认证相关

bae08055 · zhenjie · 3dc73409 · bae08055 · bae08055 · bae08055
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/DataFilterYml.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/DataFilterYml.java
+package com.mmc.iuav.user.auth;
+
+import org.springframework.beans.factory.config.YamlPropertiesFactoryBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.support.PropertySourcesPlaceholderConfigurer;
+import org.springframework.core.io.ClassPathResource;
+
+import java.util.Objects;
+
+/**
+ * Author: geDuo
+ * Date: 2022/6/2 17:26
+ */
+@Configuration
+public class DataFilterYml {
+
+    @Bean
+    public static PropertySourcesPlaceholderConfigurer loadYml(){
+        PropertySourcesPlaceholderConfigurer configurer=new PropertySourcesPlaceholderConfigurer();
+        YamlPropertiesFactoryBean yaml=new YamlPropertiesFactoryBean();
+        yaml.setResources(new ClassPathResource("not-check.yml"));
+        configurer.setProperties(Objects.requireNonNull(yaml.getObject()));
+        return configurer;
+    }
+}
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/MvcConfiguration.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/MvcConfiguration.java
+package com.mmc.iuav.user.auth;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * @author: zj
+ * @Date: 2023/5/28 10:52
+ */
+@Configuration
+public class MvcConfiguration implements WebMvcConfigurer {
+
+    @Autowired
+    private TokenCheckHandleInterceptor tokenCheckHandleInterceptor;
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(tokenCheckHandleInterceptor);
+        WebMvcConfigurer.super.addInterceptors(registry);
+    }
+}
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/NotCheckUriConfig.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/NotCheckUriConfig.java
+package com.mmc.iuav.user.auth;
+
+import lombok.Data;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+
+import java.util.List;
+
+/**
+ * @author: zj
+ * @Date: 2023/5/28 13:54
+ */
+@Data
+@Configuration
+@ConfigurationProperties(prefix = "data-filter", ignoreUnknownFields = false)
+@PropertySource("classpath:not-check.yml")
+public class NotCheckUriConfig {
+    // 不需要验证token的请求地址
+    private List<String> notAuthPath;
+    // 不需要验证token的请求地址;// 不需要验证token的请求地址
+    private List<String> uploadPath;
+}
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/TokenCheckHandleInterceptor.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/auth/TokenCheckHandleInterceptor.java
+package com.mmc.iuav.user.auth;
+
+import com.alibaba.fastjson2.JSONObject;
+import com.mmc.iuav.response.ResultBody;
+import com.mmc.iuav.response.ResultEnum;
+import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
+import com.mmc.iuav.user.util.PathUtil;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.stereotype.Component;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.PrintWriter;
+
+/**
+ * @author: zj
+ * @Date: 2023/5/28 10:46
+ */
+@Component
+public class TokenCheckHandleInterceptor implements HandlerInterceptor {
+
+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+
+    @Autowired
+    private NotCheckUriConfig notCheckUriConfig;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        String requestURI = request.getRequestURI();
+        //根据uri确认是否要拦截
+        if (!shouldFilter(requestURI)){
+            return true;
+        }
+        String token = request.getHeader("token");
+        String tokenJson = stringRedisTemplate.opsForValue().get(token);
+
+        if (StringUtils.isBlank(tokenJson)){
+            exceptionProcess(response);
+            return false;
+        }
+        LoginSuccessDTO loginSuccessDTO = JSONObject.parseObject(tokenJson, LoginSuccessDTO.class);
+        if (loginSuccessDTO != null){
+            request.setAttribute("userAccountId", loginSuccessDTO.getUserAccountId());
+        }
+        return true;
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+    }
+
+    public void exceptionProcess(HttpServletResponse response) throws Exception{
+        response.setContentType("application/json;charset=utf-8");
+        PrintWriter writer=response.getWriter();
+        writer.write(ResultBody.error(ResultEnum.LOGIN_ACCOUNT_STATUS_ERROR).toString());
+        writer.close();
+    }
+
+    private boolean shouldFilter(String path) {
+        // 路径与配置的相匹配，则执行过滤
+        for (String pathPattern : notCheckUriConfig.getNotAuthPath()) {
+            if (PathUtil.isPathMatch(pathPattern, path)) {
+                // 如果匹配
+                return false;
+            }
+        }
+        return true;
+    }
+}
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/AuthController.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/AuthController.java
@@ -11,6 +11,8 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;

+import javax.servlet.http.HttpServletRequest;
+
 /**
 * @author: zj
 * @Date: 2023/5/15 15:50

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/BackUserAccountController.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/BackUserAccountController.java
@@ -5,6 +5,7 @@ import com.mmc.iuav.group.Update;
 import com.mmc.iuav.group.UpdatePassword;
 import com.mmc.iuav.response.ResultBody;
 import com.mmc.iuav.user.model.dto.BaseAccountDTO;
+import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
 import com.mmc.iuav.user.model.dto.UserAccountSimpleDTO;
 import com.mmc.iuav.user.model.qo.BUserAccountQO;
 import com.mmc.iuav.user.model.vo.BUserAccountVO;
@@ -17,6 +18,7 @@ import org.springframework.web.bind.annotation.*;
 import springfox.documentation.annotations.ApiIgnore;

