tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

wip: jwt 刷新token临时提交

Browse Source
This commit is contained in:
haoxr
2024-11-12 10:40:28 +08:00
parent cb78ea2cfb
commit b4397b13b0
19 changed files with 209 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/main/java/com/youlai/boot/config/property/SecurityProperties.java
View File

@@ -6,6 +6,8 @@ import org.springframework.boot.context.properties.ConfigurationProperties;
import java.util.List; import java.util.List;
/** /**
* 安全配置属性
*
* @author haoxr * @author haoxr
* @since 2024/4/18 * @since 2024/4/18
*/ */
@@ -36,9 +38,14 @@ public class SecurityProperties {
private String key; private String key;
/** /**
* JWT 过期时间 * 访问令牌有效期(单位:秒)
*/ */
private Long ttl; private Integer accessTokenExpiration;
/**
* 刷新令牌有效期(单位:秒)
*/
private Integer refreshTokenExpiration;
} }
} }

45
src/main/java/com/youlai/boot/core/security/util/JwtUtils.java
View File

@@ -47,9 +47,14 @@ public class JwtUtils {
/** /**
* JWT Token 的有效时间(单位:秒) * 访问令牌过期时间单位:秒
*/ */
private static int ttl; private static int accessTokenExpiration;
/**
* 刷新令牌过期时间,单位:秒
*/
private static int refreshTokenExpiration;
@Value("${security.jwt.key}") @Value("${security.jwt.key}")
@@ -57,18 +62,38 @@ public class JwtUtils {
JwtUtils.key = key.getBytes(); JwtUtils.key = key.getBytes();
} }
@Value("${security.jwt.ttl}") @Value("${security.jwt.access-token-expiration}")
public void setTtl(Integer ttl) { public void setAccessTokenExpiration(Integer accessTokenExpiration) {
JwtUtils.ttl = ttl; JwtUtils.accessTokenExpiration = accessTokenExpiration;
} }
@Value("${security.jwt.refresh-token-expiration}")
public void setRefreshTokenExpiration(Integer refreshTokenExpiration) {
JwtUtils.refreshTokenExpiration = refreshTokenExpiration;
}
/**
* 生成访问令牌JWT Token
*
* @param authentication 用户认证信息
* @return Token 字符串
*/
public static String createAccessToken(Authentication authentication) {
return createToken(authentication, accessTokenExpiration);
}
public static String createRefreshToken(Authentication authentication) {
return createToken(authentication, refreshTokenExpiration);
}
/** /**
* 生成 JWT Token * 生成 JWT Token
* *
* @param authentication 用户认证信息 * @param authentication 用户认证信息
* @return Token 字符串 * @return Token 字符串
*/ */
public static String createToken(Authentication authentication) { public static String createToken(Authentication authentication, int expiration) {
SysUserDetails userDetails = (SysUserDetails) authentication.getPrincipal(); SysUserDetails userDetails = (SysUserDetails) authentication.getPrincipal();
@@ -78,7 +103,7 @@ public class JwtUtils {
payload.put(JwtClaimConstants.DATA_SCOPE, userDetails.getDataScope()); // 数据权限范围 payload.put(JwtClaimConstants.DATA_SCOPE, userDetails.getDataScope()); // 数据权限范围
// claims 中添加角色信息 // claims 中添加角色信息
Set<String> roles = userDetails.getAuthorities().stream() Set<String> roles = authentication.getAuthorities().stream()
.map(GrantedAuthority::getAuthority) .map(GrantedAuthority::getAuthority)
.collect(Collectors.toSet()); .collect(Collectors.toSet());
payload.put(JwtClaimConstants.AUTHORITIES, roles); payload.put(JwtClaimConstants.AUTHORITIES, roles);
@@ -87,9 +112,9 @@ public class JwtUtils {
payload.put(JWTPayload.ISSUED_AT, now); payload.put(JWTPayload.ISSUED_AT, now);
// 设置过期时间 -1 表示永不过期 // 设置过期时间 -1 表示永不过期
if (ttl != -1) { if (expiration != -1) {
Date expiration = DateUtil.offsetSecond(now, ttl); Date expiresAt = DateUtil.offsetSecond(now, expiration);
payload.put(JWTPayload.EXPIRES_AT, expiration); payload.put(JWTPayload.EXPIRES_AT, expiresAt);
} }
payload.put(JWTPayload.SUBJECT, authentication.getName()); payload.put(JWTPayload.SUBJECT, authentication.getName());
payload.put(JWTPayload.JWT_ID, IdUtil.simpleUUID()); payload.put(JWTPayload.JWT_ID, IdUtil.simpleUUID());

