From 7ebfa2e67f3c69a6973aa2cbf46a9c493c311010 Mon Sep 17 00:00:00 2001
From: liyj <1003249715@qq.com>
Date: Sat, 17 Aug 2024 16:00:37 +0800
Subject: [PATCH] 1、get忽略target文件夹 2、jwt优化
---
dyh-service/dyh-cust/src/main/resources/config/application.yml | 2
.gitignore | 2
dyh-gateway/src/main/resources/config/application.yml | 2
dyh-service/dyh-cust/src/main/java/cn/huge/module/utils/JwtUtils.java | 43 ++++----------
dyh-service/dyh-cust/src/test/java/cn/huge/module/DyhCustApplicationTest.java | 1
dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java | 75 ++++++++++--------------
6 files changed, 51 insertions(+), 74 deletions(-)
diff --git a/.gitignore b/.gitignore
index a6514fb..a0aad76 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,4 +18,6 @@
dyh-service/dyh-sys/target/
dyh-service/dyh-utils/logs/
dyh-service/dyh-utils/target/
+dyh-service/dyh-sync/logs/
+dyh-service/dyh-sync/target/
logs/
diff --git a/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java b/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
index f4829ee..bf68357 100644
--- a/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
+++ b/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
@@ -46,16 +46,14 @@
@Value("${jwt.secret-key}")
private String secretKey;
+ @Value("${jwt.iss_user.format}")
+ private String issUser;
+
@Value("${jwt.auth-skip-urls}")
private String[] skipAuthUrls;
@Value("${jwt.blacklist-key.format}")
private String jwtBlacklistKeyFormat;
-
- /**
- * jwt用户
- */
- private static String ISSUSER = "HUGEINFO";
@Override
public int getOrder() {
@@ -89,52 +87,43 @@
if (status) {
return chain.filter(exchange);
} else {
- // todo 运营中心暂时写死token
- if (url.indexOf("dyh-oper") != -1) {
- String userId = "10001";
- ServerHttpRequest mutableReq = null;
- exchange.getRequest().mutate().header("Authorization-userId", userId).build();
- ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
- return chain.filter(mutableExchange);
+ //从请求头中取出token
+ String token = exchange.getRequest().getHeaders().getFirst("Authorization");
+ //未携带token或token在黑名单内
+ if (StringUtils.isEmpty(token) || isBlackToken(token)) {
+ ServerHttpResponse originalResponse = exchange.getResponse();
+ originalResponse.setStatusCode(HttpStatus.OK);
+ originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
+ byte[] response = "{\"code\": \"401\",\"msg\": \"用户未登录,请进行登录!\"}"
+ .getBytes(StandardCharsets.UTF_8);
+ DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
+ return originalResponse.writeWith(Flux.just(buffer));
} else {
- //从请求头中取出token
- String token = exchange.getRequest().getHeaders().getFirst("Authorization");
- //未携带token或token在黑名单内
- if (StringUtils.isEmpty(token) || isBlackToken(token)) {
+ //取出token包含的身份
+ Map<String, Object> result = verifyJWT(token);
+ int code = (int) result.get("code");
+ if (code != 0) {
ServerHttpResponse originalResponse = exchange.getResponse();
originalResponse.setStatusCode(HttpStatus.OK);
originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
- byte[] response = "{\"code\": \"401\",\"msg\": \"用户未登录,请进行登录!\"}"
- .getBytes(StandardCharsets.UTF_8);
+ String responseResult = "{\"code\": \"" + code + "\", \"msg\": \"" + result.get("msg") + "\"}";
+ byte[] response = responseResult.getBytes(StandardCharsets.UTF_8);
DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
return originalResponse.writeWith(Flux.just(buffer));
} else {
- //取出token包含的身份
- Map<String, Object> result = verifyJWT(token);
- int code = (int) result.get("code");
- if (code != 0) {
- ServerHttpResponse originalResponse = exchange.getResponse();
- originalResponse.setStatusCode(HttpStatus.OK);
- originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
- String responseResult = "{\"code\": \"" + code + "\", \"msg\": \"" + result.get("msg") + "\"}";
- byte[] response = responseResult.getBytes(StandardCharsets.UTF_8);
- DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
- return originalResponse.writeWith(Flux.just(buffer));
+ //将现在的request,添加当前身份
+ String userId = (String) result.get("userId");
+ ServerHttpRequest mutableReq = null;
+ String custId = (String) result.get("custId");
+ if (StringUtils.isNotEmpty(custId)) {
+ URI uri = exchange.getRequest().getURI();
+ URI newUri = assembleUri(uri, custId);
+ exchange.getRequest().mutate().uri(newUri).header("Authorization-userId", userId).header("Authorization-custId", custId).build();
} else {
- //将现在的request,添加当前身份
- String userId = (String) result.get("userId");
- ServerHttpRequest mutableReq = null;
- String custId = (String) result.get("custId");
- if (StringUtils.isNotEmpty(custId)) {
