增加token校验

44e3a8d0 · xiaolang850403 · 78086f7c · 44e3a8d0 · 44e3a8d0 · 44e3a8d0
Commit 44e3a8d0 authored Apr 22, 2020 by xiaolang850403
9 changed files
--- a/src/main/java/com/asset/controller/UserController.java
+++ b/src/main/java/com/asset/controller/UserController.java
@@ -204,8 +204,8 @@ public class UserController {
        if (result.hasErrors()) {
            return ResultUtil.Validated(result);
        }
-        String pass = MD5Util.getEncryption(user.getPassword());
+        //String pass = MD5Util.getEncryption(user.getPassword());
-        user.setPassword(pass);
+        //user.setPassword(pass);
        userService.updateById(user);
        if(user.getId() != null){
            //删除凭证的旧数据

--- a/src/main/java/com/asset/controller/admin/AdminController.java
+++ b/src/main/java/com/asset/controller/admin/AdminController.java
@@ -57,13 +57,13 @@ public class AdminController {
    public final String refuse = "审核不通过,原因:";
    @RequestMapping(value = "/getUserList")
-    public Result getUserList(@RequestParam(defaultValue = "1") int currentPage, @RequestParam(defaultValue = "10") int per, User user) {
+    public Result getUserList(@RequestParam(defaultValue = "1") int page, @RequestParam(defaultValue = "10") int per, User user) {
        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
        if(user.getState() != null){
            queryWrapper.eq("state",user.getState()).or().eq("name",user.getName()).or().eq("mobile",user.getMobile()).or().eq("email",user.getEmail()).or().eq("employer",user.getEmployer());
        }
         //List list = userService.list(queryWrapper);
-        PageHelper.startPage(currentPage, per);
+        PageHelper.startPage(page, per);
        Map map = Pagination.Pagination(userService.list(queryWrapper));
        return ResultUtil.success(CodeEnum.SUCCESS,map);
    }

--- a/src/main/java/com/asset/controller/admin/FailLogController.java
+++ b/src/main/java/com/asset/controller/admin/FailLogController.java
@@ -27,7 +27,7 @@ public class FailLogController {
    @GetMapping("/getFailLogByUid")
    public Result getFailLogByUid(int user_id) {
        QueryWrapper<FailLog> queryWrapper = new QueryWrapper<>();
-        queryWrapper.eq("userid",user_id);
+        queryWrapper.eq("user_id",user_id);
        List<FailLog> list = failLogService.list(queryWrapper);
        return ResultUtil.success(CodeEnum.SUCCESS,list);
    }

--- a/src/main/java/com/asset/controller/system/AreaController.java
+++ b/src/main/java/com/asset/controller/system/AreaController.java
@@ -24,9 +24,9 @@ public class AreaController {
    AreaService areaService;
    @GetMapping("/getAreaList")
-    public Result getAreaList(int pid) {
+    public Result getAreaList(int id) {
        QueryWrapper<Area> queryWrapper = new QueryWrapper<>();
-        queryWrapper.eq("pid",pid);
+        queryWrapper.eq("pid",id);
        List<Area> list = areaService.list(queryWrapper);
        return ResultUtil.success(CodeEnum.SUCCESS,list);
    }

--- a/src/main/java/com/asset/core/filter/CorsFilter.java
+++ b/src/main/java/com/asset/core/filter/CorsFilter.java
-package com.asset.core.enums.filter;
+package com.asset.core.filter;
 import org.springframework.stereotype.Component;

--- a/src/main/java/com/asset/core/filter/TokenInterceptor.java
+++ b/src/main/java/com/asset/core/filter/TokenInterceptor.java
@@ -53,6 +53,7 @@ public class TokenInterceptor implements HandlerInterceptor {
            queryWrapper.eq("mobile",mobile);
            User user = userService.getOne(queryWrapper);
            //比较数据库里token的refexpire的最长期限
+            if(user!=null){
                if(Common.getStringToDate(user.getLoginTime())+Long.valueOf(user.getRefexpire()) > System.currentTimeMillis()){
                    System.out.println("刷新token,生成新的token");
                    token = TokenUtil.sign(mobile.toString());
@@ -72,6 +73,8 @@ public class TokenInterceptor implements HandlerInterceptor {
                    response.getWriter().append(json.toJSONString());
                    return false;
                }
+            }
+            return false;
        } catch (Exception e) {
            e.printStackTrace();
            response.sendError(500);

--- a/src/main/java/com/asset/core/jwt/JWTConfiguration.java
+++ b/src/main/java/com/asset/core/jwt/JWTConfiguration.java
@@ -23,6 +23,11 @@ public class JWTConfiguration implements WebMvcConfigurer {
        System.out.println("*****");
        List<String> excludePath = new ArrayList<>();
        //对以下资源请求不进行拦截和验证
+        excludePath.add("/user/register");
+        excludePath.add("/upload/oss");
+        excludePath.add("/area/getAreaList");
+        excludePath.add("/job/getJobList");
+        excludePath.add("/user/checkMobile");
        excludePath.add("/login");     //登录
        registry.addInterceptor(tokenInterceptor)

--- a/src/main/java/com/asset/core/jwt/TokenUtil.java
+++ b/src/main/java/com/asset/core/jwt/TokenUtil.java
@@ -8,8 +8,8 @@ import com.auth0.jwt.algorithms.Algorithm;
 import com.auth0.jwt.interfaces.DecodedJWT;
 public class TokenUtil {
-    //过期时间
+    //过期时间(10小时)
-    private static final long EXPIRE_TIME = 1 * 60 * 1000;
+    private static final long EXPIRE_TIME = 1 * 60 * 60 * 1000;
    //使用静态的字符密文或者key来获取算法器，token秘钥，请勿泄露，请勿随便修改
    private static final String TOKEN_SECRET = "expert";  //密钥盐

--- a/src/main/java/com/asset/domain/User.java
+++ b/src/main/java/com/asset/domain/User.java
@@ -97,22 +97,22 @@ public class User implements Serializable {
    private String expertTypeValue;
    @TableField(exist = false)
-    private String expert;  //专家凭证
+    private String expert;  //专家凭证(入库用)
    @TableField(exist = false)
-    private String recom;   //推荐凭证
+    private String recom;   //推荐凭证(入库用)
    @TableField(exist = false)
-    private String other;   //其他凭证
+    private String other;   //其他凭证(入库用)
    @TableField(exist = false)
-    private List reexpert;  //专家凭证
+    private List reexpert;  //专家凭证(展示)
    @TableField(exist = false)
-    private List rerecom;   //推荐凭证
+    private List rerecom;   //推荐凭证(展示)
    @TableField(exist = false)
-    private List reother;   //其他凭证
+    private List reother;   //其他凭证(展示)
    private String expertRange;