exchange.git - Gitblit

parent: 5e94dc27 | patch | commit | ignore whitespace

Helius

2020-07-10 c8d7346677ec4dff85fc05792cc2d736d7fc3dfa

modify

6 files modified

	src/main/java/com/xcong/excoin/common/contants/AppContants.java	2 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/com/xcong/excoin/common/response/Result.java	7 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/com/xcong/excoin/configurations/security/CustomAuthenticationEntryPoint.java	20 ●●●●● patch \| view \| raw \| blame \| history
	src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java	57 ●●●●● patch \| view \| raw \| blame \| history
	src/main/resources/application.yml	2 ●●●●● patch \| view \| raw \| blame \| history
	src/test/java/com/xcong/excoin/SmsTest.java	7 ●●●●● patch \| view \| raw \| blame \| history

 src/main/java/com/xcong/excoin/common/contants/AppContants.java

@@ -74,4 +74,6 @@
     */
    public static final String UPLOAD_IMAGE_SUFFIX = ".jpg";

    public static final String TIME_OUT = "time_out";

}

 src/main/java/com/xcong/excoin/common/response/Result.java

@@ -70,4 +70,11 @@
        result.msg = msg;

        return result;

    }



    public static Result timeOut(String msg) {

        Result result = new Result();

        result.code = -3;

        result.msg = msg;

        return result;

    }

}


 src/main/java/com/xcong/excoin/configurations/security/CustomAuthenticationEntryPoint.java

@@ -1,6 +1,7 @@
package com.xcong.excoin.configurations.security;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.xcong.excoin.common.contants.AppContants;
import com.xcong.excoin.common.response.Result;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
@@ -19,10 +20,19 @@

    @Override
    public void commence(HttpServletRequest httpServletRequest, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
        Result result = Result.loginFail("Unauthorized");
        response.setCharacterEncoding("UTF-8");
        response.setContentType("application/json; charset=utf-8");
        response.getWriter().write(new ObjectMapper().writeValueAsString(result));
        response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        String timeOut = response.getHeader("TimeOut");
        if (AppContants.TIME_OUT.equals(timeOut)) {
            Result result = Result.timeOut("Time Out");
            response.setCharacterEncoding("UTF-8");
            response.setContentType("application/json; charset=utf-8");
            response.getWriter().write(new ObjectMapper().writeValueAsString(result));
            response.setStatus(HttpServletResponse.SC_REQUEST_TIMEOUT);
        } else {
            Result result = Result.loginFail("Unauthorized");
            response.setCharacterEncoding("UTF-8");
            response.setContentType("application/json; charset=utf-8");
            response.getWriter().write(new ObjectMapper().writeValueAsString(result));
            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
        }
    }
}

 src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java

@@ -4,8 +4,11 @@
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.RSA;
import com.alibaba.fastjson.JSONObject;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.xcong.excoin.common.LoginUserUtils;
import com.xcong.excoin.common.contants.AppContants;
import com.xcong.excoin.common.exception.GlobalException;
import com.xcong.excoin.common.response.Result;
import com.xcong.excoin.common.system.bean.LoginUserBean;
import com.xcong.excoin.configurations.properties.ApplicationProperties;
import com.xcong.excoin.configurations.properties.SecurityProperties;
@@ -24,6 +27,7 @@
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;

@@ -43,31 +47,37 @@
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        String token = resolveToken(request);
        if (StrUtil.isNotBlank(token)) {
            String redisKey = "";
            // 根据user-agent判断pc端还是app端
            if (LoginUserUtils.isBrowser(request)) {
                redisKey = AppContants.PC_LOGIN_PREFIX + token;
            } else {
                redisKey = AppContants.APP_LOGIN_PREFIX + token;
            }

            String loginStr = (String) redisUtils.get(redisKey);
            if (StrUtil.isNotBlank(loginStr)) {
                MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class);
                Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>());
                SecurityContextHolder.getContext().setAuthentication(authentication);
                redisUtils.expire(redisKey, 300000);
        if (!AppContants.TIME_OUT.equals(token)) {
            if (StrUtil.isNotBlank(token)) {
                String redisKey = "";
                // 根据user-agent判断pc端还是app端
                if (LoginUserUtils.isBrowser(request)) {
                    redisKey = AppContants.PC_LOGIN_PREFIX + token;
                } else {
                    redisKey = AppContants.APP_LOGIN_PREFIX + token;
                }

