朱兆平 / spring cloud基础开发框架 · 提交

转到一个项目

作者 朱兆平
提交 cca3ee96ae250a2000dccdedae0ea324a718c86b 1 个父辈 0d9a223a

更新token处理

内嵌 并排对比
正在显示 4 个修改的文件 包含 32 行增加26 行删除
package com.tianbo.warehouse.bean;
import lombok.Data;
import org.springframework.security.core.Authentication;
import java.io.Serializable;
import java.util.Map;
@Data
public class AuthSuccessResponse implements Serializable{
private static final long serialVersionUID = 1L;
private Authentication authentication;
private Object authentication;
private Map<String,Object> loginUserMenus;
public AuthSuccessResponse (Authentication authentication,Map<String,Object> loginUserMenus){
public AuthSuccessResponse (Object authentication,Map<String,Object> loginUserMenus){
this.authentication= authentication;
this.loginUserMenus = loginUserMenus;
}
public Authentication getAuthentication() {
return authentication;
}
public void setAuthentication(Authentication authentication) {
this.authentication = authentication;
}
public Map<String, Object> getLoginUserMenus() {
return loginUserMenus;
}
public void setLoginUserMenus(Map<String, Object> loginUserMenus) {
this.loginUserMenus = loginUserMenus;
}
}
... ...
... ... @@ -54,6 +54,8 @@ public class USERS implements UserDetails {
private Integer age;
private String token;
@JSONField(serialzeFeatures= {SerializerFeature.WriteMapNullValue,SerializerFeature.WriteNullStringAsEmpty})
private List<ROLE> roles;
... ... @@ -190,6 +192,14 @@ public class USERS implements UserDetails {
this.permissions = permissions;
}
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
/**
*
* @return 账户未过期
... ...
... ... @@ -51,19 +51,24 @@ public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticat
if (LoginType.JSON.equals(securityProperties.getBrowser().getLoginType())){
//将 authention 信息打包成json格式返回
response.setContentType("application/json;charset=UTF-8");
response.setHeader("Access-Control-Allow-Origin","*");
// response.setHeader("Access-Control-Allow-Origin","*");
USERS loginedUser = (USERS) authentication.getPrincipal();
//返回前端的数据安全起见把password去掉
loginedUser.setPassword(null);
USERS user = (USERS) authentication.getPrincipal();
//设置用户的TOKEN的有效时间,下面是300秒=5分钟
//返回前端登陆成功后的用户信息
USERS loginedUser = new USERS();
loginedUser.setUsername(user.getUsername());
loginedUser.setUserface(user.getUserface());
//设置用户的TOKEN的有效时间,时间配置在配置文件中设置
String jwtToken = JwtTokenUtil.generateToken(loginedUser.getUsername(), jwtMaxAlive);
response.setHeader("Authorization",jwtToken);
loginedUser.setToken(jwtToken);
Map<String,Object> menuMap = permissionService.getUserMenus(loginedUser.getUserId());
response.getWriter().write(objectMapper.writeValueAsString(new AuthSuccessResponse(authentication,menuMap)));
Map<String,Object> menuMap = permissionService.getUserMenus(user.getUserId());
//返回用户信息和用户可访问的目录列表
response.getWriter().write(objectMapper.writeValueAsString(new AuthSuccessResponse(loginedUser,menuMap)));
}else {
//走原来的处理流程
SavedRequest savedRequest = this.requestCache.getRequest(request, response);
... ...
... ... @@ -11,6 +11,10 @@ import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
/**
* 用户退出登录后的处理
* @// TODO: 2019/4/18 用户退出登陆后 要做清除jwt token的处理
*/
@Component
public class MyLogoutSuccessHandler implements LogoutSuccessHandler {
... ... @@ -23,6 +27,7 @@ public class MyLogoutSuccessHandler implements LogoutSuccessHandler {
out.write(om.writeValueAsString(authentication));
out.flush();
out.close();
}
}
... ...