master
zwzw1219
parent
2e913d2aca
commit
eb65ad2ea0
|
|
@ -15,6 +15,7 @@ import org.springframework.security.core.AuthenticationException;
|
|||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import com.boot.security.server.dto.LoginUser;
|
||||
import com.boot.security.server.dto.ResponseInfo;
|
||||
|
|
@ -41,8 +42,15 @@ public class SecurityHandlerConfig {
|
|||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
|
||||
Authentication authentication) throws IOException, ServletException {
|
||||
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
|
||||
Token token = null;
|
||||
String _token = tokenService.getTokenByUserId(loginUser.getId());
|
||||
if (!StringUtils.isEmpty(_token)) {
|
||||
token = Token.builder().token(_token).build();
|
||||
tokenService.addExpireTime(loginUser);
|
||||
} else {
|
||||
token = tokenService.saveToken(loginUser);
|
||||
}
|
||||
|
||||
Token token = tokenService.saveToken(loginUser);
|
||||
ResponseUtil.responseJson(response, HttpStatus.OK.value(), token);
|
||||
}
|
||||
};
|
||||
|
|
|
|||
|
|
@ -19,4 +19,8 @@ public interface TokenService {
|
|||
LoginUser getLoginUser(String token);
|
||||
|
||||
boolean deleteToken(String token);
|
||||
|
||||
String getTokenByUserId(Long userId);
|
||||
|
||||
void addExpireTime(LoginUser loginUser);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ public class MailServiceImpl implements MailService {
|
|||
@Override
|
||||
@Transactional
|
||||
public void save(Mail mail, List<String> toUser) {
|
||||
mail.setUserId(UserUtil.getCurrentUser().getId());
|
||||
mail.setUserId(UserUtil.getLoginUser().getId());
|
||||
mailDao.save(mail);
|
||||
|
||||
toUser.forEach(u -> {
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ import com.boot.security.server.dao.SysLogsDao;
|
|||
import com.boot.security.server.model.SysLogs;
|
||||
import com.boot.security.server.model.SysUser;
|
||||
import com.boot.security.server.service.SysLogService;
|
||||
import com.boot.security.server.utils.UserUtil;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
|
|
@ -25,7 +26,7 @@ public class SysLogServiceImpl implements SysLogService {
|
|||
@Async
|
||||
@Override
|
||||
public void save(SysLogs sysLogs) {
|
||||
SysUser user = UserUtil.getCurrentUser();
|
||||
SysUser user = UserUtil.getLoginUser();
|
||||
if (user == null || user.getId() == null) {
|
||||
return;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -6,6 +6,7 @@ import java.util.concurrent.TimeUnit;
|
|||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.data.redis.core.RedisTemplate;
|
||||
import org.springframework.scheduling.annotation.Async;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import com.boot.security.server.dto.LoginUser;
|
||||
|
|
@ -22,12 +23,14 @@ public class TokenServiceImpl implements TokenService {
|
|||
private Integer expireSeconds;
|
||||
@Autowired
|
||||
private RedisTemplate<String, LoginUser> redisTemplate;
|
||||
@Autowired
|
||||
private RedisTemplate<String, String> idTokenRedisTemplate;
|
||||
|
||||
@Override
|
||||
public Token saveToken(LoginUser loginUser) {
|
||||
String token = UUID.randomUUID().toString();
|
||||
loginUser.setToken(token);
|
||||
redisTemplate.boundValueOps(getKey(token)).set(loginUser, expireSeconds, TimeUnit.SECONDS);
|
||||
updateLoginUser(loginUser);
|
||||
|
||||
return Token.builder().token(token).build();
|
||||
}
|
||||
|
|
@ -35,20 +38,23 @@ public class TokenServiceImpl implements TokenService {
|
|||
/**
|
||||
* 更新缓存的用户信息
|
||||
*/
|
||||
@Async
|
||||
@Override
|
||||
public void updateLoginUser(LoginUser loginUser) {
|
||||
redisTemplate.boundValueOps(getKey(loginUser.getToken())).set(loginUser, expireSeconds, TimeUnit.SECONDS);
|
||||
redisTemplate.boundValueOps(getTokenKey(loginUser.getToken())).set(loginUser, expireSeconds, TimeUnit.SECONDS);
|
||||
idTokenRedisTemplate.boundValueOps(getUserIdKey(loginUser.getId())).set(loginUser.getToken(), expireSeconds,
|
||||
TimeUnit.SECONDS);
|
||||
}
|
||||
|
||||
@Override
|
||||
public LoginUser getLoginUser(String token) {
|
||||
return redisTemplate.boundValueOps(getKey(token)).get();
|
||||
return redisTemplate.boundValueOps(getTokenKey(token)).get();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean deleteToken(String token) {
|
||||
if (redisTemplate.hasKey(getKey(token))) {
|
||||
redisTemplate.delete(getKey(token));
|
||||
if (redisTemplate.hasKey(getTokenKey(token))) {
|
||||
redisTemplate.delete(getTokenKey(token));
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
@ -56,8 +62,30 @@ public class TokenServiceImpl implements TokenService {
|
|||
return false;
|
||||
}
|
||||
|
||||
private String getKey(String token) {
|
||||
private String getTokenKey(String token) {
|
||||
return "tokens:" + token;
|
||||
}
|
||||
|
||||
private String getUserIdKey(Long userId) {
|
||||