12
src/main/java/com/youlai/boot/shared/auth/controller/AuthController.java
View File

@@ -2,9 +2,10 @@ package com.youlai.boot.shared.auth.controller;
import com.youlai.boot.common.enums.LogModuleEnum; import com.youlai.boot.common.enums.LogModuleEnum;
import com.youlai.boot.common.result.Result; import com.youlai.boot.common.result.Result;
import com.youlai.boot.shared.auth.model.RefreshTokenRequest;
import com.youlai.boot.shared.auth.service.AuthService; import com.youlai.boot.shared.auth.service.AuthService;
import com.youlai.boot.system.model.dto.CaptchaResult; import com.youlai.boot.shared.auth.model.CaptchaResult;
import com.youlai.boot.system.model.dto.LoginResult; import com.youlai.boot.shared.auth.model.LoginResult;
import com.youlai.boot.common.annotation.Log; import com.youlai.boot.common.annotation.Log;
import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.Parameter;
@@ -53,4 +54,11 @@ public class AuthController {
CaptchaResult captcha = authService.getCaptcha(); CaptchaResult captcha = authService.getCaptcha();
return Result.success(captcha); return Result.success(captcha);
} }
@Operation(summary = "刷新token")
@PostMapping("/refresh-token")
public Result<?> refreshToken(@RequestBody RefreshTokenRequest request) {
LoginResult loginResult = authService.refreshToken(request);
return Result.success(loginResult);
}
} }

2
src/main/java/com/youlai/boot/system/model/dto/CaptchaResult.java → src/main/java/com/youlai/boot/shared/auth/model/CaptchaResult.java
View File

@@ -1,4 +1,4 @@
package com.youlai.boot.system.model.dto; package com.youlai.boot.shared.auth.model;
import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;

6
src/main/java/com/youlai/boot/system/model/dto/LoginResult.java → src/main/java/com/youlai/boot/shared/auth/model/LoginResult.java
View File

@@ -1,4 +1,4 @@
package com.youlai.boot.system.model.dto; package com.youlai.boot.shared.auth.model;
import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Builder; import lombok.Builder;
@@ -9,13 +9,13 @@ import lombok.Data;
@Builder @Builder
public class LoginResult { public class LoginResult {
@Schema(description = "访问token") @Schema(description = "访问令牌")
private String accessToken; private String accessToken;
@Schema(description = "token 类型",example = "Bearer") @Schema(description = "token 类型",example = "Bearer")
private String tokenType; private String tokenType;
@Schema(description = "刷新token") @Schema(description = "刷新令牌")
private String refreshToken; private String refreshToken;
@Schema(description = "过期时间(单位:毫秒)") @Schema(description = "过期时间(单位:毫秒)")

21
src/main/java/com/youlai/boot/shared/auth/model/RefreshTokenRequest.java Normal file
View File

@@ -0,0 +1,21 @@
package com.youlai.boot.shared.auth.model;
import io.swagger.v3.oas.annotations.media.Schema;
import jakarta.validation.constraints.NotBlank;
import lombok.Data;
/**
* 刷新令牌请求参数
*
* @author haoxr
* @since 2024/11/11
*/
@Schema(description = "刷新令牌请求参数")
@Data
public class RefreshTokenRequest {
@Schema(description = "刷新令牌")
@NotBlank(message = "刷新令牌不能为空")
private String refreshToken;
}

13
src/main/java/com/youlai/boot/shared/auth/service/AuthService.java
View File

@@ -1,7 +1,8 @@
package com.youlai.boot.shared.auth.service; package com.youlai.boot.shared.auth.service;
import com.youlai.boot.system.model.dto.CaptchaResult; import com.youlai.boot.shared.auth.model.CaptchaResult;
import com.youlai.boot.system.model.dto.LoginResult; import com.youlai.boot.shared.auth.model.LoginResult;
import com.youlai.boot.shared.auth.model.RefreshTokenRequest;
/** /**
* 认证服务接口 * 认证服务接口
@@ -31,4 +32,12 @@ public interface AuthService {
* @return 验证码 * @return 验证码
*/ */
CaptchaResult getCaptcha(); CaptchaResult getCaptcha();
/**
* 刷新令牌
*
* @param request 刷新令牌请求参数
* @return 登录结果
*/
LoginResult refreshToken(RefreshTokenRequest request);
} }

