'commit'

3 months ago · da70306ee0
parent 68a4179dff
commit da70306ee0
5 changed files with 105 additions and 122 deletions
--- a/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java
+++ b/dsGw/src/main/java/com/dsideal/gw/Handler/RouterHandler.java
@ -3,11 +3,11 @@ package com.dsideal.gw.Handler;
 import com.dsideal.gw.Bean.RetBean;
 import com.dsideal.gw.GwApplication;
 import com.dsideal.gw.Util.JwtUtil;
-import com.dsideal.gw.Util.SessionKit;
 import com.jfinal.handler.Handler;
 import com.jfinal.kit.StrKit;
 import com.jfinal.upload.MultipartRequest;
 import com.jfinal.upload.UploadFile;
+import com.jfinal.plugin.activerecord.Record;
 import io.jsonwebtoken.Claims;
 import okhttp3.*;
 import org.apache.commons.io.IOUtils;
@ -150,13 +150,13 @@ public class RouterHandler extends Handler {
            //是不是通过了登录检查？
            boolean canPass = true;
            //1、存在Session,检查是不是正确的Session
-            String identity_id = SessionKit.get(req, res, "identity_id");
-            String person_id = SessionKit.get(req, res, "person_id");
-            String bureau_id = SessionKit.get(req, res, "bureau_id");
-            String token = SessionKit.get(req, res, "token");
+            Record rPerson= JwtUtil.getPersonInfo(req);
+            String identity_id = rPerson.getStr("identity_id");
+            String person_id = rPerson.getStr("person_id");
+            String bureau_id = rPerson.getStr("bureau_id");

            //如果没有找到Session，那么直接不通过
-            if (StrKit.isBlank(token) || StrKit.isBlank(bureau_id) || StrKit.isBlank(identity_id) || StrKit.isBlank(person_id)) {
+            if (StrKit.isBlank(bureau_id) || StrKit.isBlank(identity_id) || StrKit.isBlank(person_id)) {
                canPass = false;
            }

@ -170,8 +170,6 @@ public class RouterHandler extends Handler {
                    }
                }
            }
-
-
            if (!canPass) {
                renderJson(res, new RetBean(RetBean.ERROR, "登录已过期，请重新登录！").toString());
                isHandled[0] = true; //停止filter
--- a/dsGw/src/main/java/com/dsideal/gw/Util/CookieUtil.java
+++ b/dsGw/src/main/java/com/dsideal/gw/Util/CookieUtil.java
@ -0,0 +1,56 @@
+package com.dsideal.gw.Util;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+public class CookieUtil {
+
+    // 默认缓存时间,单位/秒, 2H
+    private static final int COOKIE_MAX_AGE = 60 * 60 * 2;
+    // 保存路径,根路径
+    private static final String COOKIE_PATH = "/";
+
+    public static String getValue(HttpServletRequest request, String key) {
+        Cookie cookie = get(request, key);
+        if (cookie != null) {
+            return cookie.getValue();
+        }
+        return null;
+    }
+
+    private static Cookie get(HttpServletRequest request, String key) {
+        Cookie[] arr_cookie = request.getCookies();
+        if (arr_cookie != null && arr_cookie.length > 0) {
+            for (Cookie cookie : arr_cookie) {
+                if (cookie.getName().equals(key)) {
+                    return cookie;
+                }
+            }
+        }
+        return null;
+    }
+
+    public static void set(HttpServletResponse response, String key, String value, boolean ifRemember,boolean isHttpOnly) {
+        int age = ifRemember ? COOKIE_MAX_AGE : -1;
+        set(response, key, value, null, COOKIE_PATH, age, isHttpOnly);
+    }
+
+    private static void set(HttpServletResponse response, String key, String value, String domain, String path, int maxAge, boolean isHttpOnly) {
+        Cookie cookie = new Cookie(key, value);
+        if (domain != null) {
+            cookie.setDomain(domain);
+        }
+        cookie.setPath(path);
+        cookie.setMaxAge(maxAge);
+        cookie.setHttpOnly(isHttpOnly);
+        response.addCookie(cookie);
+    }
+
+    public static void remove(HttpServletRequest request, HttpServletResponse response, String key) {
+        Cookie cookie = get(request, key);
+        if (cookie != null) {
+            set(response, key, "", null, COOKIE_PATH, 0, true);
+        }
+    }
+}
--- a/dsGw/src/main/java/com/dsideal/gw/Util/JwtUtil.java
+++ b/dsGw/src/main/java/com/dsideal/gw/Util/JwtUtil.java
@ -4,18 +4,25 @@ import com.dsideal.gw.GwApplication;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
+import com.jfinal.plugin.activerecord.Record;

+import javax.crypto.SecretKey;
+import javax.servlet.http.HttpServletRequest;
 import java.nio.charset.StandardCharsets;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
-import java.util.Date;

 public class JwtUtil {
    public static final String AUTHORIZATION_STARTER = "Bearer ";
-    public static final String SECRET = GwApplication.PropKit.get("SECRET");
+    public static final String SECRET = GwApplication.PropKit.get("jwt.SECRET");
+
+    // 生成安全的密钥
+    private static final SecretKey key = Keys.hmacShaKeyFor(SECRET.getBytes(StandardCharsets.UTF_8));

