OCT

REM: 1. 更新用户登录，注销 token 缓存管理，加速 token 校验
2020-04-09 19:27:40 +08:00 · 2020-04-09 19:27:40 +08:00 · 564dae24ba
parent 7930b85b94
commit 564dae24ba
7 changed files with 77 additions and 22 deletions
--- a/.idea/.gitignore
+++ b/.idea/.gitignore
@ -2,3 +2,5 @@
 /workspace.xml
 # Editor-based HTTP Client requests
 /httpRequests/
+/intellij-javadocs-4.0.1.xml
+/sqldialects.xml
--- a/src/main/java/com/cmcc/hy/phoenix/common/ConstValue.java
+++ b/src/main/java/com/cmcc/hy/phoenix/common/ConstValue.java
@ -57,6 +57,7 @@ public class ConstValue {
        ERR_LOGOUT  	    (15,     "用户未登录"),
        ERR_TOKENTIMEOUT    (16,     "Token超时"),
        ERR_TOKENNOTFOUND   (17,     "非法Token"),
+        ERR_MISSAUTHHEAD    (18,     "Http 请求缺少认证头部"),
        ;

        private int errno;
--- a/src/main/java/com/cmcc/hy/phoenix/controller/AuthController.java
+++ b/src/main/java/com/cmcc/hy/phoenix/controller/AuthController.java
@ -66,16 +66,21 @@ public class AuthController {
                    err = loginMap.keySet().iterator().next();
                    msgCtx = loginMap.get(err);
                } else if (mr.getCmdId() == ConstValue.ProtocolCmdId.AUTH_LOGOUT) {
-
-                    if(headers.get("Authorization") == null
-                    || Objects.requireNonNull(headers.get("Authorization")).size() == 0) {
-                        err = ConstValue.ErrorCode.ERR_LOGOUT;
+                    if(headers.get("Authorization") == null) {
+                        err = ConstValue.ErrorCode.ERR_MISSAUTHHEAD;
                    } else  {
-                        EnumMap<ConstValue.ErrorCode, String> loginMap = userLogout(mr,
-                                Objects.requireNonNull(headers.get("Authorization")).get(0));
+                        String token = Objects.
+                                requireNonNull(headers.get("Authorization"))
+                                .get(0).replaceFirst("Bearer ", "");
+
+                        err = loginService.authTokenCheck(token);
+
+                        if(err == ConstValue.ErrorCode.ERR_OK) {
+                            EnumMap<ConstValue.ErrorCode, String> loginMap = userLogout(mr, token);
                            err = loginMap.keySet().iterator().next();
                            msgCtx = loginMap.get(err);
                        }
+                    }
                }else {
                    err = ConstValue.ErrorCode.ERR_UNKNOWNCMD;
                }
@ -101,7 +106,7 @@ public class AuthController {
        UserLogoutReq reqInfo = objectMapper.readValue(mr.getMsgContent(), UserLogoutReq.class);
        rspInfo.setUserName(reqInfo.getUserName());

-        err = loginService.logoutService(reqInfo.userName, token.replaceFirst("Bearer ", ""));
+        err = loginService.logoutService(reqInfo.userName, token);

        rspInfo.setStatus(err.getCode());
        rspInfo.setMessage(err.getMsg());
--- a/src/main/java/com/cmcc/hy/phoenix/service/LoginService.java
+++ b/src/main/java/com/cmcc/hy/phoenix/service/LoginService.java
@ -8,4 +8,5 @@ import java.util.EnumMap;
 public interface LoginService {
    public EnumMap<ConstValue.ErrorCode, String> loginService(String username, String password) throws NoSuchAlgorithmException;
    public ConstValue.ErrorCode logoutService(String username, String token);
+    ConstValue.ErrorCode authTokenCheck(String token);
 }
--- a/src/main/java/com/cmcc/hy/phoenix/service/UserAccountCacheService.java
+++ b/src/main/java/com/cmcc/hy/phoenix/service/UserAccountCacheService.java
@ -11,6 +11,7 @@ public interface UserAccountCacheService {
    void setUserPwdErrTimes(String username, Integer errTimes);
    void cleanUserToken(String username);
    ConstValue.ErrorCode verifyUserLogin(String username, String token);
+    ConstValue.ErrorCode verifyToken(String token);

    String getCacheUser() throws JsonProcessingException;
 }
--- a/src/main/java/com/cmcc/hy/phoenix/service/impl/LoginServiceImpl.java
+++ b/src/main/java/com/cmcc/hy/phoenix/service/impl/LoginServiceImpl.java
@ -22,6 +22,10 @@ public class LoginServiceImpl implements LoginService {
    @Resource
    private UserAccountMapper userAccountMapper;

+    @Override
+    public ConstValue.ErrorCode authTokenCheck(String token) {
+        return userAccountService.verifyToken(token);
+    }

