From 152c621054dd347e23f928a43aa968db3f984b70 Mon Sep 17 00:00:00 2001 From: fit2cloud-chenyw Date: Fri, 4 Jun 2021 11:03:42 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=20=E3=80=90ID1003561=E3=80=91=E7=99=BB?= =?UTF-8?q?=E5=BD=95=E6=9C=89=E6=95=88=E6=97=B6=E9=97=B4=E4=BC=BC=E4=B9=8E?= =?UTF-8?q?=E4=B8=8D=E6=AD=A3=E7=A1=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/io/dataease/auth/api/AuthApi.java | 3 -- .../io/dataease/auth/config/F2CRealm.java | 1 - .../io/dataease/auth/entity/TokenInfo.java | 2 - .../io/dataease/auth/filter/JWTFilter.java | 19 +------ .../io/dataease/auth/server/AuthServer.java | 22 +------- .../java/io/dataease/auth/util/JWTUtils.java | 50 ++++--------------- .../src/main/resources/ehcache/ehcache.xml | 11 ---- 7 files changed, 11 insertions(+), 97 deletions(-) diff --git a/backend/src/main/java/io/dataease/auth/api/AuthApi.java b/backend/src/main/java/io/dataease/auth/api/AuthApi.java index e4872b8485..313845a1ee 100644 --- a/backend/src/main/java/io/dataease/auth/api/AuthApi.java +++ b/backend/src/main/java/io/dataease/auth/api/AuthApi.java @@ -31,7 +31,4 @@ public interface AuthApi { @PostMapping("/validateName") Boolean validateName(Map nameDto); - - @GetMapping("/test") - String test(); } diff --git a/backend/src/main/java/io/dataease/auth/config/F2CRealm.java b/backend/src/main/java/io/dataease/auth/config/F2CRealm.java index 719f6db9d9..c91dbe1ff3 100644 --- a/backend/src/main/java/io/dataease/auth/config/F2CRealm.java +++ b/backend/src/main/java/io/dataease/auth/config/F2CRealm.java @@ -19,7 +19,6 @@ import org.apache.shiro.subject.PrincipalCollection; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Lazy; import org.springframework.stereotype.Component; - import java.util.List; import java.util.Set; import java.util.stream.Collectors; diff --git a/backend/src/main/java/io/dataease/auth/entity/TokenInfo.java b/backend/src/main/java/io/dataease/auth/entity/TokenInfo.java index 83d4dc0e96..ade63a71ce 100644 --- a/backend/src/main/java/io/dataease/auth/entity/TokenInfo.java +++ b/backend/src/main/java/io/dataease/auth/entity/TokenInfo.java @@ -13,8 +13,6 @@ public class TokenInfo implements Serializable { private Long userId; - private Long lastLoginTime; - public String format(){ return username + "," +userId; } diff --git a/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java b/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java index 4729dcb089..462e2f27f0 100644 --- a/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java +++ b/backend/src/main/java/io/dataease/auth/filter/JWTFilter.java @@ -6,7 +6,6 @@ import io.dataease.auth.entity.TokenInfo; import io.dataease.auth.service.AuthUserService; import io.dataease.auth.util.JWTUtils; import io.dataease.commons.utils.CommonBeanFactory; -import io.dataease.commons.utils.ServletUtils; import io.dataease.i18n.Translator; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.authc.AuthenticationException; @@ -29,9 +28,6 @@ public class JWTFilter extends BasicHttpAuthenticationFilter { public final static String expireMessage = "Login token is expire."; - /*@Autowired - private AuthUserService authUserService;*/ - /** * 判断用户是否想要登入。 @@ -53,22 +49,15 @@ public class JWTFilter extends BasicHttpAuthenticationFilter { String authorization = httpServletRequest.getHeader("Authorization"); // 当没有出现登录超时 且需要刷新token 则执行刷新token if (JWTUtils.loginExpire(authorization)){ - throw new AuthenticationException(expireMessage); + throw new AuthenticationException(expireMessage); } if (JWTUtils.needRefresh(authorization)){ - String oldAuthorization = authorization; authorization = refreshToken(request, response); - JWTUtils.removeTokenExpire(oldAuthorization); } - // 删除老的操作时间 - JWTUtils.removeTokenExpire(authorization); - // 设置新的操作时间 - JWTUtils.addTokenExpire(authorization); JWTToken token = new JWTToken(authorization); Subject subject = getSubject(request, response); // 提交给realm进行登入,如果错误他会抛出异常并被捕获 subject.login(token); - return true; } @@ -108,14 +97,8 @@ public class JWTFilter extends BasicHttpAuthenticationFilter { } String password = user.getPassword(); - // 删除老token操作时间 - // JWTUtils.removeTokenExpire(token); String newToken = JWTUtils.sign(tokenInfo, password); - // 记录新token操作时间 - // JWTUtils.addTokenExpire(newToken); - JWTToken jwtToken = new JWTToken(newToken); - this.getSubject(request, response).login(jwtToken); // 设置响应的Header头新Token HttpServletResponse httpServletResponse = (HttpServletResponse) response; httpServletResponse.addHeader("Access-Control-Expose-Headers", "RefreshAuthorization"); diff --git a/backend/src/main/java/io/dataease/auth/server/AuthServer.java b/backend/src/main/java/io/dataease/auth/server/AuthServer.java index cfc597bb1e..4be4f80693 100644 --- a/backend/src/main/java/io/dataease/auth/server/AuthServer.java +++ b/backend/src/main/java/io/dataease/auth/server/AuthServer.java @@ -14,10 +14,6 @@ import io.dataease.commons.utils.BeanUtils; import io.dataease.commons.utils.CodingUtil; import io.dataease.commons.utils.ServletUtils; -/*import io.dataease.plugins.config.SpringContextUtil; - -import io.dataease.plugins.xpack.display.dto.response.SysSettingDto; -import io.dataease.plugins.xpack.display.service.DisPlayXpackService;*/ import io.dataease.i18n.Translator; import org.apache.commons.lang3.ObjectUtils; import org.apache.commons.lang3.StringUtils; @@ -59,10 +55,9 @@ public class AuthServer implements AuthApi { throw new RuntimeException(Translator.get("i18n_id_or_pwd_error")); } Map result = new HashMap<>(); - TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(username).lastLoginTime(System.currentTimeMillis()).build(); + TokenInfo tokenInfo = TokenInfo.builder().userId(user.getUserId()).username(username).build(); String token = JWTUtils.sign(tokenInfo, realPwd); // 记录token操作时间 - JWTUtils.addTokenExpire(token); result.put("token", token); ServletUtils.setToken(token); return result; @@ -107,20 +102,5 @@ public class AuthServer implements AuthApi { return null; } - @Override - public String test() { - SysUserEntity userById = authUserService.getUserById(4L); - String nickName = userById.getNickName(); -// System.out.println(nickName); - /* Map beansOfType = SpringContextUtil.getApplicationContext().getBeansOfType(DisPlayXpackService.class); - for (Map.Entry entry : beansOfType.entrySet()) { - Object key = entry.getKey(); - DisPlayXpackService value = (DisPlayXpackService)entry.getValue(); - List sysSettingDtos = value.systemSettings(); - String name = entry.getValue().getClass().getName(); - System.out.println("key: "+ key + ", value: "+ name); - }*/ - return "apple"; - } } diff --git a/backend/src/main/java/io/dataease/auth/util/JWTUtils.java b/backend/src/main/java/io/dataease/auth/util/JWTUtils.java index 4daecc0d84..8b3b7e4c92 100644 --- a/backend/src/main/java/io/dataease/auth/util/JWTUtils.java +++ b/backend/src/main/java/io/dataease/auth/util/JWTUtils.java @@ -11,8 +11,7 @@ import io.dataease.commons.utils.CommonBeanFactory; import org.apache.commons.lang3.ObjectUtils; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.authc.AuthenticationException; -import org.springframework.cache.Cache; -import org.springframework.cache.CacheManager; + import org.springframework.core.env.Environment; import java.util.Date; @@ -38,17 +37,10 @@ public class JWTUtils { public static boolean verify(String token, TokenInfo tokenInfo, String secret) { Algorithm algorithm = Algorithm.HMAC256(secret); JWTVerifier verifier = JWT.require(algorithm) - .withClaim("lastLoginTime", tokenInfo.getLastLoginTime()) .withClaim("username", tokenInfo.getUsername()) .withClaim("userId", tokenInfo.getUserId()) .build(); verifier.verify(token); - if (loginExpire(token)){ - // 登录超时 - throw new AuthenticationException(JWTFilter.expireMessage); - // 前端拦截 登录超时状态 直接logout - //return false; - } return true; } @@ -60,11 +52,10 @@ public class JWTUtils { DecodedJWT jwt = JWT.decode(token); String username = jwt.getClaim("username").asString(); Long userId = jwt.getClaim("userId").asLong(); - Long lastLoginTime = jwt.getClaim("lastLoginTime").asLong(); - if (StringUtils.isEmpty(username) || ObjectUtils.isEmpty(userId) || ObjectUtils.isEmpty(lastLoginTime)){ + if (StringUtils.isEmpty(username) || ObjectUtils.isEmpty(userId) ){ throw new RuntimeException("token格式错误!"); } - TokenInfo tokenInfo = TokenInfo.builder().username(username).userId(userId).lastLoginTime(lastLoginTime).build(); + TokenInfo tokenInfo = TokenInfo.builder().username(username).userId(userId).build(); return tokenInfo; } @@ -84,24 +75,17 @@ public class JWTUtils { */ public static boolean loginExpire(String token){ if (Login_Interval==0) { - String property = CommonBeanFactory.getBean(Environment.class).getProperty("dataease.login_timeout"); // 默认超时时间是8h - int minute = StringUtils.isNotEmpty(property) ? Integer.parseInt(property): (8*60); + int minute = CommonBeanFactory.getBean(Environment.class).getProperty("dataease.login_timeout", Integer.class, 8*60); // 分钟换算成毫秒 Login_Interval = minute * 1000 * 60; } - Long now = System.currentTimeMillis(); Long lastOperateTime = tokenLastOperateTime(token); - boolean isExpire = false; + boolean isExpire = true; if (lastOperateTime != null) { + Long now = System.currentTimeMillis(); isExpire = now - lastOperateTime > Login_Interval; } - if (isExpire) { -// System.out.println("-----------------------"); -// System.out.println("-----上次操作时间是["+lastOperateTime+"]-----"); -// System.out.println("-----当前操作时间是["+now+"]-----"); -// System.out.println("-----------------------"); - } return isExpire; } @@ -127,10 +111,8 @@ public class JWTUtils { Algorithm algorithm = Algorithm.HMAC256(secret); // 附带username信息 return JWT.create() - .withClaim("lastLoginTime", tokenInfo.getLastLoginTime()) .withClaim("username", tokenInfo.getUsername()) .withClaim("userId", tokenInfo.getUserId()) - .withClaim("exp", date) .withExpiresAt(date) .sign(algorithm); } catch (Exception e) { @@ -162,23 +144,9 @@ public class JWTUtils { * @return */ public static Long tokenLastOperateTime(String token){ - CacheManager cacheManager = CommonBeanFactory.getBean(CacheManager.class); - Cache tokens_expire = cacheManager.getCache("tokens_expire"); - Long expTime = tokens_expire.get(token, Long.class); - return expTime; - } - - public static void removeTokenExpire(String token){ - CacheManager cacheManager = CommonBeanFactory.getBean(CacheManager.class); - Cache tokens_expire = cacheManager.getCache("tokens_expire"); - tokens_expire.evict(token); - } - - public static void addTokenExpire(String token){ - CacheManager cacheManager = CommonBeanFactory.getBean(CacheManager.class); - Cache tokens_expire = cacheManager.getCache("tokens_expire"); - long now = System.currentTimeMillis(); - tokens_expire.put(token, now); + DecodedJWT jwt = JWT.decode(token); + Date expiresAt = jwt.getExpiresAt(); + return expiresAt.getTime(); } } diff --git a/backend/src/main/resources/ehcache/ehcache.xml b/backend/src/main/resources/ehcache/ehcache.xml index ff551ec033..9491e0fa0d 100644 --- a/backend/src/main/resources/ehcache/ehcache.xml +++ b/backend/src/main/resources/ehcache/ehcache.xml @@ -69,16 +69,5 @@ memoryStoreEvictionPolicy="LRU" /> - \ No newline at end of file