| | |
|---|
| | | import cn.hutool.crypto.asymmetric.KeyType; |
|---|
| | | import cn.hutool.crypto.asymmetric.RSA; |
|---|
| | | import com.alibaba.fastjson.JSONObject; |
|---|
| | | import com.xcong.excoin.common.LoginUserUtils; |
|---|
| | | import com.xcong.excoin.common.contants.AppContants; |
|---|
| | | import com.xcong.excoin.common.system.bean.LoginUserBean; |
|---|
| | | import com.xcong.excoin.configurations.properties.ApplicationProperties; |
|---|
| | | import com.xcong.excoin.configurations.properties.SecurityProperties; |
|---|
| | | import com.xcong.excoin.modules.member.entity.MemberEntity; |
|---|
| | | import com.xcong.excoin.utils.RedisUtils; |
|---|
| | | import com.xcong.excoin.utils.SpringContextHolder; |
|---|
| | | import lombok.extern.slf4j.Slf4j; |
|---|
| | |
|---|
| | | HttpServletRequest request = (HttpServletRequest) servletRequest; |
|---|
| | | String token = resolveToken(request); |
|---|
| | | if (StrUtil.isNotBlank(token)) { |
|---|
| | | String loginStr = (String) redisUtils.get(AppContants.APP_LOGIN_PREFIX + token); |
|---|
| | | String redisKey = ""; |
|---|
| | | // 根据user-agent判断pc端还是app端 |
|---|
| | | if (LoginUserUtils.isBrowser(request)) { |
|---|
| | | redisKey = AppContants.PC_LOGIN_PREFIX + token; |
|---|
| | | } else { |
|---|
| | | redisKey = AppContants.APP_LOGIN_PREFIX + token; |
|---|
| | | } |
|---|
| | | |
|---|
| | | String loginStr = (String) redisUtils.get(redisKey); |
|---|
| | | if (StrUtil.isNotBlank(loginStr)) { |
|---|
| | | LoginUserBean loginUser = JSONObject.parseObject(loginStr, LoginUserBean.class); |
|---|
| | | Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser.getMemberEntity(), token, new ArrayList<>()); |
|---|
| | | MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class); |
|---|
| | | Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>()); |
|---|
| | | SecurityContextHolder.getContext().setAuthentication(authentication); |
|---|
| | | redisUtils.expire(AppContants.APP_LOGIN_PREFIX + token, 300000); |
|---|
| | | redisUtils.expire(redisKey, 300000); |
|---|
| | | } else { |
|---|
| | | SecurityContextHolder.clearContext(); |
|---|
| | | } |
|---|
| | |
|---|
| | | */ |
|---|
| | | private String resolveToken(HttpServletRequest request) { |
|---|
| | | try { |
|---|
| | | // TODO debug模式下写死用户 |
|---|
| | | String bearerToken = request.getHeader(AppContants.TOKEN_HEADER); |
|---|
| | | // if (applicationProperties.isDebug()) { |
|---|
| | | // bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo="; |
|---|
| | | // } else { |
|---|
| | | // bearerToken = request.getHeader(AppContants.TOKEN_HEADER); |
|---|
| | | // } |
|---|
| | | if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(AppContants.TOKEN_START_WITH)) { |
|---|
| | | // 去掉令牌前缀 |
|---|
| | | String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, ""); |
|---|
| | | RSA rsa = new RSA(securityProperties.getPrivateKey(), null); |
|---|
| | | String[] tokens = StrUtil.split(rsa.decryptStr(rsaToken, KeyType.PrivateKey), "_"); |
|---|
| | | |
|---|
| | | if (verifyTokenExpired(Long.parseLong(tokens[1]))) { |
|---|
| | | return tokens[0]; |
|---|
| | | } |
|---|
