use of com.usthe.sureness.provider.SurenessAccount in project hertzbeat by dromara.
the class AccountController method refreshToken.
@GetMapping("/refresh/{refreshToken}")
@ApiOperation(value = "Use refresh TOKEN to re-acquire TOKEN", notes = "使用刷新TOKEN重新获取TOKEN")
public ResponseEntity<Message<Map<String, String>>> refreshToken(@ApiParam(value = "Refresh TOKEN | 刷新TOKEN", example = "xxx") @PathVariable("refreshToken") @NotNull final String refreshToken) {
String userId;
boolean isRefresh;
try {
Claims claims = JsonWebTokenUtil.parseJwt(refreshToken);
userId = String.valueOf(claims.getSubject());
isRefresh = claims.get("refresh", Boolean.class);
} catch (Exception e) {
log.info(e.getMessage());
Message<Map<String, String>> message = Message.<Map<String, String>>builder().msg("刷新TOKEN过期或错误").code(MONITOR_LOGIN_FAILED_CODE).build();
return ResponseEntity.ok(message);
}
if (userId == null || !isRefresh) {
Message<Map<String, String>> message = Message.<Map<String, String>>builder().msg("非法的刷新TOKEN").code(MONITOR_LOGIN_FAILED_CODE).build();
return ResponseEntity.ok(message);
}
SurenessAccount account = accountProvider.loadAccount(userId);
if (account == null) {
Message<Map<String, String>> message = Message.<Map<String, String>>builder().msg("TOKEN对应的账户不存在").code(MONITOR_LOGIN_FAILED_CODE).build();
return ResponseEntity.ok(message);
}
List<String> roles = account.getOwnRoles();
// Issue TOKEN 签发TOKEN
String issueToken = JsonWebTokenUtil.issueJwt(userId, PERIOD_TIME, roles);
Map<String, Object> customClaimMap = new HashMap<>(1);
customClaimMap.put("refresh", true);
String issueRefresh = JsonWebTokenUtil.issueJwt(userId, PERIOD_TIME << 5, customClaimMap);
Map<String, String> resp = new HashMap<>(2);
resp.put("token", issueToken);
resp.put("refreshToken", issueRefresh);
return ResponseEntity.ok(new Message<>(resp));
}
use of com.usthe.sureness.provider.SurenessAccount in project hertzbeat by dromara.
the class AccountController method authGetToken.
@PostMapping("/form")
@ApiOperation(value = "Account password login to obtain associated user information", notes = "账户密码登录获取关联用户信息")
public ResponseEntity<Message<Map<String, String>>> authGetToken(@RequestBody LoginDto loginDto) {
SurenessAccount account = accountProvider.loadAccount(loginDto.getIdentifier());
if (account == null || account.getPassword() == null) {
Message<Map<String, String>> message = Message.<Map<String, String>>builder().msg("账户密码错误").code(MONITOR_LOGIN_FAILED_CODE).build();
return ResponseEntity.ok(message);
} else {
String password = loginDto.getCredential();
if (account.getSalt() != null) {
password = Md5Util.md5(password + account.getSalt());
}
if (!account.getPassword().equals(password)) {
Message<Map<String, String>> message = Message.<Map<String, String>>builder().msg("账户密码错误").code(MONITOR_LOGIN_FAILED_CODE).build();
return ResponseEntity.ok(message);
}
if (account.isDisabledAccount() || account.isExcessiveAttempts()) {
Message<Map<String, String>> message = Message.<Map<String, String>>builder().msg("账户过期或被锁定").code(MONITOR_LOGIN_FAILED_CODE).build();
return ResponseEntity.ok(message);
}
}
// Get the roles the user has - rbac
List<String> roles = account.getOwnRoles();
// Issue TOKEN 签发TOKEN
String issueToken = JsonWebTokenUtil.issueJwt(loginDto.getIdentifier(), PERIOD_TIME, roles);
Map<String, Object> customClaimMap = new HashMap<>(1);
customClaimMap.put("refresh", true);
String issueRefresh = JsonWebTokenUtil.issueJwt(loginDto.getIdentifier(), PERIOD_TIME << 5, customClaimMap);
Map<String, String> resp = new HashMap<>(2);
resp.put("token", issueToken);
resp.put("refreshToken", issueRefresh);
return ResponseEntity.ok(new Message<>(resp));
}
Aggregations