    @Override
    public EnumMap<ConstValue.ErrorCode, String> loginService(String username, String password) throws NoSuchAlgorithmException {
--- a/src/main/java/com/cmcc/hy/phoenix/service/impl/UserAccountCacheServiceImpl.java
+++ b/src/main/java/com/cmcc/hy/phoenix/service/impl/UserAccountCacheServiceImpl.java
@ -13,8 +13,10 @@ import org.springframework.stereotype.Service;
 import javax.annotation.Resource;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
+import java.util.Optional;
 import java.util.Random;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.stream.Collectors;

@Service
@Slf4j
@ -25,13 +27,36 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService {

    private ConcurrentHashMap<String, UserAccountCache> userAccountMap = new ConcurrentHashMap<>();

+    @Override
+    public ConstValue.ErrorCode verifyToken(String token) {
+        //userAccountMap
+
+        if(!userAccountMap.containsKey(token)){
+            return ConstValue.ErrorCode.ERR_LOGOUT;
+        } else {
+            UserAccountCache uc = userAccountMap.get(token);
+
+            if((System.currentTimeMillis() - uc.getLastAccess())
+                    >= ConstValue.GlobalConfigure.TOKEN_TIMEOUT_MS) {
+                return ConstValue.ErrorCode.ERR_TOKENTIMEOUT;
+            }
+
+            return ConstValue.ErrorCode.ERR_OK;
+        }
+    }
+
    @Override
    public ConstValue.ErrorCode verifyUserLogin(String username, String token) {
-        if(!userAccountMap.containsKey(username)) {
+        Optional<UserAccountCache> findRet = userAccountMap.values().stream()
+                .filter(userAccountCache -> username.equals(userAccountCache.getUsername()))
+                .findFirst();
+
+        if(!findRet.isPresent()) {
            return ConstValue.ErrorCode.ERR_USERNOTFOUND;
        }

-        UserAccountCache uc = userAccountMap.get(username);
+        UserAccountCache uc = findRet.get();
+
        if(uc.getToken().length() == 0) {
            return ConstValue.ErrorCode.ERR_LOGOUT;
        }
@ -56,16 +81,24 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService {

    @Override
    public void cleanUserToken(String username) {
-        if(userAccountMap.containsKey(username)) {
-            UserAccountCache uc = userAccountMap.get(username);
-            uc.setToken("");
+        Optional<UserAccountCache> findRet = userAccountMap.values().stream()
+                .filter(userAccountCache -> username.equals(userAccountCache.getUsername()))
+                .findFirst();
+
+        if(findRet.isPresent()) {
+            UserAccountCache uc = findRet.get();
+            userAccountMap.remove(uc.getToken());
        }
    }

    @Override
    public int getUsrPwdErrTimes(String username) {
-        if(userAccountMap.containsKey(username)) {
-            UserAccountCache uc = userAccountMap.get(username);
+        Optional<UserAccountCache> findRet = userAccountMap.values().stream()
+                .filter(userAccountCache -> username.equals(userAccountCache.getUsername()))
+                .findFirst();
+
+        if(findRet.isPresent()) {
+            UserAccountCache uc = findRet.get();
            return uc.getPwdErrTimes();
        } else {
            UserAccountCache uc = UserAccountCache.builder()
@ -75,24 +108,32 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService {
                    .pwdErrTimes(0)
                    .lastAccess(System.currentTimeMillis()).build();

-            userAccountMap.put(username, uc);
+            userAccountMap.put(uc.getToken(), uc);
            return 0;
        }
    }

    @Override
    public void setUserPwdErrTimes(String username, Integer errTimes) {
-        if(userAccountMap.containsKey(username)) {
-            UserAccountCache uc = userAccountMap.get(username);
+        Optional<UserAccountCache> findRet = userAccountMap.values().stream()
+                .filter(userAccountCache -> username.equals(userAccountCache.getUsername()))
+                .findFirst();

+        if(findRet.isPresent()) {
+            UserAccountCache uc = findRet.get();
            uc.setPwdErrTimes(Math.abs(errTimes));
        }
    }

    @Override
    public String getUserToken(String username) throws NoSuchAlgorithmException {
-        if(userAccountMap.containsKey(username)) {
-            UserAccountCache uc = userAccountMap.get(username);
+
+        Optional<UserAccountCache> findRet = userAccountMap.values().stream()
+                .filter(userAccountCache -> username.equals(userAccountCache.getUsername()))
+                .findFirst();
+
+        if(findRet.isPresent()) {
+            UserAccountCache uc = findRet.get();

            if((System.currentTimeMillis() - uc.getLastAccess())
                    >= ConstValue.GlobalConfigure.TOKEN_TIMEOUT_MS
@ -114,7 +155,7 @@ public class UserAccountCacheServiceImpl implements UserAccountCacheService {
                    .pwdErrTimes(0)
                    .lastAccess(System.currentTimeMillis()).build();

-            userAccountMap.put(username, uc);
+            userAccountMap.put(uc.getToken(), uc);

            log.info("Create {} Token:{}", username, uc.getToken());