Merge branch 'dev' into v1.18
This commit is contained in:
taojinlong
commit
292c4b3d07
@ -11,6 +11,7 @@ import io.dataease.auth.service.AuthUserService;
|
||||
import io.dataease.auth.util.JWTUtils;
|
||||
import io.dataease.commons.utils.BeanUtils;
|
||||
import io.dataease.commons.utils.LogUtil;
|
||||
import io.dataease.commons.utils.TokenCacheUtils;
|
||||
import io.dataease.listener.util.CacheUtils;
|
||||
import org.apache.shiro.authc.*;
|
||||
import org.apache.shiro.authz.AuthorizationInfo;
|
||||
@ -83,6 +84,9 @@ public class F2CRealm extends AuthorizingRealm {
|
||||
token = (String) auth.getCredentials();
|
||||
// 解密获得username,用于和数据库进行对比
|
||||
tokenInfo = JWTUtils.tokenInfoByToken(token);
|
||||
if (!TokenCacheUtils.validate(token)) {
|
||||
throw new AuthenticationException("token invalid");
|
||||
}
|
||||
} catch (Exception e) {
|
||||
throw new AuthenticationException(e);
|
||||
}
|
||||
|
||||
@ -10,6 +10,7 @@ import io.dataease.auth.service.AuthUserService;
|
||||
import io.dataease.auth.util.JWTUtils;
|
||||
import io.dataease.commons.utils.CommonBeanFactory;
|
||||
import io.dataease.commons.utils.LogUtil;
|
||||
import io.dataease.commons.utils.TokenCacheUtils;
|
||||
import io.dataease.exception.DataEaseException;
|
||||
import io.dataease.i18n.Translator;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
@ -65,6 +66,9 @@ public class JWTFilter extends BasicHttpAuthenticationFilter {
|
||||
if (StringUtils.startsWith(authorization, "Basic")) {
|
||||
return false;
|
||||
}
|
||||
if (!TokenCacheUtils.validate(authorization)) {
|
||||
throw new AuthenticationException(expireMessage);
|
||||
}
|
||||
// 当没有出现登录超时 且需要刷新token 则执行刷新token
|
||||
if (JWTUtils.loginExpire(authorization)) {
|
||||
throw new AuthenticationException(expireMessage);
|
||||
|
||||
@ -234,6 +234,7 @@ public class AuthServer implements AuthApi {
|
||||
if (StringUtils.isBlank(result)) {
|
||||
result = "success";
|
||||
}
|
||||
TokenCacheUtils.remove(token);
|
||||
} catch (Exception e) {
|
||||
LogUtil.error(e);
|
||||
if (StringUtils.isBlank(result)) {
|
||||
@ -287,6 +288,7 @@ public class AuthServer implements AuthApi {
|
||||
if (StringUtils.isBlank(result)) {
|
||||
result = "success";
|
||||
}
|
||||
TokenCacheUtils.remove(token);
|
||||
} catch (Exception e) {
|
||||
LogUtil.error(e);
|
||||
if (StringUtils.isBlank(result)) {
|
||||
|
||||
@ -10,6 +10,7 @@ import com.auth0.jwt.interfaces.Verification;
|
||||
import io.dataease.auth.entity.TokenInfo;
|
||||
import io.dataease.auth.entity.TokenInfo.TokenInfoBuilder;
|
||||
import io.dataease.commons.utils.CommonBeanFactory;
|
||||
import io.dataease.commons.utils.TokenCacheUtils;
|
||||
import io.dataease.exception.DataEaseException;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
@ -117,7 +118,9 @@ public class JWTUtils {
|
||||
Builder builder = JWT.create()
|
||||
.withClaim("username", tokenInfo.getUsername())
|
||||
.withClaim("userId", tokenInfo.getUserId());
|
||||
return builder.withExpiresAt(date).sign(algorithm);
|
||||
String sign = builder.withExpiresAt(date).sign(algorithm);
|
||||
TokenCacheUtils.add(sign, tokenInfo.getUserId());
|
||||
return sign;
|
||||
|
||||
} catch (Exception e) {
|
||||
return null;
|
||||
|
||||
@ -0,0 +1,28 @@
|
||||
package io.dataease.commons.utils;
|
||||
|
||||
import io.dataease.listener.util.CacheUtils;
|
||||
import org.apache.commons.lang3.ObjectUtils;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
|
||||
public class TokenCacheUtils {
|
||||
|
||||
private static final String KEY = "sys_token_store";
|
||||
|
||||
public static void add(String token, Long userId) {
|
||||
CacheUtils.put(KEY, token, userId, null, null);
|
||||
}
|
||||
|
||||
public static void remove(String token) {
|
||||
CacheUtils.remove(KEY, token);
|
||||
}
|
||||
|
||||
public static boolean validate(String token) {
|
||||
Object sys_token_store = CacheUtils.get(KEY, token);
|
||||
return ObjectUtils.isNotEmpty(sys_token_store) && StringUtils.isNotBlank(sys_token_store.toString());
