From dd5e92b6adb785c2fd9becaf3120d684626d8fdb Mon Sep 17 00:00:00 2001 From: hxr <1490493387@qq.com> Date: Sat, 20 Jan 2024 23:32:07 +0800 Subject: [PATCH] =?UTF-8?q?refactor:=20RedisTemplate=20=E9=80=9A=E8=BF=87?= =?UTF-8?q?=E6=9E=84=E9=80=A0=E5=87=BD=E6=95=B0=E6=B3=A8=E5=85=A5=E5=88=B0?= =?UTF-8?q?JwtTokenFilter?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/youlai/system/config/SecurityConfig.java | 4 +++- .../com/youlai/system/filter/JwtTokenFilter.java | 13 +++++++++---- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/src/main/java/com/youlai/system/config/SecurityConfig.java b/src/main/java/com/youlai/system/config/SecurityConfig.java index 1c799327..637c570a 100644 --- a/src/main/java/com/youlai/system/config/SecurityConfig.java +++ b/src/main/java/com/youlai/system/config/SecurityConfig.java @@ -8,6 +8,7 @@ import com.youlai.system.filter.VerifyCodeFilter; import lombok.RequiredArgsConstructor; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; @@ -35,6 +36,7 @@ public class SecurityConfig { private final MyAuthenticationEntryPoint authenticationEntryPoint; private final MyAccessDeniedHandler accessDeniedHandler; + private final RedisTemplate redisTemplate; @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { @@ -56,7 +58,7 @@ public class SecurityConfig { // 验证码校验过滤器 http.addFilterBefore(new VerifyCodeFilter(), UsernamePasswordAuthenticationFilter.class); // JWT 校验过滤器 - http.addFilterBefore(new JwtTokenFilter(), UsernamePasswordAuthenticationFilter.class); + http.addFilterBefore(new JwtTokenFilter(redisTemplate), UsernamePasswordAuthenticationFilter.class); return http.build(); } diff --git a/src/main/java/com/youlai/system/filter/JwtTokenFilter.java b/src/main/java/com/youlai/system/filter/JwtTokenFilter.java index 9e54bfd4..2a463c9f 100644 --- a/src/main/java/com/youlai/system/filter/JwtTokenFilter.java +++ b/src/main/java/com/youlai/system/filter/JwtTokenFilter.java @@ -31,6 +31,12 @@ import java.util.Map; */ public class JwtTokenFilter extends OncePerRequestFilter { + private final RedisTemplate redisTemplate; + + public JwtTokenFilter(RedisTemplate redisTemplate) { + this.redisTemplate = redisTemplate; + } + /** * 从请求中获取 JWT Token,校验 JWT Token 是否合法 *

@@ -43,11 +49,10 @@ public class JwtTokenFilter extends OncePerRequestFilter { try { if (StrUtil.isNotBlank(token)) { Map payload = JwtUtils.parseToken(token); - String jti = Convert.toStr(payload.get(JWTPayload.JWT_ID)); - RedisTemplate redisTemplate = SpringUtil.getBean("redisTemplate", RedisTemplate.class); - Boolean isBlack = redisTemplate.hasKey(CacheConstants.BLACKLIST_TOKEN_PREFIX + jti); - if (isBlack) { + String jti = Convert.toStr(payload.get(JWTPayload.JWT_ID)); + Boolean isTokenBlacklisted = redisTemplate.hasKey(CacheConstants.BLACKLIST_TOKEN_PREFIX + jti); + if (isTokenBlacklisted ) { ResponseUtils.writeErrMsg(response, ResultCode.TOKEN_INVALID); return; }