增加token校验

44e3a8d0 · xiaolang850403 · 78086f7c · 44e3a8d0 · 44e3a8d0 · 44e3a8d0
Commit 44e3a8d0 authored Apr 22, 2020 by xiaolang850403
9 changed files
--- a/src/main/java/com/asset/controller/UserController.java
+++ b/src/main/java/com/asset/controller/UserController.java
@@ -204,8 +204,8 @@ public class UserController {
        if (result.hasErrors()) {
            return ResultUtil.Validated(result);
        }
-        String pass = MD5Util.getEncryption(user.getPassword());
-        user.setPassword(pass);
+        //String pass = MD5Util.getEncryption(user.getPassword());
+        //user.setPassword(pass);
        userService.updateById(user);
        if(user.getId() != null){
            //删除凭证的旧数据

--- a/src/main/java/com/asset/controller/admin/AdminController.java
+++ b/src/main/java/com/asset/controller/admin/AdminController.java
@@ -57,13 +57,13 @@ public class AdminController {
    public final String refuse = "审核不通过,原因:";

    @RequestMapping(value = "/getUserList")
-    public Result getUserList(@RequestParam(defaultValue = "1") int currentPage, @RequestParam(defaultValue = "10") int per, User user) {
+    public Result getUserList(@RequestParam(defaultValue = "1") int page, @RequestParam(defaultValue = "10") int per, User user) {
        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
        if(user.getState() != null){
            queryWrapper.eq("state",user.getState()).or().eq("name",user.getName()).or().eq("mobile",user.getMobile()).or().eq("email",user.getEmail()).or().eq("employer",user.getEmployer());
        }
         //List list = userService.list(queryWrapper);
-        PageHelper.startPage(currentPage, per);
+        PageHelper.startPage(page, per);
        Map map = Pagination.Pagination(userService.list(queryWrapper));
        return ResultUtil.success(CodeEnum.SUCCESS,map);
    }

--- a/src/main/java/com/asset/controller/admin/FailLogController.java
+++ b/src/main/java/com/asset/controller/admin/FailLogController.java
@@ -27,7 +27,7 @@ public class FailLogController {
    @GetMapping("/getFailLogByUid")
    public Result getFailLogByUid(int user_id) {
        QueryWrapper<FailLog> queryWrapper = new QueryWrapper<>();
-        queryWrapper.eq("userid",user_id);
+        queryWrapper.eq("user_id",user_id);
        List<FailLog> list = failLogService.list(queryWrapper);
        return ResultUtil.success(CodeEnum.SUCCESS,list);
    }

--- a/src/main/java/com/asset/controller/system/AreaController.java
+++ b/src/main/java/com/asset/controller/system/AreaController.java
@@ -24,9 +24,9 @@ public class AreaController {
    AreaService areaService;

    @GetMapping("/getAreaList")
-    public Result getAreaList(int pid) {
+    public Result getAreaList(int id) {
        QueryWrapper<Area> queryWrapper = new QueryWrapper<>();
-        queryWrapper.eq("pid",pid);
+        queryWrapper.eq("pid",id);
        List<Area> list = areaService.list(queryWrapper);
        return ResultUtil.success(CodeEnum.SUCCESS,list);
    }

--- a/src/main/java/com/asset/core/filter/CorsFilter.java
+++ b/src/main/java/com/asset/core/filter/CorsFilter.java
-package com.asset.core.enums.filter;
+package com.asset.core.filter;

 import org.springframework.stereotype.Component;


