修改了权限认证,添加了账号过期时间的限制
This commit is contained in:
parent
046996bb78
commit
4133e08f46
@ -5,6 +5,7 @@ import com.xkrs.model.entity.SysUserEntity;
|
||||
import com.xkrs.service.SysAuthorityService;
|
||||
import com.xkrs.service.SysRoleService;
|
||||
import com.xkrs.service.SysUserService;
|
||||
import com.xkrs.utils.DateTimeUtil;
|
||||
import org.springframework.security.authentication.AuthenticationProvider;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.DisabledException;
|
||||
@ -16,6 +17,7 @@ import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import javax.annotation.Resource;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
@ -82,6 +84,12 @@ public class CustomAuthenticationProvider implements AuthenticationProvider {
|
||||
throw new DisabledException("用户状态不正常,请联系管理员");
|
||||
}
|
||||
|
||||
if(userEntity.getDayNum() == 7){
|
||||
if(DateTimeUtil.dateTimeToString(LocalDateTime.now()).compareTo(userEntity.getOverTime()) > 0){
|
||||
throw new DisabledException("该账号已过期,请联系管理员");
|
||||
}
|
||||
}
|
||||
|
||||
// 认证逻辑
|
||||
String encryptPassword = encry256(password + userEntity.getSalt());
|
||||
if (encryptPassword.equals(userEntity.getPassword())) {
|
||||
|
@ -3,6 +3,7 @@ package com.xkrs.common.account;
|
||||
import com.xkrs.common.encapsulation.OutputEncapsulation;
|
||||
import com.xkrs.common.encapsulation.PromptMessageEnum;
|
||||
import com.xkrs.model.entity.SysUserEntity;
|
||||
import com.xkrs.utils.DateTimeUtil;
|
||||
import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.security.Keys;
|
||||
@ -18,6 +19,8 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.time.Duration;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
@ -27,10 +30,7 @@ import java.util.*;
|
||||
public class TokenAuthenticationService {
|
||||
|
||||
private static final Logger logger = LoggerFactory.getLogger(TokenAuthenticationService.class);
|
||||
/**
|
||||
* 过期时间6小时
|
||||
*/
|
||||
static public final long EXPIRATIONTIME = 21_600_000;
|
||||
|
||||
/**
|
||||
* 加密密钥
|
||||
*/
|
||||
@ -70,21 +70,53 @@ public class TokenAuthenticationService {
|
||||
}else{
|
||||
logger.warn(userName +" has no permission!");
|
||||
}
|
||||
// 生成JWT
|
||||
String jwt = Jwts.builder()
|
||||
.setSubject(userName)
|
||||
.setIssuer("https://www.microservice.com")
|
||||
.setAudience(userName)
|
||||
// 保存权限
|
||||
.claim("auths", authsList)
|
||||
// 有效期设置
|
||||
.setExpiration(new Date(System.currentTimeMillis() + EXPIRATIONTIME))
|
||||
// 签名设置
|
||||
.signWith(key)
|
||||
.compact();
|
||||
map.put("token",jwt);
|
||||
map.put("role",authsList);
|
||||
map.put("user",sysUserEntity);
|
||||
if(sysUserEntity.getDayNum() == 7){
|
||||
// 结束的时间
|
||||
LocalDateTime overTime = DateTimeUtil.stringToDateTime(sysUserEntity.getOverTime());
|
||||
// 计算距离结束时间的天数作为token
|
||||
Duration duration = Duration.between(LocalDateTime.now(), overTime);
|
||||
/**
|
||||
* 动态设置过期时间
|
||||
*/
|
||||
final long EXPIRATIONTIME = 60 * 60 * 24L * duration.toDays();
|
||||
|
||||
// 生成JWT
|
||||
String jwt = Jwts.builder()
|
||||
.setSubject(userName)
|
||||
.setIssuer("https://www.microservice.com")
|
||||
.setAudience(userName)
|
||||
// 保存权限
|
||||
.claim("auths", authsList)
|
||||
// 有效期设置
|
||||
.setExpiration(new Date(System.currentTimeMillis() + EXPIRATIONTIME))
|
||||
// 签名设置
|
||||
.signWith(key)
|
||||
.compact();
|
||||
map.put("token",jwt);
|
||||
map.put("role",authsList);
|
||||
map.put("user",sysUserEntity);
|
||||
}else {
|
||||
/**
|
||||
* 过期时间6小时
|
||||
*/
|
||||
final long EXPIRATIONTIME = 21_600_000;
|
||||
|
||||
// 生成JWT
|
||||
String jwt = Jwts.builder()
|
||||
.setSubject(userName)
|
||||
.setIssuer("https://www.microservice.com")
|
||||
.setAudience(userName)
|
||||
// 保存权限
|
||||
.claim("auths", authsList)
|
||||
// 有效期设置
|
||||