 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.security.NoSuchAlgorithmException;
 import java.util.List;

@@ -49,7 +51,7 @@ public class BackUserAccountController extends BaseController{
    @ApiOperation(value = "账号-删除")
    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
    @PostMapping("removeBAccount")
-    public ResultBody removeBAccount(@RequestParam Integer userAccountId) {
+    public ResultBody removeBAccount(@RequestParam Integer userAccountId, HttpServletRequest request) {
        return userAccountService.removeBAccount(userAccountId);
    }

@@ -88,6 +90,6 @@ public class BackUserAccountController extends BaseController{
    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
    @PostMapping("listTest")
    public ResultBody listTest(HttpServletRequest request) {
-        return ResultBody.success(this.getUserLoginInfo(request));
+        return ResultBody.success();
    }
 }
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/BaseController.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/BaseController.java
 package com.mmc.iuav.user.controller;

+import com.alibaba.fastjson2.JSONObject;
 import com.mmc.iuav.auth.JwtConstant;
 import com.mmc.iuav.auth.JwtUtil;
 import com.mmc.iuav.http.BizException;
+import com.mmc.iuav.response.ResultEnum;
 import com.mmc.iuav.user.model.dto.BaseAccountDTO;
+import com.mmc.iuav.user.model.dto.LoginSuccessDTO;
 import io.jsonwebtoken.Claims;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;

 import javax.servlet.http.HttpServletRequest;

@@ -14,21 +20,39 @@ import javax.servlet.http.HttpServletRequest;
 */
 public abstract class BaseController {

+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+
    /**
     * 解析token，获取用户信息
     * @param request
     * @return
     */
-    public BaseAccountDTO getUserLoginInfo(HttpServletRequest request) {
+//    public BaseAccountDTO getUserLoginInfo(HttpServletRequest request) {
+//        String token = request.getHeader("token");
+//        try {
+//            Claims claims = JwtUtil.parseJwt(token);
+//            String userId = claims.get(JwtConstant.USER_ACCOUNT_ID).toString();
+////        String roleId = claims.get("").toString();
+//            String tokenType = claims.get(JwtConstant.TOKEN_TYPE).toString();
+//            return BaseAccountDTO.builder().id(Integer.parseInt(userId)).tokenPort(tokenType).build();
+//        }catch (Exception e){
+//            throw new BizException("Invalid token");
+//        }
+//    }
+
+    /**
+     * 使用token从redis获取用户信息
+     * @param request
+     * @return
+     */
+    public LoginSuccessDTO getUserLoginInfoFromRedis(HttpServletRequest request) {
        String token = request.getHeader("token");
-        try {
-            Claims claims = JwtUtil.parseJwt(token);
-            String userId = claims.get(JwtConstant.USER_ACCOUNT_ID).toString();
-//        String roleId = claims.get("").toString();
-            String tokenType = claims.get(JwtConstant.TOKEN_TYPE).toString();
-            return BaseAccountDTO.builder().id(Integer.parseInt(userId)).tokenPort(tokenType).build();
-        }catch (Exception e){
-            throw new BizException("Invalid token");
+        String json = stringRedisTemplate.opsForValue().get(token);
+        if (StringUtils.isBlank(json)){
+            throw new BizException(ResultEnum.LOGIN_ACCOUNT_STATUS_ERROR);
        }
+        LoginSuccessDTO loginSuccessDTO = JSONObject.parseObject(json, LoginSuccessDTO.class);
+        return loginSuccessDTO;
    }
 }
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/UserAccountController.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/UserAccountController.java
@@ -29,7 +29,7 @@ public class UserAccountController extends BaseController{
    @ApiResponses({ @ApiResponse(code = 200, message = "OK", response = UserAccountVO.class) })
    @GetMapping("info")
    public ResultBody info(HttpServletRequest request) {
-        return ResultBody.success(userAccountService.getUserAccountById(this.getUserLoginInfo(request).getId()));
+        return ResultBody.success(userAccountService.getUserAccountById(this.getUserLoginInfoFromRedis(request).getUserAccountId()));
    }

    @ApiOperation(value = "修改用户信息")
@@ -58,7 +58,7 @@ public class UserAccountController extends BaseController{
    @GetMapping("getUserPhoneNumber")
    public ResultBody getUserPhoneNumber(HttpServletRequest request,
            @ApiParam(value = "授权手机号code", required = true) @RequestParam String code) {
-        return userAccountService.getUserPhoneNumber(this.getUserLoginInfo(request).getId(), code);
+        return userAccountService.getUserPhoneNumber(this.getUserLoginInfoFromRedis(request).getUserAccountId(), code);
    }

