From 5ec97d6f972a9af97ce34d7b3c36e696ef73835c Mon Sep 17 00:00:00 2001 From: chenhaojie Date: Fri, 21 Jun 2024 08:31:44 +0800 Subject: [PATCH] =?UTF-8?q?das=E9=A1=B9=E7=9B=AE=E7=BB=93=E6=9E=84?= =?UTF-8?q?=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/das/common/config/AesProperties.java | 23 ++++ .../das/common/config/SaTokenProperties.java | 38 ++++++ .../java/com/das/common/config/WebConfig.java | 25 ---- .../DecryptingOncePerRequestFilter.java | 103 +++++++++++++++++ .../das/common/interceptor/FilterConfig.java | 25 ++++ .../common/interceptor/TokenInterceptor.java | 54 --------- .../controller/CaptchaImageController.java | 4 +- .../auth/controller/LoginController.java | 20 ++-- .../modules/auth/domain/LoginUserDetails.java | 5 +- .../das/modules/auth/domain/vo/LoginVO.java | 10 ++ .../modules/auth/service/ILoginService.java | 3 +- .../auth/service/impl/LoginServiceImpl.java | 108 +++++++++--------- das/src/main/resources/application-dev.yml | 13 --- das/src/main/resources/application-prd.yml | 13 --- das/src/main/resources/application.yml | 25 +++- 15 files changed, 293 insertions(+), 176 deletions(-) create mode 100644 das/src/main/java/com/das/common/config/AesProperties.java create mode 100644 das/src/main/java/com/das/common/config/SaTokenProperties.java delete mode 100644 das/src/main/java/com/das/common/config/WebConfig.java create mode 100644 das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java create mode 100644 das/src/main/java/com/das/common/interceptor/FilterConfig.java delete mode 100644 das/src/main/java/com/das/common/interceptor/TokenInterceptor.java delete mode 100644 das/src/main/resources/application-dev.yml delete mode 100644 das/src/main/resources/application-prd.yml diff --git a/das/src/main/java/com/das/common/config/AesProperties.java b/das/src/main/java/com/das/common/config/AesProperties.java new file mode 100644 index 00000000..5fd42375 --- /dev/null +++ b/das/src/main/java/com/das/common/config/AesProperties.java @@ -0,0 +1,23 @@ +package com.das.common.config; + +import lombok.Data; +import lombok.Getter; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Component; + +/** + * @author zb + * @Description + */ +@Component +@Getter +@Setter +@ConfigurationProperties(prefix = "aes") +public class AesProperties { + + /** + * token 请求头 + */ + private String aeskey; +} diff --git a/das/src/main/java/com/das/common/config/SaTokenProperties.java b/das/src/main/java/com/das/common/config/SaTokenProperties.java new file mode 100644 index 00000000..d687ef60 --- /dev/null +++ b/das/src/main/java/com/das/common/config/SaTokenProperties.java @@ -0,0 +1,38 @@ +package com.das.common.config; + +import lombok.Getter; +import lombok.Setter; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.stereotype.Component; + +/** + * @author zb + * @Description + */ + +@Component +@Getter +@Setter +@ConfigurationProperties(prefix = "sa-token") +public class SaTokenProperties { + + /** + * token 请求头 + */ + private String tokenHeader; + + /** + * token前缀 + */ + private String tokenPrefix; + + /** + * token过期时间,单位 秒,默认 2个小时 + */ + private Integer expireTime; + + /** + * 刷新token过期时间,单位 秒,默认 7 天 + */ + private Integer refreshExpireTime; +} diff --git a/das/src/main/java/com/das/common/config/WebConfig.java b/das/src/main/java/com/das/common/config/WebConfig.java deleted file mode 100644 index 9957a6f0..00000000 --- a/das/src/main/java/com/das/common/config/WebConfig.java +++ /dev/null @@ -1,25 +0,0 @@ -package com.das.common.config; - -import com.das.common.interceptor.TokenInterceptor; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; - -@Configuration -public class WebConfig implements WebMvcConfigurer { - - @Bean - public TokenInterceptor getTokenInterceptor() { - return new TokenInterceptor(); - } - @Override - public void addInterceptors(InterceptorRegistry registry) { - // 将Token拦截器添加到注册表中 - registry.addInterceptor(getTokenInterceptor()) - // 可以指定拦截哪些路径,例如"/api/**"表示所有以/api开头的路径 -// .addPathPatterns("/api/**"); - // 排除不需要拦截的路径 - .excludePathPatterns("/api/**"); - } -} diff --git a/das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java b/das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java new file mode 100644 index 00000000..4c055985 --- /dev/null +++ b/das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java @@ -0,0 +1,103 @@ +package com.das.common.interceptor; + + +import cn.hutool.core.codec.Base64; +import cn.hutool.crypto.Mode; +import cn.hutool.crypto.Padding; +import cn.hutool.crypto.symmetric.AES; +import com.das.common.config.AesProperties; +import com.das.common.utils.AESUtil; +import io.micrometer.common.util.StringUtils; +import jakarta.annotation.Resource; +import jakarta.servlet.http.HttpServletRequestWrapper; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.filter.OncePerRequestFilter; + +import jakarta.servlet.*; +import jakarta.servlet.http.HttpServletRequest; + +import java.io.*; +import java.nio.charset.Charset; + +public class DecryptingOncePerRequestFilter extends OncePerRequestFilter { + +// @Autowired +// AESUtil aesUtils; +// +// @Autowired +// AesProperties aesProperties; + + @Override + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) + throws ServletException, IOException { + // 读取加密的请求体数据 + String iv = request.getHeader("v"); + String encryptedData = readRequestBody(request); + if (StringUtils.isNotBlank(encryptedData)) { + String key = "b6967ee87b86d85a"; + AES aes = new AES(Mode.CBC, Padding.ZeroPadding, key.getBytes(), iv.getBytes()); + encryptedData = aes.decryptStr(Base64.decode(encryptedData), Charset.forName("UTF-8")); + + // 使用自定义的请求包装器替换原始请求 + filterChain.doFilter(new DecryptingHttpServletRequestWrapper(request, encryptedData), response); + } + + } + + private String readRequestBody(HttpServletRequest request) throws IOException { + StringBuilder stringBuilder = new StringBuilder(); + try (BufferedReader reader = request.getReader()) { + String line; + while ((line = reader.readLine()) != null) { + stringBuilder.append(line); + } + } + return stringBuilder.toString(); + } + + + // 自定义的请求包装器 + static class DecryptingHttpServletRequestWrapper extends HttpServletRequestWrapper { + private final String decryptedData; + + public DecryptingHttpServletRequestWrapper(HttpServletRequest request, String decryptedData) { + super(request); + this.decryptedData = decryptedData; + } + + @Override + public ServletInputStream getInputStream() throws IOException { + final ByteArrayInputStream bais = new ByteArrayInputStream(decryptedData.getBytes("UTF-8")); + return new ServletInputStream() { + @Override + public boolean isFinished() { + return false; + } + + @Override + public boolean isReady() { + return false; + } + + @Override + public void setReadListener(ReadListener listener) { + + } + + @Override + public int read() throws IOException { + return bais.read(); + } + }; + } + + @Override + public BufferedReader getReader() throws IOException { + return new BufferedReader(new InputStreamReader(getInputStream())); + } + } + +} + + diff --git a/das/src/main/java/com/das/common/interceptor/FilterConfig.java b/das/src/main/java/com/das/common/interceptor/FilterConfig.java new file mode 100644 index 00000000..3b7912a7 --- /dev/null +++ b/das/src/main/java/com/das/common/interceptor/FilterConfig.java @@ -0,0 +1,25 @@ +package com.das.common.interceptor; + + +import com.das.common.config.AesProperties; +import org.springframework.boot.context.properties.EnableConfigurationProperties; +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; + +/** + * @author + */ +@Configuration +public class FilterConfig { + + @Bean + public FilterRegistrationBean decryptingFilterRegistration() { + FilterRegistrationBean registrationBean = new FilterRegistrationBean(); + //注册过滤器 + registrationBean.setFilter(new DecryptingOncePerRequestFilter()); + registrationBean.addUrlPatterns("/*"); // 设置过滤器应用的URL模式 + registrationBean.setOrder(1); // 