登录和鉴权

themis-backend/src/main/java/com/qmth/themis/backend/interceptor/AuthInterceptor.java

@@ -8,6 +8,7 @@ import com.qmth.themis.business.entity.TBSession;
 import com.qmth.themis.business.entity.TBUser;
 import com.qmth.themis.business.enums.RoleEnum;
 import com.qmth.themis.business.service.EhcacheService;
+import com.qmth.themis.business.service.TBUserService;
 import com.qmth.themis.business.util.EhcacheUtil;
 import com.qmth.themis.business.util.JwtUtil;
 import com.qmth.themis.business.util.RedisUtil;
@@ -44,6 +45,9 @@ public class AuthInterceptor implements HandlerInterceptor {
     @Resource
     DictionaryConfig dictionaryConfig;
 
+    @Resource
+    TBUserService tbUserService;
+
     @Override
     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object) throws Exception {
         log.info("HandlerInterceptor preHandle is come in");
@@ -67,10 +71,10 @@ public class AuthInterceptor implements HandlerInterceptor {
         if (Objects.isNull(deviceId) || Objects.equals(deviceId, "")) {
             throw new BusinessException(ExceptionResultEnum.DEVICE_ID_INVALID);
         }
-        String userId = JwtUtil.getClaim(token, SystemConstant.JWT_USERID);
+        Long userId = Long.parseLong(JwtUtil.getClaim(token, SystemConstant.JWT_USERID));
         String role = JwtUtil.getClaim(token, SystemConstant.ROLE);
         //首先验证token是否匹配
-        if (!JwtUtil.verify(token, Long.parseLong(userId), platform, deviceId, RoleEnum.valueOf(role))) {
+        if (!JwtUtil.verify(token, userId, platform, deviceId, RoleEnum.valueOf(role))) {
             throw new BusinessException(ExceptionResultEnum.TOKEN_NO);
         }
         //系统公用接口不拦截
@@ -81,16 +85,9 @@ public class AuthInterceptor implements HandlerInterceptor {
         if (sysCount > 0) {
             return true;
         }
-        TBUser tbUser = (TBUser) RedisUtil.getUser(Long.parseLong(userId));
-        if (Objects.isNull(tbUser)) {
-            throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
-        }
-        AuthDto authDto = (AuthDto) EhcacheUtil.get(SystemConstant.AUTH_CACHE, Long.parseLong(userId));
-        if (Objects.isNull(authDto)) {
-            authDto = ehcacheService.addAccountCache(userId);
-        }
         //验证token是否有效
-        String sessionId = SessionUtil.digest(Long.parseLong(userId), authDto.getRoleEnum().name(), platform.getSource());
+        TBUser tbUser = (TBUser) RedisUtil.getUser(userId);
+        String sessionId = SessionUtil.digest(userId, RoleEnum.valueOf(role), platform.getSource());
         TBSession tbSession = (TBSession) RedisUtil.getUserSession(sessionId);
         if (Objects.isNull(tbSession)) {
             throw new BusinessException(ExceptionResultEnum.LOGIN_NO);
@@ -99,10 +96,22 @@ public class AuthInterceptor implements HandlerInterceptor {
                 throw new BusinessException(ExceptionResultEnum.TOKEN_NO);
             }
             Date expireTime = tbSession.getExpireTime();
-            if (expireTime.getTime() <= System.currentTimeMillis()) {
+            if (Objects.nonNull(expireTime) && expireTime.getTime() <= System.currentTimeMillis()) {
                 throw new BusinessException(ExceptionResultEnum.TOKEN_NO);
+            } else {
+                if (Objects.isNull(tbUser)) {
+                    tbUser = tbUserService.getById(userId);
+                    RedisUtil.setUser(tbUser.getId(), platform, tbUser);
+                }
+                if (Objects.nonNull(expireTime) && (expireTime.getTime() - System.currentTimeMillis()) <= SystemConstant.REFRESH_EXPIRE_TIME) {
+                    RedisUtil.refreshUserSession(sessionId, platform);
+                }
             }
         }
+        AuthDto authDto = (AuthDto) EhcacheUtil.get(SystemConstant.AUTH_CACHE, userId);
+        if (Objects.isNull(authDto)) {
+            authDto = ehcacheService.addAccountCache(userId);
+        }
         //验证权限
         Set<String> urls = authDto.getUrls();
         int count = (int) urls.stream().filter(s -> {

themis-business/src/main/java/com/qmth/themis/business/constant/SystemConstant.java

@@ -49,6 +49,7 @@ public class SystemConstant {
     public static final long JWT_PC_EXPIRE_TIME = 60L * 1440L * 1000L;//过期时间24小时
     public static final long JWT_PAD_EXPIRE_TIME = 60L * 1440L * 1000L;//过期时间24小时
     public static final long JWT_PHONE_EXPIRE_TIME = 60L * 43200L * 1000L;//过期时间30天
+    public static final int REFRESH_EXPIRE_TIME = 60 * 5;//过期剩余时间5分钟
 
     /**
      * 获取过期时间

themis-business/src/main/java/com/qmth/themis/business/util/RedisUtil.java

@@ -92,7 +92,7 @@ public class RedisUtil {
      *
      * @param userId
      */
-    public static void refreshUserCache(Long userId) {
+    public static void refreshUser(Long userId) {
         RedisTemplate redisTemplate = SpringContextHolder.getBean(RedisTemplate.class);
         redisTemplate.expire(SystemConstant.USER + userId, SystemConstant.JWT_WEB_EXPIRE_TIME, TimeUnit.SECONDS);
     }
@@ -103,7 +103,7 @@ public class RedisUtil {
      * @param userId
      * @param platform
      */
-    public static void refreshUserCache(Long userId, Platform platform) {
+    public static void refreshUser(Long userId, Platform platform) {
         RedisTemplate redisTemplate = SpringContextHolder.getBean(RedisTemplate.class);
         if (Objects.equals(platform.getSource(), Source.Phone.name())) {
             redisTemplate.expire(SystemConstant.USER + userId, SystemConstant.JWT_PAD_EXPIRE_TIME, TimeUnit.SECONDS);
@@ -145,7 +145,7 @@ public class RedisUtil {
      * @param sessionId
      * @param platform
      */
-    public static void refreshUserSessionCache(String sessionId, Platform platform) {
+    public static void refreshUserSession(String sessionId, Platform platform) {
         RedisTemplate redisTemplate = SpringContextHolder.getBean(RedisTemplate.class);
         if (Objects.equals(platform.getSource(), Source.Phone.name())) {
             redisTemplate.expire(SystemConstant.SESSION + sessionId, SystemConstant.JWT_PAD_EXPIRE_TIME, TimeUnit.SECONDS);