use of cn.hutool.jwt.JWT in project Jpom by dromara.
the class LoginControl method renewalToken.
/**
* 刷新token
*
* @return json
*/
@RequestMapping(value = "renewal", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@NotLogin
public String renewalToken() {
String token = getRequest().getHeader(ServerOpenApi.HTTP_HEAD_AUTHORIZATION);
if (StrUtil.isEmpty(token)) {
return JsonMessage.getString(ServerConfigBean.AUTHORIZE_TIME_OUT_CODE, "刷新token失败");
}
JWT jwt = JwtUtil.readBody(token);
if (JwtUtil.expired(jwt, 0)) {
int renewal = ServerExtConfigBean.getInstance().getAuthorizeRenewal();
if (jwt == null || renewal <= 0 || JwtUtil.expired(jwt, TimeUnit.MINUTES.toSeconds(renewal))) {
return JsonMessage.getString(ServerConfigBean.AUTHORIZE_TIME_OUT_CODE, "刷新token超时");
}
}
UserModel userModel = userService.checkUser(JwtUtil.getId(jwt));
if (userModel == null) {
return JsonMessage.getString(ServerConfigBean.AUTHORIZE_TIME_OUT_CODE, "没有对应的用户");
}
UserLoginDto userLoginDto = userService.getUserJwtId(userModel);
return JsonMessage.getString(200, "", userLoginDto);
}
use of cn.hutool.jwt.JWT in project Jpom by dromara.
the class LoginInterceptor method checkHeaderUser.
/**
* 尝试获取 header 中的信息
*
* @param session ses
* @param request req
* @return true 获取成功
*/
private int checkHeaderUser(HttpServletRequest request, HttpSession session) {
String token = request.getHeader(ServerOpenApi.HTTP_HEAD_AUTHORIZATION);
if (StrUtil.isEmpty(token)) {
return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE;
}
JWT jwt = JwtUtil.readBody(token);
if (JwtUtil.expired(jwt, 0)) {
int renewal = ServerExtConfigBean.getInstance().getAuthorizeRenewal();
if (jwt == null || renewal <= 0 || JwtUtil.expired(jwt, TimeUnit.MINUTES.toSeconds(renewal))) {
return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE;
}
return ServerConfigBean.RENEWAL_AUTHORIZE_CODE;
}
UserModel user = (UserModel) session.getAttribute(SESSION_NAME);
UserService userService = SpringUtil.getBean(UserService.class);
String id = JwtUtil.getId(jwt);
UserModel newUser = userService.checkUser(id);
if (newUser == null) {
return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE;
}
if (null != user) {
String tokenUserId = JwtUtil.readUserId(jwt);
boolean b = user.getId().equals(tokenUserId);
if (!b) {
return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE;
}
}
session.setAttribute(LoginInterceptor.SESSION_NAME, newUser);
return 0;
}
use of cn.hutool.jwt.JWT in project Jpom by dromara.
the class JwtUtil method builder.
/**
* 生成token
*
* @param userModel 用户
* @return token
*/
public static String builder(UserModel userModel, String jwtId) {
int authorizeExpired = ServerExtConfigBean.getInstance().getAuthorizeExpired();
DateTime now = DateTime.now();
JWT jwt = JWT.create();
jwt.setHeader(JWTHeader.ALGORITHM, ALGORITHM);
jwt.setPayload(KEY_USER_ID, userModel.getId()).setJWTId(jwtId).setIssuer("Jpom").setIssuedAt(now).setExpiresAt(now.offsetNew(DateField.HOUR, authorizeExpired));
return jwt.sign(JWTSignerUtil.hs256(getKey()));
}
Aggregations