设置过滤器的顺序 + return registrationBean; + } +} diff --git a/das/src/main/java/com/das/common/interceptor/TokenInterceptor.java b/das/src/main/java/com/das/common/interceptor/TokenInterceptor.java deleted file mode 100644 index 82f34c8a..00000000 --- a/das/src/main/java/com/das/common/interceptor/TokenInterceptor.java +++ /dev/null @@ -1,54 +0,0 @@ -package com.das.common.interceptor; - -import com.das.common.utils.AESUtil; -import jakarta.annotation.Resource; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.web.servlet.HandlerInterceptor; -public class TokenInterceptor implements HandlerInterceptor { - - @Resource - private AESUtil aesUtil; - - private static String key; - @Value("${aesKey}") - public void setKey(String key){ - TokenInterceptor.key = key; - } - - - - // 示例Token验证方法,需要根据实际情况实现 - private boolean validateToken(String token) { - // 实现Token验证逻辑 - // ... - return true; // 假设Token总是有效的,实际应进行真实验证 - } - - - @Override - public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { - String param = request.getParameter("param"); - // 从请求头中获取Token -// String token = request.getHeader("token"); - // 从请求头中获取向量IV - String iv = request.getHeader("v"); - // 先解密token -// AESUtil.decrypt(token, iv); - // 解密参数 - aesUtil.decrypt(key, param, iv); - System.out.println(aesUtil.decrypt(key ,param, iv)); - request.setAttribute("param", aesUtil.decrypt(key,param, iv)); - return true; -// if (token != null && validateToken(token)) { -// // Token有效,继续处理请求 -// return true; -// } else { -// // Token无效,可以设置响应状态并返回错误信息 -// response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); -// response.getWriter().write("Unauthorized"); -// return false; // 阻止请求继续 -// } - } -} diff --git a/das/src/main/java/com/das/modules/auth/controller/CaptchaImageController.java b/das/src/main/java/com/das/modules/auth/controller/CaptchaImageController.java index 98eb4950..13eb6db1 100644 --- a/das/src/main/java/com/das/modules/auth/controller/CaptchaImageController.java +++ b/das/src/main/java/com/das/modules/auth/controller/CaptchaImageController.java @@ -20,7 +20,7 @@ import org.springframework.web.bind.annotation.RestController; * @Description 获取验证码 */ @Slf4j -@RequestMapping("/api") +@RequestMapping("/api/captcha") @RestController public class CaptchaImageController { @Resource @@ -28,7 +28,7 @@ public class CaptchaImageController { @Resource private CaptchaProperties captchaProperties; - @Value("${aesKey}") + @Value("${aes.Key}") String key; @Resource private AdminRedisTemplate adminRedisTemplate; diff --git a/das/src/main/java/com/das/modules/auth/controller/LoginController.java b/das/src/main/java/com/das/modules/auth/controller/LoginController.java index a908995b..0f47b49b 100644 --- a/das/src/main/java/com/das/modules/auth/controller/LoginController.java +++ b/das/src/main/java/com/das/modules/auth/controller/LoginController.java @@ -2,20 +2,18 @@ package com.das.modules.auth.controller; import com.das.common.result.R; import com.das.modules.auth.domain.LoginUserDetails; +import com.das.modules.auth.domain.request.LoginRequest; import com.das.modules.auth.domain.vo.LoginVO; import com.das.modules.auth.service.ILoginService; import com.fasterxml.jackson.core.JsonProcessingException; +import io.micrometer.common.util.StringUtils; import jakarta.annotation.Resource; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import jakarta.validation.constraints.NotEmpty; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Value; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - +import org.springframework.web.bind.annotation.