修复token过滤器中

3 years ago · 220bf3d7c4
6 changed files with 41 additions and 9 deletions
--- a/app-service/src/main/java/com/depsystem/app/loginServer/LoginServerImpl.java
+++ b/app-service/src/main/java/com/depsystem/app/loginServer/LoginServerImpl.java
@ -24,6 +24,10 @@ public class LoginServerImpl implements LoginServer {
				@@ -24,6 +24,10 @@ public class LoginServerImpl implements LoginServer {
     */
    @Override
    public Login login(String name, String password) {
+
+
+
+
        LoginDAO userByNameAndPassword = userMapper.findUserByNameAndPassword(name, password);
        Login vo =new Login();
        if (JSONUtil.isNull(userByNameAndPassword)){
--- a/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/entity/MyUserDetails.java
+++ b/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/entity/MyUserDetails.java
@ -21,8 +21,7 @@ import org.springframework.util.ObjectUtils;
				@@ -21,8 +21,7 @@ import org.springframework.util.ObjectUtils;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
+

@Data
@NoArgsConstructor
--- a/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/handler/AuthenticationsSuccessHandler.java
+++ b/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/handler/AuthenticationsSuccessHandler.java
@ -9,6 +9,7 @@ package com.depsystem.app.systemServer.securityServer.handler;
				@@ -9,6 +9,7 @@ package com.depsystem.app.systemServer.securityServer.handler;

 import com.depsystem.app.systemServer.securityServer.entity.MyUserDetails;
 import com.depsystem.app.systemServer.util.JwtUtil;
+import com.depsystem.app.systemServer.util.RedisUtil;
 import com.depsystem.app.systemServer.util.ResponseResult;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import jakarta.servlet.ServletException;
@ -44,16 +45,21 @@ public class AuthenticationsSuccessHandler implements AuthenticationSuccessHandl
				@@ -44,16 +45,21 @@ public class AuthenticationsSuccessHandler implements AuthenticationSuccessHandl
        *   data: 存放ResponseResult状态工具类对象。
        *   token: 存放生成好的token
        *  } */
+
        MyUserDetails principal = (MyUserDetails) authentication.getPrincipal();
        System.out.println(principal);
        Map<String,Object> userinfo = new HashMap<>();
        userinfo.put("name",principal.getUsername());
        userinfo.put("role",principal.getRoles());
        userinfo.put("path",principal.getPath().toString());
+        RedisUtil redisUtil = new RedisUtil();
+        redisUtil.set("userinfo:",userinfo);
+
        response.setCharacterEncoding("utf-8");
        response.setContentType("application/json;charset=utf-8");
        String s = new ObjectMapper().writeValueAsString(ResponseResult.ok(200,"登录成功",principal.getPath(),
                JwtUtil.generateToken(userinfo)));
        response.getWriter().write(s);
+
    }
 }
--- a/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/securityFilter/AuthenticationServerImpl.java
+++ b/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/securityFilter/AuthenticationServerImpl.java
@ -34,7 +34,7 @@ import java.util.Map;
				@@ -34,7 +34,7 @@ import java.util.Map;
 * 以及用户对路径下的权限。
 * 这里实现查询和封装authentication。
 * 完成
- * 这里实现用户权限校验
+ * 这里实现用户封装
 * @author adiao
 */
@Service
--- a/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/securityFilter/JwtAuthenticationTokenFilter.java
+++ b/app-service/src/main/java/com/depsystem/app/systemServer/securityServer/securityFilter/JwtAuthenticationTokenFilter.java
@ -8,28 +8,51 @@
				@@ -8,28 +8,51 @@
 package com.depsystem.app.systemServer.securityServer.securityFilter;

 import cn.hutool.core.util.StrUtil;
+import com.depsystem.app.loginServer.Login;
+import com.depsystem.app.systemServer.securityServer.entity.MyUserDetails;
 import com.depsystem.app.systemServer.util.JwtUtil;
+import com.depsystem.app.systemServer.util.RedisUtil;
 import io.jsonwebtoken.Claims;
+import jakarta.annotation.Resource;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.filter.OncePerRequestFilter;

 import java.io.IOException;
+import java.util.Objects;

 public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
+    @Resource
+    RedisUtil redisUtil;
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        String token = request.getHeader("token");
+        String usernameFromToken;
+
        if (StrUtil.isBlank(token)){
            filterChain.doFilter(request,response);
        }
        try {
-            JwtUtil.validateToken(token);
+            usernameFromToken = JwtUtil.getUsernameFromToken(token);
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("token错误");
        }
+
+        String redisKey = "userinfo:";
+        MyUserDetails o = (MyUserDetails) redisUtil.get(redisKey);
+        if (Objects.isNull(o)){
+            throw new RuntimeException("获取用户信息失败");
+        }
+        UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(o,null,null);
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+        filterChain.doFilter(request,response);
+
    }
 }
--- a/app-start/src/test/java/com/depsystem/app/AppApplicationTests.java
+++ b/app-start/src/test/java/com/depsystem/app/AppApplicationTests.java
@ -120,14 +120,14 @@ class AppApplicationTests {
				@@ -120,14 +120,14 @@ class AppApplicationTests {
        System.out.println(path);

