diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java index 42200a1c..100731a8 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java @@ -160,6 +160,9 @@ public class AutoLogAspect { if(value!=null && value.toString().length()>length){ return false; } + if(value instanceof MultipartFile){ + return false; + } return true; } }; diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java index 377b4f4f..9ea96db1 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java @@ -12,6 +12,12 @@ import org.jeecg.common.system.util.JwtUtil; import org.jeecg.common.system.vo.LoginUser; import jakarta.servlet.http.HttpServletRequest; +import org.jeecg.config.security.JeecgRedisOAuth2AuthorizationService; +import org.springframework.data.redis.serializer.SerializationException; +import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; +import org.springframework.security.oauth2.server.authorization.OAuth2TokenType; + +import java.util.Objects; /** * @Author scott @@ -112,7 +118,7 @@ public class TokenUtils { throw new JeecgBoot401Exception("账号已被锁定,请联系管理员!"); } // 校验token是否超时失效 & 或者账号密码是否错误 - if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) { + if (!jwtTokenRefresh(token, username, user.getPassword())) { throw new JeecgBoot401Exception(CommonConstant.TOKEN_IS_INVALID_MSG); } return true; @@ -141,6 +147,15 @@ public class TokenUtils { return false; } + private static boolean jwtTokenRefresh(String token, String userName, String passWord) { + JeecgRedisOAuth2AuthorizationService authRedis = SpringContextUtils.getBean(JeecgRedisOAuth2AuthorizationService.class); + OAuth2Authorization authorization = authRedis.findByToken(token, OAuth2TokenType.ACCESS_TOKEN); + if (Objects.nonNull(authorization) && JwtUtil.verify(token, userName, passWord)) { + return true; + } + return false; + } + /** * 获取登录用户 * diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java index 837deeef..4f050571 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java @@ -3,6 +3,7 @@ package org.jeecg.config.security.app; import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; import org.jeecg.common.api.CommonAPI; +import org.jeecg.common.constant.CacheConstant; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.exception.JeecgBootException; import org.jeecg.common.exception.JeecgCaptchaException; @@ -34,6 +35,7 @@ import org.springframework.security.oauth2.server.authorization.token.DefaultOAu import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext; import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator; import org.springframework.util.Assert; +import org.springframework.util.StringUtils; import java.security.Principal; import java.util.*; @@ -116,6 +118,10 @@ public class AppGrantAuthenticationProvider implements AuthenticationProvider { // 通过用户名获取用户信息 LoginUser loginUser = commonAPI.getUserByName(username); + if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) { + redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username); + loginUser = commonAPI.getUserByName(username); + } // 检查用户可行性 checkUserIsEffective(loginUser); diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java index 7452a9d4..7daddb57 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java @@ -3,6 +3,7 @@ package org.jeecg.config.security.password; import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; import org.jeecg.common.api.CommonAPI; +import org.jeecg.common.constant.CacheConstant; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.exception.JeecgBootException; import org.jeecg.common.exception.JeecgCaptchaException; @@ -35,6 +36,7 @@ import org.springframework.security.oauth2.server.authorization.token.DefaultOAu import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext; import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator; import org.springframework.util.Assert; +import org.springframework.util.StringUtils; import java.security.Principal; import java.util.*; @@ -117,6 +119,10 @@ public class PasswordGrantAuthenticationProvider implements AuthenticationProvid // 通过用户名获取用户信息 LoginUser loginUser = commonAPI.getUserByName(username); + if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) { + redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username); + loginUser = commonAPI.getUserByName(username); + } // 检查用户可行性 checkUserIsEffective(loginUser);