diff --git a/src/main/java/com/ycwl/basic/interceptor/AuthInterceptor.java b/src/main/java/com/ycwl/basic/interceptor/AuthInterceptor.java index 29c35f1..3c28059 100644 --- a/src/main/java/com/ycwl/basic/interceptor/AuthInterceptor.java +++ b/src/main/java/com/ycwl/basic/interceptor/AuthInterceptor.java @@ -9,8 +9,10 @@ import com.ycwl.basic.exception.CheckTokenException; import com.ycwl.basic.exception.MissTokenException; import com.ycwl.basic.exception.PermissionException; import com.ycwl.basic.exception.TokenExpireException; +import com.ycwl.basic.mapper.AdminUserMapper; import com.ycwl.basic.mapper.ScenicAccountMapper; import com.ycwl.basic.model.jwt.JwtInfo; +import com.ycwl.basic.model.pc.adminUser.entity.LoginEntity; import com.ycwl.basic.model.pc.scenic.entity.ScenicAccountEntity; import com.ycwl.basic.utils.JwtTokenUtil; import lombok.extern.slf4j.Slf4j; @@ -31,6 +33,7 @@ import java.time.ZoneId; import java.time.ZoneOffset; import java.util.List; +import static com.ycwl.basic.constant.JwtRoleConstant.ADMIN; import static com.ycwl.basic.constant.JwtRoleConstant.MERCHANT; @Slf4j @@ -41,6 +44,8 @@ public class AuthInterceptor implements HandlerInterceptor { RedisTemplate redisTemplate; @Autowired private ScenicAccountMapper scenicAccountMapper; + @Autowired + private AdminUserMapper adminUserMapper; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { @@ -86,6 +91,14 @@ public class AuthInterceptor implements HandlerInterceptor { throw new TokenExpireException("token过期"); } } + if (StringUtils.equals(jwtInfo.getRoleId(), ADMIN.type)) { + Long adminId = jwtInfo.getUserId(); + LoginEntity account = adminUserMapper.getById(adminId); + LocalDateTime expireTime = jwtInfo.getExpireTime(); + if (account.getUpdateAt().toInstant().getEpochSecond() != expireTime.atZone(ZoneId.systemDefault()).toEpochSecond()) { + throw new TokenExpireException("token过期"); + } + } BaseContextHandler.setToken(token); BaseContextHandler.setName(jwtInfo.getName()); BaseContextHandler.setUserId(String.valueOf(jwtInfo.getUserId())); diff --git a/src/main/java/com/ycwl/basic/mapper/AdminUserMapper.java b/src/main/java/com/ycwl/basic/mapper/AdminUserMapper.java index b4257ee..6e0d68e 100644 --- a/src/main/java/com/ycwl/basic/mapper/AdminUserMapper.java +++ b/src/main/java/com/ycwl/basic/mapper/AdminUserMapper.java @@ -25,4 +25,6 @@ public interface AdminUserMapper { int updatePassword(UpdatePasswordReqVO updatePasswordReqVO); String getPasswordByAccount(@Param("id")String id); + + LoginEntity getById(Long id); } diff --git a/src/main/java/com/ycwl/basic/model/pc/adminUser/entity/LoginEntity.java b/src/main/java/com/ycwl/basic/model/pc/adminUser/entity/LoginEntity.java index 06f076c..a4121de 100644 --- a/src/main/java/com/ycwl/basic/model/pc/adminUser/entity/LoginEntity.java +++ b/src/main/java/com/ycwl/basic/model/pc/adminUser/entity/LoginEntity.java @@ -2,6 +2,8 @@ package com.ycwl.basic.model.pc.adminUser.entity; import lombok.Data; +import java.util.Date; + @Data public class LoginEntity { private Long staffId; @@ -10,4 +12,5 @@ public class LoginEntity { private String password; private String roleId; private String typeName; + private Date updateAt; } diff --git a/src/main/java/com/ycwl/basic/service/pc/impl/AdminUserServiceImpl.java b/src/main/java/com/ycwl/basic/service/pc/impl/AdminUserServiceImpl.java index 7ea71ab..d9118f1 100644 --- a/src/main/java/com/ycwl/basic/service/pc/impl/AdminUserServiceImpl.java +++ b/src/main/java/com/ycwl/basic/service/pc/impl/AdminUserServiceImpl.java @@ -23,9 +23,11 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.stereotype.Service; +import java.time.ZoneId; import java.util.ArrayList; import java.util.List; +import static com.ycwl.basic.constant.JwtRoleConstant.ADMIN; import static com.ycwl.basic.constant.PermissionConstant.ROLE_STATUS; @@ -130,7 +132,7 @@ public class AdminUserServiceImpl implements AdminUserService { } } LoginRespVO loginRespVO = new LoginRespVO(); - String token = jwtTokenUtil.generateToken(new JwtInfo(login.getStaffName(), login.getStaffId(), roleId, login.getAccount(), login.getAccount(), null)); + String token = jwtTokenUtil.generateToken(new JwtInfo(login.getStaffName(), login.getStaffId(), ADMIN.type, login.getAccount(), login.getAccount(), null), login.getUpdateAt()); loginRespVO.setToken(token); loginRespVO.setName(login.getStaffName()); loginRespVO.setTypeName(login.getTypeName()); diff --git a/src/main/java/com/ycwl/basic/utils/JwtTokenUtil.java b/src/main/java/com/ycwl/basic/utils/JwtTokenUtil.java index 99f2bbb..845fc4d 100644 --- a/src/main/java/com/ycwl/basic/utils/JwtTokenUtil.java +++ b/src/main/java/com/ycwl/basic/utils/JwtTokenUtil.java @@ -51,6 +51,9 @@ public class JwtTokenUtil { public static String generateToken(JwtInfo jwtInfo, int expire) throws Exception { LocalDateTime expireTime = LocalDateTime.now().plusDays(expire); + if (jwtInfo.getExpireTime() != null) { + expireTime = jwtInfo.getExpireTime(); + } byte[] bytes = RsaKeyUtil.toBytes(PRI_KEY); String token = JwtAnalysisUtil.generateToken(jwtInfo, bytes, expireTime); return token; diff --git a/src/main/resources/mapper/AdminUserMapper.xml b/src/main/resources/mapper/AdminUserMapper.xml index 6f23277..8604564 100644 --- a/src/main/resources/mapper/AdminUserMapper.xml +++ b/src/main/resources/mapper/AdminUserMapper.xml @@ -77,7 +77,8 @@ au.name as staffName, au.id as staffId, au.password, - au.role_id + au.role_id, + au.update_at from admin_user au where account = #{account} and au.status = 1 @@ -89,4 +90,16 @@ where id = #{id} and status = 1 +