1.调整拦截TokenDto Filter的逻辑，增加BaseTokenDto

5 years ago · d551b175f9
6 changed files with 108 additions and 86 deletions
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/BaseTokenDto.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/BaseTokenDto.java
@ -0,0 +1,42 @@
+package com.epmet.commons.tools.security.dto;
+
+import lombok.Data;
+
+@Data
+public class BaseTokenDto {
+    /**
+     * 政府端:gov、居民端:resi、运营端:oper
+     */
+    private String app;
+
+    /**
+     * PC端:web、微信小程序:wxmp
+     */
+    private String client;
+
+    /**
+     * 用户ID
+     */
+    private String userId;
+
+    /**
+     * token字符串
+     */
+    private String token;
+
+    public BaseTokenDto() {
+    }
+
+    public BaseTokenDto(String app, String client, String userId) {
+        this.app = app;
+        this.client = client;
+        this.userId = userId;
+    }
+
+    public BaseTokenDto(String app, String client, String userId, String token) {
+        this.app = app;
+        this.client = client;
+        this.userId = userId;
+        this.token = token;
+    }
+}
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/GovTokenDto.java
@ -11,21 +11,7 @@ import java.util.List;
 * @Date 2020/4/20 11:01
 */
@Data
-public class GovTokenDto implements Serializable {
-    /**
-     * 政府端:gov、居民端:resi、运营端:oper
-     */
-    private String app;
-
-    /**
-     * PC端:web、微信小程序:wxmp
-     */
-    private String client;
-
-    /**
-     * 用户ID
-     */
-    private String userId;
+public class GovTokenDto extends BaseTokenDto implements Serializable {

    /**
     * sessionKey
@ -42,21 +28,6 @@ public class GovTokenDto implements Serializable {
     */
    private String unionId;

-    /**
-     * token字符串
-     */
-    private String token;
-
-    /**
-     * 过期时间戳
-     */
-    private Long expireTime;
-
-    /**
-     * 最后一次更新时间
-     */
-    private long updateTime;
-
    /**
     * 当前工作人员进入的客户id
     */
@ -81,5 +52,15 @@ public class GovTokenDto implements Serializable {
     * 部门id列表
     */
    private List<String> deptIdList;
+
+    /**
+     * 过期时间戳
+     */
+    private Long expireTime;
+
+    /**
+     * 最后一次更新时间
+     */
+    private long updateTime;
 }

--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/TokenDto.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/TokenDto.java
@ -11,22 +11,8 @@ import java.io.Serializable;
 * @Date 2020-03-14
 */
@Data
-public class TokenDto implements Serializable {
+public class TokenDto extends BaseTokenDto implements Serializable {
 	private static final long serialVersionUID = 8883581762088390769L;
-	/**
-	 * 政府端:gov、居民端:resi、运营端:oper
-	 */
-	private String app;
-
-	/**
-	 * PC端:web、微信小程序:wxmp
-	 */
-	private String client;
-
-	/**
-	 * 用户ID
-	 */
-	private String userId;

 	/**
 	 * sessionKey
@ -43,11 +29,6 @@ public class TokenDto implements Serializable {
 	 */
 	private String unionId;

-	/**
-	 * token字符串
-	 */
-	private String token;
-
 	/**
 	 * 过期时间戳
 	 */
@ -57,4 +38,5 @@ public class TokenDto implements Serializable {
 	 * 最后一次更新时间
 	 */
 	private long updateTime;
+
 }
--- a/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/CpAuthGatewayFilterFactory.java
@ -6,6 +6,7 @@ import com.epmet.common.token.enums.ErrorCode;
 import com.epmet.commons.tools.constant.AppClientConstant;
 import com.epmet.commons.tools.constant.Constant;
 import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.security.dto.BaseTokenDto;
 import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.commons.tools.utils.Result;
@ -91,24 +92,22 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 				return response(exchange,new Result<>().error(ErrorCode.ERR10005.getCode(),ErrorCode.ERR10005.getMsg()));
 			}
 			try {
+				BaseTokenDto baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
+				validateTokenDto(baseTokenDto, token);
+
 				//当前登录用户userId，添加到header中
-				TokenDto user = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis);
-				if (user != null) {
-					String redisKey = user.getApp() + "-" + user.getClient() + "-" + user.getUserId();
-					logger.info("redisKey=" + redisKey);
-					ServerHttpRequest build = exchange.getRequest().mutate()
-							.header(Constant.APP_USER_KEY, redisKey)
-							.header(AppClientConstant.APP,user.getApp())
-							.header(AppClientConstant.CLIENT,user.getClient())
-							.header(AppClientConstant.USER_ID,user.getUserId())
-							.build();
-					return chain.filter(exchange.mutate().request(build).build());
-				}
+				String redisKey = baseTokenDto.getApp() + "-" + baseTokenDto.getClient() + "-" + baseTokenDto.getUserId();
+				logger.info("redisKey=" + redisKey);
+				ServerHttpRequest build = exchange.getRequest().mutate()
+						.header(Constant.APP_USER_KEY, redisKey)
+						.header(AppClientConstant.APP,baseTokenDto.getApp())
+						.header(AppClientConstant.CLIENT,baseTokenDto.getClient())
+						.header(AppClientConstant.USER_ID,baseTokenDto.getUserId())
+						.build();
+				return chain.filter(exchange.mutate().request(build).build());
 			}catch(RenException e){
 				return response(exchange,new Result<>().error(e.getCode(),e.getMsg()));
 			}
-
-			return chain.filter(exchange);
 		};
 	}

