exchange.git - Gitblit

			@@ -4,10 +4,15 @@
			import cn.hutool.crypto.asymmetric.KeyType;
			import cn.hutool.crypto.asymmetric.RSA;
			import com.alibaba.fastjson.JSONObject;
			import com.fasterxml.jackson.databind.ObjectMapper;
			import com.xcong.excoin.common.LoginUserUtils;
			import com.xcong.excoin.common.contants.AppContants;
			import com.xcong.excoin.common.exception.GlobalException;
			import com.xcong.excoin.common.response.Result;
			import com.xcong.excoin.common.system.bean.LoginUserBean;
			import com.xcong.excoin.configurations.properties.ApplicationProperties;
			import com.xcong.excoin.configurations.properties.SecurityProperties;
			import com.xcong.excoin.modules.member.entity.MemberEntity;
			import com.xcong.excoin.utils.RedisUtils;
			import com.xcong.excoin.utils.SpringContextHolder;
			import lombok.extern.slf4j.Slf4j;
			@@ -22,6 +27,7 @@
			import javax.servlet.ServletRequest;
			import javax.servlet.ServletResponse;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.IOException;
			import java.util.ArrayList;

			@@ -41,21 +47,37 @@
			@Override
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;
			String token = resolveToken(request);
			if (StrUtil.isNotBlank(token)) {
			String loginStr = (String) redisUtils.get(AppContants.APP_LOGIN_PREFIX + token);
			if (StrUtil.isNotBlank(loginStr)) {
			LoginUserBean loginUser = JSONObject.parseObject(loginStr, LoginUserBean.class);
			Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser.getMemberEntity(), token, new ArrayList<>());
			SecurityContextHolder.getContext().setAuthentication(authentication);
			redisUtils.expire(AppContants.APP_LOGIN_PREFIX + token, 300000);

			if (!AppContants.TIME_OUT.equals(token)) {
			if (StrUtil.isNotBlank(token)) {
			String redisKey = "";
			// 根据user-agent判断pc端还是app端
			if (LoginUserUtils.isBrowser(request)) {
			redisKey = AppContants.PC_LOGIN_PREFIX + token;
			} else {
			redisKey = AppContants.APP_LOGIN_PREFIX + token;
			}

			String loginStr = (String) redisUtils.get(redisKey);
			if (StrUtil.isNotBlank(loginStr)) {
			MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class);
			Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>());
			SecurityContextHolder.getContext().setAuthentication(authentication);
			redisUtils.expire(redisKey, 36000);
			} else {
			log.info("token无法查询:{}", token);
			SecurityContextHolder.clearContext();
			}
			} else {
			// log.info("token为空:{}", request.getRequestURI());
			SecurityContextHolder.clearContext();
			}
			} else {
			response.setHeader("TimeOut", AppContants.TIME_OUT);
			SecurityContextHolder.clearContext();
			}

			filterChain.doFilter(servletRequest, servletResponse);
			}

			@@ -76,9 +98,13 @@

			if (verifyTokenExpired(Long.parseLong(tokens[1]))) {
			return tokens[0];
			} else {
			// log.info("前面token为{}", tokens[0]);
			// log.info("时间为:{}, 当前时间为:{}", tokens[1], System.currentTimeMillis());
			return AppContants.TIME_OUT;
			}
			return null;
			}
			// log.info("bearerToken---->{}", bearerToken);
			} catch (Exception e) {
			log.error("#解析token异常#", e);
			return null;
			@@ -90,7 +116,7 @@
			boolean isDebug = applicationProperties.isDebug();
			if (!isDebug) {
			long currentTime = System.currentTimeMillis();
			return currentTime - time <= 5000;
			return currentTime - time <= 30000;
			}
			return true;
			}