朱兆平 / spring cloud基础开发框架 · 提交

转到一个项目

作者 朱兆平
提交 cca3ee96ae250a2000dccdedae0ea324a718c86b 1 个父辈 0d9a223a

更新token处理

内嵌 并排对比
正在显示 4 个修改的文件 包含 32 行增加26 行删除
1 package com.tianbo.warehouse.bean; 1 package com.tianbo.warehouse.bean;
2 2
  3 +import lombok.Data;
3 import org.springframework.security.core.Authentication; 4 import org.springframework.security.core.Authentication;
4 5
5 import java.io.Serializable; 6 import java.io.Serializable;
6 import java.util.Map; 7 import java.util.Map;
7 - 8 +@Data
8 public class AuthSuccessResponse implements Serializable{ 9 public class AuthSuccessResponse implements Serializable{
9 10
10 private static final long serialVersionUID = 1L; 11 private static final long serialVersionUID = 1L;
11 12
12 - private Authentication authentication; 13 + private Object authentication;
13 14
14 private Map<String,Object> loginUserMenus; 15 private Map<String,Object> loginUserMenus;
15 16
16 - public AuthSuccessResponse (Authentication authentication,Map<String,Object> loginUserMenus){ 17 + public AuthSuccessResponse (Object authentication,Map<String,Object> loginUserMenus){
17 this.authentication= authentication; 18 this.authentication= authentication;
18 this.loginUserMenus = loginUserMenus; 19 this.loginUserMenus = loginUserMenus;
19 } 20 }
20 21
21 - public Authentication getAuthentication() {  
22 - return authentication;  
23 - }  
24 -  
25 - public void setAuthentication(Authentication authentication) {  
26 - this.authentication = authentication;  
27 - }  
28 -  
29 - public Map<String, Object> getLoginUserMenus() {  
30 - return loginUserMenus;  
31 - }  
32 -  
33 - public void setLoginUserMenus(Map<String, Object> loginUserMenus) {  
34 - this.loginUserMenus = loginUserMenus;  
35 - }  
36 } 22 }
@@ -54,6 +54,8 @@ public class USERS implements UserDetails { @@ -54,6 +54,8 @@ public class USERS implements UserDetails {
54 54
55 private Integer age; 55 private Integer age;
56 56
  57 + private String token;
  58 +
57 @JSONField(serialzeFeatures= {SerializerFeature.WriteMapNullValue,SerializerFeature.WriteNullStringAsEmpty}) 59 @JSONField(serialzeFeatures= {SerializerFeature.WriteMapNullValue,SerializerFeature.WriteNullStringAsEmpty})
58 private List<ROLE> roles; 60 private List<ROLE> roles;
59 61
@@ -190,6 +192,14 @@ public class USERS implements UserDetails { @@ -190,6 +192,14 @@ public class USERS implements UserDetails {
190 this.permissions = permissions; 192 this.permissions = permissions;
191 } 193 }
192 194
  195 + public String getToken() {
  196 + return token;
  197 + }
  198 +
  199 + public void setToken(String token) {
  200 + this.token = token;
  201 + }
  202 +
193 /** 203 /**
194 * 204 *
195 * @return 账户未过期 205 * @return 账户未过期
@@ -51,19 +51,24 @@ public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticat @@ -51,19 +51,24 @@ public class MyAuthenticationSuccessHandler extends SavedRequestAwareAuthenticat
51 if (LoginType.JSON.equals(securityProperties.getBrowser().getLoginType())){ 51 if (LoginType.JSON.equals(securityProperties.getBrowser().getLoginType())){
52 //将 authention 信息打包成json格式返回 52 //将 authention 信息打包成json格式返回
53 response.setContentType("application/json;charset=UTF-8"); 53 response.setContentType("application/json;charset=UTF-8");
54 - response.setHeader("Access-Control-Allow-Origin","*"); 54 +// response.setHeader("Access-Control-Allow-Origin","*");
55 55
56 56
57 - USERS loginedUser = (USERS) authentication.getPrincipal();  
58 - //返回前端的数据安全起见把password去掉  
59 - loginedUser.setPassword(null); 57 + USERS user = (USERS) authentication.getPrincipal();
60 58
61 - //设置用户的TOKEN的有效时间,下面是300秒=5分钟 59 + //返回前端登陆成功后的用户信息
  60 + USERS loginedUser = new USERS();
  61 + loginedUser.setUsername(user.getUsername());
  62 + loginedUser.setUserface(user.getUserface());
  63 +
  64 +
  65 + //设置用户的TOKEN的有效时间,时间配置在配置文件中设置
62 String jwtToken = JwtTokenUtil.generateToken(loginedUser.getUsername(), jwtMaxAlive); 66 String jwtToken = JwtTokenUtil.generateToken(loginedUser.getUsername(), jwtMaxAlive);
63 - response.setHeader("Authorization",jwtToken); 67 + loginedUser.setToken(jwtToken);
64 68
65 - Map<String,Object> menuMap = permissionService.getUserMenus(loginedUser.getUserId());  
66 - response.getWriter().write(objectMapper.writeValueAsString(new AuthSuccessResponse(authentication,menuMap))); 69 + Map<String,Object> menuMap = permissionService.getUserMenus(user.getUserId());
  70 + //返回用户信息和用户可访问的目录列表
  71 + response.getWriter().write(objectMapper.writeValueAsString(new AuthSuccessResponse(loginedUser,menuMap)));
67 }else { 72 }else {
68 //走原来的处理流程 73 //走原来的处理流程
69 SavedRequest savedRequest = this.requestCache.getRequest(request, response); 74 SavedRequest savedRequest = this.requestCache.getRequest(request, response);
@@ -11,6 +11,10 @@ import javax.servlet.http.HttpServletResponse; @@ -11,6 +11,10 @@ import javax.servlet.http.HttpServletResponse;
11 import java.io.IOException; 11 import java.io.IOException;
12 import java.io.PrintWriter; 12 import java.io.PrintWriter;
13 13
  14 +/**
  15 + * 用户退出登录后的处理
  16 + * @// TODO: 2019/4/18 用户退出登陆后 要做清除jwt token的处理
  17 + */
14 @Component 18 @Component
15 public class MyLogoutSuccessHandler implements LogoutSuccessHandler { 19 public class MyLogoutSuccessHandler implements LogoutSuccessHandler {
16 20
@@ -23,6 +27,7 @@ public class MyLogoutSuccessHandler implements LogoutSuccessHandler { @@ -23,6 +27,7 @@ public class MyLogoutSuccessHandler implements LogoutSuccessHandler {
23 out.write(om.writeValueAsString(authentication)); 27 out.write(om.writeValueAsString(authentication));
24 out.flush(); 28 out.flush();
25 out.close(); 29 out.close();
  30 +
26 } 31 }
27 32
28 } 33 }