From 34320634733b77a773af6836a2e3082092068ec9 Mon Sep 17 00:00:00 2001
From: chenhj <1263187585@qq.com>
Date: 星期六, 25 四月 2026 15:09:50 +0800
Subject: [PATCH] 增加永久文件接口
---
src/main/java/com/ruoyi/framework/security/service/TokenService.java | 164 ++++++++++++++++++++++++++++++++++++++++++++----------
1 files changed, 133 insertions(+), 31 deletions(-)
diff --git a/src/main/java/com/ruoyi/framework/security/service/TokenService.java b/src/main/java/com/ruoyi/framework/security/service/TokenService.java
index 7637ed8..35802db 100644
--- a/src/main/java/com/ruoyi/framework/security/service/TokenService.java
+++ b/src/main/java/com/ruoyi/framework/security/service/TokenService.java
@@ -1,24 +1,36 @@
package com.ruoyi.framework.security.service;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
-import javax.servlet.http.HttpServletRequest;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.stereotype.Component;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.ruoyi.common.constant.CacheConstants;
import com.ruoyi.common.constant.Constants;
-import com.ruoyi.common.utils.IdUtils;
import com.ruoyi.common.utils.ServletUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.common.utils.ip.AddressUtils;
import com.ruoyi.common.utils.ip.IpUtils;
+import com.ruoyi.common.utils.uuid.IdUtils;
import com.ruoyi.framework.redis.RedisCache;
import com.ruoyi.framework.security.LoginUser;
+import com.ruoyi.project.system.domain.SysRole;
+import com.ruoyi.project.system.domain.SysUserDept;
+import com.ruoyi.project.system.mapper.SysUserDeptMapper;
import eu.bitwalker.useragentutils.UserAgent;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
+import io.jsonwebtoken.security.Keys;
+import jakarta.servlet.http.HttpServletRequest;
+import lombok.RequiredArgsConstructor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+import org.springframework.util.CollectionUtils;
+
+import javax.crypto.SecretKey;
+import java.nio.charset.StandardCharsets;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
/**
* token楠岃瘉澶勭悊
@@ -26,8 +38,11 @@
* @author ruoyi
*/
@Component
+@RequiredArgsConstructor
public class TokenService
{
+ private static final Logger log = LoggerFactory.getLogger(TokenService.class);
+
// 浠ょ墝鑷畾涔夋爣璇�
@Value("${token.header}")
private String header;
@@ -44,10 +59,9 @@
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
- private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
+ private static final Long MILLIS_MINUTE_TWENTY = 20 * 60 * 1000L;
- @Autowired
- private RedisCache redisCache;
+ private final RedisCache redisCache;
/**
* 鑾峰彇鐢ㄦ埛韬唤淇℃伅
@@ -60,12 +74,19 @@
String token = getToken(request);
if (StringUtils.isNotEmpty(token))
{
- Claims claims = parseToken(token);
- // 瑙f瀽瀵瑰簲鐨勬潈闄愪互鍙婄敤鎴蜂俊鎭�
- String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
- String userKey = getTokenKey(uuid);
- LoginUser user = redisCache.getCacheObject(userKey);
- return user;
+ try
+ {
+ Claims claims = parseToken(token);
+ // 瑙f瀽瀵瑰簲鐨勬潈闄愪互鍙婄敤鎴蜂俊鎭�
+ String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
+ String userKey = getTokenKey(uuid);
+ LoginUser user = redisCache.getCacheObject(userKey);
+ return user;
+ }
+ catch (Exception e)
+ {
+ log.error("鑾峰彇鐢ㄦ埛淇℃伅寮傚父'{}'", e.getMessage());
+ }
}
return null;
}
@@ -108,24 +129,27 @@
Map<String, Object> claims = new HashMap<>();
claims.put(Constants.LOGIN_USER_KEY, token);
+ claims.put(Constants.JWT_USERNAME, loginUser.getUsername());
return createToken(claims);
}
/**
* 楠岃瘉浠ょ墝鏈夋晥鏈燂紝鐩稿樊涓嶈冻20鍒嗛挓锛岃嚜鍔ㄥ埛鏂扮紦瀛�
*
- * @param token 浠ょ墝
+ * @param loginUser 鐧诲綍淇℃伅
* @return 浠ょ墝
*/
public void verifyToken(LoginUser loginUser)
{
long expireTime = loginUser.getExpireTime();