.setExpiration(new Date(System.currentTimeMillis() + EXPIRATIONTIME))
|
||||
// 签名设置
|
||||
.signWith(key)
|
||||
.compact();
|
||||
map.put("token",jwt);
|
||||
map.put("role",authsList);
|
||||
map.put("user",sysUserEntity);
|
||||
}
|
||||
// 将 JWT 写入 body
|
||||
PrintWriter out = null;
|
||||
try {
|
||||
|
@ -1,13 +1,15 @@
|
||||
package com.xkrs.controller;
|
||||
|
||||
import com.xkrs.common.encapsulation.PromptMessageEnum;
|
||||
import com.xkrs.common.tool.TokenUtil;
|
||||
import com.xkrs.dao.SysUserDao;
|
||||
import com.xkrs.model.entity.FirePointEntity;
|
||||
import com.xkrs.model.entity.SysUserEntity;
|
||||
import com.xkrs.model.qo.FirePointQo;
|
||||
import com.xkrs.service.FirePointService;
|
||||
import org.springframework.context.i18n.LocaleContextHolder;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.Locale;
|
||||
@ -18,11 +20,14 @@ import static com.xkrs.common.encapsulation.OutputEncapsulation.outputEncapsulat
|
||||
* @author XinYi Song
|
||||
*/
|
||||
@RestController
|
||||
public class FirePointServiceController {
|
||||
public class FirePointController {
|
||||
|
||||
@Resource
|
||||
private FirePointService firePointService;
|
||||
|
||||
@Resource
|
||||
private SysUserDao sysUserDao;
|
||||
|
||||
/**
|
||||
* 添加火点数据
|
||||
* @param firePointQo
|
||||
@ -39,4 +44,23 @@ public class FirePointServiceController {
|
||||
return outputEncapsulationObject(PromptMessageEnum.SUCCESS,"添加成功",locale);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 测试
|
||||
* @param token
|
||||
* @return
|
||||
*/
|
||||
@GetMapping("/selectUserName")
|
||||
@PreAuthorize("hasAnyAuthority('auth_general_user')")
|
||||
public String selectUserName(@RequestHeader(value="Authorization") String token){
|
||||
// 获取区域信息
|
||||
Locale locale = LocaleContextHolder.getLocale();
|
||||
// 验证token
|
||||
String tokenUserName = TokenUtil.getTokenUserName(token);
|
||||
SysUserEntity sysUserEntity = sysUserDao.selectByUserName(tokenUserName);
|
||||
if(sysUserEntity == null){
|
||||
return outputEncapsulationObject(PromptMessageEnum.USER_LOGIN_ERROR,"您还没有注册登录,请先注册登录",locale);
|
||||
}
|
||||
return outputEncapsulationObject(PromptMessageEnum.SUCCESS,sysUserEntity.getUserName(),locale);
|
||||
}
|
||||
}
|
@ -82,7 +82,7 @@ public interface SysUserDao extends JpaRepository<SysUserEntity,Integer> {
|
||||
* 查询用户信息
|
||||
* @return
|
||||
*/
|
||||
@Query(value = "select new com.xkrs.model.vo.SysUserVo (id,reallyName,telephone,userDepartment,activeFlag,addTime) " +
|
||||
@Query(value = "select new com.xkrs.model.vo.SysUserVo (id,reallyName,telephone,countyCode,activeFlag,addTime) " +
|
||||
"from SysUserEntity")
|
||||
List<SysUserVo> selectAll();
|
||||
|
||||
|
@ -45,11 +45,8 @@ public class SysUserEntity implements Serializable {
|
||||
@Column(length = 16, unique = true, columnDefinition = "varchar(16)")
|
||||
private String telephone;
|
||||
|
||||
/**
|
||||
* 所在部门
|
||||
*/
|
||||
@Column(length = 32, columnDefinition = "varchar(32)")
|
||||
private String userDepartment;
|
||||
private String countyCode;
|
||||
|
||||
@Column(columnDefinition = "varchar(192)")
|
||||
private String signature;
|
||||
@ -61,7 +58,7 @@ public class SysUserEntity implements Serializable {
|
||||
private Integer statusCode;
|
||||
|
||||
@Column(nullable = false)
|
||||
private LocalDateTime addTime;
|
||||
private String addTime;
|
||||
|
||||
private LocalDateTime lastEntryTime;
|
||||
|
||||
@ -76,6 +73,11 @@ public class SysUserEntity implements Serializable {
|
||||
*/
|
||||
private Integer dayNum;
|
||||
|
||||
/**
|
||||
* 账号到期的时间
|
||||
*/
|
||||
private String overTime;
|
||||
|
||||
public Integer getId() {
|
||||
return id;
|
||||
}
|
||||
@ -124,12 +126,12 @@ public class SysUserEntity implements Serializable {
|
||||
this.telephone = telephone;
|
||||
}
|
||||
|
||||
public String getUserDepartment() {
|
||||
return userDepartment;
|
||||
public String getCountyCode() {
|
||||
return countyCode;
|
||||
}
|
||||
|
||||
public void setUserDepartment(String userDepartment) {
|
||||
this.userDepartment = userDepartment;
|
||||
public void setCountyCode(String countyCode) {
|
||||
this.countyCode = countyCode;
|
||||
}
|
||||
|
||||
public String getSignature() {
|
||||
@ -156,11 +158,11 @@ public class SysUserEntity implements Serializable {
|
||||
this.statusCode = statusCode;
|
||||
}
|
||||
|
||||
public LocalDateTime getAddTime() {
|
||||
public String getAddTime() {
|
||||
return addTime;
|
||||
}
|
||||
|
||||
public void setAddTime(LocalDateTime addTime) {
|
||||
public void setAddTime(String addTime) {
|
||||
this.addTime = addTime;
|
||||
}
|
||||
|
||||
@ -196,6 +198,14 @@ public class SysUserEntity implements Serializable {
|
||||
this.dayNum = dayNum;
|
||||
}
|
||||
|
||||
public String getOverTime() {
|
||||
return overTime;
|
||||
}
|
||||
|
||||
public void setOverTime(String overTime) {
|
||||
this.overTime = overTime;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "SysUserEntity{" +
|
||||
@ -205,15 +215,16 @@ public class SysUserEntity implements Serializable {
|
||||
", password='" + password + '\'' +
|
||||
", salt='" + salt + '\'' +
|
||||
", telephone='" + telephone + '\'' +
|
||||
", userDepartment='" + userDepartment + '\'' +
|
||||
", countyCode='" + countyCode + '\'' +
|
||||
", signature='" + signature + '\'' +
|
||||
", activeFlag=" + activeFlag +
|
||||
", statusCode=" + statusCode +
|
||||
", addTime=" + addTime +
|
||||
", addTime='" + addTime + '\'' +
|
||||
", lastEntryTime=" + lastEntryTime +
|
||||
", deleteFlag=" + deleteFlag +
|
||||
", lastEntryIp='" + lastEntryIp + '\'' +
|
||||
", dayNum=" + dayNum +
|
||||
", overTime='" + overTime + '\'' +
|
||||
'}';
|
||||
}
|
||||
}
|
||||
|
@ -47,7 +47,7 @@ public class SysUserQo {
|
||||
@Range(min=0,max=2,message = "{SysUser.statusCode.illegal}",groups = {SysUserQoInsert.class, SysUserQoUpdate.class})
|
||||
private Integer statusCode;
|
||||
|
||||
private String userDepartment;
|
||||
private String countyCode;
|
||||
|
||||
@NotNull(message = "{SysUser.deleteFlag.null}",groups={SysUserQoUpdate.class})
|
||||
private Integer deleteFlag;
|
||||
@ -104,12 +104,12 @@ public class SysUserQo {
|
||||
this.statusCode = statusCode;
|
||||
}
|
||||
|
||||
public String getUserDepartment() {
|
||||
return userDepartment;
|
||||
public String getCountyCode() {
|
||||
return countyCode;
|
||||
}
|
||||
|
||||
public void setUserDepartment(String userDepartment) {
|
||||
this.userDepartment = userDepartment;
|
||||
public void setCountyCode(String countyCode) {
|
||||
this.countyCode = countyCode;
|
||||
}
|
||||
|
||||
public Integer getDeleteFlag() {
|
||||
|
@ -14,17 +14,17 @@ public class SysUserVo implements Serializable {
|
||||
|
||||
private String telephone;
|
||||
|
||||
private String userDepartment;
|
||||
private String countyCode;
|
||||
|
||||
private Integer activeFlag;
|
||||
|
||||
private LocalDateTime addTime;
|
||||
private String addTime;
|
||||
|
||||
public SysUserVo(Integer id, String reallyName, String telephone, String userDepartment, Integer activeFlag, LocalDateTime addTime) {
|
||||
public SysUserVo(Integer id, String reallyName, String telephone, String countyCode, Integer activeFlag, String addTime) {
|
||||
this.id = id;
|
||||
this.reallyName = reallyName;
|
||||
this.telephone = telephone;
|
||||
this.userDepartment = userDepartment;
|
||||
this.countyCode = countyCode;
|
||||
this.activeFlag = activeFlag;
|
||||
this.addTime = addTime;
|
||||
}
|
||||
@ -53,12 +53,12 @@ public class SysUserVo implements Serializable {
|
||||
this.telephone = telephone;
|
||||
}
|
||||
|
||||
public String getUserDepartment() {
|
||||
return userDepartment;
|
||||
public String getCountyCode() {
|
||||
return countyCode;
|
||||
}
|
||||
|
||||
public void setUserDepartment(String userDepartment) {
|
||||
this.userDepartment = userDepartment;
|
||||
public void setCountyCode(String countyCode) {
|
||||
this.countyCode = countyCode;
|
||||
}
|
||||
|
||||
public Integer getActiveFlag() {
|
||||
@ -69,11 +69,11 @@ public class SysUserVo implements Serializable {
|
||||
this.activeFlag = activeFlag;
|
||||
}
|
||||
|
||||
public LocalDateTime getAddTime() {
|
||||
public String getAddTime() {
|
||||
return addTime;
|
||||
}
|
||||
|
||||
public void setAddTime(LocalDateTime addTime) {
|
||||
public void setAddTime(String addTime) {
|
||||
this.addTime = addTime;
|
||||
}
|
||||
|
||||
@ -83,9 +83,9 @@ public class SysUserVo implements Serializable {
|
||||
"id=" + id +
|
||||
", reallyName='" + reallyName + '\'' +
|
||||
", telephone='" + telephone + '\'' +
|
||||
", userDepartment='" + userDepartment + '\'' +
|
||||
", countyCode='" + countyCode + '\'' +
|
||||
", activeFlag=" + activeFlag +
|
||||
", addTime=" + addTime +
|
||||
", addTime='" + addTime + '\'' +
|
||||
'}';
|
||||
}
|
||||
}
|
||||
|
@ -12,6 +12,7 @@ import com.xkrs.model.entity.SysUserEntity;
|
||||
import com.xkrs.model.qo.SysUserQo;
|
||||
import com.xkrs.model.vo.SysUserVo;
|
||||
import com.xkrs.service.SysUserService;
|
||||
import com.xkrs.utils.DateTimeUtil;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.context.i18n.LocaleContextHolder;
|
||||
@ -20,10 +21,12 @@ import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.time.LocalDateTime;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
|
||||
import static com.xkrs.common.encapsulation.OutputEncapsulation.outputEncapsulationObject;
|
||||
import static com.xkrs.utils.DateTimeUtil.dateTimeToString;
|
||||
import static com.xkrs.utils.DateTimeUtil.getNowTime;
|
||||
import static com.xkrs.utils.EncryptDecryptUtil.encry256;
|
||||
|
||||
@ -73,12 +76,14 @@ public class SysUserServiceImpl implements SysUserService {
|
||||
sysUserEntity.setSalt(salt);
|
||||
sysUserEntity.setPassword(encry256(sysUserQo.getPassword() + salt));
|
||||
sysUserEntity.setTelephone(sysUserQo.getUserName());
|
||||
sysUserEntity.setUserDepartment(sysUserQo.getUserDepartment());
|
||||
sysUserEntity.setCountyCode(sysUserQo.getCountyCode());
|
||||
sysUserEntity.setActiveFlag(0);
|
||||
sysUserEntity.setStatusCode(0);
|
||||
sysUserEntity.setAddTime(getNowTime());
|
||||
sysUserEntity.setAddTime(dateTimeToString(LocalDateTime.now()));
|
||||
sysUserEntity.setDeleteFlag(0);
|
||||
sysUserEntity.setDayNum(7);
|
||||
String string = dateTimeToString(LocalDateTime.now().plusDays(7L));
|
||||
sysUserEntity.setOverTime(string);
|
||||
|
||||
sysUserDao.save(sysUserEntity);
|
||||
|
||||
|
@ -1,9 +1,6 @@
|
||||
package com.xkrs.utils;
|
||||
|
||||
import java.time.Instant;
|
||||
import java.time.LocalDate;
|
||||
import java.time.LocalDateTime;
|
||||
import java.time.ZoneOffset;
|
||||
import java.time.*;
|
||||
import java.time.format.DateTimeFormatter;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
@ -217,6 +214,17 @@ public class DateTimeUtil {
|
||||
//long l = dateToTimeMillis(LocalDateTime.now());
|
||||
//timeMillisToString(1626082306233)
|
||||
//System.out.println(l);
|
||||
/*LocalDateTime date3 = LocalDateTime.now();
|
||||
LocalDateTime date4 = LocalDateTime.of(2021, 7, 16, 22, 30, 10);
|
||||
Duration duration = Duration.between(date3, date4);
|
||||
long l = duration.toDays();
|
||||
long i = 60*60*l;
|
||||
System.out.println(i);*/
|
||||
String s = "3600";
|
||||
String[] split = s.split("0");
|
||||
for (int i = 0; i < split.length; i++) {
|
||||
System.out.println(split[i]);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user