From 7da38806e4de009ff2d47828f417de27df167295 Mon Sep 17 00:00:00 2001 From: zy_Java <654600784@qq.com> Date: Wed, 25 Aug 2021 17:18:04 +0800 Subject: [PATCH] comfig --- .../ccsens/signin/config/SpringConfig.java | 35 ++++---- .../signin/config/TokenInterceptor.java | 79 +++++++++++++++++++ .../main/java/com/ccsens/util/Md5Util.java | 2 + .../ccsens/util/notice/NoticePropUtil.java | 2 +- .../test/java/com/ccsens/util/Base64Test.java | 49 ++++++++++++ 5 files changed, 149 insertions(+), 18 deletions(-) create mode 100644 signin/src/main/java/com/ccsens/signin/config/TokenInterceptor.java diff --git a/signin/src/main/java/com/ccsens/signin/config/SpringConfig.java b/signin/src/main/java/com/ccsens/signin/config/SpringConfig.java index 32352642..d2a09f64 100644 --- a/signin/src/main/java/com/ccsens/signin/config/SpringConfig.java +++ b/signin/src/main/java/com/ccsens/signin/config/SpringConfig.java @@ -126,32 +126,33 @@ public class SpringConfig implements WebMvcConfigurer { */ @Override public void addInterceptors(InterceptorRegistry registry) { - //addPathPatterns 用于添加拦截规则 - //excludePathPatterns 用于排除拦截 -// registry.addInterceptor(tokenInterceptor()) +// addPathPatterns 用于添加拦截规则 +// excludePathPatterns 用于排除拦截 + registry.addInterceptor(tokenInterceptor()) // .addPathPatterns("/projects/**") // .addPathPatterns("/messages/**") -// .addPathPatterns("/users/**") -// .excludePathPatterns("/users/signin") -// .excludePathPatterns("/users/smscode") -// .excludePathPatterns("/users/signup") -// .excludePathPatterns("/users/password") -// .excludePathPatterns("/users/account") -// .excludePathPatterns("/users/token") -// .excludePathPatterns("/users/claims") + .addPathPatterns("/users/**") + .excludePathPatterns("/users/signin") + .excludePathPatterns("/users/smscode") + .excludePathPatterns("/users/signup") + .excludePathPatterns("/users/password") + .excludePathPatterns("/users/account") + .excludePathPatterns("/users/token") + .excludePathPatterns("/users/claims") + .excludePathPatterns("/users/userId"); // .addPathPatterns("/plugins/**") // .addPathPatterns("/delivers/**") // .addPathPatterns("/tasks/**") // .addPathPatterns("/members/**") // .addPathPatterns("/templates/**") // .addPathPatterns("/hardware/**"); - //super.addInterceptors(registry); +// super.addInterceptors(registry); + } + + @Bean + public TokenInterceptor tokenInterceptor(){ + return new TokenInterceptor(); } -// -// @Bean -// public TokenInterceptor tokenInterceptor(){ -// return new TokenInterceptor(); -// } /** * 配置数据源(单数据源) diff --git a/signin/src/main/java/com/ccsens/signin/config/TokenInterceptor.java b/signin/src/main/java/com/ccsens/signin/config/TokenInterceptor.java new file mode 100644 index 00000000..63ce5f42 --- /dev/null +++ b/signin/src/main/java/com/ccsens/signin/config/TokenInterceptor.java @@ -0,0 +1,79 @@ +package com.ccsens.signin.config; + +import com.ccsens.signin.bean.po.SysUser; +import com.ccsens.signin.service.IUserService; +import com.ccsens.util.*; +import io.jsonwebtoken.Claims; +import io.jsonwebtoken.ExpiredJwtException; +import io.jsonwebtoken.SignatureException; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.servlet.HandlerInterceptor; +import org.springframework.web.servlet.ModelAndView; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +public class TokenInterceptor implements HandlerInterceptor { + @Autowired + private IUserService userService; + + @Override + public boolean preHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o) throws Exception { + // 验证token是否存在 + final String authHeader = httpServletRequest.getHeader(WebConstant.HEADER_KEY_TOKEN); + if (authHeader == null || !authHeader.startsWith(WebConstant.HEADER_KEY_TOKEN_PREFIX)) { + HttpServletUtil.responseJson(httpServletResponse, + JacksonUtil.beanToJson(JsonResponse.newInstance().tokenNotFound())); + return false; + } + final String token = authHeader.substring(WebConstant.HEADER_KEY_TOKEN_PREFIX.length()); + + //验证token是否有效 + Claims claims = null; + try { + claims = JwtUtil.parseJWT(token, WebConstant.JWT_ACCESS_TOKEN_SECERT); + }catch(SignatureException e){ + HttpServletUtil.responseJson(httpServletResponse, + JacksonUtil.beanToJson(JsonResponse.newInstance().tokenSignatureFail(e.getMessage()))); + return false; + }catch(ExpiredJwtException e){ + HttpServletUtil.responseJson(httpServletResponse, + JacksonUtil.beanToJson(JsonResponse.newInstance().tokenExpire(e.getMessage()))); + return false; + }catch(Exception e){ + HttpServletUtil.responseJson(httpServletResponse, + JacksonUtil.beanToJson(JsonResponse.newInstance().tokenFailed(e.getMessage()))); + return false; + } + + //验证用户存根 + if(userService.tokenNotExistInCache(Long.valueOf(claims.getSubject()))){ + HttpServletUtil.responseJson(httpServletResponse, + JacksonUtil.beanToJson(JsonResponse.newInstance().tokenStubNotFound())); + return false; + } + + + //验证用户是否禁用 + SysUser user = userService.getUserById(Long.valueOf(claims.getSubject())); + if(user.getRecStatus() == WebConstant.REC_STATUS.Disabled.value){ + HttpServletUtil.responseJson(httpServletResponse, + JacksonUtil.beanToJson(JsonResponse.newInstance().userDisabled())); + return false; + } + + //在request中存放claims + httpServletRequest.setAttribute(WebConstant.REQUEST_KEY_CLAIMS,claims); + return true; + } + + @Override + public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { + + } + + @Override + public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { + + } +} diff --git a/util/src/main/java/com/ccsens/util/Md5Util.java b/util/src/main/java/com/ccsens/util/Md5Util.java index fb554bc2..c0b1e4d0 100644 --- a/util/src/main/java/com/ccsens/util/Md5Util.java +++ b/util/src/main/java/com/ccsens/util/Md5Util.java @@ -100,4 +100,6 @@ public class Md5Util { // System.out.println(getMd5File(path1)); // } + + } diff --git a/util/src/main/java/com/ccsens/util/notice/NoticePropUtil.java b/util/src/main/java/com/ccsens/util/notice/NoticePropUtil.java index 635a5821..36979688 100644 --- a/util/src/main/java/com/ccsens/util/notice/NoticePropUtil.java +++ b/util/src/main/java/com/ccsens/util/notice/NoticePropUtil.java @@ -14,7 +14,7 @@ import org.springframework.stereotype.Component; * @author: wu huijuan * @create: 2019/10/21 10:37 */ -@PropertySource(name="noticePropUtil",value = {"classpath:notice/notice.yml"}, factory = MyPropertySourceFactory.class) +//@PropertySource(name="noticePropUtil",value = {"classpath:notice/notice.yml"}, factory = MyPropertySourceFactory.class) @Component public class NoticePropUtil { @ApiModelProperty("host") diff --git a/util/src/test/java/com/ccsens/util/Base64Test.java b/util/src/test/java/com/ccsens/util/Base64Test.java index 0450a026..522082c2 100644 --- a/util/src/test/java/com/ccsens/util/Base64Test.java +++ b/util/src/test/java/com/ccsens/util/Base64Test.java @@ -1,8 +1,13 @@ package com.ccsens.util; import cn.hutool.core.codec.Base64; +import cn.hutool.core.lang.Console; import cn.hutool.core.util.ZipUtil; +import cn.hutool.crypto.symmetric.SymmetricAlgorithm; +import cn.hutool.crypto.symmetric.SymmetricCrypto; +import com.alibaba.fastjson.JSONObject; import com.ccsens.util.exception.BaseException; +import io.swagger.annotations.ApiModelProperty; import lombok.extern.slf4j.Slf4j; import org.junit.Test; import sun.misc.BASE64Decoder; @@ -12,6 +17,7 @@ import sun.misc.BASE64Encoder; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; +import java.security.MessageDigest; /** * @description: @@ -22,6 +28,8 @@ import java.io.FileOutputStream; public class Base64Test { + private static Object TestEncrypt; + @Test public void test01() throws Exception { File file = new File("d:" + File.separator + "1.png"); @@ -118,4 +126,45 @@ public class Base64Test { System.out.println(((Class)c.getClass().getField("TYPE").get(null)).isPrimitive()); } + public static class TestEncrypt{ + private Long p = 1386496320902139904L; + private Long r = 1386496320902139904L; + } + + /**加密*/ + @Test + public void test3()throws Exception{ + String string1 = Md5Util.stringTo(JSONObject.toJSONString(Base64Test.TestEncrypt)); + System.out.println(string1); +// SymmetricCrypto aes = new SymmetricCrypto(SymmetricAlgorithm.AES, Base64.decode(key)); +// String encryptHex = aes.encryptHex(string); +// System.out.println(encryptHex); + String s = Base64Test.shaEncode(JSONObject.toJSONString(Base64Test.TestEncrypt)); + System.out.println(s); + + } + + public static String shaEncode(String inStr) throws Exception { + MessageDigest sha = null; + try { + sha = MessageDigest.getInstance("SHA"); + } catch (Exception e) { + System.out.println(e.toString()); + e.printStackTrace(); + return ""; + } + + byte[] byteArray = inStr.getBytes("UTF-8"); + byte[] md5Bytes = sha.digest(byteArray); + StringBuffer hexValue = new StringBuffer(); + for (int i = 0; i < md5Bytes.length; i++) { + int val = ((int) md5Bytes[i]) & 0xff; + if (val < 16) { + hexValue.append("0"); + } + hexValue.append(Integer.toHexString(val)); + } + return hexValue.toString(); + } + }