用户鉴权修改

server/src/main/java/com/qmth/jkserver/constant/SystemConstant.java

@@ -4,6 +4,7 @@ import com.aventrix.jnanoid.jnanoid.NanoIdUtils;
 import com.qmth.boot.core.uid.service.UidService;
 import com.qmth.jkserver.annotation.DBVerify;
 import com.qmth.jkserver.common.Constants;
+import com.qmth.jkserver.core.AesEncryptUtil;
 import com.qmth.jkserver.core.cache.JkCacheService;
 import com.qmth.jkserver.core.exception.JkServerException;
 import com.qmth.jkserver.enums.UserRole;
@@ -355,7 +356,7 @@ public class SystemConstant {
     public static void superOper() {
         JkCacheService jkCacheService = SpringContextHolder.getBean(JkCacheService.class);
         String token = ServletUtil.getRequest().getHeader(Constants.REQUEST_HEADER_TOKEN);
-        User user = (User) jkCacheService.getObj(Constants.CACHE_USER + token);
+        User user = SystemConstant.tokenGetUser(token);
         if (user == null) {
             throw new JkServerException("获取用户信息失败");
         }
@@ -363,4 +364,22 @@ public class SystemConstant {
             throw new JkServerException("只允许超级管理员操作");
         }
     }
+
+    /**
+     * token获取user信息
+     *
+     * @param token
+     * @return
+     */
+    public static User tokenGetUser(String token) {
+        String signature = AesEncryptUtil.decrypt(token);
+        if (Objects.nonNull(signature) && !Objects.equals(signature.trim(), "")) {
+            JkCacheService cacheService = SpringContextHolder.getBean(JkCacheService.class);
+            String[] strs = signature.split("_");
+            User user = (User) cacheService.getObj(Constants.CACHE_USER + strs[0]);
+            return user;
+        } else {
+            return null;
+        }
+    }
 }

server/src/main/java/com/qmth/jkserver/controller/system/BaseSystemController.java

@@ -2,6 +2,7 @@ package com.qmth.jkserver.controller.system;
 
 import com.qmth.jkserver.common.Constants;
 import com.qmth.jkserver.constant.SpringContextHolder;
+import com.qmth.jkserver.constant.SystemConstant;
 import com.qmth.jkserver.core.cache.JkCacheService;
 import com.qmth.jkserver.core.exception.JkServerException;
 import com.qmth.jkserver.model.User;
@@ -32,9 +33,7 @@ public class BaseSystemController {
         if (StringUtils.isEmpty(token)) {
             throw JkServerException.withFieldValidateError("token is null");
         }
-        JkCacheService cacheService = SpringContextHolder.getBean(JkCacheService.class);
-        User user = (User) cacheService.getObj(Constants.CACHE_USER + token);
-        return user;
+        return SystemConstant.tokenGetUser(token);
     }
 
     /**

server/src/main/java/com/qmth/jkserver/core/exception/JkServerException.java

@@ -4,8 +4,8 @@ import org.springframework.http.HttpStatus;
 
 /**
  * 系统异常信息
- * @author tianjun
  *
+ * @author tianjun
  */
 public class JkServerException extends RuntimeException {
 
@@ -27,6 +27,7 @@ public class JkServerException extends RuntimeException {
     public static final JkServerException SOLFEGE_ANSWER_ERROR = new JkServerException(-512, "视唱答案结构错误");
     public static final JkServerException STUDENT_ANSWER_UPLOAD_CONFILCT = new JkServerException(-513, "不能够同时上传同一个考生的数据,答案上传冲突了");
     public static final JkServerException AUTH_INFO_ERROR = new JkServerException(4010009, "系统授权信息已过期，请联系系统管理员激活!");
+    public static final JkServerException LOGIN_ERROR = new JkServerException(-4010010, "身份验证失效，请重新登录");
 
     private int code;
 
@@ -37,11 +38,11 @@ public class JkServerException extends RuntimeException {
         this.code = code;
         this.message = message;
     }
-    
+
     public JkServerException(String message) {
-    	this(SYSTEM_EXCEPTION.getCode(), message);
+        this(SYSTEM_EXCEPTION.getCode(), message);
     }
-    
+
     public int getCode() {
         return code;
     }
@@ -49,7 +50,7 @@ public class JkServerException extends RuntimeException {
     public String getMessage() {
         return message;
     }
-    
+
     public static JkServerException withFieldValidateError(String message) {
         return new JkServerException(FILED_VALIDATE_ERROR.getCode(), message);
     }

