From 3d9e7358fb532013555b8574321b3718e23615cd Mon Sep 17 00:00:00 2001
From: Helius <wangdoubleone@gmail.com>
Date: Tue, 07 Jul 2020 18:16:27 +0800
Subject: [PATCH] modify
---
src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java | 25 ++++++++++++++++++++-----
1 files changed, 20 insertions(+), 5 deletions(-)
diff --git a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
index 6ebf4d8..2284d12 100644
--- a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
+++ b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
@@ -4,10 +4,12 @@
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.RSA;
import com.alibaba.fastjson.JSONObject;
+import com.xcong.excoin.common.LoginUserUtils;
import com.xcong.excoin.common.contants.AppContants;
import com.xcong.excoin.common.system.bean.LoginUserBean;
import com.xcong.excoin.configurations.properties.ApplicationProperties;
import com.xcong.excoin.configurations.properties.SecurityProperties;
+import com.xcong.excoin.modules.member.entity.MemberEntity;
import com.xcong.excoin.utils.RedisUtils;
import com.xcong.excoin.utils.SpringContextHolder;
import lombok.extern.slf4j.Slf4j;
@@ -43,12 +45,20 @@
HttpServletRequest request = (HttpServletRequest) servletRequest;
String token = resolveToken(request);
if (StrUtil.isNotBlank(token)) {
- String loginStr = (String) redisUtils.get(AppContants.APP_LOGIN_PREFIX + token);
+ String redisKey = "";
+ // 根据user-agent判断pc端还是app端
+ if (LoginUserUtils.isBrowser(request)) {
+ redisKey = AppContants.PC_LOGIN_PREFIX + token;
+ } else {
+ redisKey = AppContants.APP_LOGIN_PREFIX + token;
+ }
+
+ String loginStr = (String) redisUtils.get(redisKey);
if (StrUtil.isNotBlank(loginStr)) {
- LoginUserBean loginUser = JSONObject.parseObject(loginStr, LoginUserBean.class);
- Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser.getMemberEntity(), token, new ArrayList<>());
+ MemberEntity loginUser = JSONObject.parseObject(loginStr, MemberEntity.class);
+ Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser, token, new ArrayList<>());
SecurityContextHolder.getContext().setAuthentication(authentication);
- redisUtils.expire(AppContants.APP_LOGIN_PREFIX + token, 300000);
+ redisUtils.expire(redisKey, 300000);
} else {
SecurityContextHolder.clearContext();
}
@@ -67,13 +77,18 @@
*/
private String resolveToken(HttpServletRequest request) {
try {
+ // TODO debug模式下写死用户
String bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
+// if (applicationProperties.isDebug()) {
+// bearerToken = "Bearer JSEre1ZUKEu2Ga5ORM+juxXv6yBwmt+FgLhxaeHf1EEJfIb3oRir4pXqe5JDhS6sXfLYOXRIAyBpq+SYBwAtGigxwzGVPn+k4Pt6vNxZ4h8Pk4IeG4+FqbFD0guzvu3WN2eRnnzYqCepl429v9Ju7n4jSG0Hj5ViM3MHQZs3qHo=";
+// } else {
+// bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
+// }
if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(AppContants.TOKEN_START_WITH)) {
// 去掉令牌前缀
String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");
RSA rsa = new RSA(securityProperties.getPrivateKey(), null);
String[] tokens = StrUtil.split(rsa.decryptStr(rsaToken, KeyType.PrivateKey), "_");
-
if (verifyTokenExpired(Long.parseLong(tokens[1]))) {
return tokens[0];
}
--
Gitblit v1.9.1