From 1ca5584d7e3200a9af65a099bd26d3593e2ba702 Mon Sep 17 00:00:00 2001
From: liyong <18434998025@163.com>
Date: 星期四, 07 五月 2026 14:36:08 +0800
Subject: [PATCH] 迁移pro
---
src/main/java/com/ruoyi/framework/security/service/TokenService.java | 121 +++++++++++++++++++++++++++++++---------
1 files changed, 94 insertions(+), 27 deletions(-)
diff --git a/src/main/java/com/ruoyi/framework/security/service/TokenService.java b/src/main/java/com/ruoyi/framework/security/service/TokenService.java
index 7d09431..35802db 100644
--- a/src/main/java/com/ruoyi/framework/security/service/TokenService.java
+++ b/src/main/java/com/ruoyi/framework/security/service/TokenService.java
@@ -1,20 +1,6 @@
package com.ruoyi.framework.security.service;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;
-import javax.servlet.http.HttpServletRequest;
-
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.ruoyi.project.system.domain.SysUserDept;
-import com.ruoyi.project.system.mapper.SysUserDeptMapper;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Component;
import com.ruoyi.common.constant.CacheConstants;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.utils.ServletUtils;
@@ -24,11 +10,27 @@
import com.ruoyi.common.utils.uuid.IdUtils;
import com.ruoyi.framework.redis.RedisCache;
import com.ruoyi.framework.security.LoginUser;
+import com.ruoyi.project.system.domain.SysRole;
+import com.ruoyi.project.system.domain.SysUserDept;
+import com.ruoyi.project.system.mapper.SysUserDeptMapper;
import eu.bitwalker.useragentutils.UserAgent;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
import org.springframework.util.CollectionUtils;
+
+import javax.crypto.SecretKey;
+import java.nio.charset.StandardCharsets;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
/**
* token楠岃瘉澶勭悊
@@ -36,6 +38,7 @@
* @author ruoyi
*/
@Component
+@RequiredArgsConstructor
public class TokenService
{
private static final Logger log = LoggerFactory.getLogger(TokenService.class);
@@ -58,8 +61,7 @@
private static final Long MILLIS_MINUTE_TWENTY = 20 * 60 * 1000L;
- @Autowired
- private RedisCache redisCache;
+ private final RedisCache redisCache;
/**
* 鑾峰彇鐢ㄦ埛韬唤淇℃伅
@@ -147,8 +149,7 @@
}
}
- @Autowired
- private SysUserDeptMapper sysUserDeptMapper;
+ private final SysUserDeptMapper sysUserDeptMapper;
/**
* 鍒锋柊浠ょ墝鏈夋晥鏈�
@@ -160,10 +161,70 @@
loginUser.setLoginTime(System.currentTimeMillis());
loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
loginUser.setDeptIds(getDeptIdsByUserId(loginUser.getUserId()));
- loginUser.setCurrentDeptId(loginUser.getDeptIds()[0]);
+ if (loginUser.getDeptIds() != null && loginUser.getDeptIds().length > 0)
+ {
+ loginUser.setCurrentDeptId(loginUser.getDeptIds()[0]);
+ }
+ loginUser.setDataScope(resolveDataScope(loginUser));
// 鏍规嵁uuid灏唋oginUser缂撳瓨
String userKey = getTokenKey(loginUser.getToken());
redisCache.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
+ }
+
+ public String resolveDataScope(LoginUser loginUser)
+ {
+ if (loginUser == null || loginUser.getUser() == null || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
+ {
+ return null;
+ }
+ boolean hasCustom = false;
+ boolean hasDeptAndChild = false;
+ boolean hasDept = false;
+ boolean hasSelf = false;
+ for (SysRole role : loginUser.getUser().getRoles())
+ {
+ if (role == null || !"0".equals(role.getStatus()))
+ {
+ continue;
+ }
+ if ("1".equals(role.getDataScope()))
+ {
+ return "1";
+ }
+ if ("2".equals(role.getDataScope()))
+ {
+ hasCustom = true;
+ }
+ else if ("4".equals(role.getDataScope()))
+ {
+ hasDeptAndChild = true;
+ }
+ else if ("3".equals(role.getDataScope()))
+ {
+ hasDept = true;
+ }
+ else if ("5".equals(role.getDataScope()))
+ {
+ hasSelf = true;
+ }
+ }
+ if (hasCustom)
+ {
+ return "2";
+ }
+ if (hasDeptAndChild)
+ {
+ return "4";
+ }
+ if (hasDept)
+ {
+ return "3";
+ }
+ if (hasSelf)
+ {
+ return "5";
+ }
+ return null;
}
public Long[] getDeptIdsByUserId(Long userId){
@@ -191,6 +252,11 @@
loginUser.setOs(userAgent.getOperatingSystem().getName());
}
+ private SecretKey getSigningKey() {
+ byte[] keyBytes = secret.getBytes(StandardCharsets.UTF_8);
+ return Keys.hmacShaKeyFor(keyBytes);
+ }
+
/**
* 浠庢暟鎹0鏄庣敓鎴愪护鐗�
*
@@ -199,10 +265,10 @@
*/
private String createToken(Map<String, Object> claims)
{
- String token = Jwts.builder()
- .setClaims(claims)
- .signWith(SignatureAlgorithm.HS512, secret).compact();
- return token;
+ return Jwts.builder()
+ .claims(claims) // 娉ㄦ剰锛氭柊鐗堟柟娉曞悕鍙樹簡锛屼笉鍐嶆槸 setClaims
+ .signWith(getSigningKey(), Jwts.SIG.HS512) // 浣跨敤鏂扮殑绛惧悕甯搁噺
+ .compact();
}
/**
@@ -214,9 +280,10 @@
private Claims parseToken(String token)
{
return Jwts.parser()
- .setSigningKey(secret)
- .parseClaimsJws(token)
- .getBody();
+ .verifyWith(getSigningKey()) // 鏂扮増浣跨敤 verifyWith
+ .build()
+ .parseSignedClaims(token)
+ .getPayload();
}
/**
--
Gitblit v1.9.3