wms / wms4 · Commits

Commit d8be24e3c315aa88e071276fd934c5a19c69ba03

Authored by 谭毅彬
1 parent 200130cf

创建人,更新人取值错误修正 

Signed-off-by: TanYibin <5491541@qq.com>
Inline Side-by-side
Showing 3 changed files with 143 additions and 28 deletions
huaheng-wms-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java 0 → 100644
  View file @d8be24e
  1 +package org.jeecg.config.shiro;
  2 +
  3 +import java.util.Set;
  4 +
  5 +import javax.annotation.Resource;
  6 +import javax.servlet.ServletResponse;
  7 +
  8 +import org.apache.shiro.authc.AuthenticationException;
  9 +import org.apache.shiro.authc.AuthenticationInfo;
  10 +import org.apache.shiro.authc.AuthenticationToken;
  11 +import org.apache.shiro.authc.SimpleAuthenticationInfo;
  12 +import org.apache.shiro.authz.AuthorizationInfo;
  13 +import org.apache.shiro.authz.SimpleAuthorizationInfo;
  14 +import org.apache.shiro.realm.AuthorizingRealm;
  15 +import org.apache.shiro.subject.PrincipalCollection;
  16 +import org.jeecg.common.api.CommonAPI;
  17 +import org.jeecg.common.system.util.JwtUtil;
  18 +import org.jeecg.common.system.vo.LoginUser;
  19 +import org.jeecg.common.util.RedisUtil;
  20 +import org.jeecg.common.util.SpringContextUtils;
  21 +import org.jeecg.common.util.oConvertUtils;
  22 +import org.jeecg.utils.HuahengJwtUtil;
  23 +import org.slf4j.Logger;
  24 +import org.slf4j.LoggerFactory;
  25 +import org.springframework.context.annotation.Lazy;
  26 +import org.springframework.stereotype.Component;
  27 +
  28 +@Component
  29 +public class ShiroRealm extends AuthorizingRealm {
  30 + private static final Logger log = LoggerFactory.getLogger(ShiroRealm.class);
  31 +
  32 + @Lazy
  33 + @Resource
  34 + private CommonAPI commonAPI;
  35 +
  36 + @Lazy
  37 + @Resource
  38 + private RedisUtil redisUtil;
  39 +
  40 + public boolean supports(AuthenticationToken token) {
  41 + return token instanceof JwtToken;
  42 + }
  43 +
  44 + protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
  45 + log.info("===============Shiro权限认证开始============ [ roles、permissions]==========");
  46 + String username = null;
  47 + if (principals != null) {
  48 + LoginUser sysUser = (LoginUser)principals.getPrimaryPrincipal();
  49 + username = sysUser.getUsername();
  50 + }
  51 + SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
  52 + Set<String> roleSet = this.commonAPI.queryUserRoles(username);
  53 +// System.out.println(roleSet.toString());
  54 + info.setRoles(roleSet);
  55 + Set<String> permissionSet = this.commonAPI.queryUserAuths(username);
  56 + info.addStringPermissions(permissionSet);
  57 +// System.out.println(permissionSet);
  58 + log.info("===============Shiro权限认证成功==============");
  59 + return (AuthorizationInfo)info;
  60 + }
  61 +
  62 + protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken auth) throws AuthenticationException {
  63 + log.debug("===============Shiro身份认证开始============doGetAuthenticationInfo==========");
  64 + String token = (String)auth.getCredentials();
  65 + if (token == null) {
  66 + log.info("————————身份认证失败——————————IP地址: " + oConvertUtils.getIpAddrByRequest(SpringContextUtils.getHttpServletRequest()));
  67 + throw new AuthenticationException("token为空!");
  68 + }
  69 + LoginUser loginUser = null;
  70 + try {
  71 + loginUser = checkUserTokenIsEffect(token);
  72 + } catch (AuthenticationException e) {
  73 + JwtUtil.responseError((ServletResponse)SpringContextUtils.getHttpServletResponse(), Integer.valueOf(401), e.getMessage());
  74 + e.printStackTrace();
  75 + return null;
  76 + }
  77 + return (AuthenticationInfo)new SimpleAuthenticationInfo(loginUser, token, getName());
  78 + }
  79 +
  80 + public LoginUser checkUserTokenIsEffect(String token) throws AuthenticationException {
  81 + String id = HuahengJwtUtil.getId(token);
  82 + String username = HuahengJwtUtil.getUsername(token);
  83 + String realname = HuahengJwtUtil.getRealname(token);
  84 + if (username == null) {
  85 + throw new AuthenticationException("token非法无效!");
  86 + }
  87 + LoginUser loginUser = new LoginUser();
  88 + loginUser.setId(id);
  89 + loginUser.setUsername(username);
  90 + loginUser.setRealname(realname);
  91 + return loginUser;
  92 + }
  93 +
  94 + public boolean jwtTokenRefresh(String token, String userName, String passWord) {
  95 + String cacheToken = String.valueOf(this.redisUtil.get("prefix_user_token_" + token));
  96 + if (oConvertUtils.isNotEmpty(cacheToken)) {
  97 + if (!JwtUtil.verify(cacheToken, userName, passWord)) {
  98 + String newAuthorization = JwtUtil.sign(userName, passWord);
  99 + this.redisUtil.set("prefix_user_token_" + token, newAuthorization);
  100 + this.redisUtil.expire("prefix_user_token_" + token, 14400L);
  101 + log.debug("——————————用户在线操作,更新token保证不掉线—————————jwtTokenRefresh——————— " + token);
  102 + }
  103 + return true;
  104 + }
  105 + return false;
  106 + }
  107 +
