diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java index e83e3840..a7016b43 100644 --- a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java +++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java @@ -50,14 +50,14 @@ public class TokenFilter implements Filter { HttpServletResponse response = (HttpServletResponse) servletResponse; String uri = request.getRequestURI(); - if(uri.equals("/")){ + if (uri.equals("/")) { response.sendRedirect("/index.html"); return; } // 不需要token验证和权限验证的url,直接放行 boolean skipAuthenticate = SKIP_AUTHENTICATE_PATTERN.matcher(uri).matches(); - if(skipAuthenticate){ + if (skipAuthenticate) { filterChain.doFilter(request, response); return; } @@ -92,7 +92,6 @@ public class TokenFilter implements Filter { && !uri.endsWith("/dataSet/testTransform") && !uri.endsWith("/reportDashboard/getData") && !uri.startsWith("/dict") - && !uri.startsWith("/dict") ) { //不允许删除 String method = request.getMethod(); @@ -115,23 +114,25 @@ public class TokenFilter implements Filter { Filter.super.destroy(); } - /** 根据名单,生成正则 + /** + * 根据名单,生成正则 + * * @param skipUrlList * @return */ - private Pattern fitByList(List skipUrlList){ - if(skipUrlList == null || skipUrlList.size() == 0){ + private Pattern fitByList(List skipUrlList) { + if (skipUrlList == null || skipUrlList.size() == 0) { return Pattern.compile(".*().*"); } StringBuffer patternString = new StringBuffer(); patternString.append(".*("); - skipUrlList.stream().forEach(url ->{ + skipUrlList.stream().forEach(url -> { patternString.append(url.trim()); patternString.append("|"); }); - if(skipUrlList.size()>0){ - patternString.deleteCharAt(patternString.length()-1); + if (skipUrlList.size() > 0) { + patternString.deleteCharAt(patternString.length() - 1); } patternString.append(").*"); diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessuser/service/impl/AccessUserServiceImpl.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessuser/service/impl/AccessUserServiceImpl.java index 6fec11a6..1874b44e 100755 --- a/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessuser/service/impl/AccessUserServiceImpl.java +++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessuser/service/impl/AccessUserServiceImpl.java @@ -148,21 +148,20 @@ public class AccessUserServiceImpl implements AccessUserService { // 3.如果该用户登录未过期,这里允许一个用户在多个终端登录 String tokenKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_TOKEN, loginName); - String userKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_USER, loginName); String token = ""; GaeaUserDto gaeaUser = new GaeaUserDto(); - if (cacheHelper.exist(tokenKey) && cacheHelper.exist(userKey)) { + if (cacheHelper.exist(tokenKey)) { token = cacheHelper.stringGet(tokenKey); - gaeaUser = JSONObject.parseObject(cacheHelper.stringGet(userKey), GaeaUserDto.class); - return gaeaUser; + } else { + // 生成用户token + String uuid = GaeaUtils.UUID(); + token = jwtBean.createToken(loginName, uuid); + cacheHelper.stringSetExpire(tokenKey, token, 3600); } - // 4.生成用户token - String uuid = GaeaUtils.UUID(); - token = jwtBean.createToken(loginName, uuid); - cacheHelper.stringSetExpire(tokenKey, token, 3600); + // 4.读取用户最新人权限主信息 + String userKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_USER, loginName); - // 5.缓存用户权限主信息 List authorities = accessUserMapper.queryAuthoritiesByLoginName(loginName); gaeaUser.setLoginName(loginName); gaeaUser.setRealName(accessUser.getRealName()); @@ -173,4 +172,4 @@ public class AccessUserServiceImpl implements AccessUserService { return gaeaUser; } -} \ No newline at end of file +}