperties properties;
|
||||||
private final RedisUtils redisUtils;
|
private final RedisUtils redisUtils;
|
||||||
private static final String AUTHORITIES_KEY = "auth";
|
public static final String AUTHORITIES_KEY = "auth";
|
||||||
private Key key;
|
private Key key;
|
||||||
private JwtParser jwtParser;
|
private JwtParser jwtParser;
|
||||||
private JwtBuilder jwtBuilder;
|
private JwtBuilder jwtBuilder;
|
||||||
|
|
@ -102,9 +102,7 @@ public class TokenProvider implements InitializingBean {
|
||||||
* @return
|
* @return
|
||||||
*/
|
*/
|
||||||
Authentication getAuthentication(String token) {
|
Authentication getAuthentication(String token) {
|
||||||
Claims claims = jwtParser
|
Claims claims = getClaims(token);
|
||||||
.parseClaimsJws(token)
|
|
||||||
.getBody();
|
|
||||||
|
|
||||||
// fix bug: 当前用户如果没有任何权限时,在输入用户名后,刷新验证码会抛IllegalArgumentException
|
// fix bug: 当前用户如果没有任何权限时,在输入用户名后,刷新验证码会抛IllegalArgumentException
|
||||||
Object authoritiesStr = claims.get(AUTHORITIES_KEY);
|
Object authoritiesStr = claims.get(AUTHORITIES_KEY);
|
||||||
|
|
@ -117,6 +115,12 @@ public class TokenProvider implements InitializingBean {
|
||||||
return new UsernamePasswordAuthenticationToken(principal, token, authorities);
|
return new UsernamePasswordAuthenticationToken(principal, token, authorities);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Claims getClaims(String token) {
|
||||||
|
return jwtParser
|
||||||
|
.parseClaimsJws(token)
|
||||||
|
.getBody();
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param token 需要检查的token
|
* @param token 需要检查的token
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue