集成token

esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/config/WebConfig.java → esua-epdc/epdc-commons/epdc-common-clienttoken/src/main/java/com/elink/esua/common/token/config/WebConfig.java

@@ -1,15 +1,15 @@
 /**
  * Copyright (c) 2018 人人开源 All rights reserved.
- *
+ * <p>
  * https://www.renren.io
- *
+ * <p>
  * 版权所有，侵权必究！
  */
 
-package com.elink.esua.epdc.config;
+package com.elink.esua.common.token.config;
 
-import com.elink.esua.epdc.commons.tools.resolver.LoginUserHandlerMethodArgumentResolver;
-import com.elink.esua.epdc.interceptor.AuthorizationInterceptor;
+import com.elink.esua.common.token.interceptor.AuthorizationInterceptor;
+import com.elink.esua.common.token.resolver.LoginUserHandlerMethodArgumentResolver;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.method.support.HandlerMethodArgumentResolver;
@@ -25,8 +25,10 @@ import java.util.List;
  */
 @Configuration
 public class WebConfig implements WebMvcConfigurer {
+
     @Autowired
     private AuthorizationInterceptor authorizationInterceptor;
+
     @Autowired
     private LoginUserHandlerMethodArgumentResolver loginUserHandlerMethodArgumentResolver;
 

esua-epdc/epdc-commons/epdc-common-clienttoken/src/main/java/com/elink/esua/common/token/error/IErrorCode.java

@@ -0,0 +1,11 @@
+package com.elink.esua.common.token.error;
+
+/**
+ * @author rongchao
+ * @Date 18-11-20
+ */
+public interface IErrorCode {
+    int getCode();
+
+    String getMsg();
+}

esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/resolver/LoginUserHandlerMethodArgumentResolver.java → esua-epdc/epdc-commons/epdc-common-clienttoken/src/main/java/com/elink/esua/common/token/resolver/LoginUserHandlerMethodArgumentResolver.java

@@ -6,7 +6,7 @@
  * 版权所有，侵权必究！
  */
 
-package com.elink.esua.epdc.commons.tools.resolver;
+package com.elink.esua.common.token.resolver;
 
 import com.elink.esua.epdc.commons.tools.annotation.LoginUser;
 import com.elink.esua.epdc.commons.tools.constant.Constant;

esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/redis/CpUserDetailRedis.java → esua-epdc/epdc-commons/epdc-common-clienttoken/src/main/java/com/elink/esua/common/token/util/CpUserDetailRedis.java

@@ -6,10 +6,13 @@
  * 版权所有，侵权必究！
  */
 
-package com.elink.esua.epdc.commons.tools.redis;
+package com.elink.esua.common.token.util;
 
 import cn.hutool.core.bean.BeanUtil;
 import cn.hutool.core.map.MapUtil;
+import com.elink.esua.common.token.dto.TokenDto;
+import com.elink.esua.epdc.commons.tools.redis.RedisKeys;
+import com.elink.esua.epdc.commons.tools.redis.RedisUtils;
 import com.elink.esua.epdc.commons.tools.security.user.CpUserDetail;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -28,18 +31,24 @@ public class CpUserDetailRedis {
     @Autowired
     private RedisUtils redisUtils;
 
-    public void set(CpUserDetail user, long expire) {
+    public void set(TokenDto user, long expire) {
         if (user == null) {
             return;
         }
-        String key = RedisKeys.getCpUserKey(user.getId());
+        String key = RedisKeys.getCpUserKey(user.getUserInfoDto().getUserId());
         //bean to map
         Map<String, Object> map = BeanUtil.beanToMap(user, false, true);
         redisUtils.hMSet(key, map, expire);
     }
 
-    public CpUserDetail get(String id) {
-        String key = RedisKeys.getCpUserKey(id);
+    /**
+     * 获取token信息
+     *
+     * @param userId
+     * @return
+     */
+    public TokenDto get(String userId) {
+        String key = RedisKeys.getCpUserKey(userId);
 
         Map<String, Object> map = redisUtils.hGetAll(key);
         if (MapUtil.isEmpty(map)) {
@@ -47,17 +56,28 @@ public class CpUserDetailRedis {
         }
 
