处理java端用户体系和node逻辑保持一致 (#367)
* fix: 1. 去除jwt存储password关键信息;token创建逻辑同node,jwt信息实现node和java互通 2. 新增hash256方法,用户注册password加密逻辑同node,实现java端注册的账号登录和node版本互通 * 删除获取获取jwt信息中的魔法值;处理空指针问题 * add error code * 常量命名调整
This commit is contained in:
parent
5e95e33691
commit
db9735b4a2
@ -6,6 +6,7 @@ import lombok.Getter;
|
|||||||
public enum RespErrorCode {
|
public enum RespErrorCode {
|
||||||
AUTHENTICATION_FAILED(1001, "没有权限"),
|
AUTHENTICATION_FAILED(1001, "没有权限"),
|
||||||
PARAMETER_ERROR(1002, "参数有误"),
|
PARAMETER_ERROR(1002, "参数有误"),
|
||||||
|
ENCRYPTION_ERROR(1003, "加密异常"),
|
||||||
USER_EXISTS(2001, "用户已存在"),
|
USER_EXISTS(2001, "用户已存在"),
|
||||||
USER_NOT_EXISTS(2002, "用户不存在"),
|
USER_NOT_EXISTS(2002, "用户不存在"),
|
||||||
USER_PASSWORD_ERROR(2003, "用户名或密码错误"),
|
USER_PASSWORD_ERROR(2003, "用户名或密码错误"),
|
||||||
|
@ -61,7 +61,7 @@ public class AuthServiceImpl implements AuthService {
|
|||||||
//保存
|
//保存
|
||||||
User user = new User();
|
User user = new User();
|
||||||
user.setUsername(userParam.getUsername());
|
user.setUsername(userParam.getUsername());
|
||||||
user.setPassword(AuthUtil.encryptPassword(userParam.getPassword(), userParam.getUsername()));
|
user.setPassword(AuthUtil.hash256(userParam.getPassword()));
|
||||||
mongoRepository.save(user);
|
mongoRepository.save(user);
|
||||||
return createTokenAndDeleteCaptcha(userParam);
|
return createTokenAndDeleteCaptcha(userParam);
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,9 @@
|
|||||||
package com.xiaojusurvey.engine.core.auth.util;
|
package com.xiaojusurvey.engine.core.auth.util;
|
||||||
|
|
||||||
|
|
||||||
|
import com.xiaojusurvey.engine.common.constants.RespErrorCode;
|
||||||
|
import com.xiaojusurvey.engine.common.exception.ServiceException;
|
||||||
|
|
||||||
import java.security.MessageDigest;
|
import java.security.MessageDigest;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
|
||||||
@ -31,5 +34,29 @@ public class AuthUtil {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* SHA-256
|
||||||
|
* @param password
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
public static String hash256(String password) {
|
||||||
|
try {
|
||||||
|
MessageDigest digest = MessageDigest.getInstance("SHA-256");
|
||||||
|
byte[] hash = digest.digest(password.getBytes());
|
||||||
|
// 将 byte 数组转换为十六进制字符串
|
||||||
|
StringBuilder hexString = new StringBuilder();
|
||||||
|
for (byte b : hash) {
|
||||||
|
String hex = Integer.toHexString(0xff & b);
|
||||||
|
if (hex.length() == 1) {
|
||||||
|
hexString.append('0');
|
||||||
|
}
|
||||||
|
hexString.append(hex);
|
||||||
|
}
|
||||||
|
return hexString.toString();
|
||||||
|
} catch (NoSuchAlgorithmException e) {
|
||||||
|
throw new ServiceException(RespErrorCode.ENCRYPTION_ERROR.getMessage(), RespErrorCode.ENCRYPTION_ERROR.getCode());
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -59,7 +59,7 @@ public class JwtTokenUtil {
|
|||||||
Date expiryDate = new Date(now.getTime() + expirationTime * HOUR_MILLISECOND);
|
Date expiryDate = new Date(now.getTime() + expirationTime * HOUR_MILLISECOND);
|
||||||
String token = JWT.create()
|
String token = JWT.create()
|
||||||
.withClaim("username", user.getUsername())
|
.withClaim("username", user.getUsername())
|
||||||
.withClaim("password", user.getPassword())
|
.withClaim("_id", user.getId())
|
||||||
.withExpiresAt(expiryDate)
|
.withExpiresAt(expiryDate)
|
||||||
.withJWTId(UUID.randomUUID().toString())
|
.withJWTId(UUID.randomUUID().toString())
|
||||||
.sign(Algorithm.HMAC256(secret));
|
.sign(Algorithm.HMAC256(secret));
|
||||||
|
@ -9,4 +9,6 @@ public interface UserService {
