登录优化

dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/util/JwtUtil.java

@@ -24,8 +24,8 @@ public class JwtUtil {
      * @param timeout; 单位是秒
      */
     public static String createJwtToken(Long userId, long timeout) {
-        String token = Md5Util.md5(userId+timeout+"dq");
-        RedisUtil.setEx("dq:token:"+userId, token, timeout);
+        String token = Md5Util.md5("dq"+userId+timeout+System.currentTimeMillis());
+        RedisUtil.setEx("dq:token:"+token, String.valueOf(userId), timeout);
         return token;
         /*return JWT.create()
             .withClaim("member", userId)
@@ -55,7 +55,7 @@ public class JwtUtil {
     }*/
 
     public static String getRedisKey(Long userId, String token) {
-        return String.format("dq:token:%d:%s", userId, token);
+        return String.format("dq:token:"+token, token, String.valueOf(userId));
     }
 
     public static void putTokenToRedis(Long userId, String token, long times) {

dq-govern-gateway/src/main/java/com/daqing/financial/gateway/config/ApiGlobalFilter.java

@@ -2,6 +2,7 @@ package com.daqing.financial.gateway.config;
 
 import com.alibaba.fastjson.JSONObject;
 import com.daqing.financial.gateway.util.JwtUtil;
+import com.daqing.financial.gateway.util.RedisUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
@@ -57,10 +58,11 @@ public class ApiGlobalFilter implements GlobalFilter, Ordered {
                 //有数据
             }else {
                 //校验token
-                Long userId = verifyJWT(token);
-                if (userId == null){
+                //Long userId = verifyJWT(token);
+                String userId = RedisUtil.get("dq:token:"+token);
+                if (userId == null || "".equals(userId)){
                     JSONObject message = new JSONObject();
-                    message.put("message", "请重新登录");
+                    message.put("message", "登录已失效,请重新登录");
                     message.put("code", "401");
                     byte[] bits = message.toString().getBytes(StandardCharsets.UTF_8);
                     DataBuffer buffer = response.bufferFactory().wrap(bits);
@@ -69,7 +71,7 @@ public class ApiGlobalFilter implements GlobalFilter, Ordered {
                     return response.writeWith(Mono.just(buffer));
                 }
                 //将现在的request，添加当前身份
-                ServerHttpRequest mutableReq = exchange.getRequest().mutate().header("Authorization-UserId", String.valueOf(userId)).build();
+                ServerHttpRequest mutableReq = exchange.getRequest().mutate().header("Authorization-UserId", userId).build();
                 ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
                 return chain.filter(mutableExchange);
             }
@@ -83,6 +85,7 @@ public class ApiGlobalFilter implements GlobalFilter, Ordered {
      * @return userPhone
      */
     private Long verifyJWT(String token){
+        String id = RedisUtil.get("dq:token:"+token);
         return JwtUtil.verifyToken(token);
     }
 

dq-govern-gateway/src/main/resources/application.yml

@@ -17,7 +17,7 @@ spring:
           predicates:
             - Path=/api/**
           filters:
-            - RewritePath=/api/(?<segment>.*),/ $\{segment}
+            - RewritePath=/api/(?<segment>.*), /$\{segment}
         - id: hrms_auth_route
           uri: http://localhost:9000/dq-financial-hrms-auth #lb://dq-financial-hrms-auth
           predicates: