From 495253345194da937f134cfb2adb9eaf00c413d5 Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期日, 08 十月 2023 14:26:10 +0800
Subject: [PATCH] 修改令牌的IP检查功能
---
src/main/java/com/moon/server/controller/sys/TokenController.java | 11 ++++-
src/main/java/com/moon/server/interceptor/AuthInterceptor.java | 9 ++--
src/main/java/com/moon/server/service/sys/ProxyService.java | 12 +++++
src/main/java/com/moon/server/service/sys/TokenService.java | 35 +++++++++--------
4 files changed, 43 insertions(+), 24 deletions(-)
diff --git a/src/main/java/com/moon/server/controller/sys/TokenController.java b/src/main/java/com/moon/server/controller/sys/TokenController.java
index 4f6f540..dfe7a27 100644
--- a/src/main/java/com/moon/server/controller/sys/TokenController.java
+++ b/src/main/java/com/moon/server/controller/sys/TokenController.java
@@ -79,7 +79,7 @@
}
@SysLog()
- @ApiOperation(value = "鎻掑叆涓�鏉℃柊浠ょ墝")
+ @ApiOperation(value = "鍒涘缓鏂颁护鐗�")
@ApiImplicitParams({
@ApiImplicitParam(name = "type", value = "浠ょ墝绫诲埆锛�0-涓存椂锛�1-鍥哄畾", dataType = "Integer", paramType = "query", example = "1"),
@ApiImplicitParam(name = "min", value = "鍒嗛挓鏁帮細榛樿1涓湀", dataType = "Integer", paramType = "query", example = "43200")
@@ -94,7 +94,14 @@
min = SettingData.TOKEN_EXPIRE;
}
- return success(null);
+ UserEntity ue = tokenService.getCurrentUser(req);
+ TokenEntity te = tokenService.getNewToken(type, min, ue, req);
+ int rows = tokenService.insertToken(te);
+ if (0 == rows) {
+ return fail("鍒涘缓浠ょ墝澶辫触", null);
+ }
+
+ return success(te);
} catch (Exception ex) {
return fail(ex, null);
}
diff --git a/src/main/java/com/moon/server/interceptor/AuthInterceptor.java b/src/main/java/com/moon/server/interceptor/AuthInterceptor.java
index f249801..5a704f1 100644
--- a/src/main/java/com/moon/server/interceptor/AuthInterceptor.java
+++ b/src/main/java/com/moon/server/interceptor/AuthInterceptor.java
@@ -66,7 +66,7 @@
}
// 3.鑾峰彇鐢ㄦ埛
- UserEntity ue = sysService.tokenService.getCurrentUser(request);
+ UserEntity ue = sysService.tokenService.getUserByToken(token);
if (ue == null) {
return WebHelper.writeStr2Page(response, NO_LOGIN);
}
@@ -87,9 +87,8 @@
return true;
}
- // 7.妫�鏌ョ櫧鍚嶅崟
+ // 7.妫�鏌ョ櫧鍚嶅崟鍜孖P涓�鑷存��
if (!checkWhiteList(ip, request)) {
- // 妫�鏌P涓�鑷存��
if (!checkIpSource(ip, token)) {
return WebHelper.writeStr2Page(response, ILLEGAL_TOKEN);
}
@@ -174,11 +173,11 @@
}
/**
- * 妫�鏌P涓�鑷存��
+ * 妫�鏌P涓�鑷存�э細鍥哄畾浠ょ墝涓嶆鏌�
*/
private boolean checkIpSource(String ip, String token) {
TokenEntity te = sysService.tokenService.getEntityByToken(token);
- return te.getIp().equals(ip);
+ return StaticData.I1 == te.getType() || te.getIp().equals(ip);
}
}
diff --git a/src/main/java/com/moon/server/service/sys/ProxyService.java b/src/main/java/com/moon/server/service/sys/ProxyService.java
index 2d097d8..a64b1fa 100644
--- a/src/main/java/com/moon/server/service/sys/ProxyService.java
+++ b/src/main/java/com/moon/server/service/sys/ProxyService.java
@@ -4,6 +4,7 @@
import com.moon.server.entity.all.*;
import com.moon.server.entity.sys.ResEntity;
import com.moon.server.entity.sys.ResLogEntity;
+import com.moon.server.entity.sys.TokenEntity;
import com.moon.server.entity.sys.UserEntity;
import com.moon.server.helper.AsyncHelper;
import com.moon.server.helper.HttpHelper;
