2 months ago · 40f2c59bdf
--- a/src/main/java/com/zzys/lightting/config/SSLConfig.java
+++ b/src/main/java/com/zzys/lightting/config/SSLConfig.java
@@ -7,6 +7,7 @@ import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
 
				 import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.context.annotation.Configuration;
			
 
				+import org.springframework.context.annotation.Profile;
			
 
				 
			
 
				 
			
 
				 /**
			
@@ -15,6 +16,7 @@ import org.springframework.context.annotation.Configuration;
 
				  * @date 2021/9/15 14:32
			
 
				  */
			
 
				 @Configuration
			
 
				+@Profile(value = "prod")
			
 
				 public class SSLConfig {
			
 
				 
			
 
				     @Bean
			
--- a/src/main/java/com/zzys/lightting/filter/JWTInterceptor.java
+++ b/src/main/java/com/zzys/lightting/filter/JWTInterceptor.java
@@ -5,12 +5,15 @@ import com.auth0.jwt.exceptions.AlgorithmMismatchException;
 
				 import com.auth0.jwt.exceptions.SignatureVerificationException;
			
 
				 import com.auth0.jwt.exceptions.TokenExpiredException;
			
 
				 import com.zzys.lightting.utils.JWTUtil;
			
 
				+import io.swagger.models.HttpMethod;
			
 
				 import lombok.extern.slf4j.Slf4j;
			
 
				 import org.apache.commons.lang.StringUtils;
			
 
				 import org.springframework.stereotype.Component;
			
 
				+import org.springframework.web.method.HandlerMethod;
			
 
				 import org.springframework.web.servlet.HandlerInterceptor;
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				+import java.lang.reflect.Method;
			
 
				 import java.util.HashMap;
			
 
				 
			
 
				 /**
			
@@ -19,39 +22,48 @@ import java.util.HashMap;
 
				  * @date 2021/12/2821:48
			
 
				  */
			
 
				 @Slf4j
			
 
				-//@Component
			
 
				+@Component
			
 
				 public class JWTInterceptor implements HandlerInterceptor {
			
 
				 
			
 
				     @Override
			
 
				     public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			
 
				         HashMap<String, Object> resultJson = new HashMap<>();
			
 
				-        String uri = request.getRequestURI();
			
 
				-        log.info("请求uri:" + uri);
			
 
				+        final String url = request.getRequestURI();
			
 
				+        log.info("url-------------------"+url);
			
 
				+        // 从http请求头中取出token
			
 
				+        final String token = request.getHeader(JWTUtil.AUTH_HEADER_KEY);
			
 
				+        //如果不是映射到方法，直接通过
			
 
				+        if(!(handler instanceof HandlerMethod)){
			
 
				+            return true;
			
 
				+        }
			
 
				+        //如果是方法探测，直接通过
			
 
				+        if (HttpMethod.OPTIONS.equals(request.getMethod())) {
			
 
				+            response.setStatus(HttpServletResponse.SC_OK);
			
 
				+            return true;
			
 
				+        }
			
 
				+        //如果方法有JwtIgnore注解，直接通过
			
 
				+        HandlerMethod handlerMethod = (HandlerMethod) handler;
			
 
				+        Method method=handlerMethod.getMethod();
			
 
				+//        if (method.isAnnotationPresent(JwtIgnore.class)) {
			
 
				+//            JwtIgnore jwtIgnore = method.getAnnotation(JwtIgnore.class);
			
 
				+//            if(jwtIgnore.value()){
			
 
				+//                return true;
			
 
				+//            }
			
 
				+//        }
			
 
				         //获取请求头token
			
 
				         try {
			
 
				-            String token = request.getHeader("Authorization");
			
 
				-            if(StringUtils.isEmpty(token)) {
			
 
				+            //LocalAssert.isStringEmpty(token, "token为空，鉴权失败！");
			
