123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250 |
- package com.diagbot.service.impl;
- import com.auth0.jwt.interfaces.Claim;
- import com.auth0.jwt.interfaces.DecodedJWT;
- import com.diagbot.entity.JwtStore;
- import com.diagbot.service.SysTokenService;
- import com.diagbot.util.DateUtil;
- import com.diagbot.util.JwtUtil;
- import lombok.extern.slf4j.Slf4j;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.beans.factory.annotation.Qualifier;
- import org.springframework.dao.DataAccessException;
- import org.springframework.data.redis.connection.RedisConnection;
- import org.springframework.data.redis.core.RedisCallback;
- import org.springframework.data.redis.core.RedisTemplate;
- import org.springframework.stereotype.Service;
- import java.util.Date;
- import java.util.List;
- import java.util.Map;
- /**
- * @Description: Token验证类 实现
- * @author: gaodm
- * @time: 2018/10/29 13:34
- */
- @Slf4j
- @Service
- public class SysTokenServiceImpl implements SysTokenService {
- @Autowired
- @Qualifier("redisTemplateForToken")
- RedisTemplate redisForToken;
- private byte[] serializeKey(Object o) {
- return redisForToken.getKeySerializer().serialize(o);
- }
- private byte[] serializeValue(Object o) {
- return redisForToken.getValueSerializer().serialize(o);
- }
- private Object deserializeValue(byte[] b) {
- return redisForToken.getValueSerializer().deserialize(b);
- }
- private byte[] getUserTokenKey(String userId) {
- String userTokensFormat = "user_tokens_%s";
- return serializeKey(String.format(userTokensFormat, userId));
- }
- /**
- * 创建token
- *
- * @param token 用户token
- * @return
- */
- @Override
- public Boolean createToken(JwtStore token) {
- DecodedJWT jwt = JwtUtil.decodedJWT(token.getRefreshToken());
- Map<String, Claim> claims = jwt.getClaims();
- String userId = claims.get("user_id").asInt().toString();
- Date expDate = claims.get("exp").asDate();
- final byte[] redis_key = getUserTokenKey(userId);
- redisForToken.execute(new RedisCallback<Object>() {
- @Override
- public Object doInRedis(RedisConnection connection) throws DataAccessException {
- //获取旧的
- byte[] bytes = connection.get(redis_key);
- //删除旧的
- if (bytes != null) {
- connection.del(bytes);
- }
- //设置新的
- connection.setEx(
- redis_key,
- (expDate.getTime() - DateUtil.now().getTime()) / 1000,
- serializeValue(token)
- );
- return true;
- }
- });
- return true;
- }
- /**
- * 验证token是否有效
- *
- * @param token 待验证的token
- * @param type 1:accessToken,2:refreshToken
- * @return
- */
- @Override
- public Boolean verifyToken(String token, Integer type) {
- Boolean res = false;
- if (null == token) {
- return false;
- }
- String userId = JwtUtil.getUserId(token);
- //从redis中取出
- final byte[] redis_key = getUserTokenKey(userId);
- JwtStore tokenStore = (JwtStore) redisForToken.execute(new RedisCallback<JwtStore>() {
- @Override
- public JwtStore doInRedis(RedisConnection connection) throws DataAccessException {
- byte[] bytes = connection.get(redis_key);
- if (bytes == null) {
- return null;
- }
- return (JwtStore) deserializeValue(bytes);
- }
- });
- if (null != tokenStore) {
- if (type == 1) {
- if (null != tokenStore.getAccessToken() && tokenStore.getAccessToken().equals(token)) {
- res = true;
- }
- }
- if (type == 2) {
- if (null != tokenStore.getRefreshToken() && tokenStore.getRefreshToken().equals(token)) {
- res = true;
- }
- }
- }
- return res;
- }
- /**
- * 验证token是否有效
- *
- * @param token 待验证的token
- * @param type 1:accessToken,2:refreshToken
- * @return -1:token无效(与服务器token不一致,异地登录),1:token有效,0:其他
- */
- @Override
- public int newVerifyToken(String token, Integer type) {
- Integer res = 0;
- if (null == token) {
- return 0;
- }
- String userId = JwtUtil.getUserId(token);
- //从redis中取出
- final byte[] redis_key = getUserTokenKey(userId);
- JwtStore tokenStore = (JwtStore) redisForToken.execute(new RedisCallback<JwtStore>() {
- @Override
- public JwtStore doInRedis(RedisConnection connection) throws DataAccessException {
- byte[] bytes = connection.get(redis_key);
- if (bytes == null) {
- return null;
- }
- return (JwtStore) deserializeValue(bytes);
- }
- });
- if (null != tokenStore) {
- if (type == 1) {
- if (null != tokenStore.getAccessToken()) {
- if (tokenStore.getAccessToken().equals(token)) {
- res = 1;
- } else {
- res = -1;
- }
- }
- }
- if (type == 2) {
- if (null != tokenStore.getRefreshToken()) {
- if (tokenStore.getRefreshToken().equals(token)) {
- res = 1;
- } else {
- res = -1;
- }
- }
- }
- } else {
- res = -2; //redis取不到token原因是因为用户权限修改被清空掉了,如果是到时钱被清空会先提示用户登录超时
- }
- return res;
- }
- /**
- * 删除用户token
- *
- * @param userId 用户ID
- * @return 删除是否成功
- */
- @Override
- public Boolean deleteToken(String userId) {
- final byte[] redis_key = getUserTokenKey(userId);
- Long l = (Long) redisForToken.execute(new RedisCallback<Long>() {
- @Override
- public Long doInRedis(RedisConnection connection) throws DataAccessException {
- return connection.del(redis_key);
- }
- });
- return l > 0;
- }
- /**
- * 批量删除用户token
- *
- * @param userIds 用户列表
- * @return 删除是否成功
- */
- @Override
- public Boolean deleteBatchToken(List<Long> userIds) {
- Long l = (Long) redisForToken.execute(new RedisCallback<Long>() {
- @Override
- public Long doInRedis(RedisConnection connection) throws DataAccessException {
- connection.openPipeline();
- Long cnt = 0L;
- for (Long userId : userIds) {
- byte[] redis_key = getUserTokenKey(userId.toString());
- connection.del(redis_key);
- cnt++;
- }
- connection.closePipeline();
- return cnt;
- }
- });
- return l > 0;
- }
- /**
- * 获取用户jwt
- *
- * @param userId 用户ID
- * @return jwt信息
- */
- @Override
- public JwtStore getToken(String userId) {
- JwtStore tokenStore = null;
- //从redis中取出
- final byte[] redis_key = getUserTokenKey(userId);
- tokenStore = (JwtStore) redisForToken.execute(new RedisCallback<JwtStore>() {
- @Override
- public JwtStore doInRedis(RedisConnection connection) throws DataAccessException {
- byte[] bytes = connection.get(redis_key);
- if (bytes == null) {
- return null;
- }
- return (JwtStore) deserializeValue(bytes);
- }
- });
- return tokenStore;
- }
- }
|