Pre Merge pull request !241 from runphp/master

ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java

@@ -41,14 +41,14 @@ public class TokenController
     }
 
     @DeleteMapping("logout")
-    public R<?> logout(HttpServletRequest request)
+    public R<?> logout()
     {
-        String token = SecurityUtils.getToken(request);
+        String userKey = SecurityUtils.getUserKey();
-        if (StringUtils.isNotEmpty(token))
+        if (StringUtils.isNotEmpty(userKey))
         {
-            String username = JwtUtils.getUserName(token);
+            String username = SecurityUtils.getUsername();
             // 删除用户缓存记录
-            AuthUtil.logoutByToken(token);
+            AuthUtil.logout();
             // 记录用户退出日志
             sysLoginService.logout(username);
         }
@@ -56,9 +56,9 @@ public class TokenController
     }
 
     @PostMapping("refresh")
-    public R<?> refresh(HttpServletRequest request)
+    public R<?> refresh()
     {
-        LoginUser loginUser = tokenService.getLoginUser(request);
+        LoginUser loginUser = tokenService.getLoginUser();
         if (StringUtils.isNotNull(loginUser))
         {
             // 刷新令牌有效期

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthLogic.java

@@ -38,20 +38,20 @@ public class AuthLogic
      */
     public void logout()
     {
-        String token = SecurityUtils.getToken();
+        String userKey = SecurityUtils.getUserKey();
-        if (token == null)
+        if (userKey == null)
         {
             return;
         }
-        logoutByToken(token);
+        logoutByToken(userKey);
     }
 
     /**
      * 会话注销，根据指定Token
      */
-    public void logoutByToken(String token)
+    public void logoutByToken(String userKey)
     {
-        tokenService.delLoginUser(token);
+        tokenService.delLoginUser(userKey);
     }
 
     /**
@@ -69,8 +69,8 @@ public class AuthLogic
      */
     public LoginUser getLoginUser()
     {
-        String token = SecurityUtils.getToken();
+        String userKey = SecurityUtils.getUserKey();
-        if (token == null)
+        if (userKey == null)
         {
             throw new NotLoginException("未提供token");
         }
@@ -85,12 +85,12 @@ public class AuthLogic
     /**
      * 获取当前用户缓存信息, 如果未登录，则抛出异常
      * 
-     * @param token 前端传递的认证信息
+     * @param userKey 前端传递的认证信息
      * @return 用户缓存信息
      */
-    public LoginUser getLoginUser(String token)
+    public LoginUser getLoginUser(String userKey)
     {
-        return tokenService.getLoginUser(token);
+        return tokenService.getLoginUser(userKey);
     }
 
     /**
@@ -118,7 +118,6 @@ public class AuthLogic
      * 验证用户是否具备某权限, 如果验证未通过，则抛出异常: NotPermissionException
      * 
      * @param permission 权限字符串
-     * @return 用户是否具备某权限
      */
     public void checkPermi(String permission)
     {

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/auth/AuthUtil.java

@@ -27,11 +27,11 @@ public class AuthUtil
     /**
      * 会话注销，根据指定Token
      * 
-     * @param tokenValue 指定token
+     * @param userKey 指定token
      */
-    public static void logoutByToken(String token)
+    public static void logoutByToken(String userKey)
     {
-        authLogic.logoutByToken(token);
+        authLogic.logoutByToken(userKey);
     }
 
     /**
@@ -45,9 +45,9 @@ public class AuthUtil
     /**
      * 获取当前登录用户信息
      */
-    public static LoginUser getLoginUser(String token)
+    public static LoginUser getLoginUser(String userKey)
     {
-        return authLogic.getLoginUser(token);
+        return authLogic.getLoginUser(userKey);
     }
 
     /**

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/interceptor/HeaderInterceptor.java

@@ -32,10 +32,10 @@ public class HeaderInterceptor implements AsyncHandlerInterceptor
         SecurityContextHolder.setUserName(ServletUtils.getHeader(request, SecurityConstants.DETAILS_USERNAME));
         SecurityContextHolder.setUserKey(ServletUtils.getHeader(request, SecurityConstants.USER_KEY));
 
-        String token = SecurityUtils.getToken();
+        String userKey = SecurityUtils.getUserKey();
-        if (StringUtils.isNotEmpty(token))
+        if (StringUtils.isNotEmpty(userKey))
         {
-            LoginUser loginUser = AuthUtil.getLoginUser(token);
+            LoginUser loginUser = AuthUtil.getLoginUser(userKey);
             if (StringUtils.isNotNull(loginUser))
             {
                 AuthUtil.verifyLoginUserExpire(loginUser);

ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java

@@ -1,11 +1,5 @@
 package com.ruoyi.common.security.service;
 
-import java.util.HashMap;
-import java.util.Map;
-import java.util.concurrent.TimeUnit;
-import javax.servlet.http.HttpServletRequest;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
 import com.ruoyi.common.core.constant.CacheConstants;
 import com.ruoyi.common.core.constant.SecurityConstants;
 import com.ruoyi.common.core.utils.JwtUtils;
@@ -16,6 +10,12 @@ import com.ruoyi.common.core.utils.uuid.IdUtils;
 import com.ruoyi.common.redis.service.RedisService;
 import com.ruoyi.common.security.utils.SecurityUtils;
 import com.ruoyi.system.api.model.LoginUser;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
 
 /**
  * token验证处理
@@ -32,7 +32,7 @@ public class TokenService
 
     protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
 
-    private final static long expireTime = CacheConstants.EXPIRATION;
+    private final static long EXPIRE_TIME = CacheConstants.EXPIRATION;
 
     private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY;
 
@@ -53,15 +53,15 @@ public class TokenService
         refreshToken(loginUser);
 
         // Jwt存储信息
-        Map<String, Object> claimsMap = new HashMap<String, Object>();
+        Map<String, Object> claimsMap = new HashMap<>();
         claimsMap.put(SecurityConstants.USER_KEY, token);
         claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
         claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
 
         // 接口返回信息
-        Map<String, Object> rspMap = new HashMap<String, Object>();
+        Map<String, Object> rspMap = new HashMap<>();
         rspMap.put("access_token", JwtUtils.createToken(claimsMap));
-        rspMap.put("expires_in", expireTime);
+        rspMap.put("expires_in", EXPIRE_TIME);
         return rspMap;
     }
 
@@ -72,7 +72,7 @@ public class TokenService
      */
     public LoginUser getLoginUser()
     {
-        return getLoginUser(ServletUtils.getRequest());
+        return getLoginUser(SecurityUtils.getUserKey());
     }
 
     /**
@@ -80,31 +80,17 @@ public class TokenService
      *
      * @return 用户信息
      */
-    public LoginUser getLoginUser(HttpServletRequest request)
+    public LoginUser getLoginUser(String userKey)
-    {
-        // 获取请求携带的令牌
-        String token = SecurityUtils.getToken(request);
-        return getLoginUser(token);
-    }
-
-    /**
-     * 获取用户身份信息
-     *
-     * @return 用户信息
-     */
-    public LoginUser getLoginUser(String token)
     {
         LoginUser user = null;
         try
         {
-            if (StringUtils.isNotEmpty(token))
+            if (StringUtils.isNotEmpty(userKey))
             {
-                String userkey = JwtUtils.getUserKey(token);
+                user = redisService.getCacheObject(getTokenKey(userKey));
-                user = redisService.getCacheObject(getTokenKey(userkey));
-                return user;
             }
         }
-        catch (Exception e)
+        catch (Exception ignored)
         {
         }
         return user;
@@ -124,11 +110,10 @@ public class TokenService
     /**
      * 删除用户缓存信息
      */
-    public void delLoginUser(String token)
+    public void delLoginUser(String userkey)
     {
-        if (StringUtils.isNotEmpty(token))
+        if (StringUtils.isNotEmpty(userkey))
         {
-            String userkey = JwtUtils.getUserKey(token);
             redisService.deleteObject(getTokenKey(userkey));
         }
     }
@@ -156,14 +141,14 @@ public class TokenService
     public void refreshToken(LoginUser loginUser)
     {
         loginUser.setLoginTime(System.currentTimeMillis());
-        loginUser.setExpireTime(loginUser.getLoginTime() + expireTime * MILLIS_MINUTE);
+        loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_MINUTE);
         // 根据uuid将loginUser缓存
-        String userKey = getTokenKey(loginUser.getToken());
+        String tokenKey = getTokenKey(loginUser.getToken());
-        redisService.setCacheObject(userKey, loginUser, expireTime, TimeUnit.MINUTES);
+        redisService.setCacheObject(tokenKey, loginUser, EXPIRE_TIME, TimeUnit.MINUTES);
     }
 
-    private String getTokenKey(String token)
+    private String getTokenKey(String userKey)
     {
-        return ACCESS_TOKEN + token;
+        return ACCESS_TOKEN + userKey;
     }
 }