50
src/main/java/com/youlai/boot/shared/auth/service/impl/AuthServiceImpl.java
View File

@@ -5,12 +5,19 @@ import cn.hutool.captcha.CaptchaUtil;
import cn.hutool.captcha.generator.CodeGenerator; import cn.hutool.captcha.generator.CodeGenerator;
import cn.hutool.core.util.IdUtil; import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import cn.hutool.jwt.JWT;
import cn.hutool.jwt.JWTPayload;
import cn.hutool.jwt.JWTUtil;
import com.youlai.boot.common.constant.SecurityConstants; import com.youlai.boot.common.constant.SecurityConstants;
import com.youlai.boot.common.exception.BusinessException;
import com.youlai.boot.common.result.ResultCode;
import com.youlai.boot.config.property.SecurityProperties;
import com.youlai.boot.core.security.util.SecurityUtils; import com.youlai.boot.core.security.util.SecurityUtils;
import com.youlai.boot.shared.auth.enums.CaptchaTypeEnum; import com.youlai.boot.shared.auth.enums.CaptchaTypeEnum;
import com.youlai.boot.shared.auth.model.RefreshTokenRequest;
import com.youlai.boot.shared.auth.service.AuthService; import com.youlai.boot.shared.auth.service.AuthService;
import com.youlai.boot.system.model.dto.CaptchaResult; import com.youlai.boot.shared.auth.model.CaptchaResult;
import com.youlai.boot.system.model.dto.LoginResult; import com.youlai.boot.shared.auth.model.LoginResult;
import com.youlai.boot.config.property.CaptchaProperties; import com.youlai.boot.config.property.CaptchaProperties;
import com.youlai.boot.core.security.util.JwtUtils; import com.youlai.boot.core.security.util.JwtUtils;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
@@ -41,6 +48,7 @@ public class AuthServiceImpl implements AuthService {
private final CodeGenerator codeGenerator; private final CodeGenerator codeGenerator;
private final Font captchaFont; private final Font captchaFont;
private final CaptchaProperties captchaProperties; private final CaptchaProperties captchaProperties;
private final SecurityProperties securityProperties;
/** /**
* 登录 * 登录
@@ -54,16 +62,18 @@ public class AuthServiceImpl implements AuthService {
// 创建认证令牌对象 // 创建认证令牌对象
UsernamePasswordAuthenticationToken authenticationToken = UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(username.toLowerCase().trim(), password); new UsernamePasswordAuthenticationToken(username.toLowerCase().trim(), password);
// 执行用户认证 // 执行用户认证认证成功返回的Authentication是SysUserDetailsService#loadUserByUsername获取到的的UserDetails
Authentication authentication = authenticationManager.authenticate(authenticationToken); Authentication authentication = authenticationManager.authenticate(authenticationToken);
// 认证成功后生成JWT令牌 // 认证成功后生成JWT令牌
String accessToken = JwtUtils.createToken(authentication); String accessToken = JwtUtils.createAccessToken(authentication);
String refreshToken = JwtUtils.createRefreshToken(authentication);
// 将认证信息存入Security上下文便于在AOP如日志记录中获取当前用户信息 // 将认证信息存入Security上下文便于在AOP如日志记录中获取当前用户信息
SecurityContextHolder.getContext().setAuthentication(authentication); SecurityContextHolder.getContext().setAuthentication(authentication);
// 返回包含JWT令牌的登录结果 // 返回包含JWT令牌的登录结果
return LoginResult.builder() return LoginResult.builder()
.tokenType("Bearer") .tokenType("Bearer")
.accessToken(accessToken) .accessToken(accessToken)
.refreshToken(refreshToken)
.build(); .build();
} }
@@ -122,4 +132,36 @@ public class AuthServiceImpl implements AuthService {
.build(); .build();
} }
/**
* 刷新令牌
*
* @param request 刷新令牌请求参数
* @return 新的访问令牌
*/
@Override
public LoginResult refreshToken(RefreshTokenRequest request) {
// 验证刷新令牌
String refreshToken = request.getRefreshToken();
JWT jwt = JWTUtil.parseToken(refreshToken);
boolean isValidate = jwt.setKey(securityProperties.getJwt().getKey().getBytes()).validate(0);
if (!isValidate || redisTemplate.hasKey(SecurityConstants.BLACKLIST_TOKEN_PREFIX + jwt.getPayloads().getStr(JWTPayload.JWT_ID))) {
throw new BusinessException(ResultCode.TOKEN_INVALID);
}
Authentication authentication = JwtUtils.getAuthentication(jwt.getPayloads());
// 创建新的访问令牌
String newAccessToken = JwtUtils.createAccessToken(authentication);
// 返回新的访问令牌
return LoginResult.builder()
.tokenType("Bearer")
.accessToken(newAccessToken)
.refreshToken(refreshToken) // 保持刷新令牌不变
.build();
}
} }

2
src/main/java/com/youlai/boot/shared/file/controller/FileController.java
View File

@@ -2,7 +2,7 @@ package com.youlai.boot.shared.file.controller;
import com.youlai.boot.common.result.Result; import com.youlai.boot.common.result.Result;
import com.youlai.boot.shared.file.service.FileService; import com.youlai.boot.shared.file.service.FileService;
import com.youlai.boot.system.model.dto.FileInfo; import com.youlai.boot.shared.file.model.FileInfo;
import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.enums.ParameterIn; import io.swagger.v3.oas.annotations.enums.ParameterIn;
import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema;

2
src/main/java/com/youlai/boot/system/model/dto/FileInfo.java → src/main/java/com/youlai/boot/shared/file/model/FileInfo.java
View File

@@ -1,4 +1,4 @@
package com.youlai.boot.system.model.dto; package com.youlai.boot.shared.file.model;
import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data; import lombok.Data;

2
src/main/java/com/youlai/boot/shared/file/service/FileService.java
View File

@@ -1,6 +1,6 @@
package com.youlai.boot.shared.file.service; package com.youlai.boot.shared.file.service;
import com.youlai.boot.system.model.dto.FileInfo; import com.youlai.boot.shared.file.model.FileInfo;
import org.springframework.web.multipart.MultipartFile; import org.springframework.web.multipart.MultipartFile;
/** /**

2
src/main/java/com/youlai/boot/shared/file/service/impl/AliyunFileService.java
View File

@@ -9,7 +9,7 @@ import com.aliyun.oss.OSSClientBuilder;
import com.aliyun.oss.model.ObjectMetadata; import com.aliyun.oss.model.ObjectMetadata;
import com.aliyun.oss.model.PutObjectRequest; import com.aliyun.oss.model.PutObjectRequest;
import com.youlai.boot.shared.file.service.FileService; import com.youlai.boot.shared.file.service.FileService;
import com.youlai.boot.system.model.dto.FileInfo; import com.youlai.boot.shared.file.model.FileInfo;
import jakarta.annotation.PostConstruct; import jakarta.annotation.PostConstruct;
import lombok.Data; import lombok.Data;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;

2
src/main/java/com/youlai/boot/shared/file/service/impl/MinioFileService.java
View File

@@ -6,7 +6,7 @@ import cn.hutool.core.lang.Assert;
import cn.hutool.core.util.IdUtil; import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil; import cn.hutool.core.util.StrUtil;
import com.youlai.boot.shared.file.service.FileService; import com.youlai.boot.shared.file.service.FileService;
import com.youlai.boot.system.model.dto.FileInfo; import com.youlai.boot.shared.file.model.FileInfo;
import io.minio.*; import io.minio.*;
import io.minio.errors.*; import io.minio.errors.*;
import io.minio.http.Method; import io.minio.http.Method;

2
src/main/java/com/youlai/boot/shared/websocket/controller/WebsocketController.java
View File

@@ -1,6 +1,6 @@
package com.youlai.boot.shared.websocket.controller; package com.youlai.boot.shared.websocket.controller;
import com.youlai.boot.system.model.dto.ChatMessage; import com.youlai.boot.shared.websocket.model.ChatMessage;
import lombok.RequiredArgsConstructor; import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.messaging.handler.annotation.DestinationVariable; import org.springframework.messaging.handler.annotation.DestinationVariable;

2
src/main/java/com/youlai/boot/system/model/dto/ChatMessage.java → src/main/java/com/youlai/boot/shared/websocket/model/ChatMessage.java
View File

@@ -1,4 +1,4 @@
package com.youlai.boot.system.model.dto; package com.youlai.boot.shared.websocket.model;
import lombok.AllArgsConstructor; import lombok.AllArgsConstructor;
import lombok.Data; import lombok.Data;