         //map to bean
-        CpUserDetail user = BeanUtil.mapToBean(map, CpUserDetail.class, true);
+        TokenDto user = BeanUtil.mapToBean(map, TokenDto.class, true);
 
         return user;
     }
 
     /**
-     * 用户退出
+     * 删除用户信息
+     *
+     * @param userId
+     */
+    public void logout(String userId) {
+        redisUtils.delete(RedisKeys.getCpUserKey(userId));
+    }
+
+    /**
+     * 设置redis时间
      *
-     * @param id
+     * @param userId
+     * @param expire
+     * @author rongchao
      */
-    public void logout(String id) {
-        redisUtils.delete(RedisKeys.getCpUserKey(id));
+    public boolean expire(String userId, long expire) {
+        return redisUtils.expire(RedisKeys.getCpUserKey(userId), expire);
     }
-}
+}

esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/redis/RedisKeys.java

@@ -14,64 +14,69 @@ package com.elink.esua.epdc.commons.tools.redis;
  */
 public class RedisKeys {
 
+    /**
+     * 党建redis前缀
+     */
+    private static String rootPrefix = "epdc:";
+
     /**
      * 系统参数Key
      */
     public static String getSysParamsKey() {
-        return "sys:params";
+        return rootPrefix.concat("sys:params");
     }
 
     /**
      * 登录验证码Key
      */
     public static String getLoginCaptchaKey(String uuid) {
-        return "sys:captcha:" + uuid;
+        return rootPrefix.concat("sys:captcha:").concat(uuid);
     }
 
     /**
      * 登录用户Key
      */
     public static String getSecurityUserKey(Long id) {
-        return "sys:security:user:" + id;
+        return rootPrefix.concat("sys:security:user:").concat(String.valueOf(id));
     }
 
     /**
      * 系统日志Key
      */
     public static String getSysLogKey() {
-        return "sys:log";
+        return rootPrefix.concat("sys:log");
     }
 
     /**
      * 系统资源Key
      */
     public static String getSysResourceKey() {
-        return "sys:resource";
+        return rootPrefix.concat("sys:resource");
     }
 
     /**
      * 用户菜单导航Key
      */
     public static String getUserMenuNavKey(Long userId, String language) {
-        return "sys:user:nav:" + userId + "_" + language;
+        return rootPrefix.concat("sys:user:nav:").concat(String.valueOf(userId)).concat("_").concat(language);
     }
 
     /**
      * 用户菜单导航Key
      */
     public static String getUserMenuNavKey(Long userId) {
-        return "sys:user:nav:" + userId + "_*";
+        return rootPrefix.concat("sys:user:nav:").concat(String.valueOf(userId)).concat("_*");
     }
 
     /**
      * 用户权限标识Key
      */
     public static String getUserPermissionsKey(Long userId) {
-        return "sys:user:permissions:" + userId;
+        return rootPrefix.concat("sys:user:permissions:").concat(String.valueOf(userId));
     }
 
     public static String getCpUserKey(String id) {
-        return "sys:security:cpuser:" + id;
+        return rootPrefix.concat("sys:security:cpuser:").concat(id);
     }
 
     /**
@@ -83,7 +88,7 @@ public class RedisKeys {
      * @date 2019/9/3 16:28
      */
     public static String getSimpleAreaKey(String areaId) {
-        return "epdc:config:simple:area:" + areaId;
+        return rootPrefix.concat("config:simple:area:").concat(areaId);
     }
 
     /**
@@ -95,6 +100,6 @@ public class RedisKeys {
      * @date 2019/9/3 16:28
      */
     public static String getSimpleDictKey(String dictType) {
-        return "epdc:config:simple:dict:" + dictType;
+        return rootPrefix.concat("config:simple:dict:").concat(dictType);
     }
 }

esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/redis/RedisUtils.java

@@ -1,8 +1,8 @@
 /**
  * Copyright (c) 2018 人人开源 All rights reserved.
- *
+ * <p>
  * https://www.renren.io
- *
+ * <p>
  * 版权所有，侵权必究！
  */
 
@@ -38,20 +38,20 @@ public class RedisUtils {
     /**  不设置过期时长 */
     public final static long NOT_EXPIRE = -1L;
 
-    public void set(String key, Object value, long expire){
+    public void set(String key, Object value, long expire) {
         redisTemplate.opsForValue().set(key, value);
-        if(expire != NOT_EXPIRE){
+        if (expire != NOT_EXPIRE) {
             expire(key, expire);
         }
     }
 
-    public void set(String key, Object value){
+    public void set(String key, Object value) {
         set(key, value, DEFAULT_EXPIRE);
     }
 
     public Object get(String key, long expire) {
         Object value = redisTemplate.opsForValue().get(key);
-        if(expire != NOT_EXPIRE){
+        if (expire != NOT_EXPIRE) {
             expire(key, expire);
         }
         return value;
@@ -61,7 +61,7 @@ public class RedisUtils {
         return get(key, NOT_EXPIRE);
     }
 
