From 0b41cffa071b82e96c53f9f0fc394259442e24d1 Mon Sep 17 00:00:00 2001
From: Helius <wangdoubleone@gmail.com>
Date: Mon, 08 Jun 2020 16:40:39 +0800
Subject: [PATCH] modify
---
src/main/java/com/xcong/excoin/common/contants/AppContants.java | 2 +
src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java | 25 ++++++++----
src/main/java/com/xcong/excoin/common/system/controller/LoginController.java | 27 ++++++++++++-
src/main/java/com/xcong/excoin/common/LoginUserUtils.java | 11 +++++
4 files changed, 54 insertions(+), 11 deletions(-)
diff --git a/src/main/java/com/xcong/excoin/common/LoginUserUtils.java b/src/main/java/com/xcong/excoin/common/LoginUserUtils.java
index 0c24019..9295a71 100644
--- a/src/main/java/com/xcong/excoin/common/LoginUserUtils.java
+++ b/src/main/java/com/xcong/excoin/common/LoginUserUtils.java
@@ -3,7 +3,10 @@
import com.xcong.excoin.common.exception.GlobalException;
import com.xcong.excoin.modules.member.entity.MemberEntity;
import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpRequest;
import org.springframework.security.core.context.SecurityContextHolder;
+
+import javax.servlet.http.HttpServletRequest;
/**
* 登陆用户工具类
@@ -44,4 +47,12 @@
return (MemberEntity) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
}
}
+
+ public static boolean isBrowser(HttpServletRequest request) {
+ String userAgent = request.getHeader("user-agent");
+ if (userAgent.toLowerCase().contains("mobile")) {
+ return false;
+ }
+ return true;
+ }
}
diff --git a/src/main/java/com/xcong/excoin/common/contants/AppContants.java b/src/main/java/com/xcong/excoin/common/contants/AppContants.java
index 3feb302..732ae93 100644
--- a/src/main/java/com/xcong/excoin/common/contants/AppContants.java
+++ b/src/main/java/com/xcong/excoin/common/contants/AppContants.java
@@ -19,6 +19,8 @@
*/
public static final String APP_LOGIN_PREFIX = "app_";
+ public static final String PC_LOGIN_PREFIX = "pc_";
+
/**
* token头部
*/
diff --git a/src/main/java/com/xcong/excoin/common/system/controller/LoginController.java b/src/main/java/com/xcong/excoin/common/system/controller/LoginController.java
index a5e363c..e2bb955 100644
--- a/src/main/java/com/xcong/excoin/common/system/controller/LoginController.java
+++ b/src/main/java/com/xcong/excoin/common/system/controller/LoginController.java
@@ -2,12 +2,14 @@
import cn.hutool.core.codec.Base64;
import cn.hutool.core.util.IdUtil;
+import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.SecureUtil;
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.RSA;
import cn.hutool.crypto.asymmetric.Sign;
import cn.hutool.crypto.asymmetric.SignAlgorithm;
import com.alibaba.fastjson.JSONObject;
+import com.xcong.excoin.common.LoginUserUtils;
import com.xcong.excoin.common.contants.AppContants;
import com.xcong.excoin.common.response.Result;
import com.xcong.excoin.common.system.bean.LoginUserBean;
@@ -28,6 +30,7 @@
import org.springframework.web.bind.annotation.*;
import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
@@ -60,7 +63,7 @@
@ApiOperation(value = "登陆接口", notes = "登陆接口")
@PostMapping("/login")
- public Result login(@RequestBody @Validated LoginDto loginDto) {
+ public Result login(@RequestBody @Validated LoginDto loginDto, HttpServletRequest request) {
// 将账号密码交给spring security验证,并调用userServiceDetails
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(loginDto.getUsername(), SecureUtil.md5(loginDto.getPassword()));
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authToken);
@@ -70,7 +73,25 @@
// 生成UUID作为token
String token = IdUtil.simpleUUID();
- redisUtils.set(AppContants.APP_LOGIN_PREFIX + token, JSONObject.toJSONString(loginUserBean), applicationProperties.getRedisExpire());
