|
@@ -3,6 +3,8 @@ import com.fs.common.constant.Constants;
|
|
|
import com.fs.common.core.redis.RedisCache;
|
|
import com.fs.common.core.redis.RedisCache;
|
|
|
import com.fs.common.utils.ServletUtils;
|
|
import com.fs.common.utils.ServletUtils;
|
|
|
import com.fs.common.utils.StringUtils;
|
|
import com.fs.common.utils.StringUtils;
|
|
|
|
|
+import com.fs.common.utils.security.JwtTokenHelper;
|
|
|
|
|
+import com.fs.common.utils.security.TokenIpBindValidator;
|
|
|
import com.fs.common.utils.ip.AddressUtils;
|
|
import com.fs.common.utils.ip.AddressUtils;
|
|
|
import com.fs.common.utils.ip.IpUtils;
|
|
import com.fs.common.utils.ip.IpUtils;
|
|
|
import com.fs.common.utils.uuid.IdUtils;
|
|
import com.fs.common.utils.uuid.IdUtils;
|
|
@@ -49,6 +51,9 @@ public class TokenService
|
|
|
@Value("${token.expireTime}")
|
|
@Value("${token.expireTime}")
|
|
|
private int expireTime;
|
|
private int expireTime;
|
|
|
|
|
|
|
|
|
|
+ @Value("${token.ipBindEnabled:false}")
|
|
|
|
|
+ private boolean ipBindEnabled;
|
|
|
|
|
+
|
|
|
protected static final long MILLIS_SECOND = 1000;
|
|
protected static final long MILLIS_SECOND = 1000;
|
|
|
|
|
|
|
|
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
|
|
protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
|
|
@@ -76,7 +81,7 @@ public class TokenService
|
|
|
String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
|
|
String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
|
|
|
String userKey = getTokenKey(uuid);
|
|
String userKey = getTokenKey(uuid);
|
|
|
StoreLoginUser user = redisCache.getCacheObject(userKey);
|
|
StoreLoginUser user = redisCache.getCacheObject(userKey);
|
|
|
- return user;
|
|
|
|
|
|
|
+ return validateLoginUser(user, request);
|
|
|
}
|
|
}
|
|
|
catch (Exception e)
|
|
catch (Exception e)
|
|
|
{
|
|
{
|
|
@@ -181,10 +186,7 @@ public class TokenService
|
|
|
*/
|
|
*/
|
|
|
private String createToken(Map<String, Object> claims)
|
|
private String createToken(Map<String, Object> claims)
|
|
|
{
|
|
{
|
|
|
- String token = Jwts.builder()
|
|
|
|
|
- .setClaims(claims)
|
|
|
|
|
- .signWith(SignatureAlgorithm.HS512, secret).compact();
|
|
|
|
|
- return token;
|
|
|
|
|
|
|
+ return JwtTokenHelper.createToken(claims, secret, expireTime * MILLIS_MINUTE);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
/**
|
|
@@ -252,7 +254,7 @@ public class TokenService
|
|
|
String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
|
|
String uuid = (String) claims.get(Constants.LOGIN_USER_KEY);
|
|
|
String userKey = getTokenKey(uuid);
|
|
String userKey = getTokenKey(uuid);
|
|
|
StoreLoginUserScrm user = redisCache.getCacheObject(userKey);
|
|
StoreLoginUserScrm user = redisCache.getCacheObject(userKey);
|
|
|
- return user;
|
|
|
|
|
|
|
+ return validateLoginUserScrm(user, request);
|
|
|
}
|
|
}
|
|
|
catch (Exception e)
|
|
catch (Exception e)
|
|
|
{
|
|
{
|
|
@@ -335,4 +337,22 @@ public class TokenService
|
|
|
loginUser.setBrowser(userAgent.getBrowser().getName());
|
|
loginUser.setBrowser(userAgent.getBrowser().getName());
|
|
|
loginUser.setOs(userAgent.getOperatingSystem().getName());
|
|
loginUser.setOs(userAgent.getOperatingSystem().getName());
|
|
|
}
|
|
}
|
|
|
|
|
+
|
|
|
|
|
+ private StoreLoginUser validateLoginUser(StoreLoginUser user, HttpServletRequest request)
|
|
|
|
|
+ {
|
|
|
|
|
+ if (user == null || !TokenIpBindValidator.isIpValid(user.getIpaddr(), request, ipBindEnabled))
|
|
|
|
|
+ {
|
|
|
|
|
+ return null;
|
|
|
|
|
+ }
|
|
|
|
|
+ return user;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ private StoreLoginUserScrm validateLoginUserScrm(StoreLoginUserScrm user, HttpServletRequest request)
|
|
|
|
|
+ {
|
|
|
|
|
+ if (user == null || !TokenIpBindValidator.isIpValid(user.getIpaddr(), request, ipBindEnabled))
|
|
|
|
|
+ {
|
|
|
|
|
+ return null;
|
|
|
|
|
+ }
|
|
|
|
|
+ return user;
|
|
|
|
|
+ }
|
|
|
}
|
|
}
|