@@ -108,7 +109,7 @@
}
// 7.妫�鏌ョ櫧鍚嶅崟鍜孖P涓�鑷存��
if (!checkWhiteList(ip, req)) {
- if (!ip.equals(sysService.tokenService.getEntityByToken(token).getIp())) {
+ if (!checkIpSource(ip, token)) {
return WebHelper.writeStr2Page(res, AuthInterceptor.ILLEGAL_TOKEN);
}
}
@@ -145,6 +146,15 @@
}
/**
+ * 妫�鏌P涓�鑷存�э細鍥哄畾浠ょ墝涓嶆鏌�
+ */
+ private boolean checkIpSource(String ip, String token) {
+ TokenEntity te = sysService.tokenService.getEntityByToken(token);
+
+ return StaticData.I1 == te.getType() || te.getIp().equals(ip);
+ }
+
+ /**
* 妫�鏌ヨ祫婧愭潈闄�
*/
private ResEntity getResEntity(UserEntity ue, int resId) {
diff --git a/src/main/java/com/moon/server/service/sys/TokenService.java b/src/main/java/com/moon/server/service/sys/TokenService.java
index 30d3715..40b0698 100644
--- a/src/main/java/com/moon/server/service/sys/TokenService.java
+++ b/src/main/java/com/moon/server/service/sys/TokenService.java
@@ -23,7 +23,6 @@
* @author sws
* @date 2022-09-28
*/
-
@Service
public class TokenService implements TokenMapper {
@Autowired
@@ -121,6 +120,7 @@
@Override
public Integer updateTokenExpire(TokenEntity tokenEntity) {
clearCache(tokenEntity.getToken());
+
return tokenMapper.updateTokenExpire(tokenEntity);
}
@@ -128,11 +128,18 @@
* 鑾峰彇鏂扮殑浠ょ墝瀹炰綋绫�
*/
public TokenEntity getNewToken(UserEntity ue, HttpServletRequest req) {
+ return getNewToken(0, SettingData.TOKEN_EXPIRE, ue, req);
+ }
+
+ /**
+ * 鑾峰彇鏂扮殑浠ょ墝瀹炰綋绫�
+ */
+ public TokenEntity getNewToken(Integer type, Integer min, UserEntity ue, HttpServletRequest req) {
TokenEntity te = new TokenEntity();
te.setToken(WebHelper.getGuid());
- te.setDuration(SettingData.TOKEN_EXPIRE);
- te.setExpire(WebHelper.getTimestamp(SettingData.TOKEN_EXPIRE));
- te.setType(0);
+ te.setDuration(min);
+ te.setExpire(WebHelper.getTimestamp(min));
+ te.setType(type);
te.setIp(WebHelper.getIpAddress(req));
te.setCreateUser(ue.getId());
te.setUname(ue.getUname());
@@ -157,7 +164,7 @@
// db
TokenEntity te = selectOneByToken(token);
- if (te != null) {
+ if (null != te) {
redisService.put(tokenKey, te, te.getDuration(), TimeUnit.MINUTES);
return true;
}
@@ -186,7 +193,7 @@
// db锛岃缃护鐗岃繃鏈�
te.setUpdateUser(ue.getId());
Integer rows = updateTokenExpire(te);
- if (rows == 0) {
+ if (0 == rows) {
return false;
}
@@ -225,7 +232,7 @@
// db
TokenEntity te = selectOneByToken(token);
- if (te != null) {
+ if (null != te) {
redisService.put(tokenKey, te, te.getDuration(), TimeUnit.MINUTES);
}
@@ -265,9 +272,8 @@
return null;
}
- String userKey = RedisCacheKey.signUserKey(token);
-
// redis
+ String userKey = RedisCacheKey.signUserKey(token);
Object obj = redisService.get(userKey);
if (obj instanceof UserEntity) {
return (UserEntity) obj;
@@ -275,12 +281,9 @@
// db
UserEntity ue = usersService.selectByToken(token);
- if (ue != null) {
- TokenEntity te = getEntityByToken(token);
- if (te != null) {
- redisService.put(userKey, ue, te.getDuration(), TimeUnit.MINUTES);
- }
- }
+// if (null != ue) {
+// getEntityByToken(token);
+// }
return ue;
}
@@ -315,6 +318,6 @@
String key = RedisCacheKey.signPwdError(ue.getUid());
Object objCount = redisService.get(key);
- return objCount != null && (int) objCount >= SettingData.PWD_ERR_COUNT;
+ return null != objCount && (int) objCount >= SettingData.PWD_ERR_COUNT;
}
}
--
Gitblit v1.9.3