From b46a6438e68119023a14c50e9cb2cf95a68fec5a Mon Sep 17 00:00:00 2001 From: EightMonth Date: Tue, 30 Apr 2024 11:47:51 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D#6168\#6169\websocket?= =?UTF-8?q?=E8=BF=9E=E6=8E=A5=E9=97=AE=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/jeecg/common/aspect/AutoLogAspect.java | 3 +++ .../java/org/jeecg/common/util/TokenUtils.java | 17 ++++++++++++++++- .../app/AppGrantAuthenticationProvider.java | 6 ++++++ .../PasswordGrantAuthenticationProvider.java | 6 ++++++ 4 files changed, 31 insertions(+), 1 deletion(-) diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java index 42200a1c68..100731a85a 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java @@ -160,6 +160,9 @@ public boolean apply(Object o, String name, Object value) { if(value!=null && value.toString().length()>length){ return false; } + if(value instanceof MultipartFile){ + return false; + } return true; } }; diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java index 377b4f4fa1..9ea96db1bd 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java @@ -12,6 +12,12 @@ import org.jeecg.common.system.vo.LoginUser; import jakarta.servlet.http.HttpServletRequest; +import org.jeecg.config.security.JeecgRedisOAuth2AuthorizationService; +import org.springframework.data.redis.serializer.SerializationException; +import org.springframework.security.oauth2.server.authorization.OAuth2Authorization; +import org.springframework.security.oauth2.server.authorization.OAuth2TokenType; + +import java.util.Objects; /** * @Author scott @@ -112,7 +118,7 @@ public static boolean verifyToken(String token, CommonAPI commonApi, RedisUtil r throw new JeecgBoot401Exception("账号已被锁定,请联系管理员!"); } // 校验token是否超时失效 & 或者账号密码是否错误 - if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) { + if (!jwtTokenRefresh(token, username, user.getPassword())) { throw new JeecgBoot401Exception(CommonConstant.TOKEN_IS_INVALID_MSG); } return true; @@ -141,6 +147,15 @@ private static boolean jwtTokenRefresh(String token, String userName, String pas return false; } + private static boolean jwtTokenRefresh(String token, String userName, String passWord) { + JeecgRedisOAuth2AuthorizationService authRedis = SpringContextUtils.getBean(JeecgRedisOAuth2AuthorizationService.class); + OAuth2Authorization authorization = authRedis.findByToken(token, OAuth2TokenType.ACCESS_TOKEN); + if (Objects.nonNull(authorization) && JwtUtil.verify(token, userName, passWord)) { + return true; + } + return false; + } + /** * 获取登录用户 * diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java index 837deeef87..4f05057156 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java @@ -3,6 +3,7 @@ import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; import org.jeecg.common.api.CommonAPI; +import org.jeecg.common.constant.CacheConstant; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.exception.JeecgBootException; import org.jeecg.common.exception.JeecgCaptchaException; @@ -34,6 +35,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext; import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator; import org.springframework.util.Assert; +import org.springframework.util.StringUtils; import java.security.Principal; import java.util.*; @@ -116,6 +118,10 @@ public Authentication authenticate(Authentication authentication) throws Authent // 通过用户名获取用户信息 LoginUser loginUser = commonAPI.getUserByName(username); + if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) { + redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username); + loginUser = commonAPI.getUserByName(username); + } // 检查用户可行性 checkUserIsEffective(loginUser); diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java index 7452a9d4fe..7daddb57d0 100644 --- a/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java +++ b/jeecg-boot-base-core/src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java @@ -3,6 +3,7 @@ import com.alibaba.fastjson.JSONObject; import lombok.extern.slf4j.Slf4j; import org.jeecg.common.api.CommonAPI; +import org.jeecg.common.constant.CacheConstant; import org.jeecg.common.constant.CommonConstant; import org.jeecg.common.exception.JeecgBootException; import org.jeecg.common.exception.JeecgCaptchaException; @@ -35,6 +36,7 @@ import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext; import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator; import org.springframework.util.Assert; +import org.springframework.util.StringUtils; import java.security.Principal; import java.util.*; @@ -117,6 +119,10 @@ public Authentication authenticate(Authentication authentication) throws Authent // 通过用户名获取用户信息 LoginUser loginUser = commonAPI.getUserByName(username); + if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) { + redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username); + loginUser = commonAPI.getUserByName(username); + } // 检查用户可行性 checkUserIsEffective(loginUser);