29
src/main/java/com/youlai/boot/system/model/dto/MessageDTO.java
View File

@@ -1,29 +0,0 @@
package com.youlai.boot.system.model.dto;
import io.swagger.v3.oas.annotations.media.Schema;
import lombok.Data;
import java.util.Set;
/**
* 消息载体
*
* @author Theo
* @since 2024-9-2 14:32:58
* @version 1.0.0
*/
@Data
public class MessageDTO {
@Schema(description = "消息内容")
private String content;
@Schema(description = "发送者")
private String sender;
@Schema(description = "接收者")
private Set<String> receivers;
}

6
src/main/resources/application-dev.yml
View File

@@ -80,8 +80,10 @@ security:
jwt: jwt:
# JWT 秘钥 # JWT 秘钥
key: SecretKey012345678901234567890123456789012345678901234567890123456789 key: SecretKey012345678901234567890123456789012345678901234567890123456789
# JWT 有效期(单位:秒) # 访问令牌 有效期(单位:秒),默认 1 小时
ttl: 7200 access-token-expiration: 3600
# 刷新令牌有效期(单位:秒),默认 7 天
refresh-token-expiration: 604800
# 白名单列表 # 白名单列表
ignore-urls: ignore-urls:
- /v3/api-docs/** - /v3/api-docs/**

64
src/main/resources/application.yml
View File

@@ -3,65 +3,9 @@ spring:
name: youlai-boot name: youlai-boot
profiles: profiles:
active: dev active: dev
config:
import: classpath:codegen.yml
# 在 banner.txt 中显示项目版本,使用 @project.version@ 从 pom.xml 获取
project: project:
version: @project.version@ version: @project.version@
# 代码生成器配置
codegen:
# 下载代码文件名称
downloadFileName: youlai-admin-code.zip
# 后端项目名称
backendAppName: youlai-boot
# 前端项目名称
frontendAppName: vue3-element-admin
# 默认配置
defaultConfig:
author: youlaitech
moduleName: system
# 排除数据表
excludeTables:
- gen_config
- gen_field_config
## 模板配置
templateConfigs:
API:
templatePath: codegen/api.ts.vm
subpackageName: api
extension: .ts
VIEW:
templatePath: codegen/index.vue.vm
subpackageName: views
extension: .vue
Controller:
templatePath: codegen/controller.java.vm
subpackageName: controller
Service:
templatePath: codegen/service.java.vm
subpackageName: service
ServiceImpl:
templatePath: codegen/serviceImpl.java.vm
subpackageName: service.impl
Mapper:
templatePath: codegen/mapper.java.vm
subpackageName: mapper
MapperXml:
templatePath: codegen/mapper.xml.vm
subpackageName: mapper
extension: .xml
Converter:
templatePath: codegen/converter.java.vm
subpackageName: converter
Query:
templatePath: codegen/query.java.vm
subpackageName: model.query
Form:
templatePath: codegen/form.java.vm
subpackageName: model.form
VO:
templatePath: codegen/vo.java.vm
subpackageName: model.vo
Entity:
templatePath: codegen/entity.java.vm
subpackageName: model.entity

58
src/main/resources/codegen.yml Normal file
View File

@@ -0,0 +1,58 @@
# 代码生成器配置
codegen:
# 下载代码文件名称
downloadFileName: youlai-admin-code.zip
# 后端项目名称
backendAppName: youlai-boot
# 前端项目名称
frontendAppName: vue3-element-admin
# 默认配置
defaultConfig:
author: youlaitech
moduleName: system
# 排除数据表
excludeTables:
- gen_config
- gen_field_config
## 模板配置
templateConfigs:
API:
templatePath: codegen/api.ts.vm
subpackageName: api
extension: .ts
VIEW:
templatePath: codegen/index.vue.vm
subpackageName: views
extension: .vue
Controller:
templatePath: codegen/controller.java.vm
subpackageName: controller
Service:
templatePath: codegen/service.java.vm
subpackageName: service
ServiceImpl:
templatePath: codegen/serviceImpl.java.vm
subpackageName: service.impl
Mapper:
templatePath: codegen/mapper.java.vm
subpackageName: mapper
MapperXml:
templatePath: codegen/mapper.xml.vm
subpackageName: mapper
extension: .xml
Converter:
templatePath: codegen/converter.java.vm
subpackageName: converter
Query:
templatePath: codegen/query.java.vm
subpackageName: model.query
Form:
templatePath: codegen/form.java.vm
subpackageName: model.form
VO:
templatePath: codegen/vo.java.vm
subpackageName: model.vo
Entity:
templatePath: codegen/entity.java.vm
subpackageName: model.entity