*; /** @@ -28,7 +26,7 @@ import org.springframework.web.bind.annotation.RestController; public class LoginController { @Resource private ILoginService loginService; - @Value("${aesKey}") + @Value("${aes.Key}") String key; @@ -37,9 +35,13 @@ public class LoginController { * @return 退出结果提示信息 */ @PostMapping("/login") - public R login(@RequestParam String param, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException { - LoginUserDetails loginInfo = loginService.login(param,request, response); + public R login(@RequestBody LoginRequest loginRequest, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException { + LoginUserDetails loginInfo = loginService.login(loginRequest,request, response); + if (StringUtils.isNotEmpty(loginInfo.getMsg())){ + return R.fail(loginInfo.getMsg()); + } return R.success(loginInfo); + } /** @@ -58,7 +60,7 @@ public class LoginController { @PostMapping("/refreshToken") public R refreshToken(@NotEmpty(message = "刷新token不允许为空") @RequestParam("refreshToken")String refreshToken){ LoginVO loginVO = loginService.refreshToken(refreshToken); - return R.data(loginVO); + return R.success(loginVO); } diff --git a/das/src/main/java/com/das/modules/auth/domain/LoginUserDetails.java b/das/src/main/java/com/das/modules/auth/domain/LoginUserDetails.java index dc4b9cd0..8c80440d 100644 --- a/das/src/main/java/com/das/modules/auth/domain/LoginUserDetails.java +++ b/das/src/main/java/com/das/modules/auth/domain/LoginUserDetails.java @@ -6,7 +6,7 @@ import lombok.Data; import java.io.Serializable; /** - * @author zb + * @author chenhaojie * @Description */ @Data @@ -16,6 +16,9 @@ public class LoginUserDetails implements Serializable { private SysUserVo sysUser; + private String msg; + + private String refreshToken; private String token; diff --git a/das/src/main/java/com/das/modules/auth/domain/vo/LoginVO.java b/das/src/main/java/com/das/modules/auth/domain/vo/LoginVO.java index 60e6ad4e..e514d643 100644 --- a/das/src/main/java/com/das/modules/auth/domain/vo/LoginVO.java +++ b/das/src/main/java/com/das/modules/auth/domain/vo/LoginVO.java @@ -23,6 +23,9 @@ public class LoginVO implements Serializable { */ private String refreshToken; + private String msg; + + /** *过期时间 秒 */ @@ -30,6 +33,13 @@ public class LoginVO implements Serializable { public LoginVO(){} + public LoginVO(String accessToken, String refreshToken , Integer expire, String msg){ + this.refreshToken = refreshToken; + this.accessToken = accessToken; + this.expire = expire; + this.msg = msg; + } + public LoginVO(String accessToken, String refreshToken , Integer expire){ this.refreshToken = refreshToken; this.accessToken = accessToken; diff --git a/das/src/main/java/com/das/modules/auth/service/ILoginService.java b/das/src/main/java/com/das/modules/auth/service/ILoginService.java index 7b05c795..16c3ce10 100644 --- a/das/src/main/java/com/das/modules/auth/service/ILoginService.java +++ b/das/src/main/java/com/das/modules/auth/service/ILoginService.java @@ -2,6 +2,7 @@ package com.das.modules.auth.service; import com.das.modules.auth.domain.LoginUserDetails; +import com.das.modules.auth.domain.request.LoginRequest; import com.das.modules.auth.domain.vo.LoginVO; import com.fasterxml.jackson.core.JsonProcessingException; import jakarta.servlet.http.HttpServletRequest; @@ -20,7 +21,7 @@ public interface ILoginService { * @param data 登录请求 * @return 登录成功 */ - LoginUserDetails login(String data, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException; + LoginUserDetails login(LoginRequest loginRequest, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException; /** * 退出登录 diff --git a/das/src/main/java/com/das/modules/auth/service/impl/LoginServiceImpl.java b/das/src/main/java/com/das/modules/auth/service/impl/LoginServiceImpl.java index e2fca51c..2daae9ff 100644 --- a/das/src/main/java/com/das/modules/auth/service/impl/LoginServiceImpl.java +++ b/das/src/main/java/com/das/modules/auth/service/impl/LoginServiceImpl.java @@ -1,9 +1,12 @@ package com.das.modules.auth.service.impl; +import cn.dev33.satoken.secure.BCrypt; import cn.dev33.satoken.stp.StpUtil; +import cn.hutool.core.util.IdUtil; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.das.common.captcha.CaptchaUtil; +import com.das.common.config.SaTokenProperties; import com.das.common.exceptions.ServiceException; import com.das.common.utils.AESUtil; import