feat: 完善登录过期功能

2021-04-22 12:43:56 +08:00 · 2021-04-22 12:43:56 +08:00 · 12f2148030
commit 12f2148030
parent 70a298025b
2 changed files with 22 additions and 6 deletions
--- a/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
+++ b/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java
@ -55,12 +55,19 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
            throw  new AuthenticationException(expireMessage);
        }
        if (JWTUtils.needRefresh(authorization)){
+            String oldAuthorization = authorization;
            authorization = refreshToken(request, response);
+            JWTUtils.removeTokenExpire(oldAuthorization);
        }
+        // 删除老的操作时间
+        JWTUtils.removeTokenExpire(authorization);
+        // 设置新的操作时间
+        JWTUtils.addTokenExpire(authorization);
        JWTToken token = new JWTToken(authorization);
        Subject subject = getSubject(request, response);
        // 提交给realm进行登入，如果错误他会抛出异常并被捕获
        subject.login(token);
+
        return true;
    }

@ -98,10 +105,10 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
        String password = user.getPassword();

        // 删除老token操作时间
-        JWTUtils.removeTokenExpire(token);
+        // JWTUtils.removeTokenExpire(token);
        String newToken = JWTUtils.sign(tokenInfo, password);
        // 记录新token操作时间
-        JWTUtils.addTokenExpire(newToken);
+        // JWTUtils.addTokenExpire(newToken);

        JWTToken jwtToken = new JWTToken(newToken);
        this.getSubject(request, response).login(jwtToken);
--- a/backend/src/main/java/io/dataease/auth/util/JWTUtils.java
+++ b/backend/src/main/java/io/dataease/auth/util/JWTUtils.java
@ -20,9 +20,9 @@ public class JWTUtils {


    // token过期时间1min (过期会自动刷新续命 目的是避免一直都是同一个token )
-    private static final long EXPIRE_TIME = 5*60*1000;
+    private static final long EXPIRE_TIME = 1*60*1000;
    // 登录间隔时间10min 超过这个时间强制重新登录
-    private static final long Login_Interval = 30*60*1000;
+    private static final long Login_Interval = 10*60*1000;


    /**
@ -81,8 +81,17 @@ public class JWTUtils {
    public static boolean loginExpire(String token){
        Long now = System.currentTimeMillis();
        Long lastOperateTime = tokenLastOperateTime(token);
-        if (lastOperateTime == null) return true;
-        return now - lastOperateTime > Login_Interval;
+        boolean isExpire = false;
+        if (lastOperateTime != null) {
+            isExpire = now - lastOperateTime > Login_Interval;
+        }
+        if (isExpire) {
+            System.out.println("-----------------------");
+            System.out.println("-----上次操作时间是["+lastOperateTime+"]-----");
+            System.out.println("-----当前操作时间是["+now+"]-----");
+            System.out.println("-----------------------");
+        }
+        return isExpire;
    }

    public static Date getExp(String token) {