github
/
eladmin
mirror of https://github.com/elunez/eladmin
1
0
Fork 0
Code Issues Releases Wiki Activity

# 

1、redis清空时 ,用户登录缓存清空
pull/411/head
liaojinlong 2020-06-16 10:52:24 +08:00
parent d49aedda01
commit 97621e36bf
4 changed files with 26 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java
View File

@ -20,6 +20,7 @@ import me.zhengjie.annotation.AnonymousAccess;
import me.zhengjie.modules.security.config.bean.SecurityProperties;
import me.zhengjie.modules.security.security.*;
import me.zhengjie.modules.security.service.OnlineUserService;
import me.zhengjie.modules.security.service.UserCacheClean;
import me.zhengjie.utils.enums.RequestMethodEnum;
import org.springframework.context.ApplicationContext;
import org.springframework.context.annotation.Bean;
@ -58,6 +59,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final ApplicationContext applicationContext;
private final SecurityProperties properties;
private final OnlineUserService onlineUserService;
private final UserCacheClean userCacheClean;
@Bean
GrantedAuthorityDefaults grantedAuthorityDefaults() {
@ -181,6 +183,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
private TokenConfigurer securityConfigurerAdapter() {
return new TokenConfigurer(tokenProvider, properties, onlineUserService);
return new TokenConfigurer(tokenProvider, properties, onlineUserService, userCacheClean);
}
}

4
eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenConfigurer.java
View File

@ -18,6 +18,7 @@ package me.zhengjie.modules.security.security;
import lombok.RequiredArgsConstructor;
import me.zhengjie.modules.security.config.bean.SecurityProperties;
import me.zhengjie.modules.security.service.OnlineUserService;
import me.zhengjie.modules.security.service.UserCacheClean;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.DefaultSecurityFilterChain;
@ -32,10 +33,11 @@ public class TokenConfigurer extends SecurityConfigurerAdapter<DefaultSecurityFi
private final TokenProvider tokenProvider;
private final SecurityProperties properties;
private final OnlineUserService onlineUserService;
private final UserCacheClean userCacheClean;
@Override
public void configure(HttpSecurity http) {
TokenFilter customFilter = new TokenFilter(tokenProvider, properties, onlineUserService);
TokenFilter customFilter = new TokenFilter(tokenProvider, properties, onlineUserService, userCacheClean);
http.addFilterBefore(customFilter, UsernamePasswordAuthenticationFilter.class);
}
}

13
eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenFilter.java
View File

@ -18,6 +18,7 @@ package me.zhengjie.modules.security.security;
import cn.hutool.core.util.StrUtil;
import io.jsonwebtoken.ExpiredJwtException;
import me.zhengjie.modules.security.config.bean.SecurityProperties;
import me.zhengjie.modules.security.service.UserCacheClean;
import me.zhengjie.modules.security.service.dto.OnlineUserDto;
import me.zhengjie.modules.security.service.OnlineUserService;
import org.slf4j.Logger;
@ -33,6 +34,7 @@ import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.util.Objects;
/**
* @author /
@ -44,16 +46,19 @@ public class TokenFilter extends GenericFilterBean {
private final TokenProvider tokenProvider;
private final SecurityProperties properties;
private final OnlineUserService onlineUserService;
private final UserCacheClean userCacheClean;
/**
* @param tokenProvider Token
* @param properties JWT
* @param onlineUserService 线
* @param userCacheClean
*/
public TokenFilter(TokenProvider tokenProvider, SecurityProperties properties, OnlineUserService onlineUserService) {
public TokenFilter(TokenProvider tokenProvider, SecurityProperties properties, OnlineUserService onlineUserService, UserCacheClean userCacheClean) {
this.properties = properties;
this.onlineUserService = onlineUserService;
this.tokenProvider = tokenProvider;
this.userCacheClean = userCacheClean;
}
@Override
@ -64,10 +69,16 @@ public class TokenFilter extends GenericFilterBean {
// 对于 Token 为空的不需要去查 Redis
if (StrUtil.isNotBlank(token)) {
OnlineUserDto onlineUserDto = null;
boolean cleanUserCache = false;
try {
onlineUserDto = onlineUserService.getOne(properties.getOnlineKey() + token);
} catch (ExpiredJwtException e) {
log.error(e.getMessage());
cleanUserCache = true;
} finally {
if (cleanUserCache || Objects.isNull(onlineUserDto)) {
userCacheClean.cleanUserCache(String.valueOf(tokenProvider.getClaims(token).get(TokenProvider.AUTHORITIES_KEY)));
}
}
if (onlineUserDto != null && StringUtils.hasText(token)) {
Authentication authentication = tokenProvider.getAuthentication(token);

12
eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenProvider.java
View File

@ -51,7 +51,7 @@ public class TokenProvider implements InitializingBean {
private final SecurityProperties properties;
private final RedisUtils redisUtils;
private static final String AUTHORITIES_KEY = "auth";
public static final String AUTHORITIES_KEY = "auth";
private Key key;
private JwtParser jwtParser;
private JwtBuilder jwtBuilder;
@ -102,9 +102,7 @@ public class TokenProvider implements InitializingBean {
* @return
*/
Authentication getAuthentication(String token) {
Claims claims = jwtParser
.parseClaimsJws(token)
.getBody();
Claims claims = getClaims(token);
// fix bug: 当前用户如果没有任何权限时在输入用户名后刷新验证码会抛IllegalArgumentException
Object authoritiesStr = claims.get(AUTHORITIES_KEY);
@ -117,6 +115,12 @@ public class TokenProvider implements InitializingBean {
return new UsernamePasswordAuthenticationToken(principal, token, authorities);
}
public Claims getClaims(String token) {
return jwtParser
.parseClaimsJws(token)
.getBody();
}
/**
* @param token token
*/