 
				+            if (StringUtils.isEmpty(token)){
			
 
				                 resultJson.put("code", HttpServletResponse.SC_UNAUTHORIZED);
			
 
				-                resultJson.put("msg", "无效签名信息");
			
 
				-                String s = JSON.toJSONString(resultJson);
			
 
				-                response.setContentType("application/json;charset=UTF-8");
			
 
				-                response.getWriter().println(s);
			
 
				-                return false;
			
 
				+                resultJson.put("msg", "token为空，鉴权失败！");
			
 
				+            }else {
			
 
				+                //验证，并获取token内部信息
			
 
				+                String userToken = JWTUtil.verifyToken(token);
			
 
				+                log.info("token= "+userToken);
			
 
				+                //将token放入本地缓存
			
 
				+                //WebContextUtil.setUserToken(userToken);
			
 
				+                return true;
			
 
				             }
			
 
				-            String[] len = token.split(" ");
			
 
				-            if (len.length >1){
			
 
				-                token = len[1];//以空格划分Bearer token，获取token
			
 
				-                JWTUtil.verify(token);//验证令牌
			
 
				-                return true; //放行
			
 
				-            } else if (len.length==1) {
			
 
				-                token = len[0];//以空格划分Bearer token，获取token
			
 
				-                JWTUtil.verify(token);//验证令牌
			
 
				-                return true; //放行
			
 
				-            } else {
			
 
				-                resultJson.put("code", HttpServletResponse.SC_UNAUTHORIZED);
			
 
				-                resultJson.put("msg", "无效签名信息");
			
 
				-            }
			
 
				-
			
 
				         } catch (SignatureVerificationException e) {
			
 
				             e.printStackTrace();
			
 
				             resultJson.put("code", HttpServletResponse.SC_UNAUTHORIZED);
			
--- a/src/main/java/com/zzys/lightting/filter/JWTInterceptorConfig.java
+++ b/src/main/java/com/zzys/lightting/filter/JWTInterceptorConfig.java
@@ -11,11 +11,10 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
				  * @description:
			
 
				  * @date 2021/12/2822:06
			
 
				  */
			
 
				-//@Configuration
			
 
				+@Configuration
			
 
				 public class JWTInterceptorConfig implements WebMvcConfigurer {
			
 
				 
			
 
				-    @Autowired
			
 
				-    private UserCheckInterceptor userCheckInterceptor;
			
 
				+
			
 
				 
			
 
				     @Autowired
			
 
				     private JWTInterceptor jwtInterceptor;
			
@@ -25,7 +24,7 @@ public class JWTInterceptorConfig implements WebMvcConfigurer {
 
				     public void addInterceptors(InterceptorRegistry registry) {
			
 
				         //定义排除swagger访问的路径配置
			
 
				         String[] swaggerExcludes = new String[]{"/swagger*/**", "/v3/api-docs", "/webjars/**","/doc.html"};
			
 
				-        String[] systemApi = new String[]{"/user/login","/user/blogin","/type/**","/file/**"};
			
 
				+        String[] systemApi = new String[]{"/user/login","/user/blogin","/file/**"};
			
 
				         registry.addInterceptor(jwtInterceptor)
			
 
				                 .addPathPatterns("/**")
			
 
				                 .excludePathPatterns("/", "/index**", "/error")
			
@@ -34,14 +33,7 @@ public class JWTInterceptorConfig implements WebMvcConfigurer {
 
				                 .excludePathPatterns("/favicon.ico")
			
 
				                 .excludePathPatterns("/druid/**")
			
 
				                 .excludePathPatterns("/static/**");//排除静态资源
			
 
				-        registry.addInterceptor(userCheckInterceptor)
			
 
				-                .addPathPatterns("/**")
			
 
				-                .excludePathPatterns("/", "/index.html", "/error")
			
 
				-                .excludePathPatterns(systemApi)
			
 
				-                .excludePathPatterns(swaggerExcludes)
			
 
				-                .excludePathPatterns("/favicon.ico")
			
