Merge pull request #83 from geekidea/dev

springboot-plus · web-flow · commit 2a4b7d32a1e9 · 2019-10-21T20:04:15.000+08:00
Dev
diff --git a/src/main/java/io/geekidea/springbootplus/example/ShiroExampleController.java b/src/main/java/io/geekidea/springbootplus/example/ShiroExampleController.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2019-2029 geekidea(https://github.com/geekidea)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.geekidea.springbootplus.example;
+
+import io.geekidea.springbootplus.common.api.ApiResult;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.shiro.authz.annotation.RequiresRoles;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Shiro Example Controller
+ *
+ * @author geekidea
+ * @date 2019-10-21
+ **/
+@Slf4j
+@Api("Shiro Example")
+@RestController
+@RequestMapping("/shiroExample")
+public class ShiroExampleController {
+
+    @RequiresRoles("admin")
+    @RequestMapping(value = "/hello", method = {RequestMethod.GET, RequestMethod.POST})
+    @ApiOperation(value = "Shiro Example", notes = "Shiro Example", response = String.class)
+    public ApiResult print(HttpServletResponse response) throws IOException {
+        log.debug("Shiro Example...");
+        return ApiResult.ok("Shiro Example");
+    }
+
+}
diff --git a/src/main/java/io/geekidea/springbootplus/shiro/cache/LoginRedisService.java b/src/main/java/io/geekidea/springbootplus/shiro/cache/LoginRedisService.java
@@ -34,9 +34,17 @@ public interface LoginRedisService {
      *
      * @param jwtToken
      * @param loginSysUserVo
-     * @param generate       true:生成，false:刷新
      */
-    void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo, boolean generate);
+    void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo);
+
+
+    /**
+     * 刷新登陆信息
+     * @param oldToken
+     * @param username
+     * @param newJwtToken
+     */
+    void refreshLoginInfo(String oldToken,String username,JwtToken newJwtToken);
 
     /**
      * 通过用户名，从缓存中获取登陆用户LoginSysUserRedisVo
diff --git a/src/main/java/io/geekidea/springbootplus/shiro/cache/impl/LoginRedisServiceImpl.java b/src/main/java/io/geekidea/springbootplus/shiro/cache/impl/LoginRedisServiceImpl.java
@@ -64,7 +64,7 @@ public class LoginRedisServiceImpl implements LoginRedisService {
      * username:num
      */
     @Override
-    public void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo, boolean generate) {
+    public void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo) {
         if (jwtToken == null) {
             throw new IllegalArgumentException("jwtToken不能为空");
         }
@@ -112,6 +112,15 @@ public void cacheLoginInfo(JwtToken jwtToken, LoginSysUserVo loginSysUserVo, boo
         redisTemplate.opsForValue().set(String.format(CommonRedisKey.LOGIN_USER_TOKEN, username, tokenMd5), loginTokenRedisKey, expireDuration);
     }
 
+    @Override
+    public void refreshLoginInfo(String oldToken, String username, JwtToken newJwtToken) {
+        // 删除之前的token信息
+        deleteLoginInfo(oldToken, username);
+        // 缓存登陆信息
+        LoginSysUserRedisVo loginSysUserRedisVo = getLoginSysUserRedisVo(username);
+        cacheLoginInfo(newJwtToken, loginSysUserRedisVo);
+    }
+
     @Override
     public LoginSysUserRedisVo getLoginSysUserRedisVo(String username) {
         if (StringUtils.isBlank(username)) {
@@ -185,4 +194,5 @@ public void deleteUserAllCache(String username) {
         redisTemplate.delete(String.format(CommonRedisKey.LOGIN_SALT, username));
     }
 
+
 }
diff --git a/src/main/java/io/geekidea/springbootplus/shiro/jwt/JwtRealm.java b/src/main/java/io/geekidea/springbootplus/shiro/jwt/JwtRealm.java
@@ -61,9 +61,9 @@ public boolean supports(AuthenticationToken token) {
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
         log.debug("doGetAuthorizationInfo principalCollection...");
         // 设置角色/权限信息
-        String token = principalCollection.toString();
+        JwtToken jwtToken = (JwtToken) principalCollection.getPrimaryPrincipal();
         // 获取username
-        String username = JwtUtil.getUsername(token);
+        String username = jwtToken.getUsername();
         // 获取登陆用户角色权限信息
         LoginSysUserRedisVo loginSysUserRedisVo = loginRedisService.getLoginSysUserRedisVo(username);
         SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
diff --git a/src/main/java/io/geekidea/springbootplus/shiro/service/impl/LoginServiceImpl.java b/src/main/java/io/geekidea/springbootplus/shiro/service/impl/LoginServiceImpl.java
@@ -119,7 +119,7 @@ public ApiResult login(LoginParam loginParam, HttpServletResponse response) {
         subject.login(jwtToken);
 
         // 缓存登陆信息到Redis
-        loginRedisService.cacheLoginInfo(jwtToken, loginSysUserVo, true);
+        loginRedisService.cacheLoginInfo(jwtToken, loginSysUserVo);
         // 设置响应头
         response.setHeader(JwtTokenUtil.getTokenName(), token);
         log.debug("登陆成功,username:{}", username);
@@ -160,16 +160,15 @@ public void refreshToken(JwtToken jwtToken, HttpServletResponse httpServletRespo
             throw new AuthenticationException("token已无效，请使用已刷新的token");
         }
         String username = jwtToken.getUsername();
-        // 生成新token
-        String newToken = JwtUtil.generateToken(username, jwtToken.getSalt(), Duration.ofSeconds(jwtProperties.getExpireSecond()));
-        DecodedJWT decodedJWT = JwtUtil.getJwtInfo(token);
-        jwtToken.setToken(newToken)
-                .setCreateDate(decodedJWT.getIssuedAt())
-                .setExpireDate(decodedJWT.getExpiresAt());
+        String salt = jwtToken.getSalt();
+        Long expireSecond = jwtProperties.getExpireSecond();
+        // 生成新token字符串
+        String newToken = JwtUtil.generateToken(username, salt, Duration.ofSeconds(expireSecond));
+        // 生成新JwtToken对象
+        JwtToken newJwtToken = JwtToken.build(newToken, username, salt, expireSecond);
         // 更新redis缓存
-        LoginSysUserRedisVo loginSysUserRedisVo = loginRedisService.getLoginSysUserRedisVo(username);
-        loginRedisService.cacheLoginInfo(jwtToken, loginSysUserRedisVo, false);
-        log.debug("刷新token成功，原token:{}，新token:{}", jwtToken.getToken(), newToken);
+        loginRedisService.refreshLoginInfo(token, username, newJwtToken);
+        log.debug("刷新token成功，原token:{}，新token:{}", token, newToken);
         // 设置响应头
         // 刷新token
         httpServletResponse.setStatus(CommonConstant.JWT_REFRESH_TOKEN_CODE);