- URI uri = exchange.getRequest().getURI();
- URI newUri = assembleUri(uri, custId);
- exchange.getRequest().mutate().uri(newUri).header("Authorization-userId", userId).header("Authorization-custId", custId).build();
- } else {
- exchange.getRequest().mutate().header("Authorization-userId", userId).build();
- }
- ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
- return chain.filter(mutableExchange);
+ exchange.getRequest().mutate().header("Authorization-userId", userId).build();
}
+ ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
+ return chain.filter(mutableExchange);
}
}
}
@@ -151,7 +140,7 @@
try {
Algorithm algorithm = Algorithm.HMAC256(secretKey);
JWTVerifier verifier = JWT.require(algorithm)
- .withIssuer(ISSUSER)
+ .withIssuer(issUser)
.build();
DecodedJWT jwt = verifier.verify(token);
String userId = jwt.getClaim("userId").asString();
diff --git a/dyh-gateway/src/main/resources/config/application.yml b/dyh-gateway/src/main/resources/config/application.yml
index b617902..da3a3a2 100644
--- a/dyh-gateway/src/main/resources/config/application.yml
+++ b/dyh-gateway/src/main/resources/config/application.yml
@@ -39,6 +39,8 @@
jwt:
#jwt生成密钥
secret-key: asdfghjkl
+ #用户
+ iss_user: HUGEINFO
refresh-token-key:
#refreshToken 存储key
format: JWT_REFRESH_TOKEN::%s
diff --git a/dyh-service/dyh-base/src/main/java/cn/huge/base/common/utils/JwtUtils.java b/dyh-service/dyh-cust/src/main/java/cn/huge/module/utils/JwtUtils.java
similarity index 82%
rename from dyh-service/dyh-base/src/main/java/cn/huge/base/common/utils/JwtUtils.java
rename to dyh-service/dyh-cust/src/main/java/cn/huge/module/utils/JwtUtils.java
index fe18821..341efd9 100644
--- a/dyh-service/dyh-base/src/main/java/cn/huge/base/common/utils/JwtUtils.java
+++ b/dyh-service/dyh-cust/src/main/java/cn/huge/module/utils/JwtUtils.java
@@ -1,4 +1,4 @@
-package cn.huge.base.common.utils;
+package cn.huge.module.utils;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
@@ -22,6 +22,11 @@
* jwt生成密钥
*/
public static String secretKey;
+
+ /**
+ * jwt生成密钥
+ */
+ public static String issUser;
/**
* token过期时间:4小时
@@ -48,6 +53,11 @@
secretKey = secret_Key;
}
+ @Value("${jwt.iss_user}")
+ public void setIssUser(String iss_user) {
+ issUser = iss_user;
+ }
+
@Value("${jwt.token.expire-time}")
public void setTokenExpireTime(long token_expire_time) {
tokenExpireTime = token_expire_time;
@@ -69,11 +79,6 @@
}
/**
- * jwt用户
- */
- private static String ISSUSER = "HUGEINFO";
-
- /**
* 生成token
* @param userId 登录用户标识
* @return String
@@ -83,7 +88,7 @@
Date now = new Date();
Algorithm algo = Algorithm.HMAC256(secretKey);
String token = JWT.create()
- .withIssuer(ISSUSER)
+ .withIssuer(issUser)
.withIssuedAt(now)
.withExpiresAt(new Date(now.getTime() + tokenExpireTime))
.withClaim("userId", userId)
@@ -102,35 +107,13 @@
Date now = new Date();
Algorithm algo = Algorithm.HMAC256(secretKey);
String token = JWT.create()
- .withIssuer(ISSUSER)
+ .withIssuer(issUser)
.withIssuedAt(now)
.withExpiresAt(new Date(now.getTime() + tokenExpireTime))
.withClaim("custId", custId)
.withClaim("userId", userId)
.sign(algo);
return token;
- }
-
- /**
- * 生成讯飞token
- * @return
- */
- public static String buildXfJWT(){
- //生成jwt
- Date time = new Date();
- String secret = "D34F84C9963548A9BA4A70AD6D61A99E";
- String appId = "1000000001";
- Algorithm algorithm = Algorithm.HMAC256(secret);
- String auth = JWT.create()
- .withIssuer(appId)
- .withClaim("time", time+"")
- .sign(algorithm);
- return "Bearer "+auth;
- }
-
- public static void main(String[] args) {
- String auth = buildXfJWT();
- System.out.println(auth);
}
}
/**
diff --git a/dyh-service/dyh-cust/src/main/resources/config/application.yml b/dyh-service/dyh-cust/src/main/resources/config/application.yml
index c2f7f9c..1193643 100644
--- a/dyh-service/dyh-cust/src/main/resources/config/application.yml
+++ b/dyh-service/dyh-cust/src/main/resources/config/application.yml
@@ -65,6 +65,8 @@
jwt:
#jwt生成密钥
secret-key: asdfghjkl
+ #用户
+ iss_user: HUGEINFO
refresh-token-key:
#refreshToken 存储key
format: JWT_REFRESH_TOKEN::%s
diff --git a/dyh-service/dyh-cust/src/test/java/cn/huge/module/DyhCustApplicationTest.java b/dyh-service/dyh-cust/src/test/java/cn/huge/module/DyhCustApplicationTest.java
index 3b0ccb0..c86e91f 100644
--- a/dyh-service/dyh-cust/src/test/java/cn/huge/module/DyhCustApplicationTest.java
+++ b/dyh-service/dyh-cust/src/test/java/cn/huge/module/DyhCustApplicationTest.java
@@ -1,6 +1,5 @@
package cn.huge.module;
-import cn.huge.base.common.utils.JwtUtils;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.test.context.SpringBootTest;
--
Gitblit v1.8.0