diff --git a/backend/src/main/java/io/dataease/auth/filter/F2CDocFilter.java b/backend/src/main/java/io/dataease/auth/filter/F2CDocFilter.java index 78ff0a82f2..f584cbf0a3 100644 --- a/backend/src/main/java/io/dataease/auth/filter/F2CDocFilter.java +++ b/backend/src/main/java/io/dataease/auth/filter/F2CDocFilter.java @@ -1,6 +1,7 @@ package io.dataease.auth.filter; import cn.hutool.core.util.ArrayUtil; +import com.auth0.jwt.algorithms.Algorithm; import io.dataease.auth.entity.SysUserEntity; import io.dataease.auth.entity.TokenInfo; import io.dataease.auth.service.AuthUserService; @@ -9,6 +10,8 @@ import io.dataease.commons.license.DefaultLicenseService; import io.dataease.commons.license.F2CLicenseResponse; import io.dataease.commons.utils.CommonBeanFactory; import io.dataease.commons.utils.LogUtil; +import io.dataease.exception.DataEaseException; +import io.dataease.i18n.Translator; import org.apache.commons.lang3.ObjectUtils; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.web.filter.AccessControlFilter; @@ -37,10 +40,10 @@ public class F2CDocFilter extends AccessControlFilter { DefaultLicenseService defaultLicenseService = CommonBeanFactory.getBean(DefaultLicenseService.class); F2CLicenseResponse f2CLicenseResponse = defaultLicenseService.validateLicense(); Status status = f2CLicenseResponse.getStatus(); - if (status != Status.valid) { + /*if (status != Status.valid) { request.setAttribute(RESULT_URI_KEY, NOLIC_PAGE); return false; - } + }*/ } catch (Exception e) { request.setAttribute(RESULT_URI_KEY, NOLIC_PAGE); LogUtil.error(e.getMessage(), e); @@ -62,7 +65,7 @@ public class F2CDocFilter extends AccessControlFilter { return true; } - private Boolean validateLogin(HttpServletRequest request) throws Exception{ + private Boolean validateLogin(HttpServletRequest request) throws Exception { String authorization = request.getHeader("Authorization"); if (StringUtils.isBlank(authorization)) { Cookie[] cookies = request.getCookies(); @@ -76,6 +79,12 @@ public class F2CDocFilter extends AccessControlFilter { if (StringUtils.isBlank(authorization)) { return false; } + if (JWTUtils.loginExpire(authorization)) { + return false; + } + if (JWTUtils.needRefresh(authorization)) { + authorization = refreshToken(authorization); + } TokenInfo tokenInfo = JWTUtils.tokenInfoByToken(authorization); AuthUserService authUserService = CommonBeanFactory.getBean(AuthUserService.class); SysUserEntity user = authUserService.getUserById(tokenInfo.getUserId()); @@ -87,12 +96,29 @@ public class F2CDocFilter extends AccessControlFilter { return verify; } + private String refreshToken(String token) throws Exception { + TokenInfo tokenInfo = JWTUtils.tokenInfoByToken(token); + AuthUserService authUserService = CommonBeanFactory.getBean(AuthUserService.class); + SysUserEntity user = authUserService.getUserById(tokenInfo.getUserId()); + if (user == null) { + DataEaseException.throwException(Translator.get("i18n_not_find_user")); + } + String password = user.getPassword(); + Algorithm algorithm = Algorithm.HMAC256(password); + JWTUtils.verifySign(algorithm, token); + String newToken = JWTUtils.sign(tokenInfo, password); + return newToken; + } + @Override protected boolean onAccessDenied(ServletRequest req, ServletResponse res) throws Exception { HttpServletResponse response = (HttpServletResponse) res; HttpServletRequest request = (HttpServletRequest) req; Object attribute = request.getAttribute(RESULT_URI_KEY); String path = ObjectUtils.isNotEmpty(attribute) ? attribute.toString() : DEFAULT_FAILED_PAGE; + path += ("?_t" + System.currentTimeMillis()); + response.setHeader("Cache-Control", "no-cache, no-store, max-age=0, must-revalidate"); + response.setHeader("Expires", "0"); request.getRequestDispatcher(path).forward(request, response); return false; }