diff --git a/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/common/constant/CacheConstant.java b/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/common/constant/CacheConstant.java index e8d4bb5812787259f7b89203ff3208558d6af8d8..3b46d9a92398a38ae72b1c01aa3434341753e0df 100644 --- a/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/common/constant/CacheConstant.java +++ b/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/common/constant/CacheConstant.java @@ -7,11 +7,6 @@ package org.jeecg.common.constant; */ public interface CacheConstant { - /** - * 缓存用户jwt - */ - public static final String SYS_USERS_CACHE_JWT = "sys:cache:user:jwt"; - /** * 字典信息缓存 */ diff --git a/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/config/shiro/ShiroRealm.java b/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/config/shiro/ShiroRealm.java index 0c80f2687e98971649b65cffc0189199bce6270f..467316caa3e7574ab712c4e96afe617c1f13d015 100644 --- a/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/config/shiro/ShiroRealm.java +++ b/jeecg-boot/jeecg-boot-base-common/src/main/java/org/jeecg/config/shiro/ShiroRealm.java @@ -114,14 +114,7 @@ public class ShiroRealm extends AuthorizingRealm { // 查询用户信息 log.debug("———校验token是否有效————checkUserTokenIsEffect——————— "+ token); - LoginUser loginUser = (LoginUser) redisUtil.get(CacheConstant.SYS_USERS_CACHE_JWT+":"+token); - //TODO 当前写法导致两个小时操作中token过期 - //如果redis缓存用户信息为空,则通过接口获取用户信息,避免超过两个小时操作中token过期 - if(loginUser==null){ - loginUser = commonAPI.getUserByName(username); - //密码二次加密,因为存于redis会泄露 - loginUser.setPassword(SecureUtil.md5(loginUser.getPassword())); - } + LoginUser loginUser = commonAPI.getUserByName(username); if (loginUser == null) { throw new AuthenticationException("用户不存在!"); } diff --git a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/cas/controller/CasClientController.java b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/cas/controller/CasClientController.java index 48261919dd11a0ddeae54bb67309dbd4cfd69978..b22e79b6ef021e43551b3bedde0bf69673951ea2 100644 --- a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/cas/controller/CasClientController.java +++ b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/cas/controller/CasClientController.java @@ -87,14 +87,6 @@ public class CasClientController { redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token); redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME*2 / 1000); - //update-begin-author:taoyan date:20200812 for:登录缓存用户信息 - LoginUser vo = new LoginUser(); - BeanUtils.copyProperties(sysUser,vo); - vo.setPassword(SecureUtil.md5(sysUser.getPassword())); - redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, vo); - redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000); - //update-end-author:taoyan date:20200812 for:登录缓存用户信息 - //获取用户部门信息 JSONObject obj = new JSONObject(); List departs = sysDepartService.queryUserDeparts(sysUser.getId()); diff --git a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java index c3639cea84ca6d08de6d1ffc8056a0166b58e951..eb040c547c7e62555f8eb91ab062ed166ded5c17 100644 --- a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java +++ b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java @@ -356,20 +356,11 @@ public class LoginController { String syspassword = sysUser.getPassword(); String username = sysUser.getUsername(); // 生成token - String token = JwtUtil.sign(username, SecureUtil.md5(syspassword)); + String token = JwtUtil.sign(username, syspassword); // 设置token缓存有效时间 redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token); redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME*2 / 1000); - //update-begin-author:taoyan date:20200812 for:登录缓存用户信息 - LoginUser vo = new LoginUser(); - BeanUtils.copyProperties(sysUser,vo); - //密码二次加密,因为存于redis会泄露 - vo.setPassword(SecureUtil.md5(sysUser.getPassword())); - redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, vo); - redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000); - //update-end-author:taoyan date:20200812 for:登录缓存用户信息 - // 获取用户部门信息 JSONObject obj = new JSONObject(); List departs = sysDepartService.queryUserDeparts(sysUser.getId()); @@ -484,14 +475,6 @@ public class LoginController { redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token); redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME*2 / 1000); - //update-begin-author:taoyan date:20200812 for:登录缓存用户信息 - LoginUser vo = new LoginUser(); - BeanUtils.copyProperties(sysUser,vo); - vo.setPassword(SecureUtil.md5(sysUser.getPassword())); - redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, vo); - redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000); - //update-end-author:taoyan date:20200812 for:登录缓存用户信息 - //token 信息 obj.put("token", token); result.setResult(obj); diff --git a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java index 9fd82d508590f16b887aed8078deef9ffe814e2f..4b6b6e28f4a38711ba05d25be10bbdbe3d72dc93 100644 --- a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java +++ b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java @@ -109,14 +109,6 @@ public class ThirdLoginController { // 设置超时时间 redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME / 1000); - //update-begin-author:taoyan date:20200812 for:登录缓存用户信息 - LoginUser redisUser = new LoginUser(); - BeanUtils.copyProperties(user, redisUser); - redisUser.setPassword(SecureUtil.md5(user.getPassword())); - redisUtil.set(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, redisUser); - redisUtil.expire(CacheConstant.SYS_USERS_CACHE_JWT +":" +token, JwtUtil.EXPIRE_TIME*2 / 1000); - //update-end-author:taoyan date:20200812 for:登录缓存用户信息 - modelMap.addAttribute("token", token); //update-begin--Author:wangshuai Date:20200729 for:接口在签名校验失败时返回失败的标识码 issues#1441-------------------- }else{