 
				-                .excludePathPatterns("/druid/**")
			
 
				-                .excludePathPatterns("/static/**");//排除静态资源
			
 
				+
			
 
				     }
			
 
				 
			
 
				     @Override
			
--- a/src/main/java/com/zzys/lightting/filter/UserCheckInterceptor.java
+++ b/src/main/java/com/zzys/lightting/filter/UserCheckInterceptor.java
@@ -1,79 +0,0 @@
 
				-package com.zzys.lightting.filter;
			
 
				-
			
 
				-import com.alibaba.fastjson.JSON;
			
 
				-import com.auth0.jwt.interfaces.DecodedJWT;
			
 
				-import com.zzys.lightting.user.dao.model.UserInfo;
			
 
				-import com.zzys.lightting.user.service.UserService;
			
 
				-import com.zzys.lightting.utils.JWTUtil;
			
 
				-import lombok.extern.slf4j.Slf4j;
			
 
				-import org.springframework.beans.factory.annotation.Autowired;
			
 
				-import org.springframework.http.MediaType;
			
 
				-import org.springframework.stereotype.Component;
			
 
				-import org.springframework.web.servlet.HandlerInterceptor;
			
 
				-import javax.servlet.http.HttpServletRequest;
			
 
				-import javax.servlet.http.HttpServletResponse;
			
 
				-import java.util.HashMap;
			
 
				-
			
 
				-/**
			
 
				- * @author lpf
			
 
				- * @description:
			
 
				- * @date 2021/01/20 16:54
			
 
				- */
			
 
				-@Slf4j
			
 
				-//@Component
			
 
				-public class UserCheckInterceptor implements HandlerInterceptor {
			
 
				-    @Autowired
			
 
				-    private UserService userService;
			
 
				-
			
 
				-
			
 
				-    @Override
			
 
				-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			
 
				-        HashMap<String, Object> resultJson = new HashMap<>();
			
 
				-        String uri = request.getRequestURI();
			
 
				-        //获取请求头token
			
 
				-        String token = request.getHeader("Authorization");
			
 
				-        String[] len = token.split(" ");
			
 
				-        if (len.length >1){
			
 
				-            token = len[1];
			
 
				-            JWTUtil.verify(token);
			
 
				-        } else if (len.length==1) {
			
 
				-            token = len[0];
			
 
				-            JWTUtil.verify(token);
			
 
				-        }
			
 
				-        //token = token.split(" ")[1];//以空格划分Bearer token，获取token
			
 
				-        //JWTUtil.verify(token);//验证令牌
			
 
				-        //从请求头中获取token
			
 
				-        DecodedJWT verify = JWTUtil.verify(token);
			
 
				-
			
 
				-        String type = verify.getClaim("type").asString();
			
 
				-        String userId = verify.getClaim("userId").asString();
			
 
				-        boolean flag = true;
			
 
				-
			
 
				-        UserInfo userInfo = this.userService.findById(userId);
			
 
				-//        UserInfo userInfo = this.userService.getOne(userId);
			
 
				-        if (userInfo == null) {
			
 
				-            flag = false;
			
 
				-            resultJson.put("code", HttpServletResponse.SC_UNAUTHORIZED);
			
 
				-            resultJson.put("msg", "账户已被删除，请联系管理员");
			
 
				-        }else {
			
 
				-            if(!userInfo.getId().equals(verify.getClaim("userId").asString())){
			
 
				-                resultJson.put("code", HttpServletResponse.SC_UNAUTHORIZED);
			
 
				-                resultJson.put("msg", "账户已被删除，请联系管理员");
			
 
				-                String s = JSON.toJSONString(resultJson);
			
 
				-                response.setContentType("application/json;charset=UTF-8");
			
 
				-                response.getWriter().println(s);
			
 
				-            }
			
 
				-        }
			
 
				-
			
 
				-
			
 
				-        if(!flag){
			
 
				-            resultJson.put("code",HttpServletResponse.SC_UNAUTHORIZED);
			