                String loginStr = (String) redisUtils.get(redisKey);
                if (StrUtil.isNotBlank(loginStr)) {
                    MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class);
                    Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>());
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                    redisUtils.expire(redisKey, 300000);
                } else {
                    log.info("token无法查询:{}", token);
                    SecurityContextHolder.clearContext();
                }
            } else {
                log.info("token无法查询:{}", token);
                log.info("token为空:{}", request.getRequestURI());
                SecurityContextHolder.clearContext();
            }
        } else {
            log.info("token为空:{}", request.getRequestURI());
            response.setHeader("TimeOut", AppContants.TIME_OUT);
            SecurityContextHolder.clearContext();
        }

        filterChain.doFilter(servletRequest, servletResponse);
    }

@@ -79,13 +89,7 @@
     */
    private String resolveToken(HttpServletRequest request) {
        try {
            // TODO debug模式下写死用户
            String bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
//            if (applicationProperties.isDebug()) {
//                bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo=";
//            } else {
//                bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
//            }
            if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(AppContants.TOKEN_START_WITH)) {
                // 去掉令牌前缀
                String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");
@@ -94,10 +98,11 @@

                if (verifyTokenExpired(Long.parseLong(tokens[1]))) {
                    return tokens[0];
                } else {
                    log.info("前面token为{}", tokens[0]);
                    log.info("时间为:{}, 当前时间为:{}", tokens[1], System.currentTimeMillis());
                    return AppContants.TIME_OUT;
                }
                log.info("前面token为{}", tokens[0]);
                log.info("时间为:{}, 当前时间为:{}", tokens[1], System.currentTimeMillis());
                return null;
            }
            log.info("bearerToken---->{}", bearerToken);
        } catch (Exception e) {

 src/main/resources/application.yml

@@ -91,7 +91,7 @@


app:
  debug: true
  debug: false
  redis_expire: 3000
  # k线更新任务控制
  kline-update-job: false

 src/test/java/com/xcong/excoin/SmsTest.java

@@ -1,5 +1,6 @@
package com.xcong.excoin;

import cn.hutool.core.date.DateUtil;
import cn.hutool.core.text.UnicodeUtil;
import org.junit.jupiter.api.Test;
import org.springframework.boot.test.context.SpringBootTest;
@@ -11,4 +12,10 @@
@SpringBootTest
public class SmsTest {

    public static void main(String[] args) {
        long time = 1594363341988L;

        System.out.println(DateUtil.date(time));
    }

}

			@@ -74,4 +74,6 @@
			*/
			public static final String UPLOAD_IMAGE_SUFFIX = ".jpg";

			public static final String TIME_OUT = "time_out";

			}

			@@ -70,4 +70,11 @@
			result.msg = msg;
			return result;
			}

			public static Result timeOut(String msg) {
			Result result = new Result();
			result.code = -3;
			result.msg = msg;
			return result;
			}
			}

			@@ -1,6 +1,7 @@
			package com.xcong.excoin.configurations.security;

			import com.fasterxml.jackson.databind.ObjectMapper;
			import com.xcong.excoin.common.contants.AppContants;
			import com.xcong.excoin.common.response.Result;
			import org.springframework.security.core.AuthenticationException;
			import org.springframework.security.web.AuthenticationEntryPoint;
			@@ -19,10 +20,19 @@

			@Override
			public void commence(HttpServletRequest httpServletRequest, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
			Result result = Result.loginFail("Unauthorized");
			response.setCharacterEncoding("UTF-8");
			response.setContentType("application/json; charset=utf-8");
			response.getWriter().write(new ObjectMapper().writeValueAsString(result));
			response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
			String timeOut = response.getHeader("TimeOut");
			if (AppContants.TIME_OUT.equals(timeOut)) {
			Result result = Result.timeOut("Time Out");
			response.setCharacterEncoding("UTF-8");
			response.setContentType("application/json; charset=utf-8");
			response.getWriter().write(new ObjectMapper().writeValueAsString(result));
			response.setStatus(HttpServletResponse.SC_REQUEST_TIMEOUT);
			} else {
			Result result = Result.loginFail("Unauthorized");
			response.setCharacterEncoding("UTF-8");
			response.setContentType("application/json; charset=utf-8");
			response.getWriter().write(new ObjectMapper().writeValueAsString(result));
			response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
			}
			}
			}