  108 + public void clearCache(PrincipalCollection principals) {
  109 + super.clearCache(principals);
  110 + }
  111 +}
0 \ No newline at end of file 112 \ No newline at end of file
huaheng-wms-core/src/main/java/org/jeecg/modules/system/controller/LoginController.java
  View file @d8be24e
@@ -651,32 +651,9 @@ public class LoginController { @@ -651,32 +651,9 @@ public class LoginController {
651 obj.put("tenantList", tenantList); 651 obj.put("tenantList", tenantList);
652 } 652 }
653 } 653 }
654 -  
655 - // 暂时移除唯一登录功能  
656 - // 删除相同用户名称对应的key  
657 -// Collection<String> keys = redisTemplate.keys(CommonConstant.PREFIX_USER_TOKEN + "*");  
658 -// for (String key : keys) {  
659 -// String token = (String)redisUtil.get(key);  
660 -// LoginUser loginUser = sysBaseAPI.getUserByName(JwtUtil.getUsername(token));  
661 -// if (loginUser != null) {  
662 -// if (oConvertUtils.isNotEmpty(username) && loginUser.getUsername().contains(username)) {  
663 -// log.info("强制 " + sysUser.getRealname() + " 退出成功! ");  
664 -// // 清空用户登录Token缓存  
665 -// redisUtil.del(token);  
666 -// // 清空用户登录Token缓存  
667 -// redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);  
668 -// // 清空用户登录Shiro权限缓存  
669 -// redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());  
670 -// // 清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username>  
671 -// redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));  
672 -// // 调用shiro的logout  
673 -// SecurityUtils.getSubject().logout();  
674 -// }  
675 -// }  
676 -// }  
677 List<String> roles = sysBaseAPI.getRolesByUsername(username); 654 List<String> roles = sysBaseAPI.getRolesByUsername(username);
678 // 生成token 655 // 生成token
679 - String token = HuahengJwtUtil.sign(username, syspassword, warehouseCode, roles); 656 + String token = HuahengJwtUtil.sign(sysUser.getId() + "", username,sysUser.getRealname(), syspassword, warehouseCode, roles);
680 // 设置token缓存有效时间 657 // 设置token缓存有效时间
681 redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token); 658 redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
682 redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, TOKEN_EXPIRE_TIME / 1000); 659 redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, TOKEN_EXPIRE_TIME / 1000);
huaheng-wms-core/src/main/java/org/jeecg/utils/HuahengJwtUtil.java
  View file @d8be24e
@@ -91,6 +91,32 @@ public class HuahengJwtUtil { @@ -91,6 +91,32 @@ public class HuahengJwtUtil {
91 return null; 91 return null;
92 } 92 }
93 } 93 }
  94 +
  95 + /**
  96 + * 获得token中的信息无需secret解密也能获得
  97 + * @return token中包含的用户名
  98 + */
  99 + public static String getRealname(String token) {
  100 + try {
  101 + DecodedJWT jwt = JWT.decode(token);
  102 + return jwt.getClaim("realname").asString();
  103 + } catch (JWTDecodeException e) {
  104 + return null;
  105 + }
  106 + }
  107 +
  108 + /**
  109 + * 获得token中的信息无需secret解密也能获得
  110 + * @return token中包含的用户名
  111 + */
  112 + public static String getId(String token) {
  113 + try {
  114 + DecodedJWT jwt = JWT.decode(token);
  115 + return jwt.getClaim("id").asString();
  116 + } catch (JWTDecodeException e) {
  117 + return null;
  118 + }
  119 + }
94 120
95 /** 121 /**
96 * 获得token中的信息无需secret解密也能获得 122 * 获得token中的信息无需secret解密也能获得
@@ -186,11 +212,12 @@ public class HuahengJwtUtil { @@ -186,11 +212,12 @@ public class HuahengJwtUtil {
186 * @param roles 用户的角色 212 * @param roles 用户的角色
187 * @return 加密的token 213 * @return 加密的token
188 */ 214 */
189 - public static String sign(String username, String secret, String warehouseCode, List<String> roles) { 215 + public static String sign(String id, String username, String realName, String secret, String warehouseCode, List<String> roles) {
190 Date date = new Date(System.currentTimeMillis() + TOKEN_EXPIRE_TIME); 216 Date date = new Date(System.currentTimeMillis() + TOKEN_EXPIRE_TIME);
191 Algorithm algorithm = Algorithm.HMAC256(secret); 217 Algorithm algorithm = Algorithm.HMAC256(secret);
192 // 附带username信息 218 // 附带username信息
193 - return JWT.create().withClaim("username", username).withClaim("warehouseCode", warehouseCode).withClaim("roles", roles).withExpiresAt(date).sign(algorithm); 219 + return JWT.create().withClaim("id", id).withClaim("username", username).withClaim("realname", realName).withClaim("warehouseCode", warehouseCode).withClaim("roles", roles)
  220 + .withExpiresAt(date).sign(algorithm);
194 } 221 }
195 222
196 /** 223 /**
@@ -258,7 +285,7 @@ public class HuahengJwtUtil { @@ -258,7 +285,7 @@ public class HuahengJwtUtil {
258 } 285 }
259 return UNKNOWN_USER; 286 return UNKNOWN_USER;
260 } 287 }
261 - 288 +
262 /** 289 /**
263 * 获取当前登录用户 290 * 获取当前登录用户
264 * @author TanYibin 291 * @author TanYibin
@@ -375,6 +402,6 @@ public class HuahengJwtUtil { @@ -375,6 +402,6 @@ public class HuahengJwtUtil {
375 }); 402 });
376 } 403 }
377 } 404 }
378 - return Result.ok("切换成功"); 405 + return Result.OK("切换成功", null);
379 } 406 }
380 } 407 }