登录拦截器修改
This commit is contained in:
zk
@@ -11,6 +11,7 @@ import java.util.stream.Collectors;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
@@ -46,13 +47,9 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
/**
|
||||
* 加密密钥
|
||||
*/
|
||||
@Value("${app.secret.token:sh.0807.}")
|
||||
@Value("${app.secret.token:youweiqingnian123}")
|
||||
private String secret;
|
||||
/**
|
||||
* 在线设备数量
|
||||
*/
|
||||
@Value("${app.login.device_online_quantity:5}")
|
||||
private int deviceOnlineQuantity;
|
||||
|
||||
/**
|
||||
* token过期时间
|
||||
*/
|
||||
@@ -74,8 +71,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
private RedisServerTool redisServerTool;
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
|
||||
throws ServletException, IOException {
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
|
||||
|
||||
// 忽略接口放行
|
||||
if (ifCurrentUrl(ignoreUrls, request.getRequestURI())) {
|
||||
@@ -83,8 +79,23 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
return;
|
||||
}
|
||||
|
||||
// 获取token
|
||||
String token = request.getHeader("Token");
|
||||
// 获取token:优先从cookie获取,不存在则从请求头获取
|
||||
String token = null;
|
||||
if (request.getCookies() != null) {
|
||||
for (Cookie cookie : request.getCookies()) {
|
||||
if ("Token".equals(cookie.getName())) {
|
||||
token = cookie.getValue();
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!StringUtils.hasText(token)) {
|
||||
token = request.getHeader("Token");
|
||||
}
|
||||
|
||||
|
||||
|
||||
if (!StringUtils.hasText(token)) {
|
||||
// 放行
|
||||
filterChain.doFilter(request, response);
|
||||
@@ -109,8 +120,10 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
|
||||
// 获取登录设备信息
|
||||
List<RedisLoginTokenInfo.LoginDevice> devices = info.getLoginDevices();
|
||||
|
||||
// 过滤过期
|
||||
devices = devices.stream().filter(v -> v.getLastLoginTime().isBefore(new Date(System.currentTimeMillis() + tokenExceedTime * 1000L).toInstant())).collect(Collectors.toList());
|
||||
|
||||
Map<String, RedisLoginTokenInfo.LoginDevice> map = devices.stream().collect(Collectors.toMap(RedisLoginTokenInfo.LoginDevice::getUuId, v -> v));
|
||||
Assert.isTrue(map.containsKey(uuId), "登录过期");
|
||||
|
||||
@@ -124,6 +137,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
|
||||
new UsernamePasswordAuthenticationToken(info.getUserId(), info,
|
||||
info.getAuthority().stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList()));
|
||||
authenticationToken.setDetails(info);
|
||||
|
||||
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
||||
|
||||
MDC.put("userId", userId.toString());
|
||||
|
||||
Reference in New Issue
Block a user