com.das.common.utils.AdminRedisTemplate; @@ -23,6 +26,8 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; +import java.time.Duration; + /** * @author chenhaojie * @Description @@ -30,6 +35,8 @@ import org.springframework.stereotype.Service; @Service public class LoginServiceImpl implements ILoginService { + @Resource + private SaTokenProperties saTokenProperties; @Resource private SysUserMapper sysUserMapper; @@ -39,54 +46,43 @@ public class LoginServiceImpl implements ILoginService { @Resource private AESUtil aesUtil; - @Value("${aesKey}") + @Value("${aes.Key}") private String key; -// @Override -// public String login(LoginRequest loginRequest) { -// String captcha = loginRequest.getUsername(); -// String account = loginRequest.getUsername(); -// String password = loginRequest.getPassword(); -// String uuid = loginRequest.getPassword(); -// -// // 验证码验证逻辑(这里省略,需根据实际情况实现) -// if (CaptchaUtil.checkVerificationCode(uuid, captcha, adminRedisTemplate)) { -// return "验证码错误"; -// } -// // 用户名密码验证 -//// if (isValidUser(account, password)) { -// // 登录成功,使用Sa-Token生成Token -// StpUtil.login(account); -// // 返回Token给客户端 -// return StpUtil.getTokenValue(); -//// } else { -//// return "用户名或密码错误"; -// -// } @Override - public LoginUserDetails login(String param, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException { - String iv = request.getHeader("v"); - System.out.println("iv:" + iv); - param = aesUtil.decrypt(key, param, iv); - ObjectMapper objectMapper = new ObjectMapper(); - LoginRequest loginRequest = objectMapper.readValue(param, LoginRequest.class); + public LoginUserDetails login(LoginRequest loginRequest, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException { +// String iv = request.getHeader("v"); +// System.out.println("iv:" + iv); +// param = aesUtil.decrypt(key, param, iv); +// ObjectMapper objectMapper = new ObjectMapper(); +// LoginRequest loginRequest = objectMapper.readValue(param, LoginRequest.class); String name = loginRequest.getUsername(); String password = loginRequest.getPassword(); String code = loginRequest.getCode(); String uuid = loginRequest.getUuid(); - + LoginUserDetails loginInfo = new LoginUserDetails(); LambdaQueryWrapper wrapper = Wrappers.lambdaQuery(); - wrapper.eq(SysUser::getAccount, loginRequest.getUsername()); + wrapper.eq(SysUser::getAccount, name); SysUser sysUser = sysUserMapper.selectOne(wrapper); if (sysUser == null) { - throw new ServiceException("无账号信息"); + loginInfo.setMsg("无账号信息"); + return loginInfo; } if (!CaptchaUtil.checkVerificationCode(uuid, code, adminRedisTemplate)) { - throw new ServiceException("验证码不正确"); + loginInfo.setMsg("验证码不正确"); + return loginInfo; } - StpUtil.login(sysUser.getId()); // 执行登录,这里username为用户唯一标识 + if (!BCrypt.checkpw(password, sysUser.getPassword())) { + loginInfo.setMsg("账号密码错误"); + return loginInfo; + } + StpUtil.login(sysUser.getAccount());// 执行登录,这里username为用户唯一标识 + String refreshTokenUuid = IdUtil.fastSimpleUUID(); + String token = StpUtil.getTokenValue(); + String refreshToken = "refresh:" + refreshTokenUuid; + SysUserVo sysUserVo = new SysUserVo(); sysUserVo.setId(sysUser.getId()); sysUserVo.setAccount(sysUser.getAccount()); @@ -94,9 +90,12 @@ public class LoginServiceImpl implements ILoginService { sysUserVo.setPhone(sysUser.getPhone()); sysUserVo.setEmail(sysUser.getEmail()); sysUserVo.setOrgId(sysUser.getOrgId()); - LoginUserDetails loginInfo = new LoginUserDetails(); + loginInfo.setSysUser(sysUserVo); // 存储用户信息到会话 loginInfo.setToken(StpUtil.getTokenValue()); + loginInfo.setRefreshToken(refreshTokenUuid); + adminRedisTemplate.setEx(token, loginInfo, Duration.ofSeconds(saTokenProperties.getExpireTime())); + adminRedisTemplate.setEx(refreshToken, loginInfo, Duration.ofSeconds(saTokenProperties.getRefreshExpireTime())); return loginInfo; } @@ -113,24 +112,29 @@ public class LoginServiceImpl implements ILoginService { @Override public LoginVO refreshToken(String refreshToken) { -// Claims claim = tokenService.getClaim(refreshToken); -// String uuid = (String) claim.get("uuid"); -// String username = (String) claim.get("username"); -// String refresh = (String) claim.get("refresh"); -// if (StrUtil.isEmpty(refresh)) { -// throw new BusinessException("非法token"); -// } -// LoginUserDetails loginUserDetails = adminRedisTemplate.get(username + ":refresh:" + uuid); -// if (loginUserDetails == null) { -// throw new BusinessException("token过期,请重新登录"); -// } -// String token = tokenService.createToken(loginUserDetails); -// String newRefreshToken = tokenService.createRefreshToken(loginUserDetails); -// String tokenPrefix = jwtProperties.getTokenPrefix(); -// // 删除原有刷新token -// adminRedisTemplate.del(username + ":refresh:" + uuid); -// return new LoginVO(tokenPrefix + " " + token, newRefreshToken, jwtProperties.getExpireTime()); - return new LoginVO(); + LoginUserDetails loginUserDetails = adminRedisTemplate.get(refreshToken); + LoginVO loginInfo = new LoginVO(); + if (loginUserDetails == null) { + loginInfo.setMsg("token过期,请重新登录"); + return loginInfo; + } + StpUtil.login(loginUserDetails.getSysUser().getAccount());// 执行登录,这里username为用户唯一标识 + String newToken = StpUtil.getTokenValue(); + String newRefreshTokenUuid = IdUtil.fastSimpleUUID(); + String newRefreshToken = "refresh:" + newRefreshTokenUuid; + loginInfo.setAccessToken(newToken); + + loginUserDetails.setToken(newToken); + loginUserDetails.setRefreshToken(newRefreshTokenUuid); + String oldRefreshToken = loginUserDetails.getRefreshToken(); + + adminRedisTemplate.setEx(newToken, loginUserDetails, Duration.ofSeconds(saTokenProperties.getExpireTime())); + adminRedisTemplate.setEx(refreshToken, loginUserDetails, Duration.ofSeconds(saTokenProperties.getRefreshExpireTime())); + // 删除原有刷新token + adminRedisTemplate.del("refresh:" + oldRefreshToken); + + return new LoginVO(newToken, newRefreshToken, saTokenProperties.getRefreshExpireTime()); + } } diff --git a/das/src/main/resources/application-dev.yml b/das/src/main/resources/application-dev.yml deleted file mode 100644 index 754095a9..00000000 --- a/das/src/main/resources/application-dev.yml +++ /dev/null @@ -1,13 +0,0 @@ -spring: - datasource: - url: jdbc:postgresql://192.168.109.102:5432/das - username: das - password: qwaszx12 -# # redis相关配置 - data: - redis: - host: 127.0.0.1 - database: 0 - port: 6379 - password: - client-type: lettuce diff --git a/das/src/main/resources/application-prd.yml b/das/src/main/resources/application-prd.yml deleted file mode 100644 index b9320756..00000000 --- a/das/src/main/resources/application-prd.yml +++ /dev/null @@ -1,13 +0,0 @@ -spring: - datasource: - url: jdbc:postgresql://192.168.109.102:5432/das - username: das - password: qwaszx12 - # # redis相关配置 - data: - redis: - host: 127.0.0.1 - database: 0 - port: 6379 - password: - client-type: lettuce \ No newline at end of file diff --git a/das/src/main/resources/application.yml b/das/src/main/resources/application.yml index 59715711..160fef6a 100644 --- a/das/src/main/resources/application.yml +++ b/das/src/main/resources/application.yml @@ -19,17 +19,17 @@ sa-token: # 是否开启Sa-Token全局拦截器,默认为true enabled: true # token名称 - token-name: token + tokenHeader: token # token前缀 - token-prefix: Bearer + tokenPrefix: Bearer # token有效期,单位秒 - timeout: 7200 + expireTime: 7200 + refreshExpireTime: 604800 # 是否允许同一账号多终端登录,默认为true is-concurrent: true + spring: - profiles: - active: dev application: name: das #json格式化全局配置,相当于@JsonFormat @@ -45,6 +45,18 @@ spring: max-file-size: 1024MB # 多个文件总大小 max-request-size: 2048MB + datasource: + url: jdbc:postgresql://192.168.109.102:5432/das + username: das + password: qwaszx12 + # # redis相关配置 + data: + redis: + host: 127.0.0.1 + database: 0 + port: 6379 + password: + client-type: lettuce # 配置 xml 文件所在位置 配置全局的 主键策略,默认为 ASSIGN_ID 默认为 【雪花算法】 , atuo 自增 @@ -79,4 +91,5 @@ captcha: verify-type: calculate expire: 120 -aesKey: b6967ee87b86d85a \ No newline at end of file +aes: + Key: b6967ee87b86d85a \ No newline at end of file