mirror of
https://github.com/hs-web/hsweb-framework.git
synced 2026-06-03 11:24:34 +08:00
优化权限控制拓展
This commit is contained in:
zhouhao
@@ -2,8 +2,14 @@ package org.hswebframework.web.authorization.basic.web;
|
||||
|
||||
/**
|
||||
* 已完成认证的令牌,如果返回此令牌,将直接使用{@link this#getUserId()}来绑定用户信息
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface AuthorizedToken extends ParsedToken {
|
||||
String getUserId();
|
||||
|
||||
default long getMaxInactiveInterval() {
|
||||
return -1;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -5,20 +5,27 @@ import java.util.Map;
|
||||
|
||||
/**
|
||||
* 生成好的令牌信息
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface GeneratedToken extends Serializable {
|
||||
/**
|
||||
* 要响应的数据,可自定义想要的数据给调用者
|
||||
*
|
||||
* @return {@link Map}
|
||||
*/
|
||||
Map<String,Object> getResponse();
|
||||
Map<String, Object> getResponse();
|
||||
|
||||
/**
|
||||
* @return 令牌字符串,令牌具有唯一性,不可逆,不包含敏感信息
|
||||
* @return 令牌字符串, 令牌具有唯一性, 不可逆, 不包含敏感信息
|
||||
*/
|
||||
String getToken();
|
||||
|
||||
/**
|
||||
* @return 令牌类型
|
||||
*/
|
||||
String getType();
|
||||
|
||||
/**
|
||||
* @return 令牌有效期(单位毫秒)
|
||||
*/
|
||||
|
||||
@@ -7,4 +7,6 @@ package org.hswebframework.web.authorization.basic.web;
|
||||
*/
|
||||
public interface ParsedToken {
|
||||
String getToken();
|
||||
|
||||
String getType();
|
||||
}
|
||||
|
||||
@@ -11,7 +11,7 @@ import java.util.Map;
|
||||
/**
|
||||
* @author zhouhao
|
||||
*/
|
||||
public class SessionIdUserTokenGenerator implements UserTokenGenerator ,Serializable {
|
||||
public class SessionIdUserTokenGenerator implements UserTokenGenerator, Serializable {
|
||||
|
||||
@Override
|
||||
public String getSupportTokenType() {
|
||||
@@ -20,13 +20,12 @@ public class SessionIdUserTokenGenerator implements UserTokenGenerator ,Serializ
|
||||
|
||||
@Override
|
||||
public GeneratedToken generate(Authentication authentication) {
|
||||
HttpServletRequest request= WebUtil.getHttpServletRequest();
|
||||
if(null==request) {
|
||||
HttpServletRequest request = WebUtil.getHttpServletRequest();
|
||||
if (null == request) {
|
||||
throw new UnsupportedOperationException();
|
||||
}
|
||||
|
||||
|
||||
int timeout =request.getSession().getMaxInactiveInterval()*1000;
|
||||
int timeout = request.getSession().getMaxInactiveInterval() * 1000;
|
||||
|
||||
String sessionId = request.getSession().getId();
|
||||
|
||||
@@ -41,6 +40,11 @@ public class SessionIdUserTokenGenerator implements UserTokenGenerator ,Serializ
|
||||
return sessionId;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getType() {
|
||||
return "session-id-default";
|
||||
}
|
||||
|
||||
@Override
|
||||
public int getTimeout() {
|
||||
return timeout;
|
||||
|
||||
@@ -14,9 +14,18 @@ public class SessionIdUserTokenParser implements UserTokenParser {
|
||||
HttpSession session = request.getSession(false);
|
||||
|
||||
if (session != null) {
|
||||
return session::getId;
|
||||
}
|
||||
return new ParsedToken() {
|
||||
@Override
|
||||
public String getToken() {
|
||||
return session.getId();
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getType() {
|
||||
return "session-id-default";
|
||||
}
|
||||
};
|
||||
}
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,11 +15,11 @@ import java.util.List;
|
||||
*/
|
||||
public class UserOnSignIn implements AuthorizationListener<AuthorizationSuccessEvent> {
|
||||
|
||||
private String defaultTokenType="sessionId";
|
||||
private String defaultTokenType = "sessionId";
|
||||
|
||||
private UserTokenManager userTokenManager;
|
||||
|
||||
private List<UserTokenGenerator> userTokenGenerators=new ArrayList<>();
|
||||
private List<UserTokenGenerator> userTokenGenerators = new ArrayList<>();
|
||||
|
||||
public UserOnSignIn(UserTokenManager userTokenManager) {
|
||||
this.userTokenManager = userTokenManager;
|
||||
@@ -45,12 +45,12 @@ public class UserOnSignIn implements AuthorizationListener<AuthorizationSuccessE
|
||||
}
|
||||
//创建token
|
||||
GeneratedToken newToken = userTokenGenerators.stream()
|
||||
.filter(generator->generator.getSupportTokenType().equals(tokenType))
|
||||
.filter(generator -> generator.getSupportTokenType().equals(tokenType))
|
||||
.findFirst()
|
||||
.orElseThrow(()->new UnsupportedOperationException(tokenType))
|
||||
.orElseThrow(() -> new UnsupportedOperationException(tokenType))
|
||||
.generate(event.getAuthentication());
|
||||
//登入
|
||||
userTokenManager.signIn(newToken.getToken(), event.getAuthentication().getUser().getId(),newToken.getTimeout());
|
||||
userTokenManager.signIn(newToken.getToken(), newToken.getType(), event.getAuthentication().getUser().getId(), newToken.getTimeout());
|
||||
|
||||
//响应结果
|
||||
event.getResult().putAll(newToken.getResponse());
|
||||
|
||||
@@ -43,9 +43,10 @@ public class WebUserTokenInterceptor extends HandlerInterceptorAdapter {
|
||||
if (userTokenManager.tokenIsLoggedIn(token)) {
|
||||
userToken = userTokenManager.getByToken(token);
|
||||
}
|
||||
// if ((userToken == null || userToken.isExpired()) && parsedToken instanceof AuthorizedToken) {
|
||||
// userToken = userTokenManager.signIn(parsedToken.getToken(), ((AuthorizedToken) parsedToken).getUserId(), -1);
|
||||
// }
|
||||
if ((userToken == null || userToken.isExpired()) && parsedToken instanceof AuthorizedToken) {
|
||||
userToken = userTokenManager
|
||||
.signIn(parsedToken.getToken(), parsedToken.getType(), ((AuthorizedToken) parsedToken).getUserId(), ((AuthorizedToken) parsedToken).getMaxInactiveInterval());
|
||||
}
|
||||
if (null != userToken) {
|
||||
userTokenManager.touch(token);
|
||||
UserTokenHolder.setCurrent(userToken);
|
||||
|
||||
Reference in New Issue
Block a user