配置提交

master
cheney 2 years ago
parent f2d4bb224a
commit 14ac468f8e
  1. 55
      src/main/java/com/huoran/iasf/common/shiro/CustomAccessControlFilter.java
  2. 6
      src/main/resources/application-dev.yml
  3. 6
      src/main/resources/application.yml

@ -6,6 +6,8 @@ import com.huoran.iasf.common.exception.code.BaseResponseCode;
import com.huoran.iasf.common.utils.Constant;
import com.huoran.iasf.common.utils.R;
import com.huoran.iasf.common.utils.HttpContextUtils;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
@ -25,6 +27,7 @@ import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import static com.huoran.iasf.service.HttpApiSessionService.*;
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
@ -79,45 +82,31 @@ public class CustomAccessControlFilter extends AccessControlFilter {
// 指定处理该请求的处理器
request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, servletResponse);
}
// 校验并解析token,如果token过期或者篡改,则会返回null
Claims claims = checkJWT(token);
if (null == claims) {
request.setAttribute("filterError", new BusinessException(BaseResponseCode.TOKEN_ERROR));
// 指定处理该请求的处理器
request.getRequestDispatcher(Constant.ERROR_CONTROLLER_PATH).forward(request, servletResponse);
}else {
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(token, token);
getSubject(servletRequest, servletResponse).login(usernamePasswordToken);
/*} catch (BusinessException exception) {
if (HttpContextUtils.isAjaxRequest(request)) {
customResponse(exception.getBaseResponseCode().getCode(), exception.getMessage(), servletResponse);
} else if (exception.getBaseResponseCode().getCode() == BaseResponseCode.TOKEN_ERROR.getCode()) {
servletRequest.getRequestDispatcher("/index/login").forward(servletRequest, servletResponse);
} else if (exception.getBaseResponseCode().getCode() == BaseResponseCode.UNAUTHORIZED_ERROR.getCode()) {
servletRequest.getRequestDispatcher("/index/403").forward(servletRequest, servletResponse);
} else {
servletRequest.getRequestDispatcher("/index/500").forward(servletRequest, servletResponse);
}
return false;
} catch (AuthenticationException e) {
if (HttpContextUtils.isAjaxRequest(request)) {
if (e.getCause() instanceof BusinessException) {
BusinessException exception = (BusinessException) e.getCause();
customResponse(exception.getBaseResponseCode().getCode(), exception.getMessage(), servletResponse);
} else {
customResponse(BaseResponseCode.SYSTEM_BUSY.getCode(), BaseResponseCode.SYSTEM_BUSY.getMsg(), servletResponse);
}
} else {
servletRequest.getRequestDispatcher("/index/403").forward(servletRequest, servletResponse);
return true;
}
return false;
/**
* 校验token
*/
public Claims checkJWT(String token) {
try {
final Claims claims = Jwts.parser().setSigningKey(APP_SECRET).
parseClaimsJws(token).getBody();
return claims;
} catch (Exception e) {
if (HttpContextUtils.isAjaxRequest(request)) {
if (e.getCause() instanceof BusinessException) {
BusinessException exception = (BusinessException) e.getCause();
customResponse(exception.getBaseResponseCode().getCode(), exception.getMessage(), servletResponse);
} else {
customResponse(BaseResponseCode.SYSTEM_BUSY.getCode(), BaseResponseCode.SYSTEM_BUSY.getMsg(), servletResponse);
return null;
}
} else {
servletRequest.getRequestDispatcher("/index/500").forward(servletRequest, servletResponse);
}
return false;
}*/
return true;
}
private void customResponse(int code, String msg, ServletResponse response) {

@ -6,9 +6,11 @@ spring:
datasource:
master:
username: root
password: 123456
# password: 123456
password: iasf#2022
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://192.168.31.136:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
url: jdbc:mysql://127.0.0.1:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
# url: jdbc:mysql://192.168.31.136:3306/iasf?useUnicode=true&useSSL=false&characterEncoding=utf8&serverTimezone=GMT%2b8
cache:
type: redis
redis:

@ -29,9 +29,9 @@ spring:
passwordError: "user:password:error:"
permissionRefresh: "user:token:permissionRefresh:"
expire:
userToken: 604800 # 7天 7*24*3600
passwordError: 3600 # 一个小时
permissionRefresh: 604800 # 7天 7*24*3600
userToken: 86400 # 1天 7*24*3600
passwordError: 360000 # 一个小时
permissionRefresh: 86400 # 1天 7*24*3600
allowMultipleLogin: true # 允许多处登陆
mybatis-plus:

Loading…
Cancel
Save