 }
--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/WxController.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/controller/WxController.java
@@ -27,7 +27,7 @@ public class WxController extends BaseController {
    @ApiResponses({ @ApiResponse(code = 200, message = "OK", response = String.class) })
    @PostMapping("getAppletRcdCode")
    public ResultBody getAppletRcdCode(HttpServletRequest request, @ApiParam(value = "小程序路径",example = "pages/welcome/index") @RequestParam String page) {
-        return wxService.getUnLimitedQRCode(page, "currentUserAccountId=" + this.getUserLoginInfo(request).getId());
+        return wxService.getUnLimitedQRCode(page, "currentUserAccountId=" + this.getUserLoginInfoFromRedis(request).getUserAccountId());
    }

    @ApiOperation(value = "小程序-测试专用")

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/AuthServiceImpl.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/service/impl/AuthServiceImpl.java
@@ -22,11 +22,13 @@ import com.mmc.iuav.user.service.WxService;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.stereotype.Service;

 import java.security.NoSuchAlgorithmException;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.concurrent.TimeUnit;

 /**
 * @author: zj
@@ -42,6 +44,9 @@ public class AuthServiceImpl implements AuthService {
    @Autowired
    private UserAccountService userAccountService;

+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+
    @Override
    public ResultBody appletLogin(WxLoginVO wxLoginVO) {
        String unionId;
@@ -99,6 +104,13 @@ public class AuthServiceImpl implements AuthService {
        map.put(JwtConstant.TOKEN_TYPE, JwtConstant.IUAV_TOKEN);
        String token = JwtUtil.createJwt(map);

+
+        LoginSuccessDTO loginSuccessDTO = LoginSuccessDTO.builder().token(token).userAccountId(userAccountVO.getId()).accountNo(userAccountVO.getAccountNo()).build();
+
+        stringRedisTemplate.opsForValue().set(
+                token, JSONObject.toJSONString(loginSuccessDTO),
+                JwtConstant.EXPIRATION, TimeUnit.MILLISECONDS);
+
        return ResultBody.success(AppUserSucVO.builder().token(token).uid(userAccountVO.getUid()).phoneNum(userAccountVO.getPhoneNum())
                .nickName(userAccountVO.getNickName()).userAccountId(userAccountVO.getId()).sessionKey(sessionKey).build());
    }
@@ -129,6 +141,12 @@ public class AuthServiceImpl implements AuthService {
        map.put(JwtConstant.TOKEN_TYPE, JwtConstant.M_TOKEN);
        String token = JwtUtil.createJwt(map);

+        LoginSuccessDTO loginSuccessDTO = LoginSuccessDTO.builder().token(token).userAccountId(user.getId()).accountNo(user.getAccountNo()).build();
+
+        stringRedisTemplate.opsForValue().set(
+                token, JSONObject.toJSONString(loginSuccessDTO),
+                JwtConstant.EXPIRATION, TimeUnit.MILLISECONDS);
+
        return ResultBody.success(LoginSuccessDTO.builder().token(token).userAccountId(user.getId()).accountNo(user.getAccountNo()).build());
    }

@@ -141,6 +159,11 @@ public class AuthServiceImpl implements AuthService {
            map.put(JwtConstant.TOKEN_TYPE, JwtConstant.IUAV_TOKEN);
            String token = JwtUtil.createJwt(map);

+            LoginSuccessDTO loginSuccessDTO = LoginSuccessDTO.builder().token(token).userAccountId(userAccountVO.getId()).accountNo(userAccountVO.getAccountNo()).build();
+            stringRedisTemplate.opsForValue().set(
+                    token, JSONObject.toJSONString(loginSuccessDTO),
+                    JwtConstant.EXPIRATION, TimeUnit.MILLISECONDS);
+
            return ResultBody.success(AppUserSucVO.builder().token(token).uid(userAccountVO.getUid()).phoneNum(userAccountVO.getPhoneNum())
                    .nickName(userAccountVO.getNickName()).userAccountId(userAccountVO.getId()).build());
        }

--- a/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/util/PathUtil.java
+++ b/csm-service/cms-service-user/src/main/java/com/mmc/iuav/user/util/PathUtil.java
+package com.mmc.iuav.user.util;
+
+import org.springframework.util.AntPathMatcher;
+
+/**
+ * @author 作者 geDuo
+ * @version 创建时间：2021年8月31日 下午3:29:28
+ * @explain 解析地址类
+ */
+public class PathUtil {
+	private static AntPathMatcher matcher = new AntPathMatcher();
+
+	public static boolean isPathMatch(String pattern, String path) {
+		return matcher.match(pattern, path);
+	}
+}
--- a/csm-service/cms-service-user/src/main/resources/not-check.yml
+++ b/csm-service/cms-service-user/src/main/resources/not-check.yml
+data-filter:
+  uploadPath: #不需要解析的body参数的地址
+    - /xxx/x
+  not-auth-path:
+    - /userapp/v2/**
+    - /userapp/doc.html
+    - /userapp/swagger-resources/**
+    - /userapp/webjars/**
+    - /userapp/auth/testAppletLogin
+    - /userapp/auth/backEndLogin
+    - /userapp/auth/testAppletLogin
+    - /userapp/cooperation/listTag