From 4aa116cd7a705a5d046a08854b37fbc60c101ed0 Mon Sep 17 00:00:00 2001
From: pixel <303176530@qq.com>
Date: Sat, 28 Dec 2019 18:32:47 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0jwt=E4=B8=BB=E5=8A=A8?=
 =?UTF-8?q?=E5=A4=B1=E6=95=88=E5=8A=9F=E8=83=BD=EF=BC=88next:=E5=A4=9A?=
 =?UTF-8?q?=E7=82=B9=E7=99=BB=E5=BD=95=E9=99=90=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../controller/api/sys_jwt_blacklist.go       | 28 +++++++++++++++++++
 QMPlusServer/init/initRouter/init_router.go   |  3 +-
 QMPlusServer/init/registTable/regist_table.go |  1 +
 QMPlusServer/middleware/jwt.go                | 12 ++++++++
 .../model/sysModel/sys_jwt_blacklist.go       | 23 +++++++++++++++
 QMPlusServer/model/sysModel/sys_user.go       |  6 ++--
 QMPlusServer/router/sys_jwt.go                | 14 ++++++++++
 QMPlusVuePage/src/api/jwt.js                  | 16 +++++++++++
 QMPlusVuePage/src/store/module/user.js        |  7 +++++
 QMPlusVuePage/src/utils/request.js            | 10 ++++---
 QMPlusVuePage/src/view/layout/index.vue       |  4 +--
 11 files changed, 114 insertions(+), 10 deletions(-)
 create mode 100644 QMPlusServer/controller/api/sys_jwt_blacklist.go
 create mode 100644 QMPlusServer/model/sysModel/sys_jwt_blacklist.go
 create mode 100644 QMPlusServer/router/sys_jwt.go
 create mode 100644 QMPlusVuePage/src/api/jwt.js

diff --git a/QMPlusServer/controller/api/sys_jwt_blacklist.go b/QMPlusServer/controller/api/sys_jwt_blacklist.go
new file mode 100644
index 00000000..c8114d8c
--- /dev/null
+++ b/QMPlusServer/controller/api/sys_jwt_blacklist.go
@@ -0,0 +1,28 @@
+package api
+
+import (
+	"fmt"
+	"gin-vue-admin/controller/servers"
+	"gin-vue-admin/model/sysModel"
+	"github.com/gin-gonic/gin"
+)
+
+// @Tags jwt
+// @Summary jwt加入黑名单
+// @Security ApiKeyAuth
+// @accept application/json
+// @Produce application/json
+// @Success 200 {string} string "{"success":true,"data":{},"msg":"拉黑成功"}"
+// @Router /jwt/jsonInBlacklist [post]
+func JsonInBlacklist(c *gin.Context){
+	token := c.Request.Header.Get("x-token")
+	ModelJwt := sysModel.JwtBlacklist{
+		Jwt:token,
+	}
+	err := ModelJwt.JsonInBlacklist()
+	if err != nil {
+		servers.ReportFormat(c, false, fmt.Sprintf("jwt作废失败，%v", err), gin.H{})
+	} else {
+		servers.ReportFormat(c, true, "jwt作废成功", gin.H{})
+	}
+}
diff --git a/QMPlusServer/init/initRouter/init_router.go b/QMPlusServer/init/initRouter/init_router.go
index d6bce93e..eef9e51b 100644
--- a/QMPlusServer/init/initRouter/init_router.go
+++ b/QMPlusServer/init/initRouter/init_router.go
@@ -24,6 +24,7 @@ func InitRouter() *gin.Engine {
 	router.InitApiRouter(ApiGroup)                   // 注册功能api路由
 	router.InitFileUploadAndDownloadRouter(ApiGroup) // 文件上传下载功能路由
 	router.InitWorkflowRouter(ApiGroup)              // 工作流相关路由
-	router.InitCasbinRouter(ApiGroup)
+	router.InitCasbinRouter(ApiGroup)                // 权限相关路由
+	router.InitJwtRouter(ApiGroup)                   // jwt相关路由
 	return Router
 }
diff --git a/QMPlusServer/init/registTable/regist_table.go b/QMPlusServer/init/registTable/regist_table.go
index cc24ea21..538db74f 100644
--- a/QMPlusServer/init/registTable/regist_table.go
+++ b/QMPlusServer/init/registTable/regist_table.go
