From 022b17044ab6bb284fd6313da91d1d1dfb2d5079 Mon Sep 17 00:00:00 2001
From: kongzy <kongzy>
Date: 星期一, 03 六月 2024 13:20:42 +0800
Subject: [PATCH] update

---
 assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysLoginService.java |   39 ++++++++++++++++++++++++++++-----------
 1 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysLoginService.java b/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysLoginService.java
index 31cf00c..96d9a40 100644
--- a/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysLoginService.java
+++ b/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysLoginService.java
@@ -4,7 +4,6 @@
 import com.gkhy.assess.common.enums.ApproveStatusEnum;
 import com.gkhy.assess.common.enums.UserIdentityEnum;
 import com.gkhy.assess.common.enums.UserStatusEnum;
-import com.gkhy.assess.common.exception.ApiException;
 import com.gkhy.assess.common.utils.JwtTokenUtil;
 import com.gkhy.assess.common.utils.RedisUtils;
 import com.gkhy.assess.system.domain.SysUser;
@@ -15,6 +14,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
+import javax.servlet.http.HttpServletRequest;
 import java.time.LocalDateTime;
 
 @Component
@@ -25,9 +25,11 @@
     private SysPasswordService passwordService;
     @Autowired
     private RedisUtils redisUtils;
+    @Autowired
+    private HttpServletRequest request;
 
-    public SysUser login(String username, String password) {
-        SysUser sysUser=sysUserService.getUserByUsernamePhone(username);
+    public SysUser login(String username, String password,Integer identity) {
+        SysUser sysUser=sysUserService.getUserByUsernamePhone(username,identity);
         validUser(sysUser);
         passwordService.validate(sysUser,password);
         recordLoginInfo(sysUser.getId());
@@ -37,6 +39,16 @@
     public void validUser(SysUser sysUser){
         if(sysUser==null) {
             throw new AuthenticationException("用户不存在");
+        }
+        String uri=request.getRequestURI();
+        if(uri.startsWith("/api/system")){
+            if(UserIdentityEnum.EXPERT.getCode().equals(sysUser.getIdentity())){
+                throw new AuthenticationException("专家用户无权登录后台");
+            }
+        }else if(uri.startsWith("/api/app/")){
+            if(!UserIdentityEnum.EXPERT.getCode().equals(sysUser.getIdentity())){
+                throw new AuthenticationException("只有专家用户才能登录APP");
+            }
         }
         if(UserStatusEnum.DELETED.getCode().equals(sysUser.getDelFlag())){
             throw new AuthenticationException("用户已被删除");
@@ -52,14 +64,19 @@
     }
 
     public SysUser validJwtToken(String jwtToken){
+
         String username= JwtTokenUtil.getUsername(jwtToken);
-        if(StringUtils.isEmpty(username)){
+        Integer identity=JwtTokenUtil.getIdentity(jwtToken);
+        if(StringUtils.isEmpty(username)||identity==null){
             throw new AuthenticationException("token非法无效!");
         }
-        SysUser sysUser=sysUserService.getUserByUsernamePhone(username);
+        SysUser sysUser=sysUserService.getUserByUsernamePhone(username,identity);
         validUser(sysUser);
-        if(!jwtTokenRefresh(jwtToken,username,sysUser.getPassword())){
-            throw new AuthenticationException("Token失效，请重新登录!");
+        if(!JwtTokenUtil.verify(jwtToken,username,sysUser.getPassword(),identity)){
+            throw new AuthenticationException("token非法无效!");
+        }
+        if(!jwtTokenRefresh(jwtToken,username,sysUser.getPassword(),identity)){
+            throw new AuthenticationException("Token已失效，请重新登录!");
         }
      //   setRolePermission(sysUser);
         return sysUser;
@@ -78,14 +95,14 @@
      * @param passWord
      * @return
      */
-    public boolean jwtTokenRefresh(String jwtToken,String username,String passWord){
+    public boolean jwtTokenRefresh(String jwtToken, String username, String passWord, Integer identity){
         String tokenKey=redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN+":"+JwtTokenUtil.md5Encode(jwtToken));
-        String userKey=redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN+":"+username);
+        String userKey=redisUtils.generateKey(CacheConstant.SYS_USER_TOKEN+":"+username+"_"+identity);
         String cacheToken= (String) redisUtils.get(tokenKey);
         if(StringUtils.isNotEmpty(cacheToken)){
             // 校验token有效性
-            if(!JwtTokenUtil.verify(cacheToken,username,passWord)){
-                String newToken=JwtTokenUtil.sign(username,passWord);
+            if(!JwtTokenUtil.isNeedUpdate(cacheToken,username,passWord,identity)){
+                String newToken=JwtTokenUtil.sign(username,passWord,identity);
                 // 设置超时时间
                 redisUtils.set(tokenKey,newToken);
                 redisUtils.expire(tokenKey,JwtTokenUtil.EXPIRATION*2/1000);

--
Gitblit v1.9.2