 
				-            resultJson.put("msg","未授权");
			
 
				-            response.setContentType(MediaType.APPLICATION_JSON_VALUE);
			
 
				-            return false;
			
 
				-        }
			
 
				-
			
 
				-
			
 
				-        return true; //放行
			
 
				-    }
			
 
				-}
			
--- a/src/main/java/com/zzys/lightting/utils/JWTUtil.java
+++ b/src/main/java/com/zzys/lightting/utils/JWTUtil.java
@@ -3,10 +3,13 @@ package com.zzys.lightting.utils;
 
				 import com.auth0.jwt.JWT;
			
 
				 import com.auth0.jwt.JWTCreator;
			
 
				 import com.auth0.jwt.algorithms.Algorithm;
			
 
				+import com.auth0.jwt.exceptions.JWTVerificationException;
			
 
				+import com.auth0.jwt.exceptions.TokenExpiredException;
			
 
				 import com.auth0.jwt.interfaces.DecodedJWT;
			
 
				 import com.zzys.lightting.user.dao.model.UserInfo;
			
 
				 
			
 
				 import java.util.Calendar;
			
 
				+import java.util.Date;
			
 
				 import java.util.HashMap;
			
 
				 import java.util.Map;
			
 
				 
			
@@ -17,9 +20,32 @@ import java.util.Map;
 
				  */
			
 
				 public class JWTUtil {
			
 
				 
			
 
				+
			
 
				+    //定义token返回头部
			
 
				+    public static final String AUTH_HEADER_KEY = "Authorization";
			
 
				+
			
 
				+    //token前缀
			
 
				+    public static final String TOKEN_PREFIX = "Bearer ";
			
 
				+
			
 
				     //密钥签名
			
 
				     private static final String SING = "xVWGEYTPF1hjnFt$HDZ0f^iet^^q@hZv";
			
 
				 
			
 
				+    //有效期默认为 2hour
			
 
				+    public static final Long EXPIRATION_TIME = 1000L*60*60*12;
			
 
				+
			
 
				+    /**
			
 
				+     * 创建token
			
 
				+     * @param content
			
 
				+     * @return
			
 
				+     */
			
 
				+    public static String createToken(String content){
			
 
				+        return TOKEN_PREFIX + JWT.create()
			
 
				+                .withSubject(content)
			
 
				+                .withIssuedAt(new Date())
			
 
				+                .withExpiresAt(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
			
 
				+                .sign(Algorithm.HMAC256(SING));
			
 
				+    }
			
 
				+
			
 
				     /**
			
 
				      * 生成Token header.payload.sing
			
 
				      */
			
@@ -69,4 +95,21 @@ public class JWTUtil {
 
				         return JWT.require(Algorithm.HMAC256(SING)).build().verify(token);
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * 验证token
			
 
				+     * @param token
			
 
				+     */
			
 
				+    public static String verifyToken(String token) throws Exception {
			
 
				+        try {
			
 
				+            return JWT.require(Algorithm.HMAC256(SING))
			
 
				+                    .build()
			
 
				+                    .verify(token.replace(TOKEN_PREFIX, ""))
			
 
				+                    .getSubject();
			
 
				+        } catch (TokenExpiredException e){
			
 
				+            throw new Exception("token已失效，请重新登录",e);
			
 
				+        } catch (JWTVerificationException e) {
			
 
				+            throw new Exception("token验证失败！",e);
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				 }
			
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -1,66 +1,19 @@
 
				-
			
 
				 spring:
			
 
				-  #  profiles:
			
 
				-  #    #默认启用test配置文件
			
 
				-  #    active: test
			
 
				-  #  mvc:
			
 
				-  #    static-path-pattern: /findFile/**
			
 
				-  #  resources:
			
 
				-  #    static-locations: file:c:/test/
			
 
				-  jpa:
			
 
				-    hibernate:
			