@@ -13,6 +13,7 @@ func RegistTable(db *gorm.DB) {
 		sysModel.SysMenu{},
 		sysModel.SysApi{},
 		sysModel.SysBaseMenu{},
+		sysModel.JwtBlacklist{},
 		dbModel.ExaFileUploadAndDownload{},
 		sysModel.SysWorkflow{},
 		sysModel.SysWorkflowStepInfo{},
diff --git a/QMPlusServer/middleware/jwt.go b/QMPlusServer/middleware/jwt.go
index c647aff9..2311aef4 100644
--- a/QMPlusServer/middleware/jwt.go
+++ b/QMPlusServer/middleware/jwt.go
@@ -3,6 +3,7 @@ package middleware
 import (
 	"errors"
 	"gin-vue-admin/controller/servers"
+	"gin-vue-admin/model/sysModel"
 	"github.com/dgrijalva/jwt-go"
 	"github.com/gin-gonic/gin"
 	uuid "github.com/satori/go.uuid"
@@ -13,6 +14,9 @@ func JWTAuth() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		// 我们这里jwt鉴权取头部信息 x-token 登录时回返回token信息 这里前端需要把token存储到cookie或者本地localSstorage中 不过需要跟后端协商过期时间 可以约定刷新令牌或者重新登录
 		token := c.Request.Header.Get("x-token")
+		ModelToken := sysModel.JwtBlacklist{
+			Jwt:token,
+		}
 		if token == "" {
 			servers.ReportFormat(c, false, "未登录或非法访问", gin.H{
 				"reload": true,
@@ -20,6 +24,13 @@ func JWTAuth() gin.HandlerFunc {
 			c.Abort()
 			return
 		}
+		if ModelToken.IsBlacklist(token){
+			servers.ReportFormat(c, false, "授权已失效", gin.H{
+				"reload": true,
+			})
+			c.Abort()
+			return
+		}
 		j := NewJWT()
 		// parseToken 解析token包含的信息
 		claims, err := j.ParseToken(token)
@@ -135,3 +146,4 @@ func (j *JWT) RefreshToken(tokenString string) (string, error) {
 	}
 	return "", TokenInvalid
 }
+
diff --git a/QMPlusServer/model/sysModel/sys_jwt_blacklist.go b/QMPlusServer/model/sysModel/sys_jwt_blacklist.go
new file mode 100644
index 00000000..0fd97970
--- /dev/null
+++ b/QMPlusServer/model/sysModel/sys_jwt_blacklist.go
@@ -0,0 +1,23 @@
+package sysModel
+
+import (
+	"gin-vue-admin/init/qmsql"
+	"github.com/jinzhu/gorm"
+)
+
+type JwtBlacklist struct {
+	gorm.Model
+	Jwt string `gorm:"type:text"`
+}
+
+func(j *JwtBlacklist)JsonInBlacklist()(err error){
+	err = qmsql.DEFAULTDB.Create(j).Error
+	return
+}
+
+
+//判断JWT是否在黑名单内部
+func (j *JwtBlacklist)IsBlacklist(Jwt string)(bool){
+	isNotFound := qmsql.DEFAULTDB.Where("jwt = ?",Jwt).First(j).RecordNotFound()
+	return !isNotFound
+}
\ No newline at end of file
diff --git a/QMPlusServer/model/sysModel/sys_user.go b/QMPlusServer/model/sysModel/sys_user.go
index dba4b607..24f0a5b9 100644
--- a/QMPlusServer/model/sysModel/sys_user.go
+++ b/QMPlusServer/model/sysModel/sys_user.go
@@ -29,9 +29,9 @@ type SysUser struct {
 func (u *SysUser) Regist() (err error, userInter *SysUser) {
 	var user SysUser
 	//判断用户名是否注册
-	findErr := qmsql.DEFAULTDB.Where("username = ?", u.Username).First(&user).Error
-	//err为nil表明读取到了 不能注册
-	if findErr == nil {
+	notResigt := qmsql.DEFAULTDB.Where("username = ?", u.Username).First(&user).RecordNotFound()
+	//notResigt为false表明读取到了 不能注册
+	if !notResigt {
 		return errors.New("用户名已注册"), nil
 	} else {
 		// 否则 附加uuid 密码md5简单加密 注册
diff --git a/QMPlusServer/router/sys_jwt.go b/QMPlusServer/router/sys_jwt.go
new file mode 100644
index 00000000..7788e1b8
--- /dev/null
+++ b/QMPlusServer/router/sys_jwt.go
@@ -0,0 +1,14 @@
+package router
+
+import (
+	"gin-vue-admin/controller/api"
+	"gin-vue-admin/middleware"