-    public Set<String> keys(String pattern){
+    public Set<String> keys(String pattern) {
         return redisTemplate.keys(pattern);
     }
 
@@ -81,19 +81,19 @@ public class RedisUtils {
         return redisTemplate.opsForHash().get(key, field);
     }
 
-    public Map<String, Object> hGetAll(String key){
+    public Map<String, Object> hGetAll(String key) {
         HashOperations<String, String, Object> hashOperations = redisTemplate.opsForHash();
         return hashOperations.entries(key);
     }
 
-    public void hMSet(String key, Map<String, Object> map){
+    public void hMSet(String key, Map<String, Object> map) {
         hMSet(key, map, DEFAULT_EXPIRE);
     }
 
-    public void hMSet(String key, Map<String, Object> map, long expire){
+    public void hMSet(String key, Map<String, Object> map, long expire) {
         redisTemplate.opsForHash().putAll(key, map);
 
-        if(expire != NOT_EXPIRE){
+        if (expire != NOT_EXPIRE) {
             expire(key, expire);
         }
     }
@@ -105,32 +105,32 @@ public class RedisUtils {
     public void hSet(String key, String field, Object value, long expire) {
         redisTemplate.opsForHash().put(key, field, value);
 
-        if(expire != NOT_EXPIRE){
+        if (expire != NOT_EXPIRE) {
             expire(key, expire);
         }
     }
 
-    public void expire(String key, long expire){
-        redisTemplate.expire(key, expire, TimeUnit.SECONDS);
+    public boolean expire(String key, long expire) {
+        return redisTemplate.expire(key, expire, TimeUnit.SECONDS);
     }
 
-    public void hDel(String key, Object... fields){
+    public void hDel(String key, Object... fields) {
         redisTemplate.opsForHash().delete(key, fields);
     }
 
-    public void leftPush(String key, Object value){
+    public void leftPush(String key, Object value) {
         leftPush(key, value, DEFAULT_EXPIRE);
     }
 
-    public void leftPush(String key, Object value, long expire){
+    public void leftPush(String key, Object value, long expire) {
         redisTemplate.opsForList().leftPush(key, value);
 
-        if(expire != NOT_EXPIRE){
+        if (expire != NOT_EXPIRE) {
             expire(key, expire);
         }
     }
 
-    public Object rightPop(String key){
+    public Object rightPop(String key) {
         return redisTemplate.opsForList().rightPop(key);
     }
 }

esua-epdc/epdc-commons/epdc-commons-tools/src/main/java/com/elink/esua/epdc/commons/tools/utils/WebUtil.java

@@ -0,0 +1,66 @@
+package com.elink.esua.epdc.commons.tools.utils;
+
+import org.springframework.web.context.request.RequestAttributes;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Web工具类
+ *
+ * @author rongchao
+ * @Date 18-11-20
+ */
+public class WebUtil {
+
+    public static HttpServletRequest getHttpServletRequest() {
+        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        HttpServletRequest request = requestAttributes.getRequest();
+        return request;
+    }
+
+    public static Object getAttributesFromRequest(String paramName) {
+        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        return requestAttributes.getAttribute(paramName, RequestAttributes.SCOPE_REQUEST);
+    }
+
+    public static void setAttributesFromRequest(String paramName, Object obj) {
+        ServletRequestAttributes requestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
+        requestAttributes.setAttribute(paramName, obj, RequestAttributes.SCOPE_REQUEST);
+    }
+
+    /**
+     * 获取用户真实IP地址，不使用request.getRemoteAddr();的原因是有可能用户使用了代理软件方式避免真实IP地址,
+     * <p>
+     * 可是，如果通过了多级反向代理的话，X-Forwarded-For的值并不止一个，而是一串IP值，究竟哪个才是真正的用户端的真实IP呢？
+     * 答案是取X-Forwarded-For中第一个非unknown的有效IP字符串。
+     * <p>
+     * 如：X-Forwarded-For：192.168.1.110, 192.168.1.120, 192.168.1.130,
+     * 192.168.1.100
+     * <p>
+     * 用户真实IP为： 192.168.1.110
+     *
+     * @return
+     */
+    public static String getIpAddress() {
+        HttpServletRequest request = getHttpServletRequest();
+        String ip = request.getHeader("x-forwarded-for");
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("Proxy-Client-IP");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("WL-Proxy-Client-IP");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("HTTP_CLIENT_IP");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getHeader("HTTP_X_FORWARDED_FOR");
+        }
+        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
+            ip = request.getRemoteAddr();
+        }
+        return ip;
+    }
+}

