From e33cc6968e5c7c57013413b077421b77714ed69b Mon Sep 17 00:00:00 2001
From: liyj <1003249715@qq.com>
Date: Tue, 20 Aug 2024 14:48:17 +0800
Subject: [PATCH] 1、修改代码生成器 2、优化网关解析token信息 3、web端登录授权操作 4、web端修改密码操作
---
dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java | 50 +++++++++++++++++++++-----------------------------
1 files changed, 21 insertions(+), 29 deletions(-)
diff --git a/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java b/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
index c1481a9..d93e0cd 100644
--- a/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
+++ b/dyh-gateway/src/main/java/cn/huge/gateway/filter/AuthFilter.java
@@ -1,5 +1,6 @@
package cn.huge.gateway.filter;
+import cn.huge.gateway.utils.ReturnBO;
import cn.huge.gateway.utils.SpringContextUtil;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
@@ -87,6 +88,7 @@
if (status) {
return chain.filter(exchange);
} else {
+ ReturnBO returnBO = new ReturnBO();
//从请求头中取出token
String token = exchange.getRequest().getHeaders().getFirst("Authorization");
//未携带token或token在黑名单内
@@ -94,34 +96,26 @@
ServerHttpResponse originalResponse = exchange.getResponse();
originalResponse.setStatusCode(HttpStatus.OK);
originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
- byte[] response = "{\"code\": \"401\",\"msg\": \"用户未登录,请进行登录!\"}"
- .getBytes(StandardCharsets.UTF_8);
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
+ byte[] response = returnBO.toString().getBytes(StandardCharsets.UTF_8);
DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
return originalResponse.writeWith(Flux.just(buffer));
} else {
//取出token包含的身份
- Map<String, Object> result = verifyJWT(token);
- int code = (int) result.get("code");
- if (code != 0) {
+ returnBO = verifyJWT(token);
+ if (returnBO.getCode() != 0) {
ServerHttpResponse originalResponse = exchange.getResponse();
originalResponse.setStatusCode(HttpStatus.OK);
originalResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
- String responseResult = "{\"code\": \"" + code + "\", \"msg\": \"" + result.get("msg") + "\"}";
- byte[] response = responseResult.getBytes(StandardCharsets.UTF_8);
+ byte[] response = returnBO.toString().getBytes(StandardCharsets.UTF_8);
DataBuffer buffer = originalResponse.bufferFactory().wrap(response);
return originalResponse.writeWith(Flux.just(buffer));
} else {
//将现在的request,添加当前身份
- String userId = (String) result.get("userId");
+ String userId = (String) returnBO.getData();
ServerHttpRequest mutableReq = null;
- String custId = (String) result.get("custId");
- if (StringUtils.isNotEmpty(custId)) {
- URI uri = exchange.getRequest().getURI();
- URI newUri = assembleUri(uri, custId);
- exchange.getRequest().mutate().uri(newUri).header("Authorization-userId", userId).header("Authorization-custId", custId).build();
- } else {
- exchange.getRequest().mutate().header("Authorization-userId", userId).build();
- }
+ exchange.getRequest().mutate().header("Authorization-userId", userId).build();
ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
return chain.filter(mutableExchange);
}
@@ -135,8 +129,8 @@
* @param token 授权信息
* @return Map
*/
- private Map<String, Object> verifyJWT(String token){
- Map<String, Object> result = new HashMap<>();
+ private ReturnBO verifyJWT(String token){
+ ReturnBO returnBO = new ReturnBO();
try {
Algorithm algorithm = Algorithm.HMAC256(secretKey);
JWTVerifier verifier = JWT.require(algorithm)
@@ -145,25 +139,23 @@
DecodedJWT jwt = verifier.verify(token);
String userId = jwt.getClaim("userId").asString();
if (userId.isEmpty()){
- result.put("code", 401);
- result.put("msg", "登录用户已失效,请重新登录");
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
}else{
- result.put("code", 0);
- result.put("userId", userId);
- String custId = jwt.getClaim("custId").asString();
- result.put("custId", custId);
+ returnBO.setCode(0);
+ returnBO.setData(userId);
}
} catch (JWTVerificationException e){
log.error("AuthFilter方法[verifyJWT]调用异常:"+e, e);
if (e.getMessage().indexOf("The Token has expired") != -1){
- result.put("code", 401);
- result.put("msg", "登录用户已失效,请重新登录!");
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
}else{
- result.put("code", 401);
- result.put("msg", "登录用户已失效,请重新登录");
+ returnBO.setCode(401);
+ returnBO.setMsg("您尚未登录,请登录后重试!");
}
}
- return result;
+ return returnBO;
}
/**
--
Gitblit v1.8.0