sccg_server.git

			@@ -2,6 +2,11 @@

			import cn.hutool.core.date.DateUtil;
			import cn.hutool.core.util.StrUtil;
			import com.alibaba.fastjson.JSON;
			import com.alibaba.fastjson.JSONObject;
			import com.ycl.entity.auth.AuthInfo;
			import com.ycl.enums.common.ResultCode;
			import com.ycl.exception.ApiException;
			import io.jsonwebtoken.Claims;
			import io.jsonwebtoken.Jwts;
			import io.jsonwebtoken.SignatureAlgorithm;
			@@ -27,7 +32,7 @@
			*/
			public class JwtTokenUtil {
			private static final Logger LOGGER = LoggerFactory.getLogger(JwtTokenUtil.class);
			private static final String CLAIM_KEY_USERNAME = "sub";
			private static final String CLAIM_KEY_INFO = "sub";
			private static final String CLAIM_KEY_CREATED = "created";
			@Value("${jwt.secret}")
			private String secret;
			@@ -91,7 +96,7 @@
			* @param userDetails 从数据库中查询出来的用户信息
			*/
			public boolean validateToken(String token, UserDetails userDetails) {
			String username = getUserNameFromToken(token);
			String username = parseToken(token).getUsername();
			return username.equals(userDetails.getUsername()) && !isTokenExpired(token);
			}

			@@ -116,7 +121,7 @@
			*/
			public String generateToken(UserDetails userDetails) {
			Map<String, Object> claims = new HashMap<>();
			claims.put(CLAIM_KEY_USERNAME, userDetails.getUsername());
			claims.put(CLAIM_KEY_INFO, userDetails.getUsername());
			claims.put(CLAIM_KEY_CREATED, new Date());
			return generateToken(claims);
			}
			@@ -127,26 +132,26 @@
			* @param oldToken 带tokenHead的token
			*/
			public String refreshHeadToken(String oldToken) {
			if(StrUtil.isEmpty(oldToken)){
			if (StrUtil.isEmpty(oldToken)) {
			return null;
			}
			String token = oldToken.substring(tokenHead.length());
			if(StrUtil.isEmpty(token)){
			if (StrUtil.isEmpty(token)) {
			return null;
			}
			//token校验不通过
			Claims claims = getClaimsFromToken(token);
			if(claims==null){
			if (claims == null) {
			return null;
			}
			//如果token已经过期，不支持刷新
			if(isTokenExpired(token)){
			if (isTokenExpired(token)) {
			return null;
			}
			//如果token在30分钟之内刚刷新过，返回原token
			if(tokenRefreshJustBefore(token,30*60)){
			if (tokenRefreshJustBefore(token, 30 * 60)) {
			return token;
			}else{
			} else {
			claims.put(CLAIM_KEY_CREATED, new Date());
			return generateToken(claims);
			}
			@@ -154,17 +159,53 @@

			/**
			* 判断token在指定时间内是否刚刚刷新过
			*
			* @param token 原token
			* @param time 指定时间（秒）
			* @param time 指定时间（秒）
			*/
			private boolean tokenRefreshJustBefore(String token, int time) {
			Claims claims = getClaimsFromToken(token);
			Date created = claims.get(CLAIM_KEY_CREATED, Date.class);
			Date refreshDate = new Date();
			//刷新时间在创建时间的指定时间内
			if(refreshDate.after(created)&&refreshDate.before(DateUtil.offsetSecond(created,time))){
			if (refreshDate.after(created) && refreshDate.before(DateUtil.offsetSecond(created, time))) {
			return true;
			}
			return false;
			}



			/**
			* 根据用户id,用户名生成token
			*/
			public String generateToken(long userId, String username) {
			Map<String, Object> claims = new HashMap<>();
			AuthInfo authInfo = new AuthInfo();
			authInfo.setUserId(userId);
			authInfo.setUsername(username);
			claims.put(CLAIM_KEY_INFO, JSONObject.toJSONString(authInfo));
			claims.put(CLAIM_KEY_CREATED, new Date());
			return generateToken(claims);
			}

			/**
			* 根据token解析出AuthInfo
			* @param token
			* @return
			*/
			public AuthInfo parseToken(String token) {
			AuthInfo authInfo = null;
			try {
			if (isTokenExpired(token)) {
			throw new ApiException(ResultCode.NOT_LOGGED);
			}
			Claims claims = getClaimsFromToken(token);
			String subject = claims.getSubject();
			authInfo = JSON.parseObject(subject, AuthInfo.class);
			} catch (Exception e) {
			throw new ApiException(e.getMessage());
			}
			return authInfo;
			}
			}