From 95a96d237beaa34982a71295603f27ec3bc99dcd Mon Sep 17 00:00:00 2001
From: Helius <wangdoubleone@gmail.com>
Date: Wed, 02 Dec 2020 17:26:51 +0800
Subject: [PATCH] modify

---
 src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java |   14 ++++++++------
 1 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
index 556cd04..fa137ba 100644
--- a/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
+++ b/src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java
@@ -48,16 +48,16 @@
     public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
         HttpServletRequest request = (HttpServletRequest) servletRequest;
         HttpServletResponse response = (HttpServletResponse) servletResponse;
-        String token = resolveToken(request);
+        String token = resolveTokenOutCenter(request);
 
         if (!AppContants.TIME_OUT.equals(token)) {
             if (StrUtil.isNotBlank(token)) {
                 String redisKey = "";
                 // 根据user-agent判断pc端还是app端
                 if (LoginUserUtils.isBrowser(request)) {
-                    redisKey = token;
+                    redisKey = token;;
                 } else {
-                    redisKey = token;
+                    redisKey = token;;
                 }
 
                 String loginStr = (String) redisUtils.get(redisKey);
@@ -81,7 +81,7 @@
     }
     
     /**
-     * 解析前端传来的token，md5加密后的地址_/api_设备iD
+     * 解析前端传来的token，md5加密后的地址_设备iD_/api
      *
      * @param request
      * @return
@@ -96,9 +96,11 @@
                 // 去掉令牌前缀
                 String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");
                 RSA rsa = new RSA(securityProperties.getPrivateKey(), null);
-                String[] tokens = StrUtil.split(rsa.decryptStr(rsaToken, KeyType.PrivateKey), "_");
+                log.info("--->{}", rsaToken);
+                String decryptStr = rsa.decryptStr(rsaToken, KeyType.PrivateKey);
+                String[] tokens = StrUtil.split(decryptStr, "_");
 
-                if (StrUtil.isNotEmpty(requestURL) && requestURL.toString().contains(tokens[1])) {
+                if (StrUtil.isNotEmpty(requestURL) && requestURL.toString().contains(tokens[2])) {
                     return tokens[0];
                 } else {
 //                    log.info("前面token为{}", tokens[0]);

--
Gitblit v1.9.1