diff --git a/.idea/.gitignore b/.idea/.gitignore index 93c48ed8..78203bdb 100644 --- a/.idea/.gitignore +++ b/.idea/.gitignore @@ -2,3 +2,5 @@ /workspace.xml # Editor-based HTTP Client requests /httpRequests/ +/intellij-javadocs-4.0.1.xml +/sqldialects.xml diff --git a/src/main/java/com/cmcc/hy/phoenix/common/ConstValue.java b/src/main/java/com/cmcc/hy/phoenix/common/ConstValue.java index 6074ada5..b4af50da 100644 --- a/src/main/java/com/cmcc/hy/phoenix/common/ConstValue.java +++ b/src/main/java/com/cmcc/hy/phoenix/common/ConstValue.java @@ -57,6 +57,7 @@ public class ConstValue { ERR_LOGOUT (15, "用户未登录"), ERR_TOKENTIMEOUT (16, "Token超时"), ERR_TOKENNOTFOUND (17, "非法Token"), + ERR_MISSAUTHHEAD (18, "Http 请求缺少认证头部"), ; private int errno; diff --git a/src/main/java/com/cmcc/hy/phoenix/controller/AuthController.java b/src/main/java/com/cmcc/hy/phoenix/controller/AuthController.java index acea3ba6..c6a9ea6d 100644 --- a/src/main/java/com/cmcc/hy/phoenix/controller/AuthController.java +++ b/src/main/java/com/cmcc/hy/phoenix/controller/AuthController.java @@ -66,15 +66,20 @@ public class AuthController { err = loginMap.keySet().iterator().next(); msgCtx = loginMap.get(err); } else if (mr.getCmdId() == ConstValue.ProtocolCmdId.AUTH_LOGOUT) { + if(headers.get("Authorization") == null) { + err = ConstValue.ErrorCode.ERR_MISSAUTHHEAD; + } else { + String token = Objects. + requireNonNull(headers.get("Authorization")) + .get(0).replaceFirst("Bearer ", ""); - if(headers.get("Authorization") == null - || Objects.requireNonNull(headers.get("Authorization")).size() == 0) { - err = ConstValue.ErrorCode.ERR_LOGOUT; - } else { - EnumMap loginMap = userLogout(mr, - Objects.requireNonNull(headers.get("Authorization")).get(0)); - err = loginMap.keySet().iterator().next(); - msgCtx = loginMap.get(err); + err = loginService.authTokenCheck(token); + + if(err == ConstValue.ErrorCode.ERR_OK) { + EnumMap loginMap = userLogout(mr, token); + err = loginMap.keySet().iterator().next(); + msgCtx = loginMap.get(err); + } } }else { err = ConstValue.ErrorCode.ERR_UNKNOWNCMD; @@ -101,7 +106,7 @@ public class AuthController { UserLogoutReq reqInfo = objectMapper.readValue(mr.getMsgContent(), UserLogoutReq.class); rspInfo.setUserName(reqInfo.getUserName()); - err = loginService.logoutService(reqInfo.userName, token.replaceFirst("Bearer ", "")); + err = loginService.logoutService(reqInfo.userName, token); rspInfo.setStatus(err.getCode()); rspInfo.setMessage(err.getMsg()); diff --git a/src/main/java/com/cmcc/hy/phoenix/service/LoginService.java b/src/main/java/com/cmcc/hy/phoenix/service/LoginService.java index fd995190..0d2b48a1 100644 --- a/src/main/java/com/cmcc/hy/phoenix/service/LoginService.java +++ b/src/main/java/com/cmcc/hy/phoenix/service/LoginService.java @@ -8,4 +8,5 @@ import java.util.EnumMap; public interface LoginService { public EnumMap loginService(String username, String password) throws NoSuchAlgorithmException; public ConstValue.ErrorCode logoutService(String username, String token); + ConstValue.ErrorCode authTokenCheck(String token); } diff --git a/src/main/java/com/cmcc/hy/phoenix/service/UserAccountCacheService.java b/src/main/java/com/cmcc/hy/phoenix/service/UserAccountCacheService.java index 162140b8..06898100 100644 --- a/src/main/java/com/cmcc/hy/phoenix/service/UserAccountCacheService.java +++ b/src/main/java/com/cmcc/hy/phoenix/service/UserAccountCacheService.java @@ -11,6 +11,7 @@ public interface UserAccountCacheService { void setUserPwdErrTimes(String username, Integer errTimes); void cleanUserToken(String username); ConstValue.ErrorCode verifyUserLogin(String username, String token); + ConstValue.ErrorCode verifyToken(String token); String getCacheUser() throws JsonProcessingException; } diff --git a/src/main/java/com/cmcc/hy/phoenix/service/impl/LoginServiceImpl.java b/src/main/java/com/cmcc/hy/phoenix/service/impl/LoginServiceImpl.java index b845b8bf..1d3a7e30 100644 --- a/src/main/java/com/cmcc/hy/phoenix/service/impl/LoginServiceImpl.java +++ b/src/main/java/com/cmcc/hy/phoenix/service/impl/LoginServiceImpl.java @@ -22,6 +22,10 @@ public class LoginServiceImpl implements LoginService { @Resource private UserAccountMapper userAccountMapper; + @Override + public ConstValue.ErrorCode authTokenCheck(String token) { + return userAccountService.verifyToken(token); + } @Override