|
||||
}
|
||||
|
||||
public static boolean validate(String token, Long userId) {
|
||||
Object sys_token_store = CacheUtils.get(KEY, token);
|
||||
return ObjectUtils.isNotEmpty(sys_token_store) && StringUtils.isNotBlank(sys_token_store.toString()) && userId == Long.parseLong(sys_token_store.toString());
|
||||
}
|
||||
}
|
||||
@ -266,13 +266,11 @@ public class ApiProvider extends Provider {
|
||||
for (String s : jsonObject.keySet()) {
|
||||
String value = jsonObject.getString(s);
|
||||
if (StringUtils.isNotEmpty(value) && value.startsWith("[")) {
|
||||
|
||||
JSONObject o = new JSONObject();
|
||||
try {
|
||||
JSONArray jsonArray = jsonObject.getJSONArray(s);
|
||||
List<JSONObject> childrenField = new ArrayList<>();
|
||||
for (Object object : jsonArray) {
|
||||
JSONObject.parseObject(object.toString());
|
||||
handleStr(apiDefinition, JSON.toJSONString(object, SerializerFeature.WriteMapNullValue), childrenField, rootPath + "." + s + "[*]");
|
||||
}
|
||||
o.put("children", childrenField);
|
||||
@ -289,15 +287,28 @@ public class ApiProvider extends Provider {
|
||||
fields.add(o);
|
||||
}
|
||||
} else if (StringUtils.isNotEmpty(value) && value.startsWith("{")) {
|
||||
List<JSONObject> children = new ArrayList<>();
|
||||
handleStr(apiDefinition, jsonObject.getString(s), children, rootPath + "." + String.format(path, s));
|
||||
JSONObject o = new JSONObject();
|
||||
o.put("children", children);
|
||||
o.put("childrenDataType", "OBJECT");
|
||||
o.put("jsonPath", rootPath + "." + s);
|
||||
setProperty(apiDefinition, o, s);
|
||||
if (!hasItem(apiDefinition, fields, o)) {
|
||||
fields.add(o);
|
||||
try {
|
||||
JSONObject.parseObject(jsonStr);
|
||||
List<JSONObject> children = new ArrayList<>();
|
||||
handleStr(apiDefinition, jsonObject.getString(s), children, rootPath + "." + String.format(path, s));
|
||||
JSONObject o = new JSONObject();
|
||||
o.put("children", children);
|
||||
o.put("childrenDataType", "OBJECT");
|
||||
o.put("jsonPath", rootPath + "." + s);
|
||||
setProperty(apiDefinition, o, s);
|
||||
if (!hasItem(apiDefinition, fields, o)) {
|
||||
fields.add(o);
|
||||
}
|
||||
}catch (Exception e){
|
||||
JSONObject o = new JSONObject();
|
||||
o.put("jsonPath", rootPath + "." + String.format(path, s));
|
||||
setProperty(apiDefinition, o, s);
|
||||
JSONArray array = new JSONArray();
|
||||
array.add(StringUtils.isNotEmpty(jsonObject.getString(s)) ? jsonObject.getString(s) : "");
|
||||
o.put("value", array);
|
||||
if (!hasItem(apiDefinition, fields, o)) {
|
||||
fields.add(o);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
JSONObject o = new JSONObject();
|
||||
@ -325,13 +336,13 @@ public class ApiProvider extends Provider {
|
||||
o.put("deType", 0);
|
||||
o.put("extField", 0);
|
||||
o.put("checked", false);
|
||||
for (DatasetTableFieldDTO fieldDTO : apiDefinition.getFields()) {
|
||||
if (StringUtils.isNotEmpty(o.getString("jsonPath")) && StringUtils.isNotEmpty(fieldDTO.getJsonPath()) && fieldDTO.getJsonPath().equals(o.getString("jsonPath"))) {
|
||||
o.put("checked", true);
|
||||
o.put("deExtractType", fieldDTO.getDeExtractType());
|
||||
o.put("name", fieldDTO.getName());
|
||||
}
|
||||
}
|
||||
// for (DatasetTableFieldDTO fieldDTO : apiDefinition.getFields()) {
|
||||
// if (StringUtils.isNotEmpty(o.getString("jsonPath")) && StringUtils.isNotEmpty(fieldDTO.getJsonPath()) && fieldDTO.getJsonPath().equals(o.getString("jsonPath"))) {
|
||||
// o.put("checked", true);
|
||||
// o.put("deExtractType", fieldDTO.getDeExtractType());
|
||||
// o.put("name", fieldDTO.getName());
|
||||
// }
|
||||
// }
|
||||
|
||||
}
|
||||
|
||||
|
||||
@ -270,5 +270,14 @@
|
||||
memoryStoreEvictionPolicy="LRU"
|
||||
/>
|
||||
|
||||
<cache
|
||||
name="sys_token_store"
|
||||
eternal="true"
|
||||
maxElementsInMemory="100"
|
||||
maxElementsOnDisk="3000"
|
||||
overflowToDisk="true"
|
||||
diskPersistent="false"
|
||||
/>
|
||||
|
||||
|
||||
</ehcache>
|
||||
Loading…
Reference in New Issue
Block a user