--- a/src/main/java/com/asset/core/filter/TokenInterceptor.java
+++ b/src/main/java/com/asset/core/filter/TokenInterceptor.java
@@ -53,25 +53,28 @@ public class TokenInterceptor implements HandlerInterceptor {
            queryWrapper.eq("mobile",mobile);
            User user = userService.getOne(queryWrapper);
            //比较数据库里token的refexpire的最长期限
-            if(Common.getStringToDate(user.getLoginTime())+Long.valueOf(user.getRefexpire()) > System.currentTimeMillis()){
-                System.out.println("刷新token,生成新的token");
-                token = TokenUtil.sign(mobile.toString());
-                response.setHeader("token",token);
-                //手动调用刷新token接口时就需要下面的更新token代码,自动更新就不需要
-                User user1 = new User();
-                user1.setToken(token);
-                QueryWrapper<User> userQueryWrapper = new QueryWrapper<>();
-                userQueryWrapper.eq("id",user.getId());
-                userService.update(user1,userQueryWrapper);
-                return true;
-            }else{      //数据表里的长效期的时间过期了,则要重新登录
-                System.out.println("token超过了最长时效,请重新登录");
-                JSONObject json = new JSONObject();
-                json.put("msg", "token超过了最长时效,请重新登录");
-                json.put("code", "10007");
-                response.getWriter().append(json.toJSONString());
-                return false;
+            if(user!=null){
+                if(Common.getStringToDate(user.getLoginTime())+Long.valueOf(user.getRefexpire()) > System.currentTimeMillis()){
+                    System.out.println("刷新token,生成新的token");
+                    token = TokenUtil.sign(mobile.toString());
+                    response.setHeader("token",token);
+                    //手动调用刷新token接口时就需要下面的更新token代码,自动更新就不需要
+                    User user1 = new User();
+                    user1.setToken(token);
+                    QueryWrapper<User> userQueryWrapper = new QueryWrapper<>();
+                    userQueryWrapper.eq("id",user.getId());
+                    userService.update(user1,userQueryWrapper);
+                    return true;
+                }else{      //数据表里的长效期的时间过期了,则要重新登录
+                    System.out.println("token超过了最长时效,请重新登录");
+                    JSONObject json = new JSONObject();
+                    json.put("msg", "token超过了最长时效,请重新登录");
+                    json.put("code", "10007");
+                    response.getWriter().append(json.toJSONString());
+                    return false;
+                }
            }
+            return false;
        } catch (Exception e) {
            e.printStackTrace();
            response.sendError(500);

--- a/src/main/java/com/asset/core/jwt/JWTConfiguration.java
+++ b/src/main/java/com/asset/core/jwt/JWTConfiguration.java
@@ -23,6 +23,11 @@ public class JWTConfiguration implements WebMvcConfigurer {
        System.out.println("*****");
        List<String> excludePath = new ArrayList<>();
        //对以下资源请求不进行拦截和验证
+        excludePath.add("/user/register");
+        excludePath.add("/upload/oss");
+        excludePath.add("/area/getAreaList");
+        excludePath.add("/job/getJobList");
+        excludePath.add("/user/checkMobile");
        excludePath.add("/login");     //登录

        registry.addInterceptor(tokenInterceptor)

--- a/src/main/java/com/asset/core/jwt/TokenUtil.java
+++ b/src/main/java/com/asset/core/jwt/TokenUtil.java
@@ -8,8 +8,8 @@ import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.interfaces.DecodedJWT;

 public class TokenUtil {
-    //过期时间
-    private static final long EXPIRE_TIME = 1 * 60 * 1000;
+    //过期时间(10小时)
+    private static final long EXPIRE_TIME = 1 * 60 * 60 * 1000;

    //使用静态的字符密文或者key来获取算法器，token秘钥，请勿泄露，请勿随便修改
    private static final String TOKEN_SECRET = "expert";  //密钥盐

--- a/src/main/java/com/asset/domain/User.java
+++ b/src/main/java/com/asset/domain/User.java
@@ -97,22 +97,22 @@ public class User implements Serializable {
    private String expertTypeValue;

    @TableField(exist = false)
-    private String expert;  //专家凭证
+    private String expert;  //专家凭证(入库用)

    @TableField(exist = false)
-    private String recom;   //推荐凭证
+    private String recom;   //推荐凭证(入库用)

    @TableField(exist = false)
-    private String other;   //其他凭证
+    private String other;   //其他凭证(入库用)

    @TableField(exist = false)
-    private List reexpert;  //专家凭证
+    private List reexpert;  //专家凭证(展示)

    @TableField(exist = false)
-    private List rerecom;   //推荐凭证
+    private List rerecom;   //推荐凭证(展示)

    @TableField(exist = false)
-    private List reother;   //其他凭证
+    private List reother;   //其他凭证(展示)

    private String expertRange;