    /**
-     * 功能：黄海开发的生成JWT函数
+     * 功能：生成JWT函数
     *
     * @param identity_id 身份ID
     * @param person_id   人员ID
@ -31,7 +38,11 @@ public class JwtUtil {
        claims.put("identity_id", identity_id);
        claims.put("person_id", person_id);
        claims.put("bureau_id", bureau_id);
-        return AUTHORIZATION_STARTER + Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS256, SECRET).compact();
+
+        return AUTHORIZATION_STARTER + Jwts.builder()
+                .setClaims(claims)
+                .signWith(key, SignatureAlgorithm.HS256)
+                .compact();
    }

    public static Claims getClaims(String token) {
@ -40,33 +51,37 @@ public class JwtUtil {
        }
        Claims claims;
        try {
-            claims = Jwts.parser()
-                    .setSigningKey(SECRET)
+            claims = Jwts.parserBuilder()
+                    .setSigningKey(key)
+                    .build()
                    .parseClaimsJws(token)
                    .getBody();
        } catch (Exception e) {
-            try {
-                claims = Jwts.parser()
-                        .setSigningKey(SECRET.getBytes(StandardCharsets.UTF_8))
-                        .parseClaimsJws(token)
-                        .getBody();
-            } catch (Exception err) {
            claims = null;
        }
-        }
        return claims;
    }

-    public static void main(String[] args) {
-        GwApplication gw = new GwApplication();
-        String token = generateToken(4, "0b64e31e-a85e-43eb-ba5f-3088d986a8da","3f7f4c90-645a-4fb9-9902-447846cf1dcc");
    /**
-         结论：
-         1、JWT的里面有三个关键信息，一个是identity_id,另一个是person_id，还有一个bureau_id
+     * 获取当前用户信息
+     *
+     * @param req 请求
+     * @return
     */
-        Claims claims = getClaims(token);
-        System.out.println(claims.get("identity_id"));
-        System.out.println(claims.get("person_id"));
-        System.out.println(claims.get("bureau_id"));
+    public static Record getPersonInfo(HttpServletRequest req) {
+        String jwtToken = req.getHeader("Authorization");
+        if (jwtToken == null) {
+            //尝试从Cookie中获取jwt-token
+            jwtToken = CookieUtil.getValue(req, "jwt-token");
+        }
+        Record record = new Record();
+        Claims claims = getClaims(jwtToken);
+        if (claims != null) {
+            record.set("identity_id", claims.get("identity_id"));
+            record.set("person_id", claims.get("person_id"));
+            record.set("bureau_id", claims.get("bureau_id"));
+            record.set("create_time", claims.get("create_time"));
+        }
+        return record;
    }
 }
--- a/dsGw/src/main/java/com/dsideal/gw/Util/SessionKit.java
+++ b/dsGw/src/main/java/com/dsideal/gw/Util/SessionKit.java
@ -1,87 +0,0 @@
-package com.dsideal.gw.Util;
-
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.util.UUID;
-
-public class SessionKit {
-    public static String JSessionId = "sessionId";//Cookie中sessionId的名称
-    public static long TimeoutSecond = 60 * 60 * 24 * 7;//一周
-
-    /**
-     * 功能：获取Cookie上的jSessionId
-     *
-     * @param request
-     * @return
-     */
-    public static String getCookieSessionId(HttpServletRequest request, HttpServletResponse response) {
-        String jSessionId = null;
-        //客户端请求服务器时  从请求对象中获取所有的cookie
-        Cookie[] cookies = request.getCookies();
-        if (cookies != null) {
-            //遍历cookie集合 根据名字获取对应的value
-            for (Cookie cookie : cookies) {
-                //判断是否为指定cookie
-                if (JSessionId.equals(cookie.getName())) {
-                    //获取对应的值
-                    jSessionId = cookie.getValue();
-                    break;
-                }
-            }
-        }
-        if (cookies == null || jSessionId == null) {
-            // 创建cookie对象
-            jSessionId = UUID.randomUUID().toString().toLowerCase();
-            Cookie cookie = new Cookie(JSessionId, jSessionId);
-            cookie.setPath("/");
-            // 设置cookie存活时间
-            response.addCookie(cookie);
-        }
-        return JSessionId + "_" + jSessionId;
-    }
-
-    public static void clear(HttpServletRequest request, HttpServletResponse response) {
-        String jSessionId = getCookieSessionId(request, response);
-        //写入jSessionId的key域值
-        RedisKit.Del(jSessionId);
-        Cookie[] cookies = request.getCookies();
-        if (cookies != null) {
-            for (Cookie cookie : cookies) {
-                cookie.setMaxAge(0); // 将Cookie的过期时间设为0，表示立即过期
-                response.addCookie(cookie); // 发送修改后的Cookie回客户端
-            }
-        }
-    }
-
-    /**
-     * 功能：手工实现的Redis模拟Session写入
-     *
-     * @param request
-     * @param key
-     * @param value
-     * @return
-     */
-    public static void set(HttpServletRequest request, HttpServletResponse response, String key, String value) {
-        String jSessionId = getCookieSessionId(request, response);
-        //写入jSessionId的key域值
-        RedisKit.HSet(jSessionId, key, value);
-        //过期时长为TimeoutSecond
-        RedisKit.Expire(jSessionId, TimeoutSecond);
-    }
-
-    /**
-     * 功能：获取Session内容
-     *
-     * @param request
-     * @param key
-     * @return
-     */
-    public static String get(HttpServletRequest request, HttpServletResponse response, String key) {
-        String jSessionId = getCookieSessionId(request, response);
-        String value = RedisKit.HGet(jSessionId, key);
-        //过期时长为TimeoutSecond
-        RedisKit.Expire(jSessionId, TimeoutSecond);
-        return value;
-    }
-}
--- a/dsGw/src/main/resources/application_dev.yaml
+++ b/dsGw/src/main/resources/application_dev.yaml
@ -2,7 +2,8 @@
 uploadTempPath: /tmp

 # JWT
-SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM
+jwt:
+  SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM

 # 路由
 route: