From 7ae23e17d8e90dc634f3f86e2eee209cbacaace3 Mon Sep 17 00:00:00 2001
From: xiaoyong931011 <15274802129@163.com>
Date: Mon, 30 Nov 2020 17:15:53 +0800
Subject: [PATCH] 20201130

---
 src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java |   13 +++++++------
 1 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
index 556cd04..e98bac2 100644
--- a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
+++ b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
@@ -48,16 +48,16 @@
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
         HttpServletRequest request = (HttpServletRequest) servletRequest;
         HttpServletResponse response = (HttpServletResponse) servletResponse;
-        String token = resolveToken(request);
+        String token = resolveTokenOutCenter(request);
 
         if (!AppContants.TIME_OUT.equals(token)) {
             if (StrUtil.isNotBlank(token)) {
                 String redisKey = "";
                 // 根据user-agent判断pc端还是app端
                 if (LoginUserUtils.isBrowser(request)) {
-                    redisKey = token;
+                    redisKey = token;;
                 } else {
-                    redisKey = token;
+                    redisKey = token;;
                 }
 
                 String loginStr = (String) redisUtils.get(redisKey);
@@ -81,7 +81,7 @@
     }
     
     /**
-     * 解析前端传来的token，md5加密后的地址_/api_设备iD
+     * 解析前端传来的token，md5加密后的地址_设备iD_/api
      *
      * @param request
      * @return
@@ -96,9 +96,10 @@
                 // 去掉令牌前缀
                 String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");
                 RSA rsa = new RSA(securityProperties.getPrivateKey(), null);
-                String[] tokens = StrUtil.split(rsa.decryptStr(rsaToken, KeyType.PrivateKey), "_");
+                String decryptStr = rsa.decryptStr(rsaToken, KeyType.PrivateKey);
+                String[] tokens = StrUtil.split(decryptStr, "_");
 
-                if (StrUtil.isNotEmpty(requestURL) && requestURL.toString().contains(tokens[1])) {
+                if (StrUtil.isNotEmpty(requestURL) && requestURL.toString().contains(tokens[2])) {
                     return tokens[0];
                 } else {
 //                    log.info("前面token为{}", tokens[0]);

--
Gitblit v1.9.1