long currentTime = System.currentTimeMillis();
- if (expireTime - currentTime <= MILLIS_MINUTE_TEN)
+ if (expireTime - currentTime <= MILLIS_MINUTE_TWENTY)
{
refreshToken(loginUser);
}
}
+
+ private final SysUserDeptMapper sysUserDeptMapper;
/**
* 鍒锋柊浠ょ墝鏈夋晥鏈�
@@ -136,11 +160,83 @@
{
loginUser.setLoginTime(System.currentTimeMillis());
loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
+ loginUser.setDeptIds(getDeptIdsByUserId(loginUser.getUserId()));
+ if (loginUser.getDeptIds() != null && loginUser.getDeptIds().length > 0)
+ {
+ loginUser.setCurrentDeptId(loginUser.getDeptIds()[0]);
+ }
+ loginUser.setDataScope(resolveDataScope(loginUser));
// 鏍规嵁uuid灏唋oginUser缂撳瓨
String userKey = getTokenKey(loginUser.getToken());
redisCache.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
}
-
+
+ public String resolveDataScope(LoginUser loginUser)
+ {
+ if (loginUser == null || loginUser.getUser() == null || CollectionUtils.isEmpty(loginUser.getUser().getRoles()))
+ {
+ return null;
+ }
+ boolean hasCustom = false;
+ boolean hasDeptAndChild = false;
+ boolean hasDept = false;
+ boolean hasSelf = false;
+ for (SysRole role : loginUser.getUser().getRoles())
+ {
+ if (role == null || !"0".equals(role.getStatus()))
+ {
+ continue;
+ }
+ if ("1".equals(role.getDataScope()))
+ {
+ return "1";
+ }
+ if ("2".equals(role.getDataScope()))
+ {
+ hasCustom = true;
+ }
+ else if ("4".equals(role.getDataScope()))
+ {
+ hasDeptAndChild = true;
+ }
+ else if ("3".equals(role.getDataScope()))
+ {
+ hasDept = true;
+ }
+ else if ("5".equals(role.getDataScope()))
+ {
+ hasSelf = true;
+ }
+ }
+ if (hasCustom)
+ {
+ return "2";
+ }
+ if (hasDeptAndChild)
+ {
+ return "4";
+ }
+ if (hasDept)
+ {
+ return "3";
+ }
+ if (hasSelf)
+ {
+ return "5";
+ }
+ return null;
+ }
+
+ public Long[] getDeptIdsByUserId(Long userId){
+ LambdaQueryWrapper<SysUserDept> sysUserDeptLambdaQueryWrapper = new LambdaQueryWrapper<>();
+ sysUserDeptLambdaQueryWrapper.eq(SysUserDept::getUserId, userId);
+ List<SysUserDept> sysUserDept = sysUserDeptMapper.selectList(sysUserDeptLambdaQueryWrapper);
+ if(CollectionUtils.isEmpty(sysUserDept)){
+ return null;
+ }
+ return sysUserDept.stream().map(SysUserDept::getDeptId).toArray(Long[]::new);
+ }
+
/**
* 璁剧疆鐢ㄦ埛浠g悊淇℃伅
*
@@ -149,13 +245,18 @@
public void setUserAgent(LoginUser loginUser)
{
UserAgent userAgent = UserAgent.parseUserAgentString(ServletUtils.getRequest().getHeader("User-Agent"));
- String ip = IpUtils.getIpAddr(ServletUtils.getRequest());
+ String ip = IpUtils.getIpAddr();
loginUser.setIpaddr(ip);
loginUser.setLoginLocation(AddressUtils.getRealAddressByIP(ip));
loginUser.setBrowser(userAgent.getBrowser().getName());
loginUser.setOs(userAgent.getOperatingSystem().getName());
}
-
+
+ private SecretKey getSigningKey() {
+ byte[] keyBytes = secret.getBytes(StandardCharsets.UTF_8);
+ return Keys.hmacShaKeyFor(keyBytes);
+ }
+
/**
* 浠庢暟鎹0鏄庣敓鎴愪护鐗�
*
@@ -164,10 +265,10 @@
*/
private String createToken(Map<String, Object> claims)
{
- String token = Jwts.builder()
- .setClaims(claims)
- .signWith(SignatureAlgorithm.HS512, secret).compact();
- return token;
+ return Jwts.builder()
+ .claims(claims) // 娉ㄦ剰锛氭柊鐗堟柟娉曞悕鍙樹簡锛屼笉鍐嶆槸 setClaims
+ .signWith(getSigningKey(), Jwts.SIG.HS512) // 浣跨敤鏂扮殑绛惧悕甯搁噺
+ .compact();
}
/**
@@ -179,9 +280,10 @@
private Claims parseToken(String token)
{
return Jwts.parser()
- .setSigningKey(secret)
- .parseClaimsJws(token)
- .getBody();
+ .verifyWith(getSigningKey()) // 鏂扮増浣跨敤 verifyWith
+ .build()
+ .parseSignedClaims(token)
+ .getPayload();
}
/**
@@ -214,6 +316,6 @@
private String getTokenKey(String uuid)
{
- return Constants.LOGIN_TOKEN_KEY + uuid;
+ return CacheConstants.LOGIN_TOKEN_KEY + uuid;
}
}
--
Gitblit v1.9.3