优化

2025-05-07 11:13:51 +08:00
parent b370e1122c
commit ecfee76c8d
11 changed files with 115 additions and 34 deletions
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java
@ -101,8 +101,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                // 过滤请求
                .authorizeRequests()
                // 对于登录login 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/app/login", "/captchaImage","/demo/tress/all").anonymous()
-			    .antMatchers("/app/login","/wgz/app/wgzRegister",
+                .antMatchers("/login", "/captchaImage","/demo/tress/all").anonymous()
+			    .antMatchers("/app/login","/wgz/app/wgzRegister","/sse/subscribe",
 					"/app/bgt/recruit/htmlList","/app/bgt/apply/htmlList","/common/annex/getHtmlWgzAnnex"
 					,"/download-folders","/upload-zip").permitAll()
                .antMatchers(
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/AuthenticationEntryPointImpl.java
@ -28,8 +28,10 @@ public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, S
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e)
            throws IOException
    {
+
        int code = HttpStatus.HTTP_UNAUTHORIZED;
-        String msg = StrUtil.format("请求访问：{}，认证失败，无法访问系统资源", request.getRequestURI());
+//        String msg = StrUtil.format("请求访问：{}，认证失败，无法访问系统资源", request.getRequestURI());
+		String msg = StrUtil.format("登录过期或其他设备登录");
        ServletUtils.renderString(response, JsonUtils.toJsonString(AjaxResult.error(code, msg)));
    }
 }
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java
@ -43,7 +43,8 @@ public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler {
 		if (Validator.isNotNull(loginUser)) {
 			String userName = loginUser.getUsername();
 			// 删除用户缓存记录
-			tokenService.delLoginUser(loginUser.getToken());
+//			tokenService.delLoginUser(loginUser.getToken());
+			tokenService.delLoginUser(loginUser.getUserType(),loginUser.getUser().getUserId().toString());
 			// 记录用户退出日志
 			asyncService.recordLogininfor(userName, Constants.LOGOUT, "退出成功", request);
 		}
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java
@ -7,12 +7,15 @@ import cn.hutool.http.useragent.UserAgentUtil;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.core.redis.RedisCache;
+import com.ruoyi.common.exception.BaseException;
 import com.ruoyi.common.utils.ServletUtils;
 import com.ruoyi.common.utils.ip.AddressUtils;
 import com.ruoyi.framework.config.properties.TokenProperties;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;

@ -29,6 +32,8 @@ import java.util.concurrent.TimeUnit;
@Component
 public class TokenService {

+	private static final Logger log = LoggerFactory.getLogger(TokenService.class);
+
    protected static final long MILLIS_SECOND = 1000;

    protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
@ -48,13 +53,23 @@ public class TokenService {
     */
    public LoginUser getLoginUser(HttpServletRequest request) {
        // 获取请求携带的令牌
+
+
        String token = getToken(request);
+//		log.info("用户当前token：{}", token);
        if (Validator.isNotEmpty(token)) {
            Claims claims = parseToken(token);
            // 解析对应的权限以及用户信息
            String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
-            String userKey = getTokenKey(uuid);
-            LoginUser user = redisCache.getCacheObject(userKey);
+			//String userKey = getTokenKey(uuid);
+			String type = (String) claims.get(Constants.LOGIN_USER_TYPE);
+			String userId = (String) claims.get(Constants.LOGIN_USER_ID);
+			String userKey = getTokenKey(type, userId);
+			LoginUser user = redisCache.getCacheObject(userKey);
+//			log.info("用户当前类型：{}", claims);
+			if(!uuid.equals(user.getToken())){
+				throw new BaseException("999","您的账号在其他设备登录");
+			}
            return user;
        }
        return null;
@ -79,6 +94,13 @@ public class TokenService {
        }
    }

+	public void delLoginUser(String userType,String userId) {
+		if (Validator.isNotEmpty(userType) && Validator.isNotEmpty(userId)) {
+			String userKey = getTokenKey(userType,userId);
+			redisCache.deleteObject(userKey);
+		}
+	}
+
    /**
     * 创建令牌
     *
@ -93,6 +115,8 @@ public class TokenService {

        Map<String, Object> claims = new HashMap<>();
        claims.put(Constants.LOGIN_USER_KEY, token);
+		claims.put(Constants.LOGIN_USER_TYPE, loginUser.getUserType());
+		claims.put(Constants.LOGIN_USER_ID, loginUser.getUser().getUserId().toString());
        return createToken(claims);
    }

@ -119,7 +143,9 @@ public class TokenService {
        loginUser.setLoginTime(System.currentTimeMillis());
        loginUser.setExpireTime(loginUser.getLoginTime() + tokenProperties.getExpireTime() * MILLIS_MINUTE);
        // 根据uuid将loginUser缓存
-        String userKey = getTokenKey(loginUser.getToken());
+//        String userKey = getTokenKey(loginUser.getToken());
+		String userType = loginUser.getUserType();
+		String userKey = getTokenKey(userType,loginUser.getUser().getUserId().toString());
        redisCache.setCacheObject(userKey, loginUser, tokenProperties.getExpireTime(), TimeUnit.MINUTES);
    }

@ -191,4 +217,8 @@ public class TokenService {
    private String getTokenKey(String uuid) {
        return Constants.LOGIN_TOKEN_KEY + uuid;
    }
+
+	private String getTokenKey(String userType,String userId) {
+		return Constants.LOGIN_TOKEN_KEY + userType+"-"+userId;
+	}
 }
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/UserDetailsServiceImpl.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/UserDetailsServiceImpl.java
@ -1,6 +1,7 @@
 package com.ruoyi.framework.web.service;

 import cn.hutool.core.lang.Validator;
+import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.core.domain.entity.SysUser;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.enums.UserStatus;
@ -55,6 +56,6 @@ public class UserDetailsServiceImpl implements UserDetailsService

    public UserDetails createLoginUser(SysUser user)
    {
-        return new LoginUser(user, permissionService.getMenuPermission(user));
+        return new LoginUser(user, permissionService.getMenuPermission(user)).setUserType(Constants.LOGIN_TYEO_SYS);
    }
 }