ak/file
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

文件认证流程优化

Browse Source
This commit is contained in:
MAC 2023-04-16 14:25:33 +08:00
parent e15176c48c
commit 23b506d395
3 changed files with 37 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/main/java/com/qiwenshare/file/config/security/filter/JwtAuthenticationTokenFilter.java
View File

@ -1,5 +1,6 @@
package com.qiwenshare.file.config.security.filter; package com.qiwenshare.file.config.security.filter;
import com.qiwenshare.common.exception.NotLoginException;
import com.qiwenshare.common.exception.QiwenException; import com.qiwenshare.common.exception.QiwenException;
import com.qiwenshare.file.service.SysParamService; import com.qiwenshare.file.service.SysParamService;
import com.qiwenshare.file.service.UserService; import com.qiwenshare.file.service.UserService;
@ -19,13 +20,29 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.util.Arrays;
import java.util.List;
/** /**
* Jwt过滤器第一个过滤器获取用户token查询用户信息拼装到security中以便后续filter使用 * Jwt过滤器第一个过滤器获取用户token查询用户信息拼装到security中以便后续filter使用
*/ */
@Component @Component
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
private String[] ignoreUri = {"/user/register",
"/user/login",
"/user/checkuserlogininfo",
"/filetransfer/downloadfile",
"/filetransfer/preview",
"/share/sharefileList",
"/share/sharetype",
"/share/checkextractioncode",
"/share/checkendtime",
"/notice/list",
"/notice/detail",
"/param/grouplist",
"/error/**",
"/swagger-ui.html",
};
@Autowired @Autowired
private UserService userService; private UserService userService;
@Resource @Resource
@ -42,13 +59,21 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
throw new QiwenException(999999, "脚本未初始化,请在数据库执行数据初始化脚本,存放路径: '/resources/import.sql'"); throw new QiwenException(999999, "脚本未初始化,请在数据库执行数据初始化脚本,存放路径: '/resources/import.sql'");
} }
List<String> ignoreUriList = Arrays.asList(ignoreUri);
if (ignoreUriList.contains(request.getRequestURI())) {
chain.doFilter(request, response);
return;
}
String token = request.getHeader("token"); String token = request.getHeader("token");
if (StringUtils.isNotBlank(token) && !"undefined".equals(token)) { if (StringUtils.isEmpty(token)) {
throw new NotLoginException("用户未登录");
} else {
String userId = userService.getUserIdByToken(token); String userId = userService.getUserIdByToken(token);
if (userId == null) {
throw new NotLoginException("用户未登录");
}
// 验证 // 验证
if (userId != null && SecurityContextHolder.getContext().getAuthentication() == null) { if (SecurityContextHolder.getContext().getAuthentication() == null) {
UserDetails userDetails = userService.loadUserByUsername(String.valueOf(userId)); UserDetails userDetails = userService.loadUserByUsername(String.valueOf(userId));
if (userDetails.isEnabled()) { if (userDetails.isEnabled()) {
UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken( UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(

12
src/main/java/com/qiwenshare/file/controller/UserController.java
View File

@ -100,20 +100,20 @@ public class UserController {
@Operation(summary = "检查用户登录信息", description = "验证token的有效性", tags = {"user"}) @Operation(summary = "检查用户登录信息", description = "验证token的有效性", tags = {"user"})
@GetMapping("/checkuserlogininfo") @GetMapping("/checkuserlogininfo")
@ResponseBody @ResponseBody
public RestResult<UserLoginVo> checkUserLoginInfo() { public RestResult<UserLoginVo> checkUserLoginInfo(@RequestHeader("token") String token) {
UserLoginVo userLoginVo = new UserLoginVo(); UserLoginVo userLoginVo = new UserLoginVo();
JwtUser sessionUserBean = SessionUtil.getSession(); String userId = userService.getUserIdByToken(token);
if (sessionUserBean != null && !"anonymousUser".equals(sessionUserBean.getUsername())) { if (StringUtils.isNotEmpty(userId)) {
LambdaQueryWrapper<UserLoginInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>(); LambdaQueryWrapper<UserLoginInfo> lambdaQueryWrapper = new LambdaQueryWrapper<>();
lambdaQueryWrapper.eq(UserLoginInfo::getUserId, sessionUserBean.getUserId()); lambdaQueryWrapper.eq(UserLoginInfo::getUserId, userId);
lambdaQueryWrapper.likeRight(UserLoginInfo::getUserloginDate, DateUtil.getCurrentTime().substring(0, 10)); lambdaQueryWrapper.likeRight(UserLoginInfo::getUserloginDate, DateUtil.getCurrentTime().substring(0, 10));
userLoginInfoService.remove(lambdaQueryWrapper); userLoginInfoService.remove(lambdaQueryWrapper);
UserLoginInfo userLoginInfo = new UserLoginInfo(); UserLoginInfo userLoginInfo = new UserLoginInfo();
userLoginInfo.setUserId(sessionUserBean.getUserId()); userLoginInfo.setUserId(userId);
userLoginInfo.setUserloginDate(DateUtil.getCurrentTime()); userLoginInfo.setUserloginDate(DateUtil.getCurrentTime());
userLoginInfoService.save(userLoginInfo); userLoginInfoService.save(userLoginInfo);
UserBean user = userService.getById(sessionUserBean.getUserId()); UserBean user = userService.getById(userId);
BeanUtil.copyProperties(user, userLoginVo); BeanUtil.copyProperties(user, userLoginVo);
if (StringUtils.isEmpty(user.getWxOpenId())) { if (StringUtils.isEmpty(user.getWxOpenId())) {
userLoginVo.setHasWxAuth(false); userLoginVo.setHasWxAuth(false);

2
src/main/java/com/qiwenshare/file/dto/file/EditOfficeFileDTO.java
View File

@ -5,7 +5,7 @@ import lombok.Data;
@Data @Data
public class EditOfficeFileDTO { public class EditOfficeFileDTO {
private String userFileId; private String userFileId;
private String previewUrl; // private String previewUrl;
// private String filePath; // private String filePath;
// private String fileName; // private String fileName;
// private String extendName; // private String extendName;