server/src/main/java/com/qmth/jkserver/core/inteceptor/SystemInterceptor.java

@@ -6,10 +6,10 @@ import com.qmth.jkserver.constant.SpringContextHolder;
 import com.qmth.jkserver.constant.SystemConstant;
 import com.qmth.jkserver.core.SystemResult;
 import com.qmth.jkserver.core.annotation.LoginValidate;
-import com.qmth.jkserver.core.cache.JkCacheService;
 import com.qmth.jkserver.core.exception.JkServerException;
 import com.qmth.jkserver.enums.LoginStatus;
 import com.qmth.jkserver.model.BasicSchool;
+import com.qmth.jkserver.model.User;
 import com.qmth.jkserver.service.AuthInfoService;
 import com.qmth.jkserver.service.CommonCacheService;
 import com.qmth.jkserver.util.ServletUtil;
@@ -76,9 +76,12 @@ public class SystemInterceptor extends HandlerInterceptorAdapter {
         // 返回服务器ip
         response.setHeader("serviceIp", InetAddress.getLocalHost().getHostAddress());
         if (StringUtils.isNotEmpty(token)) {
-            JkCacheService cacheService = SpringContextHolder.getBean(JkCacheService.class);
-            if (cacheService.getObj(Constants.CACHE_USER + token) != null) {
+            User user = SystemConstant.tokenGetUser(token);
+            if (Objects.nonNull(user) && Objects.nonNull(user.getToken()) && Objects.equals(user.getToken(), token)) {
                 return true;
+            } else {
+                errorReturn(response, JkServerException.LOGIN_ERROR);
+                return false;
             }
         }
         errorReturn(response, JkServerException.LOGIN_NEEDED);

server/src/main/java/com/qmth/jkserver/model/User.java

@@ -181,6 +181,18 @@ public class User implements Serializable {
     @TableField(exist = false)
     private String schoolName;
 
+    @ApiModelProperty(value = "token")
+    @TableField(exist = false)
+    private String token;
+
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(String token) {
+        this.token = token;
+    }
+
     public String getSchoolName() {
         return schoolName;
     }

server/src/main/java/com/qmth/jkserver/service/impl/ExamProgressStatisticServiceImpl.java

@@ -84,7 +84,7 @@ public class ExamProgressStatisticServiceImpl implements ExamProgressStatisticSe
                 if (Objects.nonNull(schoolId) && schoolId.longValue() > 0) {
                     examPlanQueryWrapper.lambda().eq(ExamPlan::getSchoolId, schoolId);
                 }
-//                User user = (User) cacheService.getObj(Constants.CACHE_USER + token);
+//                User user = SystemConstant.tokenGetUser(token);
 //                if (user != null && !user.getUserName().equals("super")) {
 //                    examPlanQueryWrapper.lambda().eq(ExamPlan::getCreatorId, user.getId());
 //                }

server/src/main/java/com/qmth/jkserver/service/impl/UserServiceImpl.java

@@ -131,10 +131,11 @@ public class UserServiceImpl extends ServiceImpl<UserDao, User> implements UserS
         if (Objects.nonNull(encodePwd) && !encodePwd.trim().equals(user.getPassword())) {
             throw new JkServerException(JkServerException.FILED_VALIDATE_ERROR.getCode(), "用户名或者密码错误");
         }
-        String token = AesEncryptUtil.encrypt(user.getId() + "" + System.currentTimeMillis());
+        String token = AesEncryptUtil.encrypt(user.getId() + "_" + System.currentTimeMillis());
         BasicSchool basicSchool = commonCacheService.schoolCache(user.getSchoolId());
         user.setBasicSchool(basicSchool);
-        cacheService.setObj(Constants.CACHE_USER + token, user, 480 * 60);//用户token缓存 8小时
+        user.setToken(token);
+        cacheService.setObj(Constants.CACHE_USER + user.getId(), user, 480 * 60);//用户token缓存 8小时
         UserLog ul = new UserLog();
         ul.setId(SystemConstant.getDbUuid());
         ul.setLoginTime(System.currentTimeMillis());
@@ -152,7 +153,8 @@ public class UserServiceImpl extends ServiceImpl<UserDao, User> implements UserS
     public void logout(HttpServletRequest request) {
         String token = request.getHeader(Constants.REQUEST_HEADER_TOKEN);
         if (StringUtils.isNotEmpty(token)) {
-            cacheService.delObj(Constants.CACHE_USER + token);
+            User user = SystemConstant.tokenGetUser(token);
+            cacheService.delObj(Constants.CACHE_USER + user.getId());
         }
     }
 
@@ -179,7 +181,7 @@ public class UserServiceImpl extends ServiceImpl<UserDao, User> implements UserS
     @Override
     public User resetPwd(HttpServletRequest request, String oldPwd, String newPwd) throws Exception {
         String token = request.getHeader(Constants.REQUEST_HEADER_TOKEN);
-        User user = (User) cacheService.getObj(Constants.CACHE_USER + token);
+        User user = SystemConstant.tokenGetUser(token);
         if (user == null) {
             throw new JkServerException(JkServerException.FILED_VALIDATE_ERROR.getCode(), "获取用户信息失败");
         }
@@ -198,7 +200,7 @@ public class UserServiceImpl extends ServiceImpl<UserDao, User> implements UserS
     @Override
     public UserLog queryLastTimeLoginUser(HttpServletRequest request) {
         String token = request.getHeader(Constants.REQUEST_HEADER_TOKEN);
-        User user = (User) cacheService.getObj(Constants.CACHE_USER + token);
+        User user = SystemConstant.tokenGetUser(token);
 //        Query query = new Query();
 //        query.addCriteria(Criteria.where("userId").is(user.getId()));
 //        query.with(new Sort(Direction.DESC, "loginTime"));