fangqiao/qiaoba-boot
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add

Browse Source
This commit is contained in:
ailanyin
2023-05-25 17:49:20 +08:00
parent 150b953ef9
commit dd1ab6e74e
16 changed files with 360 additions and 87 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
qiaoba-auth/src/main/java/com/qiaoba/auth/config/SpringSecurityConfig.java
View File

@ -47,10 +47,15 @@ public class SpringSecurityConfig {
private final LogoutHandler logoutHandler;
/**
* 创建Token秘钥
* 创建Token秘钥和Token有效期
*/
@PostConstruct
public void initSecret() {
public void init() {
if (redisService.hasKey(SecurityConstant.TOKEN_EXPIRE_TIME_KEY)) {
TokenUtil.expireTime = Integer.parseInt(redisService.get(SecurityConstant.TOKEN_EXPIRE_TIME_KEY).toString());
}
if (redisService.hasKey(SecurityConstant.REDIS_SECRET_KEY)) {
TokenUtil.secret = SecureUtil.md5(SecureUtil.md5(redisService.get(SecurityConstant.REDIS_SECRET_KEY).toString()));
} else {

1
qiaoba-auth/src/main/java/com/qiaoba/auth/constants/SecurityConstant.java
View File

@ -30,6 +30,7 @@ public class SecurityConstant {
public static final String REGISTER_ON = "true";
public static final String REDIS_SECRET_KEY = "sys:secret:secret";
public static final String USER_DETAILS_REDIS_KEY = "user_details:";
public static final String ONLINE_USER_REDIS_KEY = "online_user:";
public static final String TOKEN_EXPIRE_TIME_KEY = ConfigConstant.SYS_CONFIG_KEY_PREFIX + "sys.token.expireTime";
/**
* 登录成功

54
qiaoba-auth/src/main/java/com/qiaoba/auth/entity/OnlineUser.java Normal file
View File

@ -0,0 +1,54 @@
package com.qiaoba.auth.entity;
import lombok.Data;
import java.io.Serializable;
import java.util.Date;
/**
* 在线用户
*
* @author ailanyin
* @version 1.0
* @since 2023/5/25 17:05
*/
@Data
public class OnlineUser implements Serializable {
private static final long serialVersionUID = 1L;
/**
* 登录账号
*/
private String username;
/**
* 用户名称
*/
private String nickname;
/**
* 登录IP地址
*/
private String ip;
/**
* 登录地点
*/
private String address;
/**
* 浏览器类型
*/
private String browser;
/**
* 操作系统
*/
private String os;
/**
* 登录时间
*/
private Date loginTime;
}

15
qiaoba-auth/src/main/java/com/qiaoba/auth/filters/JwtAuthenticationTokenFilter.java
View File

@ -2,7 +2,10 @@ package com.qiaoba.auth.filters;
import cn.hutool.core.util.StrUtil;
import com.qiaoba.auth.constants.SecurityConstant;
import com.qiaoba.auth.entity.OnlineUser;
import com.qiaoba.auth.service.OnlineUserService;
import com.qiaoba.auth.utils.TokenUtil;
import com.qiaoba.common.web.utils.ResponseUtil;
import lombok.RequiredArgsConstructor;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
@ -16,6 +19,7 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Objects;
/**
* JwtAuthenticationTokenFilter
@ -29,6 +33,7 @@ import java.io.IOException;
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
private final UserDetailsService userDetailsService;
private final OnlineUserService onlineUserService;
@Override
protected void doFilterInternal(HttpServletRequest request,
@ -39,6 +44,16 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
String authHeader = request.getHeader(SecurityConstant.TOKEN_HEADER);
if (StrUtil.isNotBlank(authHeader) && authHeader.startsWith(SecurityConstant.TOKEN_HEAD)) {
String authToken = authHeader.substring(SecurityConstant.TOKEN_HEAD.length());
// todo
String username1 = "admin";
OnlineUser onlineUser = onlineUserService.selectByUsername(username1);
if (Objects.isNull(onlineUser)) {
// todo 返回401
ResponseUtil.response(response, "");
return;
}
// 续期有效期
onlineUserService.insert(onlineUser);
if (TokenUtil.validateToken(authToken)) {
String username = TokenUtil.getUserNameFromToken(authToken);
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {

