NM-gaoshuguang
/
GS-ManualSendOut
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

2024年08月02日 1.0.9 token时长读取配置文件tokenOutTime

Browse Source
main
gaoshuguang 1 year ago
parent 573bceffac
commit f8748a68bd
3 changed files with 47 additions and 75 deletions
Show Stats Download Patch File Download Diff File

35
ManualSendOut/src/main/java/com/nm/gsgl/common/config/FilterConfig.java
Unescape Escape View File

@ -14,49 +14,54 @@ import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.PrintWriter; import java.io.PrintWriter;
@Component @Component
@Slf4j @Slf4j
public class FilterConfig implements HandlerInterceptor { public class FilterConfig implements HandlerInterceptor {
@Override @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if(request.getHeader("Origin")==null){
response.setHeader("Access-Control-Allow-Origin", "*");//支持跨域请求
}else{
System.out.println("request.getHeader(\"Origin\")=======>" + request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));//支持跨域请求 response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));//支持跨域请求
}
response.setHeader("Access-Control-Allow-Credentials", "true");//是否支持cookie跨域 response.setHeader("Access-Control-Allow-Credentials", "true");//是否支持cookie跨域
response.setHeader("Access-Control-Allow-Methods", "*");//X-forwared-port,X-forwarded-host, response.setHeader("Access-Control-Allow-Methods", "*");//X-forwared-port,X-forwarded-host,
response.setHeader("Access-Control-Allow-Headers", "Authorization,Origin, X-Requested-With, Content-Type, Accept,Access-Token");//Origin, X-Requested-With, Content-Type, Accept,Access-Token response.setHeader("Access-Control-Allow-Headers", "Authorization,Origin, X-Requested-With, Content-Type, Accept,Access-Token");//Origin, X-Requested-With, Content-Type, Accept,Access-Token
response.setHeader("Set-Cookie", "SameSite=None");
String token = request.getHeader("token"); String token = request.getHeader("token");
if (token == null) {
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8");
JSONObject res = new JSONObject();
res.put("status", "-2");
res.put("msg", "登录超时请重新登陆");
PrintWriter out;
out = response.getWriter();
out.write(res.toString());
out.flush();
out.close();
return false;
}
if(token.equals("test")){ if(token.equals("test")){
return true; return true;
} }
if (token != null) { try {
boolean result = TokenUtil.verify(token,request); boolean result = TokenUtil.verify(token);
//判断绑定 //判断绑定
if (result) { if (result) {
log.info("通过拦截器"); log.info("通过拦截器");
HttpSession session = request.getSession(); response.setHeader("token", TokenUtil.reToken(token, request));
String Addtoken = TokenUtil.reToken(token);
session.setAttribute("token", Addtoken);
response.setHeader("token", Addtoken);
return true; return true;
} }
} catch (Exception ignored) {
} }
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
response.setCharacterEncoding("UTF-8"); response.setCharacterEncoding("UTF-8");
response.setContentType("application/json; charset=utf-8"); response.setContentType("application/json; charset=utf-8");
JSONObject res = new JSONObject(); JSONObject res = new JSONObject();
res.put("status", "-1"); res.put("status", "-1");
res.put("msg", "鉴权失败"); res.put("msg", "鉴权失败");
PrintWriter out = null; PrintWriter out;
out = response.getWriter(); out = response.getWriter();
out.write(res.toString()); out.write(res.toString());
out.flush(); out.flush();