@ -182,4 +181,25 @@ public class CpAuthGatewayFilterFactory extends AbstractGatewayFilterFactory<CpA
 			this.enabled = enabled;
 		}
 	}
+
+	/**
+	 * 校验Token是否异常
+	 * @param tokenDto
+	 * @param tokenStr
+	 */
+	public void validateTokenDto(BaseTokenDto tokenDto, String tokenStr) {
+		if (null == tokenDto) {
+		    //说明登录状态时效（超时）
+		    throw new RenException(ErrorCode.ERR10006.getCode(),ErrorCode.ERR10006.getMsg());
+		}else{
+		    //Redis中存在数据，取出token，进行比对
+		    if(StringUtils.equals(tokenDto.getToken(),tokenStr)){
+		        //用户携带token与Redis中一致
+
+		    }else{
+		        //用户携带token与Redis中不一致，说明当前用户此次会话失效，提示重新登陆
+		        throw new RenException(ErrorCode.ERR10007.getCode(),ErrorCode.ERR10007.getMsg());
+		    }
+		}
+	}
 }
--- a/epmet-gateway/src/main/java/com/epmet/filter/FeignRequestFilter.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/FeignRequestFilter.java
@ -1,9 +1,14 @@
 package com.epmet.filter;

+import com.epmet.common.token.enums.ErrorCode;
+import com.epmet.commons.tools.constant.AppClientConstant;
 import com.epmet.commons.tools.constant.Constant;
+import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.security.dto.BaseTokenDto;
 import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.jwt.JwtTokenUtils;
+import io.jsonwebtoken.Claims;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@ -18,7 +23,7 @@ import reactor.core.publisher.Mono;

 /**
 * Feign调用发送请求的Filter
- *  目前用于封装用户相关信息到request，供上游微服务使用
+ * 目前用于封装用户相关信息到request，供上游微服务使用
 */
@Component
 public class FeignRequestFilter implements GlobalFilter, UserTokenFilter {
@ -50,10 +55,11 @@ public class FeignRequestFilter implements GlobalFilter, UserTokenFilter {
            return chain.filter(exchange);
        }

-        TokenDto loginUserInfo = getLoginUserInfoByToken(token, jwtTokenUtils, cpUserDetailRedis);
-        if (loginUserInfo != null) {
+        BaseTokenDto baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
+
+        if (baseTokenDto != null) {
            ServerHttpRequest build = exchange.getRequest().mutate()
-                    .header(Constant.USER_KEY, new String[]{loginUserInfo.getUserId()}).build();
+                    .header(Constant.USER_KEY, new String[]{baseTokenDto.getUserId()}).build();
            return chain.filter(exchange.mutate().request(build).build());
        }

--- a/epmet-gateway/src/main/java/com/epmet/filter/UserTokenFilter.java
+++ b/epmet-gateway/src/main/java/com/epmet/filter/UserTokenFilter.java
@ -2,6 +2,7 @@ package com.epmet.filter;

 import com.epmet.common.token.enums.ErrorCode;
 import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.security.dto.BaseTokenDto;
 import com.epmet.commons.tools.security.dto.TokenDto;
 import com.epmet.commons.tools.utils.CpUserDetailRedis;
 import com.epmet.jwt.JwtTokenUtils;
@ -12,33 +13,23 @@ import io.jsonwebtoken.Claims;
 */
 public interface UserTokenFilter {

-    default TokenDto getLoginUserInfoByToken(String token, JwtTokenUtils jwtTokenUtils, CpUserDetailRedis cpUserDetailRedis) {
+    default BaseTokenDto getBaseTokenDto(String token, JwtTokenUtils jwtTokenUtils) {
        //是否过期
        Claims claims = jwtTokenUtils.getClaimByToken(token);
        if (claims == null || jwtTokenUtils.isTokenExpired(claims.getExpiration())) {
-            throw new RenException(ErrorCode.ERR401.getCode(),ErrorCode.ERR401.getMsg());
+            throw new RenException(ErrorCode.ERR401.getCode(), ErrorCode.ERR401.getMsg());
        }
        //获取用户ID
        String app = (String) claims.get("app");
        String client = (String) claims.get("client");
        String userId = (String) claims.get("userId");
-        //查询Redis
-        TokenDto tokenDto = cpUserDetailRedis.get(app, client, userId);
-        //if (null == tokenDto) {
-        //    //说明登录状态时效（超时）
-        //    throw new RenException(ErrorCode.ERR10006.getCode(),ErrorCode.ERR10006.getMsg());
-        //}else{
-        //    //Redis中存在数据，取出token，进行比对
-        //    if(StringUtils.equals(tokenDto.getToken(),token)){
-        //        //用户携带token与Redis中一致
-        //
-        //    }else{
-        //        //用户携带token与Redis中不一致，说明当前用户此次会话失效，提示重新登陆
-        //        throw new RenException(ErrorCode.ERR10007.getCode(),ErrorCode.ERR10007.getMsg());
-        //    }
-        //
-        //}
+        return new BaseTokenDto(app, client, userId, token);
+    }

+    default <T> T getLoginUserInfoByToken(String token, JwtTokenUtils jwtTokenUtils, CpUserDetailRedis cpUserDetailRedis, Class<T> clz) {
+        BaseTokenDto baseTokenDto = getBaseTokenDto(token, jwtTokenUtils);
+        //查询Redis
+        T tokenDto = (T)cpUserDetailRedis.get(baseTokenDto.getApp(), baseTokenDto.getClient(), baseTokenDto.getUserId());
        return tokenDto;
    }