			@@ -4,8 +4,11 @@
			import cn.hutool.crypto.asymmetric.KeyType;
			import cn.hutool.crypto.asymmetric.RSA;
			import com.alibaba.fastjson.JSONObject;
			import com.fasterxml.jackson.databind.ObjectMapper;
			import com.xcong.excoin.common.LoginUserUtils;
			import com.xcong.excoin.common.contants.AppContants;
			import com.xcong.excoin.common.exception.GlobalException;
			import com.xcong.excoin.common.response.Result;
			import com.xcong.excoin.common.system.bean.LoginUserBean;
			import com.xcong.excoin.configurations.properties.ApplicationProperties;
			import com.xcong.excoin.configurations.properties.SecurityProperties;
			@@ -24,6 +27,7 @@
			import javax.servlet.ServletRequest;
			import javax.servlet.ServletResponse;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.IOException;
			import java.util.ArrayList;

			@@ -43,31 +47,37 @@
			@Override
			public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
			HttpServletRequest request = (HttpServletRequest) servletRequest;
			HttpServletResponse response = (HttpServletResponse) servletResponse;
			String token = resolveToken(request);
			if (StrUtil.isNotBlank(token)) {
			String redisKey = "";
			// 根据user-agent判断pc端还是app端
			if (LoginUserUtils.isBrowser(request)) {
			redisKey = AppContants.PC_LOGIN_PREFIX + token;
			} else {
			redisKey = AppContants.APP_LOGIN_PREFIX + token;
			}

			String loginStr = (String) redisUtils.get(redisKey);
			if (StrUtil.isNotBlank(loginStr)) {
			MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class);
			Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>());
			SecurityContextHolder.getContext().setAuthentication(authentication);
			redisUtils.expire(redisKey, 300000);
			if (!AppContants.TIME_OUT.equals(token)) {
			if (StrUtil.isNotBlank(token)) {
			String redisKey = "";
			// 根据user-agent判断pc端还是app端
			if (LoginUserUtils.isBrowser(request)) {
			redisKey = AppContants.PC_LOGIN_PREFIX + token;
			} else {
			redisKey = AppContants.APP_LOGIN_PREFIX + token;
			}

			String loginStr = (String) redisUtils.get(redisKey);
			if (StrUtil.isNotBlank(loginStr)) {
			MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class);
			Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>());
			SecurityContextHolder.getContext().setAuthentication(authentication);
			redisUtils.expire(redisKey, 300000);
			} else {
			log.info("token无法查询:{}", token);
			SecurityContextHolder.clearContext();
			}
			} else {
			log.info("token无法查询:{}", token);
			log.info("token为空:{}", request.getRequestURI());
			SecurityContextHolder.clearContext();
			}
			} else {
			log.info("token为空:{}", request.getRequestURI());
			response.setHeader("TimeOut", AppContants.TIME_OUT);
			SecurityContextHolder.clearContext();
			}

			filterChain.doFilter(servletRequest, servletResponse);
			}

			@@ -79,13 +89,7 @@
			*/
			private String resolveToken(HttpServletRequest request) {
			try {
			// TODO debug模式下写死用户
			String bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
			// if (applicationProperties.isDebug()) {
			// bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo=";
			// } else {
			// bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
			// }
			if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(AppContants.TOKEN_START_WITH)) {
			// 去掉令牌前缀
			String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");
			@@ -94,10 +98,11 @@

			if (verifyTokenExpired(Long.parseLong(tokens[1]))) {
			return tokens[0];
			} else {
			log.info("前面token为{}", tokens[0]);
			log.info("时间为:{}, 当前时间为:{}", tokens[1], System.currentTimeMillis());
			return AppContants.TIME_OUT;
			}
			log.info("前面token为{}", tokens[0]);
			log.info("时间为:{}, 当前时间为:{}", tokens[1], System.currentTimeMillis());
			return null;
			}
			log.info("bearerToken---->{}", bearerToken);
			} catch (Exception e) {

			@@ -91,7 +91,7 @@


			app:
			debug: true
			debug: false
			redis_expire: 3000
			# k线更新任务控制
			kline-update-job: false

			@@ -1,5 +1,6 @@
			package com.xcong.excoin;

			import cn.hutool.core.date.DateUtil;
			import cn.hutool.core.text.UnicodeUtil;
			import org.junit.jupiter.api.Test;
			import org.springframework.boot.test.context.SpringBootTest;
			@@ -11,4 +12,10 @@
			@SpringBootTest
			public class SmsTest {

			public static void main(String[] args) {
			long time = 1594363341988L;

			System.out.println(DateUtil.date(time));
			}

			}