return "users:id:" + userId;
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据userId获取token
|
||||
*/
|
||||
@Override
|
||||
public String getTokenByUserId(Long userId) {
|
||||
return idTokenRedisTemplate.opsForValue().get(getUserIdKey(userId));
|
||||
}
|
||||
|
||||
/**
|
||||
* 重置token过期时间
|
||||
*/
|
||||
@Async
|
||||
@Override
|
||||
public void addExpireTime(LoginUser loginUser) {
|
||||
redisTemplate.expire(getTokenKey(loginUser.getToken()), expireSeconds, TimeUnit.SECONDS);
|
||||
idTokenRedisTemplate.expire(getUserIdKey(loginUser.getId()), expireSeconds, TimeUnit.SECONDS);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,17 +1,23 @@
|
|||
package com.boot.security.server.service.impl;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
|
||||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.CollectionUtils;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import com.boot.security.server.dao.PermissionDao;
|
||||
import com.boot.security.server.dao.UserDao;
|
||||
import com.boot.security.server.dto.LoginUser;
|
||||
import com.boot.security.server.dto.UserDto;
|
||||
import com.boot.security.server.model.Permission;
|
||||
import com.boot.security.server.model.SysUser;
|
||||
import com.boot.security.server.model.SysUser.Status;
|
||||
import com.boot.security.server.service.TokenService;
|
||||
import com.boot.security.server.service.UserService;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
|
@ -22,14 +28,18 @@ public class UserServiceImpl implements UserService {
|
|||
|
||||
@Autowired
|
||||
private UserDao userDao;
|
||||
@Autowired
|
||||
private BCryptPasswordEncoder passwordEncoder;
|
||||
@Autowired
|
||||
private PermissionDao permissionDao;
|
||||
@Autowired
|
||||
private TokenService tokenService;
|
||||
|
||||
@Override
|
||||
@Transactional
|
||||
public SysUser saveUser(UserDto userDto) {
|
||||
SysUser user = userDto;
|
||||
user.setSalt(DigestUtils
|
||||
.md5Hex(UUID.randomUUID().toString() + System.currentTimeMillis() + UUID.randomUUID().toString()));
|
||||
user.setPassword(passwordEncoder(user.getPassword(), user.getSalt()));
|
||||
user.setPassword(passwordEncoder.encode(user.getPassword()));
|
||||
user.setStatus(Status.VALID);
|
||||
userDao.save(user);
|
||||
saveUserRoles(user.getId(), userDto.getRoleIds());
|
||||
|
|
@ -47,12 +57,6 @@ public class UserServiceImpl implements UserService {
|
|||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public String passwordEncoder(String credentials, String salt) {
|
||||
Object object = new SimpleHash("MD5", credentials, salt, UserConstants.HASH_ITERATIONS);
|
||||
return object.toString();
|
||||
}
|
||||
|
||||
@Override
|
||||
public SysUser getUser(String username) {
|
||||
return userDao.getUser(username);
|
||||
|
|
@ -65,11 +69,11 @@ public class UserServiceImpl implements UserService {
|
|||
throw new IllegalArgumentException("用户不存在");
|
||||
}
|
||||
|
||||
if (!u.getPassword().equals(passwordEncoder(oldPassword, u.getSalt()))) {
|
||||
if (passwordEncoder.matches(oldPassword, u.getPassword())) {
|
||||
throw new IllegalArgumentException("密码错误");
|
||||
}
|
||||
|
||||
userDao.changePassword(u.getId(), passwordEncoder(newPassword, u.getSalt()));
|
||||
userDao.changePassword(u.getId(), passwordEncoder.encode(newPassword));
|
||||
|
||||
log.debug("修改{}的密码", username);
|
||||
}
|
||||
|
|
@ -79,16 +83,23 @@ public class UserServiceImpl implements UserService {
|
|||
public SysUser updateUser(UserDto userDto) {
|
||||
userDao.update(userDto);
|
||||
saveUserRoles(userDto.getId(), userDto.getRoleIds());
|
||||
updateUserSession(userDto.getId());
|
||||
updateUserCache(userDto.getId());
|
||||
|
||||
return userDto;
|
||||
}
|
||||
|
||||
private void updateUserSession(Long id) {
|
||||
SysUser current = UserUtil.getCurrentUser();
|
||||
if (current.getId().equals(id)) {
|
||||
SysUser user = userDao.getById(id);
|
||||
UserUtil.setUserSession(user);
|
||||
private void updateUserCache(Long id) {
|
||||
SysUser sysUser = userDao.getById(id);
|
||||
String token = tokenService.getTokenByUserId(id);
|
||||
if (!StringUtils.isEmpty(token)) {
|
||||
LoginUser loginUser = new LoginUser();
|
||||
loginUser.setToken(token);
|
||||
BeanUtils.copyProperties(sysUser, loginUser);
|
||||
|
||||
List<Permission> permissions = permissionDao.listByUserId(sysUser.getId());
|
||||
loginUser.setPermissions(permissions);
|
||||
|
||||
tokenService.updateLoginUser(loginUser);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ import com.zw.admin.server.model.User;
|
|||
|
||||
public class UserUtil {
|
||||
|
||||
public static SysUser getLoginUser() {
|
||||
public static LoginUser getLoginUser() {
|
||||
LoginUser loginUser = (LoginUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
|
||||
|
||||
return loginUser;
|
||||
|
|
|
|||
Loading…
Reference in New Issue