+ String redisToken = "";
+ String redisMember = "";
+ if (LoginUserUtils.isBrowser(request)) {
+ redisToken = AppContants.PC_LOGIN_PREFIX + token;
+ redisMember = AppContants.PC_LOGIN_PREFIX + loginUserBean.getMemberEntity().getId();
+ } else {
+ redisToken = AppContants.APP_LOGIN_PREFIX + token;
+ redisMember = AppContants.APP_LOGIN_PREFIX + loginUserBean.getMemberEntity().getId();
+ }
+
+ if (StrUtil.isNotBlank(redisUtils.getString(redisMember))) {
+ if (redisMember.contains(AppContants.APP_LOGIN_PREFIX)) {
+ redisUtils.del(AppContants.APP_LOGIN_PREFIX + redisUtils.getString(redisMember));
+ } else {
+ redisUtils.del(AppContants.PC_LOGIN_PREFIX + redisUtils.getString(redisMember));
+ }
+ }
+ redisUtils.set(redisToken, JSONObject.toJSONString(loginUserBean), applicationProperties.getRedisExpire());
+ redisUtils.set(redisMember, token);
Map<String, Object> authInfo = new HashMap<>();
// 开启debug模式,则将加密后的token返回
if (applicationProperties.isDebug()) {
@@ -86,7 +107,7 @@
public String generateAsaToken(String token) {
RSA rsa = new RSA(null, securityProperties.getPublicKey());
- return rsa.encryptBase64(token + "_" +System.currentTimeMillis(), KeyType.PublicKey);
+ return rsa.encryptBase64(token + "_" + System.currentTimeMillis(), KeyType.PublicKey);
}
@ApiOperation(value = "app注册接口", notes = "app注册接口,验证码必须输入可默认为123456")
diff --git a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
index 0e5624d..8b98b0b 100644
--- a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
+++ b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
@@ -4,6 +4,7 @@
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.RSA;
import com.alibaba.fastjson.JSONObject;
+import com.xcong.excoin.common.LoginUserUtils;
import com.xcong.excoin.common.contants.AppContants;
import com.xcong.excoin.common.system.bean.LoginUserBean;
import com.xcong.excoin.configurations.properties.ApplicationProperties;
@@ -43,12 +44,20 @@
HttpServletRequest request = (HttpServletRequest) servletRequest;
String token = resolveToken(request);
if (StrUtil.isNotBlank(token)) {
- String loginStr = (String) redisUtils.get(AppContants.APP_LOGIN_PREFIX + token);
+ String redisKey = "";
+ // 根据user-agent判断pc端还是app端
+ if (LoginUserUtils.isBrowser(request)) {
+ redisKey = AppContants.PC_LOGIN_PREFIX + token;
+ } else {
+ redisKey = AppContants.APP_LOGIN_PREFIX + token;
+ }
+
+ String loginStr = (String) redisUtils.get(redisKey);
if (StrUtil.isNotBlank(loginStr)) {
LoginUserBean loginUser = JSONObject.parseObject(loginStr, LoginUserBean.class);
Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser.getMemberEntity(), token, new ArrayList<>());
SecurityContextHolder.getContext().setAuthentication(authentication);
- redisUtils.expire(AppContants.APP_LOGIN_PREFIX + token, 300000);
+ redisUtils.expire(redisKey, 300000);
} else {
SecurityContextHolder.clearContext();
}
@@ -68,12 +77,12 @@
private String resolveToken(HttpServletRequest request) {
try {
// TODO debug模式下写死用户
- String bearerToken = "";
- if (applicationProperties.isDebug()) {
- bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo=";
- } else {
- bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
- }
+ String bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
+// if (applicationProperties.isDebug()) {
+// bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo=";
+// } else {
+// bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
+// }
if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(AppContants.TOKEN_START_WITH)) {
// 去掉令牌前缀
String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");
--
Gitblit v1.9.1