center/dataease-dm
center/dataease-dm
13
0
Fork 0
forked from github/dataease
Code Pull Requests Activity

fix(api): api文档token无法续命

Browse Source
This commit is contained in:
fit2cloud-chenyw 2022-12-30 16:51:51 +08:00
parent a629af0c4e
commit 4a68c0fcbc
1 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
backend/src/main/java/io/dataease/auth/filter/F2CDocFilter.java
View File

@ -1,6 +1,7 @@
package io.dataease.auth.filter;
import cn.hutool.core.util.ArrayUtil;
import com.auth0.jwt.algorithms.Algorithm;
import io.dataease.auth.entity.SysUserEntity;
import io.dataease.auth.entity.TokenInfo;
import io.dataease.auth.service.AuthUserService;
@ -9,6 +10,8 @@ import io.dataease.commons.license.DefaultLicenseService;
import io.dataease.commons.license.F2CLicenseResponse;
import io.dataease.commons.utils.CommonBeanFactory;
import io.dataease.commons.utils.LogUtil;
import io.dataease.exception.DataEaseException;
import io.dataease.i18n.Translator;
import org.apache.commons.lang3.ObjectUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.web.filter.AccessControlFilter;
@ -37,10 +40,10 @@ public class F2CDocFilter extends AccessControlFilter {
DefaultLicenseService defaultLicenseService = CommonBeanFactory.getBean(DefaultLicenseService.class);
F2CLicenseResponse f2CLicenseResponse = defaultLicenseService.validateLicense();
Status status = f2CLicenseResponse.getStatus();
if (status != Status.valid) {
/*if (status != Status.valid) {
request.setAttribute(RESULT_URI_KEY, NOLIC_PAGE);
return false;
}
}*/
} catch (Exception e) {
request.setAttribute(RESULT_URI_KEY, NOLIC_PAGE);
LogUtil.error(e.getMessage(), e);
@ -62,7 +65,7 @@ public class F2CDocFilter extends AccessControlFilter {
return true;
}
private Boolean validateLogin(HttpServletRequest request) throws Exception{
private Boolean validateLogin(HttpServletRequest request) throws Exception {
String authorization = request.getHeader("Authorization");
if (StringUtils.isBlank(authorization)) {
Cookie[] cookies = request.getCookies();
@ -76,6 +79,12 @@ public class F2CDocFilter extends AccessControlFilter {
if (StringUtils.isBlank(authorization)) {
return false;
}
if (JWTUtils.loginExpire(authorization)) {
return false;
}
if (JWTUtils.needRefresh(authorization)) {
authorization = refreshToken(authorization);
}
TokenInfo tokenInfo = JWTUtils.tokenInfoByToken(authorization);
AuthUserService authUserService = CommonBeanFactory.getBean(AuthUserService.class);
SysUserEntity user = authUserService.getUserById(tokenInfo.getUserId());
@ -87,12 +96,29 @@ public class F2CDocFilter extends AccessControlFilter {
return verify;
}
private String refreshToken(String token) throws Exception {
TokenInfo tokenInfo = JWTUtils.tokenInfoByToken(token);
AuthUserService authUserService = CommonBeanFactory.getBean(AuthUserService.class);
SysUserEntity user = authUserService.getUserById(tokenInfo.getUserId());
if (user == null) {
DataEaseException.throwException(Translator.get("i18n_not_find_user"));
}
String password = user.getPassword();
Algorithm algorithm = Algorithm.HMAC256(password);
JWTUtils.verifySign(algorithm, token);
String newToken = JWTUtils.sign(tokenInfo, password);
return newToken;
}
@Override
protected boolean onAccessDenied(ServletRequest req, ServletResponse res) throws Exception {
HttpServletResponse response = (HttpServletResponse) res;
HttpServletRequest request = (HttpServletRequest) req;
Object attribute = request.getAttribute(RESULT_URI_KEY);
String path = ObjectUtils.isNotEmpty(attribute) ? attribute.toString() : DEFAULT_FAILED_PAGE;
path += ("?_t" + System.currentTimeMillis());
response.setHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate");
response.setHeader("Expires", "0");
request.getRequestDispatcher(path).forward(request, response);
return false;
}