 
				-      ddl-auto: update
			
 
				-    database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
			
 
				-    show-sql: false
			
 
				-    open-in-view: false
			
 
				-  servlet:
			
 
				-    multipart:
			
 
				-      enabled: true
			
 
				-      file-size-threshold: 2KB
			
 
				-      max-request-size: 1000MB
			
 
				-      max-file-size: 1000MB
			
 
				-  datasource:
			
 
				-    type: com.alibaba.druid.pool.DruidDataSource
			
 
				-    druid:
			
 
				-      driver-class-name: com.mysql.cj.jdbc.Driver
			
 
				-      url: jdbc:mysql://localhost:3306/light_ting?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true&allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=GMT%2B8
			
 
				-      username: root
			
 
				-      password: Z04agHTieMz3lrvqdyHZaOgDrBS2kvKSCSLDavQL3VmoXTf7+VTamagPHnX9+q2nT1fYJd0T0mivyDiQ0YXHUg==
			
 
				-      connection-properties: config.decrypt=true;config.decrypt.key=${publicKey}
			
 
				-
			
 
				-#      url: jdbc:mysql://localhost:54030/kjb?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true&allowPublicKeyRetrieval=true&useSSL=false&serverTimezone=GMT%2B8
			
 
				-#      username: root
			
 
				-#      password: KzLViz11vIJVLItveNpRBzLWp9Mut/B2jUoqpxFAuFvBjRqLOvyuUXsp/TDeYUOZ/uxueVtJr3oe+2fdDQ+JaA==
			
 
				-#      connection-properties: config.decrypt=true;config.decrypt.key=${publicKey}
			
 
				-      filter:
			
 
				-        config:
			
 
				-          enabled: true
			
 
				-#Session超时时间设置，单位是秒，默认是30分钟
			
 
				-server:
			
 
				-  servlet:
			
 
				-    session:
			
 
				-      timeout: 600
			
 
				-  port: 8084
			
 
				-  address: 0.0.0.0
			
 
				-  ssl:
			
 
				-    key-store: classpath:test.jue-ming.com.jks
			
 
				-    key-store-password: vrm144s3fduj
			
 
				-    key-store-type: JKS
			
 
				-
			
 
				-#
			
 
				-#anti:
			
 
				-#  reptile:
			
 
				-#    manager:
			
 
				-#      enabled: true
			
 
				-#      global-filter-mode: true
			
 
				-#      ua-rule:
			
 
				-#        enabled: true
			
 
				-#      ip-rule:
			
 
				-#        expiration-time: 5000
			
 
				-#        request-max-size: 5
			
 
				-#mysql@.2020  key
			
 
				-#publicKey: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ0wKAMJ3vzmREeYnacS1zPHh0Vif9rqtqDPfsT7DTxZOpOPqnKqTeUdLdB1dQVdT+0X+rvJeivdpxw9CW1HZbUCAwEAAQ==
			
 
				-publicKey: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJmEpLBsygPphd9duo0LbPvEx6hhx3oeieLqnkWeh3YnOqtMH1ILWacyI8hEoImPLaK+o3FgVDl3kThZTsij/9UCAwEAAQ==
			
 
				+    profiles:
			
 
				+      #默认启用dev配置文件
			
 
				+      active: dev
			
 
				+    jpa:
			
 
				+      hibernate:
			
 
				+        ddl-auto: update
			
 
				+      database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
			
 
				+      show-sql: false
			
 
				+      open-in-view: false
			
 
				+    servlet:
			
 
				+      multipart:
			
 
				+        enabled: true
			
 
				+        file-size-threshold: 2KB
			
 
				+        max-request-size: 1000MB
			
 
				+        max-file-size: 1000MB
			
 
				 # 显示sql语句传入的参数
			
 
				 logging:
			
 
				   level:
			
--- a/src/main/resources/test.jue-ming.com.jks
+++ b/src/main/resources/test.jue-ming.com.jks