diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/redis/RedisUserTokenManager.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/redis/RedisUserTokenManager.java index 071aa6405..ff2f00b89 100644 --- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/redis/RedisUserTokenManager.java +++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/token/redis/RedisUserTokenManager.java @@ -246,16 +246,15 @@ public class RedisUserTokenManager implements UserTokenManager { .publishEvent(event) .then(Mono.defer(() -> { map.put("maxInactiveInterval", event.getExpires()); + if (event.getExpires() > 0) { + return userTokenStore + .putAll(key, map) + .then(operations.expire(key, Duration.ofMillis(event.getExpires()))); + } return userTokenStore.putAll(key, map); })) - .then(Mono.defer(() -> { - if (event.getExpires() > 0) { - return operations.expire(key, Duration.ofMillis(event.getExpires())); - } - return Mono.empty(); - })) .then(userTokenMapping.add(getUserRedisKey(userId), token)) - .thenReturn(SimpleUserToken.of(map)); + .thenReturn(userToken); }); } diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AuthorizingHandlerAutoConfiguration.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AuthorizingHandlerAutoConfiguration.java index 618c5068a..83dd6e592 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AuthorizingHandlerAutoConfiguration.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/configuration/AuthorizingHandlerAutoConfiguration.java @@ -3,34 +3,20 @@ package org.hswebframework.web.authorization.basic.configuration; import org.hswebframework.web.authorization.AuthenticationManager; import org.hswebframework.web.authorization.ReactiveAuthenticationManagerProvider; import org.hswebframework.web.authorization.access.DataAccessController; -import org.hswebframework.web.authorization.access.DataAccessHandler; -import org.hswebframework.web.authorization.basic.aop.AopMethodAuthorizeDefinitionParser; import org.hswebframework.web.authorization.basic.embed.EmbedAuthenticationProperties; import org.hswebframework.web.authorization.basic.embed.EmbedReactiveAuthenticationManager; import org.hswebframework.web.authorization.basic.handler.AuthorizationLoginLoggerInfoHandler; import org.hswebframework.web.authorization.basic.handler.DefaultAuthorizingHandler; import org.hswebframework.web.authorization.basic.handler.UserAllowPermissionHandler; import org.hswebframework.web.authorization.basic.handler.access.DefaultDataAccessController; -import org.hswebframework.web.authorization.basic.twofactor.TwoFactorHandlerInterceptorAdapter; import org.hswebframework.web.authorization.basic.web.*; import org.hswebframework.web.authorization.token.UserTokenManager; -import org.hswebframework.web.authorization.twofactor.TwoFactorValidatorManager; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.config.BeanPostProcessor; import org.springframework.boot.autoconfigure.AutoConfiguration; import org.springframework.boot.autoconfigure.condition.*; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.boot.context.properties.EnableConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.core.Ordered; -import org.springframework.core.annotation.Order; -import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; - -import javax.annotation.Nonnull; -import java.util.List; /** * 权限控制自动配置类 @@ -94,26 +80,6 @@ public class AuthorizingHandlerAutoConfiguration { return new BearerTokenParser(); } - @Configuration - public static class DataAccessHandlerProcessor implements BeanPostProcessor { - - @Autowired - private DefaultDataAccessController defaultDataAccessController; - - @Override - public Object postProcessBeforeInitialization(Object bean, String beanName) { - return bean; - } - - @Override - public Object postProcessAfterInitialization(Object bean, String beanName) { - if (bean instanceof DataAccessHandler) { - defaultDataAccessController.addHandler(((DataAccessHandler) bean)); - } - return bean; - } - } - @Configuration @ConditionalOnProperty(prefix = "hsweb.authorize", name = "basic-authorization", havingValue = "true") diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java index 711b32d73..e3ac261cb 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/UserTokenWebFilter.java @@ -43,41 +43,46 @@ public class UserTokenWebFilter implements WebFilter, BeanPostProcessor { public Mono filter(@NonNull ServerWebExchange exchange, WebFilterChain chain) { return Flux - .fromIterable(parsers) - .flatMap(parser -> parser.parseToken(exchange)) - .next() - .map(token -> chain - .filter(exchange) - .contextWrite(Context.of(ParsedToken.class, token))) - .defaultIfEmpty(chain.filter(exchange)) - .flatMap(Function.identity()) - .contextWrite(ReactiveLogger.start("requestId", exchange.getRequest().getId())); + .fromIterable(parsers) + .flatMap(parser -> parser.parseToken(exchange)) + .next() + .map(token -> chain + .filter(exchange) + .contextWrite(Context.of(ParsedToken.class, token))) + .defaultIfEmpty(chain.filter(exchange)) + .flatMap(Function.identity()) + .contextWrite(ReactiveLogger.start("requestId", exchange.getRequest().getId())); } @EventListener public void handleUserSign(AuthorizationSuccessEvent event) { ReactiveUserTokenGenerator generator = event - .getParameter("tokenType") - .map(tokenGeneratorMap::get) - .orElseGet(() -> tokenGeneratorMap.get("default")); + .getParameter("tokenType") + .map(tokenGeneratorMap::get) + .orElseGet(() -> tokenGeneratorMap.get("default")); if (generator != null) { GeneratedToken token = generator.generate(event.getAuthentication()); event.getResult().putAll(token.getResponse()); if (StringUtils.hasText(token.getToken())) { event.getResult().put("token", token.getToken()); - long expires = event.getParameter("expires") - .map(String::valueOf) - .map(Long::parseLong) - .orElse(token.getTimeout()); - event.getResult().put("expires", expires); - event.async(userTokenManager - .signIn(token.getToken(), token.getType(), event - .getAuthentication() - .getUser() - .getId(), expires) - .doOnNext(t -> log.debug("user [{}] sign in", t.getUserId())) - .then()); + long expires = event + .getParameter("expires") + .map(String::valueOf) + .map(Long::parseLong) + .orElse(token.getTimeout()); + + event.async( + userTokenManager + .signIn(token.getToken(), token.getType(), event + .getAuthentication() + .getUser() + .getId(), expires) + .doOnNext(t -> { + event.getResult().put("expires", t.getMaxInactiveInterval()); + log.debug("user [{}] sign in", t.getUserId()); + }) + .then()); } }