82
ManualSendOut/src/main/java/com/nm/gsgl/common/utils/TokenUtil.java
Unescape Escape View File

@ -17,66 +17,27 @@ public class TokenUtil {
/** /**
* token * token
*/ */
private static final String TOKEN_SECRET = "apiManager"; private static String TOKEN_SECRET;
/** /**
* *
*/ */
private static final long EXPIRE_DATE = 30 * 60 * 100000; private static long EXPIRE_DATE;
public static String token(String secreteKey) {
String token = ""; static {
try { String SystemType = PropertiesUtil.getValue("SystemType");
//过期时间 if (SystemType == null || SystemType.equals("0") || SystemType.equals("2")) {
Date date = new Date(System.currentTimeMillis() + EXPIRE_DATE); TOKEN_SECRET = "apiManager";
//秘钥及加密算法 } else if (SystemType.equals("1")) {
Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); TOKEN_SECRET = "5267915";
//设置头部信息
Map<String, Object> header = new HashMap<>();
header.put("typ", "JWT");
header.put("alg", "HS256");
//携带usernamepassword信息生成签名
token = JWT.create()
.withHeader(header)
.withClaim("secreteKey", secreteKey)
.withExpiresAt(date)
.sign(algorithm);
} catch (Exception e) {
log.error("获取token异常", e);
return null;
} }
return token; String tokenOutTime = PropertiesUtil.getValue("tokenOutTime");
} if (tokenOutTime.isEmpty()) {
tokenOutTime = "30";
public static boolean verify(String token, HttpServletRequest request) {
/**
* @desc tokentrue
* @params [token]
**/
try {
Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET);
JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT jwt = verifier.verify(token);
HttpSession session = request.getSession();
String Man = jwt.getClaim("Man").toString().replaceAll( "///" ,"");
String Manid = jwt.getClaim("Manid").toString().replaceAll( "///" ,"");
String Manno = jwt.getClaim("Manno").toString().replaceAll( "///" ,"");
if (Man == null || Man.equals("") ||
Manid == null || Manid.equals("") ||
Manno == null || Manno.equals("")) {
return false;
}
session.setAttribute("Man", Man);
session.setAttribute("Manid", Manid);
session.setAttribute("Manno", Manno);
return true;
} catch (Exception e) {
log.error("验证token异常", e);
return false;
} }
EXPIRE_DATE = Long.parseLong(tokenOutTime) * 60 * 1000;
} }
public static boolean verify(String token) { public static boolean verify(String token) {
/** /**
* @desc tokentrue * @desc tokentrue
@ -85,14 +46,15 @@ public class TokenUtil {
try { try {
Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET);
JWTVerifier verifier = JWT.require(algorithm).build(); JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT jwt = verifier.verify(token); verifier.verify(token);
return true; return true;
} catch (Exception e) { } catch (Exception e) {
log.error("验证token异常", e); log.error("验证token异常", e);
return false; return false;
} }
} }
public static String reToken(String token) {
public static String reToken(String token, HttpServletRequest request) {
/** /**
* @desc tokentrue * @desc tokentrue
* @params [token] * @params [token]
@ -101,9 +63,9 @@ public class TokenUtil {
Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET); Algorithm algorithm = Algorithm.HMAC256(TOKEN_SECRET);
JWTVerifier verifier = JWT.require(algorithm).build(); JWTVerifier verifier = JWT.require(algorithm).build();
DecodedJWT jwt = verifier.verify(token); DecodedJWT jwt = verifier.verify(token);
String Man = jwt.getClaim("Man").toString().replaceAll( "///" ,"");; String Man = jwt.getClaim("Man").toString().replaceAll("\\\"", "");
String Manid = jwt.getClaim("Manid").toString().replaceAll( "///" ,"");; String Manid = jwt.getClaim("Manid").toString().replaceAll("\\\"", "");
String Manno = jwt.getClaim("Manno").toString().replaceAll( "///" ,"");; String Manno = jwt.getClaim("Manno").toString().replaceAll("\\\"", "");
//过期时间 //过期时间
Date date = new Date(System.currentTimeMillis() + EXPIRE_DATE); Date date = new Date(System.currentTimeMillis() + EXPIRE_DATE);
//秘钥及加密算法 //秘钥及加密算法
@ -111,7 +73,6 @@ public class TokenUtil {
Map<String, Object> header = new HashMap<>(); Map<String, Object> header = new HashMap<>();
header.put("typ", "JWT"); header.put("typ", "JWT");
header.put("alg", "HS256"); header.put("alg", "HS256");
//携带usernamepassword信息生成签名
token = JWT.create() token = JWT.create()
.withHeader(header) .withHeader(header)
.withClaim("Man", Man) .withClaim("Man", Man)
@ -119,6 +80,11 @@ public class TokenUtil {
.withClaim("Manno", Manno) .withClaim("Manno", Manno)
.withExpiresAt(date) .withExpiresAt(date)
.sign(algorithm); .sign(algorithm);
HttpSession session = request.getSession();
session.setAttribute("token", token);
session.setAttribute("Man", Man);
session.setAttribute("Manid", Manid);
session.setAttribute("Manno", Manno);
return token; return token;
} catch (Exception e) { } catch (Exception e) {
log.error("获取token异常", e); log.error("获取token异常", e);

1
ManualSendOut/src/main/resources/version/1.0.7.txt → ManualSendOut/src/main/resources/version/1.0.8.txt
Unescape Escape View File

@ -11,3 +11,4 @@
6 2024年06月09日 1.0.5 优化参数下发的DBF文件中文乱码问题 6 2024年06月09日 1.0.5 优化参数下发的DBF文件中文乱码问题
7 2024年06月14日 1.0.6 优化黑名单版本号查询 7 2024年06月14日 1.0.6 优化黑名单版本号查询
8 2024年06月19日 1.0.7 优化武俊涛下发的生成的ROADCODE.SQB语句 8 2024年06月19日 1.0.7 优化武俊涛下发的生成的ROADCODE.SQB语句
9 2024年08月02日 1.0.8 token时长读取配置文件tokenOutTime
Write Preview
Loading…
Cancel
Save