45
qiaoba-auth/src/main/java/com/qiaoba/auth/service/OnlineUserService.java Normal file
View File

@ -0,0 +1,45 @@
package com.qiaoba.auth.service;
import com.qiaoba.auth.entity.OnlineUser;
import java.util.List;
/**
* 在线用户 服务层
*
* @author ailanyin
* @version 1.0
* @since 2023/5/25 17:15
*/
public interface OnlineUserService {
/**
* 新增
*
* @param onlineUser onlineUser
*/
void insert(OnlineUser onlineUser);
/**
* 删除(强退)
*
* @param username 登录账号
*/
void delete(String username);
/**
* 查询
*
* @param username 登录账号
* @return 在线用户
*/
OnlineUser selectByUsername(String username);
/**
* 批量查询
*
* @param username username
* @return list
*/
List<OnlineUser> selectList(String username);
}

62
qiaoba-auth/src/main/java/com/qiaoba/auth/service/impl/OnlineUserServiceImpl.java Normal file
View File

@ -0,0 +1,62 @@
package com.qiaoba.auth.service.impl;
import cn.hutool.core.util.StrUtil;
import com.qiaoba.auth.constants.SecurityConstant;
import com.qiaoba.auth.entity.OnlineUser;
import com.qiaoba.auth.service.OnlineUserService;
import com.qiaoba.auth.utils.TokenUtil;
import com.qiaoba.common.redis.service.RedisService;
import lombok.RequiredArgsConstructor;
import org.springframework.stereotype.Service;
import java.util.Collections;
import java.util.List;
/**
* 在线用户 服务层实现
*
* @author ailanyin
* @version 1.0
* @since 2023/5/25 17:15
*/
@Service
@RequiredArgsConstructor
public class OnlineUserServiceImpl implements OnlineUserService {
private final RedisService redisService;
@Override
public void insert(OnlineUser onlineUser) {
redisService.set(handleKey(onlineUser.getUsername()), onlineUser, TokenUtil.expireTime * 3600);
}
@Override
public void delete(String username) {
redisService.del(handleKey(username));
}
@Override
public OnlineUser selectByUsername(String username) {
if (redisService.hasKey(handleKey(username))) {
return redisService.getObject(handleKey(username), OnlineUser.class);
}
return null;
}
@Override
public List<OnlineUser> selectList(String username) {
String key = SecurityConstant.ONLINE_USER_REDIS_KEY + "*";
if (StrUtil.isNotBlank(username)) {
key = key + username + "*";
}
if (redisService.hasKey(key)) {
return redisService.getObjectList(key, OnlineUser.class);
}
return Collections.emptyList();
}
private String handleKey(String key) {
return SecurityConstant.ONLINE_USER_REDIS_KEY + key;
}
}

10
qiaoba-auth/src/main/java/com/qiaoba/auth/utils/TokenUtil.java
View File

@ -2,12 +2,8 @@ package com.qiaoba.auth.utils;
import cn.hutool.core.date.DateField;
import cn.hutool.core.date.DateTime;
import cn.hutool.extra.spring.SpringUtil;
import cn.hutool.jwt.JWTPayload;
import cn.hutool.jwt.JWTUtil;
import com.qiaoba.auth.constants.SecurityConstant;
import com.qiaoba.common.redis.service.RedisService;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.HashMap;
import java.util.Map;
@ -26,15 +22,11 @@ public class TokenUtil {
* jwt 加解密密钥,第一次项目启动时创建随机数
*/
public static String secret;
private static final RedisService redisService = SpringUtil.getBean(RedisService.class);
public static Integer expireTime = 1;
public static String generateToken(String username) {
DateTime now = DateTime.now();
int expireTime = 1;
if (redisService.hasKey(SecurityConstant.TOKEN_EXPIRE_TIME_KEY)) {
expireTime = Integer.parseInt(redisService.get(SecurityConstant.TOKEN_EXPIRE_TIME_KEY).toString());
}
DateTime newTime = now.offsetNew(DateField.HOUR, expireTime);
Map<String, Object> payload = new HashMap<String, Object>(4);