|
|||||||
List<User> findAllUser();
|
List<User> findAllUser();
|
||||||
|
|
||||||
User loadUserByUsernameAndPassword(String username, String password);
|
User loadUserByUsernameAndPassword(String username, String password);
|
||||||
|
|
||||||
|
User getUserById(String userId);
|
||||||
}
|
}
|
||||||
|
@ -35,7 +35,7 @@ public class UserServiceImpl implements UserService {
|
|||||||
@Override
|
@Override
|
||||||
public User loadUserByUsernameAndPassword(String username, String password) {
|
public User loadUserByUsernameAndPassword(String username, String password) {
|
||||||
Query query = new Query();
|
Query query = new Query();
|
||||||
String encryptPassword = AuthUtil.encryptPassword(password, username);
|
String encryptPassword = AuthUtil.hash256(password);
|
||||||
query.addCriteria(Criteria.where("username").is(username).and("password").is(encryptPassword));
|
query.addCriteria(Criteria.where("username").is(username).and("password").is(encryptPassword));
|
||||||
//查询用户并返回
|
//查询用户并返回
|
||||||
User user = mongoRepository.findOne(query, User.class);
|
User user = mongoRepository.findOne(query, User.class);
|
||||||
@ -44,4 +44,9 @@ public class UserServiceImpl implements UserService {
|
|||||||
}
|
}
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public User getUserById(String userId) {
|
||||||
|
return mongoRepository.findOne(new Query(Criteria.where("_id").is(userId)), User.class);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -17,8 +17,12 @@ import java.util.Map;
|
|||||||
|
|
||||||
public class LoginInterceptor implements HandlerInterceptor {
|
public class LoginInterceptor implements HandlerInterceptor {
|
||||||
|
|
||||||
|
public static final String USER_NAME = "username";
|
||||||
|
public static final String USER_ID = "_id";
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private JwtTokenUtil jwtTokenUtil;
|
private JwtTokenUtil jwtTokenUtil;
|
||||||
|
|
||||||
@Resource
|
@Resource
|
||||||
private UserService userService;
|
private UserService userService;
|
||||||
|
|
||||||
@ -39,14 +43,19 @@ public class LoginInterceptor implements HandlerInterceptor {
|
|||||||
//查询用户信息
|
//查询用户信息
|
||||||
Map<String, Claim> claims = jwt.getClaims();
|
Map<String, Claim> claims = jwt.getClaims();
|
||||||
//获取用户名,密码
|
//获取用户名,密码
|
||||||
String username = claims.get("username").asString();
|
String username = null, userId = null;
|
||||||
String password = claims.get("password").asString();
|
if (!ObjectUtils.isEmpty(claims.get(USER_NAME))) {
|
||||||
|
username = claims.get(USER_NAME).asString();
|
||||||
|
}
|
||||||
|
if (!ObjectUtils.isEmpty(claims.get(USER_ID))) {
|
||||||
|
userId = claims.get(USER_ID).asString();
|
||||||
|
}
|
||||||
//判空
|
//判空
|
||||||
if (ObjectUtils.isEmpty(username) || ObjectUtils.isEmpty(password)) {
|
if (ObjectUtils.isEmpty(username) || ObjectUtils.isEmpty(userId)) {
|
||||||
//token超时
|
//token超时
|
||||||
throw new ServiceException(RespErrorCode.USER_CREDENTIALS_ERROR.getMessage(), RespErrorCode.USER_CREDENTIALS_ERROR.getCode());
|
throw new ServiceException(RespErrorCode.USER_CREDENTIALS_ERROR.getMessage(), RespErrorCode.USER_CREDENTIALS_ERROR.getCode());
|
||||||
}
|
}
|
||||||
User user = userService.loadUserByUsernameAndPassword(username, password);
|
User user = userService.getUserById(userId);
|
||||||
request.setAttribute("user", user);
|
request.setAttribute("user", user);
|
||||||
return HandlerInterceptor.super.preHandle(request, response, handler);
|
return HandlerInterceptor.super.preHandle(request, response, handler);
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user