朱兆平 / spring cloud基础开发框架 · 提交

转到一个项目

作者 朱兆平
提交 9150644018c25e7996439e84e74e0f9f523fd82a 1 个父辈 9d7a2ba7

add: 增加设置用户api的token访问接口,方便服务对外的API对接,生成不限时长的访问token.

内嵌 并排对比
正在显示 1 个修改的文件 包含 73 行增加0 行删除
@@ -21,6 +21,7 @@ import io.swagger.annotations.ApiOperation; @@ -21,6 +21,7 @@ import io.swagger.annotations.ApiOperation;
21 import lombok.extern.slf4j.Slf4j; 21 import lombok.extern.slf4j.Slf4j;
22 import org.apache.commons.lang.StringUtils; 22 import org.apache.commons.lang.StringUtils;
23 import org.springframework.beans.factory.annotation.Autowired; 23 import org.springframework.beans.factory.annotation.Autowired;
  24 +import org.springframework.messaging.handler.annotation.Header;
24 import org.springframework.security.core.context.SecurityContextHolder; 25 import org.springframework.security.core.context.SecurityContextHolder;
25 import org.springframework.security.core.userdetails.UserDetails; 26 import org.springframework.security.core.userdetails.UserDetails;
26 import org.springframework.validation.BindingResult; 27 import org.springframework.validation.BindingResult;
@@ -29,8 +30,11 @@ import org.springframework.web.bind.annotation.*; @@ -29,8 +30,11 @@ import org.springframework.web.bind.annotation.*;
29 30
30 import javax.servlet.http.HttpServletRequest; 31 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse; 32 import javax.servlet.http.HttpServletResponse;
  33 +import java.util.Collection;
32 import java.util.List; 34 import java.util.List;
33 import java.util.Map; 35 import java.util.Map;
  36 +import java.util.UUID;
  37 +import java.util.stream.Collectors;
34 38
35 @RestController 39 @RestController
36 @Slf4j 40 @Slf4j
@@ -47,6 +51,7 @@ public class UserController { @@ -47,6 +51,7 @@ public class UserController {
47 @Autowired 51 @Autowired
48 RedisUtils redisUtils; 52 RedisUtils redisUtils;
49 53
  54 +
50 @ApiOperation(value = "查询用户列表及信息", notes = "查询用户列表及单个用户信息") 55 @ApiOperation(value = "查询用户列表及信息", notes = "查询用户列表及单个用户信息")
51 @ApiImplicitParams({@ApiImplicitParam(name = "pageNum", value = "分页-当前页", required = false, dataType = "int",defaultValue = "1"), 56 @ApiImplicitParams({@ApiImplicitParam(name = "pageNum", value = "分页-当前页", required = false, dataType = "int",defaultValue = "1"),
52 @ApiImplicitParam(name = "pageSize", value = "分页-每页显示多少条", required = false, dataType = "int",defaultValue = "5")}) 57 @ApiImplicitParam(name = "pageSize", value = "分页-每页显示多少条", required = false, dataType = "int",defaultValue = "5")})
@@ -193,4 +198,72 @@ public class UserController { @@ -193,4 +198,72 @@ public class UserController {
193 USERS userInfo = userService.getUserInfoByToken(token); 198 USERS userInfo = userService.getUserInfoByToken(token);
194 return new ResultJson("200","get user info success",userInfo); 199 return new ResultJson("200","get user info success",userInfo);
195 } 200 }
  201 +
  202 + @ApiOperation(value = "给用户创建不时效的长访问token", notes = "给用户创建不时效的长访问token,方便用户进行API接口式的对接")
  203 + @PostMapping("creatAuthToken")
  204 + public ResultJson creatAuthToken(@RequestBody() USERS user){
  205 + if (user != null && StringUtils.isNotEmpty(user.getUsername())) {
  206 + UserDetails userDetails = userDetailService.loadUserByUsername(user.getUsername());
  207 + if (userDetails != null) {
  208 + String UUID_TOKEN = "sk-"+UUID.randomUUID().toString().replace("-","");
  209 + String tokenPrefix = "auth:api:" + user.getUsername() + ":";
  210 + String AUTH_TOKEN_KEY_NAME = tokenPrefix + UUID_TOKEN;
  211 + // 存储token值 方便后面查询及清理删除
  212 + redisUtils.set(tokenPrefix + "token",UUID_TOKEN);
  213 +
  214 + String json = JSON.toJSONString(userDetails);
  215 + redisUtils.set(AUTH_TOKEN_KEY_NAME, json );
  216 + return new ResultJson("200", "token设置成功",AUTH_TOKEN_KEY_NAME);
  217 + }
  218 + }
  219 + return new ResultJson("500","token设置失败");
  220 + }
  221 +
  222 + /**
  223 + * 查看已配置用户token的接口.
  224 + *
  225 + * @param username 用户名
  226 + * @return token值列表或错误信息
  227 + */
  228 + @ApiOperation(value = "查看已配置用户token的接口", notes = "查看已配置用户token的接口,方便后续清理及查询")
  229 + @GetMapping("viewAuthToken")
  230 + public ResultJson viewAuthToken(@RequestParam String username) {
  231 + if (StringUtils.isNotEmpty(username)) {
  232 + // 构造搜索的前缀,考虑到多个token可能与一个用户相关联
  233 + String keyName = "auth:api:" + username + ":token" ;
  234 +
  235 + if (keyName != null && !keyName.isEmpty()) {
  236 + // 将匹配到的key值转换为token列表返回给客户端
  237 + String token = redisUtils.get(keyName);
  238 + return new ResultJson("200", "找到" + username + "的token", token);
  239 + }
  240 + }
  241 +
  242 + // 如果未找到任何与username相关的key,返回错误信息
  243 + return new ResultJson("404", "没有找到" + username + "的token");
  244 + }
  245 +
  246 + @ApiOperation(value = "删除用户的长访问token", notes = "根据username删除对应的用户token")
  247 + @PostMapping("deleteAuthToken")
  248 + public ResultJson deleteAuthToken(@RequestParam String username){
  249 + if (StringUtils.isNotEmpty(username)) {
  250 + // 构建token前缀
  251 + String tokenPrefix = "auth:api:" + username + ":";
  252 +
  253 + // 尝试获取存储的token值,如果存在则删除
  254 + Object tokenObject = redisUtils.get(tokenPrefix + "token");
  255 + if (tokenObject != null) {
  256 + String UUID_TOKEN = (String) tokenObject;
  257 + String AUTH_TOKEN_KEY_NAME = tokenPrefix + UUID_TOKEN;
  258 +
  259 + // 删除相关的token键
  260 + redisUtils.del(tokenPrefix + "token");
  261 + redisUtils.del(AUTH_TOKEN_KEY_NAME);
  262 +
  263 + return new ResultJson("200", "token删除成功", username);
  264 + }
  265 + }
  266 +
  267 + return new ResultJson("500","删除token失败,可能用户未登录或无对应token");
  268 + }
196 } 269 }