From 23b506d395aabee95c307db7af6654a619ed7f25 Mon Sep 17 00:00:00 2001 From: MAC <1162714483@qq.com> Date: Sun, 16 Apr 2023 14:25:33 +0800 Subject: [PATCH] =?UTF-8?q?=E6=96=87=E4=BB=B6=E8=AE=A4=E8=AF=81=E6=B5=81?= =?UTF-8?q?=E7=A8=8B=E4=BC=98=E5=8C=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../filter/JwtAuthenticationTokenFilter.java | 35 ++++++++++++++++--- .../file/controller/UserController.java | 12 +++---- .../file/dto/file/EditOfficeFileDTO.java | 2 +- 3 files changed, 37 insertions(+), 12 deletions(-) diff --git a/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java b/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java index 14513a0..920654c 100644 --- a/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java +++ b/src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java @@ -1,5 +1,6 @@ package com.qiwenshare.file.config.security.filter; +import com.qiwenshare.common.exception.NotLoginException; import com.qiwenshare.common.exception.QiwenException; import com.qiwenshare.file.service.SysParamService; import com.qiwenshare.file.service.UserService; @@ -19,13 +20,29 @@ import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; +import java.util.Arrays; +import java.util.List; /** * Jwt过滤器(第一个过滤器):获取用户token,查询用户信息拼装到security中,以便后续filter使用 */ @Component public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { - + private String[] ignoreUri = {"/user/register", + "/user/login", + "/user/checkuserlogininfo", + "/filetransfer/downloadfile", + "/filetransfer/preview", + "/share/sharefileList", + "/share/sharetype", + "/share/checkextractioncode", + "/share/checkendtime", + "/notice/list", + "/notice/detail", + "/param/grouplist", + "/error/**", + "/swagger-ui.html", + }; @Autowired private UserService userService; @Resource @@ -42,13 +59,21 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { throw new QiwenException(999999, "脚本未初始化,请在数据库执行数据初始化脚本,存放路径: '/resources/import.sql'!"); } + List ignoreUriList = Arrays.asList(ignoreUri); + if (ignoreUriList.contains(request.getRequestURI())) { + chain.doFilter(request, response); + return; + } String token = request.getHeader("token"); - if (StringUtils.isNotBlank(token) && !"undefined".equals(token)) { - + if (StringUtils.isEmpty(token)) { + throw new NotLoginException("用户未登录"); + } else { String userId = userService.getUserIdByToken(token); - + if (userId == null) { + throw new NotLoginException("用户未登录"); + } // 验证 - if (userId != null && SecurityContextHolder.getContext().getAuthentication() == null) { + if (SecurityContextHolder.getContext().getAuthentication() == null) { UserDetails userDetails = userService.loadUserByUsername(String.valueOf(userId)); if (userDetails.isEnabled()) { UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken( diff --git a/src/main/java/com/qiwenshare/file/controller/UserController.java b/src/main/java/com/qiwenshare/file/controller/UserController.java index 3eacfd6..e1ecb9f 100644 --- a/src/main/java/com/qiwenshare/file/controller/UserController.java +++ b/src/main/java/com/qiwenshare/file/controller/UserController.java @@ -100,20 +100,20 @@ public class UserController { @Operation(summary = "检查用户登录信息", description = "验证token的有效性", tags = {"user"}) @GetMapping("/checkuserlogininfo") @ResponseBody - public RestResult checkUserLoginInfo() { + public RestResult checkUserLoginInfo(@RequestHeader("token") String token) { UserLoginVo userLoginVo = new UserLoginVo(); - JwtUser sessionUserBean = SessionUtil.getSession(); + String userId = userService.getUserIdByToken(token); - if (sessionUserBean != null && !"anonymousUser".equals(sessionUserBean.getUsername())) { + if (StringUtils.isNotEmpty(userId)) { LambdaQueryWrapper lambdaQueryWrapper = new LambdaQueryWrapper<>(); - lambdaQueryWrapper.eq(UserLoginInfo::getUserId, sessionUserBean.getUserId()); + lambdaQueryWrapper.eq(UserLoginInfo::getUserId, userId); lambdaQueryWrapper.likeRight(UserLoginInfo::getUserloginDate, DateUtil.getCurrentTime().substring(0, 10)); userLoginInfoService.remove(lambdaQueryWrapper); UserLoginInfo userLoginInfo = new UserLoginInfo(); - userLoginInfo.setUserId(sessionUserBean.getUserId()); + userLoginInfo.setUserId(userId); userLoginInfo.setUserloginDate(DateUtil.getCurrentTime()); userLoginInfoService.save(userLoginInfo); - UserBean user = userService.getById(sessionUserBean.getUserId()); + UserBean user = userService.getById(userId); BeanUtil.copyProperties(user, userLoginVo); if (StringUtils.isEmpty(user.getWxOpenId())) { userLoginVo.setHasWxAuth(false); diff --git a/src/main/java/com/qiwenshare/file/dto/file/EditOfficeFileDTO.java b/src/main/java/com/qiwenshare/file/dto/file/EditOfficeFileDTO.java index 45f5732..9a85a9c 100644 --- a/src/main/java/com/qiwenshare/file/dto/file/EditOfficeFileDTO.java +++ b/src/main/java/com/qiwenshare/file/dto/file/EditOfficeFileDTO.java @@ -5,7 +5,7 @@ import lombok.Data; @Data public class EditOfficeFileDTO { private String userFileId; - private String previewUrl; +// private String previewUrl; // private String filePath; // private String fileName; // private String extendName;