Skip to content

Commit

Permalink
Merge pull request #6199 from EightMonth/springboot3_sas
Browse files Browse the repository at this point in the history 
修复#6168\#6169\websocket连接问题
  • Loading branch information
@zhangdaiscott
zhangdaiscott committed Apr 30, 2024
2 parents 5488f99 + b46a643 commit 628870a
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 1 deletion.
3 changes: 3 additions & 0 deletions jeecg-boot-base-core/src/main/java/org/jeecg/common/aspect/AutoLogAspect.java
View file
Expand Up @@ -160,6 +160,9 @@ public boolean apply(Object o, String name, Object value) {
if(value!=null && value.toString().length()>length){
return false;
}
if(value instanceof MultipartFile){
return false;
}
return true;
}
};
Expand Down
17 changes: 16 additions & 1 deletion jeecg-boot-base-core/src/main/java/org/jeecg/common/util/TokenUtils.java
View file
Expand Up @@ -12,6 +12,12 @@
import org.jeecg.common.system.vo.LoginUser;

import jakarta.servlet.http.HttpServletRequest;
import org.jeecg.config.security.JeecgRedisOAuth2AuthorizationService;
import org.springframework.data.redis.serializer.SerializationException;
import org.springframework.security.oauth2.server.authorization.OAuth2Authorization;
import org.springframework.security.oauth2.server.authorization.OAuth2TokenType;

import java.util.Objects;

/**
* @Author scott
Expand Down Expand Up @@ -112,7 +118,7 @@ public static boolean verifyToken(String token, CommonAPI commonApi, RedisUtil r
throw new JeecgBoot401Exception("账号已被锁定,请联系管理员!");
}
// 校验token是否超时失效 & 或者账号密码是否错误
if (!jwtTokenRefresh(token, username, user.getPassword(), redisUtil)) {
if (!jwtTokenRefresh(token, username, user.getPassword())) {
throw new JeecgBoot401Exception(CommonConstant.TOKEN_IS_INVALID_MSG);
}
return true;
Expand Down Expand Up @@ -141,6 +147,15 @@ private static boolean jwtTokenRefresh(String token, String userName, String pas
return false;
}

private static boolean jwtTokenRefresh(String token, String userName, String passWord) {
JeecgRedisOAuth2AuthorizationService authRedis = SpringContextUtils.getBean(JeecgRedisOAuth2AuthorizationService.class);
OAuth2Authorization authorization = authRedis.findByToken(token, OAuth2TokenType.ACCESS_TOKEN);
if (Objects.nonNull(authorization) && JwtUtil.verify(token, userName, passWord)) {
return true;
}
return false;
}

/**
* 获取登录用户
*
Expand Down
6 changes: 6 additions & 0 deletions ...base-core/src/main/java/org/jeecg/config/security/app/AppGrantAuthenticationProvider.java
View file
Expand Up @@ -3,6 +3,7 @@
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.api.CommonAPI;
import org.jeecg.common.constant.CacheConstant;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.exception.JeecgBootException;
import org.jeecg.common.exception.JeecgCaptchaException;
Expand Down Expand Up @@ -34,6 +35,7 @@
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

import java.security.Principal;
import java.util.*;
Expand Down Expand Up @@ -116,6 +118,10 @@ public Authentication authenticate(Authentication authentication) throws Authent

// 通过用户名获取用户信息
LoginUser loginUser = commonAPI.getUserByName(username);
if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) {
redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username);
loginUser = commonAPI.getUserByName(username);
}
// 检查用户可行性
checkUserIsEffective(loginUser);

Expand Down
6 changes: 6 additions & 0 deletions ...src/main/java/org/jeecg/config/security/password/PasswordGrantAuthenticationProvider.java
View file
Expand Up @@ -3,6 +3,7 @@
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.jeecg.common.api.CommonAPI;
import org.jeecg.common.constant.CacheConstant;
import org.jeecg.common.constant.CommonConstant;
import org.jeecg.common.exception.JeecgBootException;
import org.jeecg.common.exception.JeecgCaptchaException;
Expand Down Expand Up @@ -35,6 +36,7 @@
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenContext;
import org.springframework.security.oauth2.server.authorization.token.OAuth2TokenGenerator;
import org.springframework.util.Assert;
import org.springframework.util.StringUtils;

import java.security.Principal;
import java.util.*;
Expand Down Expand Up @@ -117,6 +119,10 @@ public Authentication authenticate(Authentication authentication) throws Authent

// 通过用户名获取用户信息
LoginUser loginUser = commonAPI.getUserByName(username);
if (Objects.isNull(loginUser) || !StringUtils.hasText(loginUser.getSalt())) {
redisUtil.del(CacheConstant.SYS_USERS_CACHE+"::"+username);
loginUser = commonAPI.getUserByName(username);
}
// 检查用户可行性
checkUserIsEffective(loginUser);

Expand Down

0 comments on commit 628870a

Please sign in to comment.