|
|
@@ -73,33 +73,34 @@ public class TokenFilter implements Filter {
|
|
|
String key = request.getHeader(Constants.PARAM_KEY);
|
|
|
String appToken = request.getHeader(Constants.PARAM_TOKEN);
|
|
|
if (StringUtils.isBlank(key) || StringUtils.isBlank(appToken)) {
|
|
|
- //key,token为空,则不用过滤处理
|
|
|
+ //key,token为空,则不用处理
|
|
|
return null;
|
|
|
}
|
|
|
|
|
|
- //通过key获取原始的登录信息
|
|
|
+ //通过key获取原始登录信息
|
|
|
LoginInfo loginInfo = userAuthService.getLoginInfo(key);
|
|
|
if (loginInfo == null) {
|
|
|
- //loginInfo为空,则代表尚未登录不用处理
|
|
|
+ //原始登录信息为空,则代表尚未登录不用处理
|
|
|
return null;
|
|
|
}
|
|
|
|
|
|
//同一个账号不同移动端设备,支持互踢
|
|
|
if (!appToken.equals(loginInfo.getAppToken())) {
|
|
|
- //Token参数值无效
|
|
|
+ //App Token参数值无效
|
|
|
return null;
|
|
|
}
|
|
|
|
|
|
//处理已登录信息
|
|
|
CustomHttpServletRequest customRequest = new CustomHttpServletRequest(request);
|
|
|
- if (!this.filterAccessUrl(request.getServletPath())) {
|
|
|
+ boolean isAllow = this.filterAccessUrl(request.getServletPath());
|
|
|
+ if (!isAllow) {
|
|
|
if (loginInfo.hasExpired(PLATFORM_SESSION_EXPIRE_TIME)) {
|
|
|
- //判断原始的login token是否在有效时间内,若已超过有效时间,则自动登录续期
|
|
|
+ //判断原始登录Token是否在有效时间内,否则自动登录续期
|
|
|
this.reLogin(loginInfo);
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- //替换原始token到request请求中
|
|
|
+ //将App Token替换为原始登录Token到request请求中
|
|
|
customRequest.addHeader(Constants.PARAM_TOKEN, loginInfo.getToken());
|
|
|
|
|
|
//初始化内部接口请求鉴权
|
|
|
@@ -112,6 +113,7 @@ public class TokenFilter implements Filter {
|
|
|
Result<UserInfo> result = userAuthService.login(loginInfo);
|
|
|
UserInfo userInfo = result.getData();
|
|
|
if (userInfo == null) {
|
|
|
+ log.debug("reLogin failed,Maybe user's password has changed.");
|
|
|
return;
|
|
|
}
|
|
|
//登录成功后缓存新的Token信息
|
|
|
@@ -125,7 +127,7 @@ public class TokenFilter implements Filter {
|
|
|
}
|
|
|
|
|
|
private boolean filterAccessUrl(String url) {
|
|
|
- //跳过不用处理的访问地址
|
|
|
+ //过滤不用处理的访问地址
|
|
|
if (url.contains("/user/logout")) {
|
|
|
return true;
|
|
|
}
|
deason