esua-epdc/epdc-commons/pom.xml

@@ -19,5 +19,6 @@
         <module>epdc-commons-api-version-control</module>
         <module>epdc-commons-tools-phone</module>
         <module>epdc-wx</module>
+        <module>epdc-common-clienttoken</module>
     </modules>
 </project>

esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/ApiApplication.java

@@ -19,7 +19,7 @@ import org.springframework.cloud.openfeign.EnableFeignClients;
  * @author Mark sunlightcs@gmail.com
  * @since 1.0.0
  */
-@SpringBootApplication(scanBasePackages = {"com.elink.esua.epdc"})
+@SpringBootApplication
 @EnableDiscoveryClient
 @EnableFeignClients
 public class ApiApplication {

esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/Login.java

@@ -1,21 +0,0 @@
-/**
- * Copyright (c) 2018 人人开源 All rights reserved.
- *
- * https://www.renren.io
- *
- * 版权所有，侵权必究！
- */
-
-package com.elink.esua.epdc.annotation;
-
-import java.lang.annotation.*;
-
-/**
- * 登录效验
- * @author Mark sunlightcs@gmail.com
- */
-@Target(ElementType.METHOD)
-@Retention(RetentionPolicy.RUNTIME)
-@Documented
-public @interface Login {
-}

esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/annotation/LoginUser.java

@@ -1,25 +0,0 @@
-/**
- * Copyright (c) 2018 人人开源 All rights reserved.
- *
- * https://www.renren.io
- *
- * 版权所有，侵权必究！
- */
-
-package com.elink.esua.epdc.annotation;
-
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
-
-/**
- * 登录用户信息
- *
- * @author Mark sunlightcs@gmail.com
- */
-@Target(ElementType.PARAMETER)
-@Retention(RetentionPolicy.RUNTIME)
-public @interface LoginUser {
-
-}

esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/java/com/elink/esua/epdc/interceptor/AuthorizationInterceptor.java

@@ -1,75 +0,0 @@
-/**
- * Copyright (c) 2018 人人开源 All rights reserved.
- *
- * https://www.renren.io
- *
- * 版权所有，侵权必究！
- */
-
-package com.elink.esua.epdc.interceptor;
-
-import com.elink.esua.epdc.annotation.Login;
-import com.elink.esua.epdc.exception.ModuleErrorCode;
-import com.elink.esua.epdc.annotation.Login;
-import com.elink.esua.epdc.commons.tools.exception.RenException;
-import com.elink.esua.epdc.entity.TokenEntity;
-import com.elink.esua.epdc.exception.ModuleErrorCode;
-import com.elink.esua.epdc.service.TokenService;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-import org.springframework.web.method.HandlerMethod;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- * 权限(Token)验证
- *
- * @author Mark sunlightcs@gmail.com
- */
-@Component
-public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
-    @Autowired
-    private TokenService tokenService;
-
-    public static final String USER_KEY = "userId";
-
-    @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
-        Login annotation;
-        if(handler instanceof HandlerMethod) {
-            annotation = ((HandlerMethod) handler).getMethodAnnotation(Login.class);
-        }else{
-            return true;
-        }
-
-        if(annotation == null){
-            return true;
-        }
-
-        //从header中获取token
-        String token = request.getHeader("token");
-        //如果header中不存在token，则从参数中获取token
-        if(StringUtils.isBlank(token)){
-            token = request.getParameter("token");
-        }
-
-        //token为空
-        if(StringUtils.isBlank(token)){
-            throw new RenException(ModuleErrorCode.TOKEN_NOT_EMPTY);
-        }
-
-        //查询token信息
-        TokenEntity tokenEntity = tokenService.getByToken(token);
-        if(tokenEntity == null || tokenEntity.getExpireDate().getTime() < System.currentTimeMillis()){
-            throw new RenException(ModuleErrorCode.TOKEN_INVALID);
-        }
-
-        //设置userId到request里，后续根据userId，获取用户信息
-        request.setAttribute(USER_KEY, tokenEntity.getUserId());
-
-        return true;
-    }
-}

esua-epdc/epdc-module/epdc-api/epdc-api-server/src/main/resources/application.yml

@@ -73,3 +73,6 @@ wx:
         secret: @wx.mp.configs.secret@
         token: @wx.mp.configs.token@
         aesKey: @wx.mp.configs.aesKey@
+
+token:
+  expire: 21600L