public EnumMap loginService(String username, String password) throws NoSuchAlgorithmException { diff --git a/src/main/java/com/cmcc/hy/phoenix/service/impl/UserAccountCacheServiceImpl.java b/src/main/java/com/cmcc/hy/phoenix/service/impl/UserAccountCacheServiceImpl.java index b76c55d2..702aa0d5 100644 --- a/src/main/java/com/cmcc/hy/phoenix/service/impl/UserAccountCacheServiceImpl.java +++ b/src/main/java/com/cmcc/hy/phoenix/service/impl/UserAccountCacheServiceImpl.java @@ -13,8 +13,10 @@ import org.springframework.stereotype.Service; import javax.annotation.Resource; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; +import java.util.Optional; import java.util.Random; import java.util.concurrent.ConcurrentHashMap; +import java.util.stream.Collectors; @Service @Slf4j @@ -25,13 +27,36 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService { private ConcurrentHashMap userAccountMap = new ConcurrentHashMap<>(); + @Override + public ConstValue.ErrorCode verifyToken(String token) { + //userAccountMap + + if(!userAccountMap.containsKey(token)){ + return ConstValue.ErrorCode.ERR_LOGOUT; + } else { + UserAccountCache uc = userAccountMap.get(token); + + if((System.currentTimeMillis() - uc.getLastAccess()) + >= ConstValue.GlobalConfigure.TOKEN_TIMEOUT_MS) { + return ConstValue.ErrorCode.ERR_TOKENTIMEOUT; + } + + return ConstValue.ErrorCode.ERR_OK; + } + } + @Override public ConstValue.ErrorCode verifyUserLogin(String username, String token) { - if(!userAccountMap.containsKey(username)) { + Optional findRet = userAccountMap.values().stream() + .filter(userAccountCache -> username.equals(userAccountCache.getUsername())) + .findFirst(); + + if(!findRet.isPresent()) { return ConstValue.ErrorCode.ERR_USERNOTFOUND; } - UserAccountCache uc = userAccountMap.get(username); + UserAccountCache uc = findRet.get(); + if(uc.getToken().length() == 0) { return ConstValue.ErrorCode.ERR_LOGOUT; } @@ -56,16 +81,24 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService { @Override public void cleanUserToken(String username) { - if(userAccountMap.containsKey(username)) { - UserAccountCache uc = userAccountMap.get(username); - uc.setToken(""); + Optional findRet = userAccountMap.values().stream() + .filter(userAccountCache -> username.equals(userAccountCache.getUsername())) + .findFirst(); + + if(findRet.isPresent()) { + UserAccountCache uc = findRet.get(); + userAccountMap.remove(uc.getToken()); } } @Override public int getUsrPwdErrTimes(String username) { - if(userAccountMap.containsKey(username)) { - UserAccountCache uc = userAccountMap.get(username); + Optional findRet = userAccountMap.values().stream() + .filter(userAccountCache -> username.equals(userAccountCache.getUsername())) + .findFirst(); + + if(findRet.isPresent()) { + UserAccountCache uc = findRet.get(); return uc.getPwdErrTimes(); } else { UserAccountCache uc = UserAccountCache.builder() @@ -75,24 +108,32 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService { .pwdErrTimes(0) .lastAccess(System.currentTimeMillis()).build(); - userAccountMap.put(username, uc); + userAccountMap.put(uc.getToken(), uc); return 0; } } @Override public void setUserPwdErrTimes(String username, Integer errTimes) { - if(userAccountMap.containsKey(username)) { - UserAccountCache uc = userAccountMap.get(username); + Optional findRet = userAccountMap.values().stream() + .filter(userAccountCache -> username.equals(userAccountCache.getUsername())) + .findFirst(); + if(findRet.isPresent()) { + UserAccountCache uc = findRet.get(); uc.setPwdErrTimes(Math.abs(errTimes)); } } @Override public String getUserToken(String username) throws NoSuchAlgorithmException { - if(userAccountMap.containsKey(username)) { - UserAccountCache uc = userAccountMap.get(username); + + Optional findRet = userAccountMap.values().stream() + .filter(userAccountCache -> username.equals(userAccountCache.getUsername())) + .findFirst(); + + if(findRet.isPresent()) { + UserAccountCache uc = findRet.get(); if((System.currentTimeMillis() - uc.getLastAccess()) >= ConstValue.GlobalConfigure.TOKEN_TIMEOUT_MS @@ -114,7 +155,7 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService { .pwdErrTimes(0) .lastAccess(System.currentTimeMillis()).build(); - userAccountMap.put(username, uc); + userAccountMap.put(uc.getToken(), uc); log.info("Create {} Token:{}", username, uc.getToken());