        System.out.println("**************************************");
-        boolean b = JwtUtil.validateToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjpbIi9EZWJpdCIsIi9GaXgiLCIvSW52ZW50b3J5IiwiL01haW50ZW5hbmNlIiwiL21lIiwiL1B1cmNoYXNlIiwiL1F1ZXJ5IiwiL1JlcGFpciIsIi9TdG9yYWdlIiwiL1RyYW5zZmVyIl0sInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjU0NjkyLCJpYXQiOjE2ODIyNTEwOTJ9.Sf3p5o8p_Tj-33zXfofx1ld-ugXW7WYCewhx27nHSnw");
+        boolean b = JwtUtil.validateToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjoiWy9EZWJpdCwgL0ZpeCwgL0ludmVudG9yeSwgL01haW50ZW5hbmNlLCAvbWUsIC9QdXJjaGFzZSwgL1F1ZXJ5LCAvUmVwYWlyLCAvU3RvcmFnZSwgL1RyYW5zZmVyXSIsInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjc2OTMzLCJpYXQiOjE2ODIyNzMzMzN9.0zmWGYUcTg43nbx1QA4WIOjg5jdB3Ne8R81ah7b6MVI");
        System.out.println(b);
-        String usernameFromToken = JwtUtil.getUsernameFromToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjpbIi9EZWJpdCIsIi9GaXgiLCIvSW52ZW50b3J5IiwiL01haW50ZW5hbmNlIiwiL21lIiwiL1B1cmNoYXNlIiwiL1F1ZXJ5IiwiL1JlcGFpciIsIi9TdG9yYWdlIiwiL1RyYW5zZmVyIl0sInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjU0NjkyLCJpYXQiOjE2ODIyNTEwOTJ9.Sf3p5o8p_Tj-33zXfofx1ld-ugXW7WYCewhx27nHSnw");
-        String roleFromToken = JwtUtil.getRoleFromToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjpbIi9EZWJpdCIsIi9GaXgiLCIvSW52ZW50b3J5IiwiL01haW50ZW5hbmNlIiwiL21lIiwiL1B1cmNoYXNlIiwiL1F1ZXJ5IiwiL1JlcGFpciIsIi9TdG9yYWdlIiwiL1RyYW5zZmVyIl0sInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjU0NjkyLCJpYXQiOjE2ODIyNTEwOTJ9.Sf3p5o8p_Tj-33zXfofx1ld-ugXW7WYCewhx27nHSnw");
-        List<String> pathFromToken = JwtUtil.getPathFromToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjpbIi9EZWJpdCIsIi9GaXgiLCIvSW52ZW50b3J5IiwiL01haW50ZW5hbmNlIiwiL21lIiwiL1B1cmNoYXNlIiwiL1F1ZXJ5IiwiL1JlcGFpciIsIi9TdG9yYWdlIiwiL1RyYW5zZmVyIl0sInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjU0NjkyLCJpYXQiOjE2ODIyNTEwOTJ9.Sf3p5o8p_Tj-33zXfofx1ld-ugXW7WYCewhx27nHSnw");
+        String usernameFromToken = JwtUtil.getUsernameFromToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjoiWy9EZWJpdCwgL0ZpeCwgL0ludmVudG9yeSwgL01haW50ZW5hbmNlLCAvbWUsIC9QdXJjaGFzZSwgL1F1ZXJ5LCAvUmVwYWlyLCAvU3RvcmFnZSwgL1RyYW5zZmVyXSIsInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjc2OTMzLCJpYXQiOjE2ODIyNzMzMzN9.0zmWGYUcTg43nbx1QA4WIOjg5jdB3Ne8R81ah7b6MVI");
+        String roleFromToken = JwtUtil.getRoleFromToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjoiWy9EZWJpdCwgL0ZpeCwgL0ludmVudG9yeSwgL01haW50ZW5hbmNlLCAvbWUsIC9QdXJjaGFzZSwgL1F1ZXJ5LCAvUmVwYWlyLCAvU3RvcmFnZSwgL1RyYW5zZmVyXSIsInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjc2OTMzLCJpYXQiOjE2ODIyNzMzMzN9.0zmWGYUcTg43nbx1QA4WIOjg5jdB3Ne8R81ah7b6MVI");
+        //List<String> pathFromToken = JwtUtil.getPathFromToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjpbIi9EZWJpdCIsIi9GaXgiLCIvSW52ZW50b3J5IiwiL01haW50ZW5hbmNlIiwiL21lIiwiL1B1cmNoYXNlIiwiL1F1ZXJ5IiwiL1JlcGFpciIsIi9TdG9yYWdlIiwiL1RyYW5zZmVyIl0sInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjU0NjkyLCJpYXQiOjE2ODIyNTEwOTJ9.Sf3p5o8p_Tj-33zXfofx1ld-ugXW7WYCewhx27nHSnw");
        System.out.println(usernameFromToken);
        System.out.println(roleFromToken);
-        System.out.println(pathFromToken);
+        //System.out.println(pathFromToken);
        System.out.println("**************************************");
        JWT jwt = JWTUtil.parseToken("eyJhbGciOiJIUzI1NiJ9.eyJwYXRoIjpbIi9EZWJpdCIsIi9GaXgiLCIvSW52ZW50b3J5IiwiL01haW50ZW5hbmNlIiwiL21lIiwiL1B1cmNoYXNlIiwiL1F1ZXJ5IiwiL1JlcGFpciIsIi9TdG9yYWdlIiwiL1RyYW5zZmVyIl0sInJvbGUiOiJhZG1pbjIiLCJuYW1lIjoiNjgzNjk3NDE0IiwiZXhwIjoxNjgyMjU0MzkzLCJpYXQiOjE2ODIyNTA3OTN9.Jwg5jjobsLCaJy42aF0MzTpoA6ryfnw8SGiJCOdh5WI");
        JWTPayload payload = jwt.getPayload();