+	"github.com/gin-gonic/gin"
+)
+
+func InitJwtRouter(Router *gin.RouterGroup) {
+	ApiRouter := Router.Group("jwt").Use(middleware.JWTAuth()).Use(middleware.CasbinHandler())
+	{
+		ApiRouter.POST("jsonInBlacklist", api.JsonInBlacklist)   //jwt加入黑名单
+	}
+}
\ No newline at end of file
diff --git a/QMPlusVuePage/src/api/jwt.js b/QMPlusVuePage/src/api/jwt.js
new file mode 100644
index 00000000..a4be8429
--- /dev/null
+++ b/QMPlusVuePage/src/api/jwt.js
@@ -0,0 +1,16 @@
+import service from '@/utils/request'
+
+// @Tags jwt
+// @Summary jwt加入黑名单
+// @Security ApiKeyAuth
+// @accept application/json
+// @Produce application/json
+// @Success 200 {string} string "{"success":true,"data":{},"msg":"拉黑成功"}"
+// @Router /jwt/jsonInBlacklist [post]
+
+export const jsonInBlacklist = () => {
+    return service({
+        url: "/jwt/jsonInBlacklist",
+        method: 'post',
+    })
+}
\ No newline at end of file
diff --git a/QMPlusVuePage/src/store/module/user.js b/QMPlusVuePage/src/store/module/user.js
index e2fe3c1f..91ec3eba 100644
--- a/QMPlusVuePage/src/store/module/user.js
+++ b/QMPlusVuePage/src/store/module/user.js
@@ -1,4 +1,5 @@
 import { login } from '@/api/user'
+import { jsonInBlacklist } from '@/api/jwt'
 import router from '@/router/index'
 export const user = {
     namespaced: true,
@@ -52,6 +53,12 @@ export const user = {
                     router.push({ path: '/layout/dashbord' })
                 }
             }
+        },
+        async LoginOut({ commit }) {
+            const res = await jsonInBlacklist()
+            if (res.success) {
+                commit("LoginOut")
+            }
         }
     },
     getters: {
diff --git a/QMPlusVuePage/src/utils/request.js b/QMPlusVuePage/src/utils/request.js
index 60a64c7b..35ef3125 100644
--- a/QMPlusVuePage/src/utils/request.js
+++ b/QMPlusVuePage/src/utils/request.js
@@ -61,11 +61,13 @@ service.interceptors.response.use(
             Message({
                 showClose: true,
                 message: response.data.msg,
-                type: 'error'
+                type: 'error',
+                onClose: () => {
+                    if (response.data.data && response.data.data.reload) {
+                        store.commit('user/LoginOut')
+                    }
+                }
             })
-            if (response.data.data && response.data.data.reload) {
-                store.commit('user/LoginOut')
-            }
             return Promise.reject(response.data.msg)
         }
     },
diff --git a/QMPlusVuePage/src/view/layout/index.vue b/QMPlusVuePage/src/view/layout/index.vue
index 3661021d..91381088 100644
--- a/QMPlusVuePage/src/view/layout/index.vue
+++ b/QMPlusVuePage/src/view/layout/index.vue
@@ -51,7 +51,7 @@
 
 <script>
 import Aside from '@/view/layout/aside'
-import { mapGetters, mapMutations } from 'vuex'
+import { mapGetters, mapActions } from 'vuex'
 export default {
   name: 'Layout',
   data() {
@@ -63,7 +63,7 @@ export default {
     Aside
   },
   methods: {
-    ...mapMutations('user', ['LoginOut']),
+    ...mapActions('user', ['LoginOut']),
     totalCollapse() {
       this.isCollapse = !this.isCollapse
       this.$bus.emit('totalCollapse')
-- 
GitLab