diff --git a/ManualSendOut/src/main/java/com/nm/gsgl/common/config/FilterConfig.java b/ManualSendOut/src/main/java/com/nm/gsgl/common/config/FilterConfig.java index 3a4c7b5..99e8b82 100644 --- a/ManualSendOut/src/main/java/com/nm/gsgl/common/config/FilterConfig.java +++ b/ManualSendOut/src/main/java/com/nm/gsgl/common/config/FilterConfig.java @@ -14,49 +14,54 @@ import org.springframework.web.servlet.HandlerInterceptor; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; import java.io.PrintWriter; + @Component @Slf4j public class FilterConfig implements HandlerInterceptor { @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { - if(request.getHeader("Origin")==null){ - response.setHeader("Access-Control-Allow-Origin", "*");//支持跨域请求 - }else{ - System.out.println("request.getHeader(\"Origin\")=======>" + request.getHeader("Origin")); - response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));//支持跨域请求 - } + response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));//支持跨域请求 response.setHeader("Access-Control-Allow-Credentials", "true");//是否支持cookie跨域 response.setHeader("Access-Control-Allow-Methods", "*");//X-forwared-port,X-forwarded-host, response.setHeader("Access-Control-Allow-Headers", "Authorization,Origin, X-Requested-With, Content-Type, Accept,Access-Token");//Origin, X-Requested-With, Content-Type, Accept,Access-Token - response.setHeader("Set-Cookie", "SameSite=None"); String token = request.getHeader("token"); - if (token.equals("test")) { + if (token == null) { + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.setCharacterEncoding("UTF-8"); + response.setContentType("application/json; charset=utf-8"); + JSONObject res = new JSONObject(); + res.put("status", "-2"); + res.put("msg", "登录超时请重新登陆"); + PrintWriter out; + out = response.getWriter(); + out.write(res.toString()); + out.flush(); + out.close(); + return false; + } + if(token.equals("test")){ return true; } - if (token != null) { - boolean result = TokenUtil.verify(token,request); + try { + boolean result = TokenUtil.verify(token); //判断绑定 if (result) { log.info("通过拦截器"); - HttpSession session = request.getSession(); - String Addtoken = TokenUtil.reToken(token); - session.setAttribute("token", Addtoken); - response.setHeader("token", Addtoken); + response.setHeader("token", TokenUtil.reToken(token, request)); return true; } + } catch (Exception ignored) { } - response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); JSONObject res = new JSONObject(); res.put("status", "-1"); res.put("msg", "鉴权失败"); - PrintWriter out = null; + PrintWriter out; out = response.getWriter(); out.write(res.toString()); out.flush(); diff --git a/ManualSendOut/src/main/java/com/nm/gsgl/common/utils/TokenUtil.java b/ManualSendOut/src/main/java/com/nm/gsgl/common/utils/TokenUtil.java index bad584a..c32f457 100644 --- a/ManualSendOut/src/main/java/com/nm/gsgl/common/utils/TokenUtil.java +++ b/ManualSendOut/src/main/java/com/nm/gsgl/common/utils/TokenUtil.java @@ -17,66 +17,27 @@ public class TokenUtil { /** * token秘钥 */ - private static final String TOKEN_SECRET = "apiManager"; - + private static String TOKEN_SECRET; /** * 设置过期时间 */ - private static final long EXPIRE_DATE = 30 * 60 * 100000; - - public static String token(String secreteKey) { + private static long EXPIRE_DATE; - String token = ""; - try { - //过期时间 - Date date = new Date(System.currentTimeMillis() + EXPIRE_DATE); - //秘钥及加密算法 - Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); - //设置头部信息 - Map header = new HashMap<>(); - header.put("typ", "JWT"); - header.put("alg", "HS256"); - //携带username,password信息,生成签名 - token = JWT.create() - .withHeader(header) - .withClaim("secreteKey", secreteKey) - .withExpiresAt(date) - .sign(algorithm); - } catch (Exception e) { - log.error("获取token异常", e); - return null; + static { + String SystemType = PropertiesUtil.getValue("SystemType"); + if (SystemType == null || SystemType.equals("0") || SystemType.equals("2")) { + TOKEN_SECRET = "apiManager"; + } else if (SystemType.equals("1")) { + TOKEN_SECRET = "5267915"; } - return token; - } - - public static boolean verify(String token, HttpServletRequest request) { - /** - * @desc 验证token,通过返回true - * @params [token]需要校验的串 - **/ - try { - Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); - JWTVerifier verifier = JWT.require(algorithm).build(); - DecodedJWT jwt = verifier.verify(token); - HttpSession session = request.getSession(); - String Man = jwt.getClaim("Man").toString().replaceAll( "///" ,""); - String Manid = jwt.getClaim("Manid").toString().replaceAll( "///" ,""); - String Manno = jwt.getClaim("Manno").toString().replaceAll( "///" ,""); - if (Man == null || Man.equals("") || - Manid == null || Manid.equals("") || - Manno == null || Manno.equals("")) { - return false; - } - session.setAttribute("Man", Man); - session.setAttribute("Manid", Manid); - session.setAttribute("Manno", Manno); - return true; - } catch (Exception e) { - log.error("验证token异常", e); - return false; + String tokenOutTime = PropertiesUtil.getValue("tokenOutTime"); + if (tokenOutTime.isEmpty()) { + tokenOutTime = "30"; } + EXPIRE_DATE = Long.parseLong(tokenOutTime) * 60 * 1000; } + public static boolean verify(String token) { /** * @desc 验证token,通过返回true @@ -85,14 +46,15 @@ public class TokenUtil { try { Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); JWTVerifier verifier = JWT.require(algorithm).build(); - DecodedJWT jwt = verifier.verify(token); + verifier.verify(token); return true; } catch (Exception e) { log.error("验证token异常", e); return false; } } - public static String reToken(String token) { + + public static String reToken(String token, HttpServletRequest request) { /** * @desc 验证token,通过返回true * @params [token]需要校验的串 @@ -101,9 +63,9 @@ public class TokenUtil { Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); JWTVerifier verifier = JWT.require(algorithm).build(); DecodedJWT jwt = verifier.verify(token); - String Man = jwt.getClaim("Man").toString().replaceAll( "///" ,"");; - String Manid = jwt.getClaim("Manid").toString().replaceAll( "///" ,"");; - String Manno = jwt.getClaim("Manno").toString().replaceAll( "///" ,"");; + String Man = jwt.getClaim("Man").toString().replaceAll("\\\"", ""); + String Manid = jwt.getClaim("Manid").toString().replaceAll("\\\"", ""); + String Manno = jwt.getClaim("Manno").toString().replaceAll("\\\"", ""); //过期时间 Date date = new Date(System.currentTimeMillis() + EXPIRE_DATE); //秘钥及加密算法 @@ -111,7 +73,6 @@ public class TokenUtil { Map header = new HashMap<>(); header.put("typ", "JWT"); header.put("alg", "HS256"); - //携带username,password信息,生成签名 token = JWT.create() .withHeader(header) .withClaim("Man", Man) @@ -119,6 +80,11 @@ public class TokenUtil { .withClaim("Manno", Manno) .withExpiresAt(date) .sign(algorithm); + HttpSession session = request.getSession(); + session.setAttribute("token", token); + session.setAttribute("Man", Man); + session.setAttribute("Manid", Manid); + session.setAttribute("Manno", Manno); return token; } catch (Exception e) { log.error("获取token异常", e); diff --git a/ManualSendOut/src/main/resources/version/1.0.7.txt b/ManualSendOut/src/main/resources/version/1.0.8.txt similarity index 93% rename from ManualSendOut/src/main/resources/version/1.0.7.txt rename to ManualSendOut/src/main/resources/version/1.0.8.txt index 5a5db62..909b911 100644 --- a/ManualSendOut/src/main/resources/version/1.0.7.txt +++ b/ManualSendOut/src/main/resources/version/1.0.8.txt @@ -11,3 +11,4 @@ 6 2024年06月09日 1.0.5 优化参数下发的DBF文件中文乱码问题 7 2024年06月14日 1.0.6 优化黑名单版本号查询 8 2024年06月19日 1.0.7 优化武俊涛下发的生成的ROADCODE.SQB语句 +9 2024年08月02日 1.0.8 token时长读取配置文件tokenOutTime