Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
IEQEFCR
halo
提交
f5701691
H
halo
项目概览
IEQEFCR
/
halo
与 Fork 源项目一致
从无法访问的项目Fork
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
H
halo
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
f5701691
编写于
4月 29, 2019
作者:
J
johnniang
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Complete refresh token logic
上级
12a6a627
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
70 addition
and
19 deletion
+70
-19
src/main/java/run/halo/app/config/HaloConfiguration.java
src/main/java/run/halo/app/config/HaloConfiguration.java
+4
-4
src/main/java/run/halo/app/controller/admin/api/AdminController.java
...va/run/halo/app/controller/admin/api/AdminController.java
+7
-0
src/main/java/run/halo/app/service/AdminService.java
src/main/java/run/halo/app/service/AdminService.java
+9
-0
src/main/java/run/halo/app/service/impl/AdminServiceImpl.java
...main/java/run/halo/app/service/impl/AdminServiceImpl.java
+50
-15
未找到文件。
src/main/java/run/halo/app/config/HaloConfiguration.java
浏览文件 @
f5701691
...
...
@@ -101,11 +101,10 @@ public class HaloConfiguration {
// Set failure handler
apiFilter
.
setFailureHandler
(
failureHandler
);
apiFilter
.
addExcludeUrlPatterns
(
"/api/admin/*"
);
FilterRegistrationBean
<
ApiAuthenticationFilter
>
authenticationFilter
=
new
FilterRegistrationBean
<>();
authenticationFilter
.
setFilter
(
apiFilter
);
authenticationFilter
.
addUrlPatterns
(
"/api/*"
);
authenticationFilter
.
addUrlPatterns
(
"/api/
content/
*"
);
authenticationFilter
.
setOrder
(
0
);
return
authenticationFilter
;
}
...
...
@@ -125,17 +124,18 @@ public class HaloConfiguration {
// Config the admin filter
adminAuthenticationFilter
.
addExcludeUrlPatterns
(
"/api/admin/login"
,
"/api/admin/refresh/*"
,
"/api/admin/installations"
,
"/api/admin/recoveries/migrations/*"
);
adminAuthenticationFilter
.
addTryAuthUrlMethodPattern
(
"/api/admin/comments"
,
HttpMethod
.
POST
.
name
());
adminAuthenticationFilter
.
addTryAuthUrlMethodPattern
(
"/api/comments"
,
HttpMethod
.
POST
.
name
());
adminAuthenticationFilter
.
addTryAuthUrlMethodPattern
(
"/api/co
ntent/co
mments"
,
HttpMethod
.
POST
.
name
());
adminAuthenticationFilter
.
setFailureHandler
(
failureHandler
);
FilterRegistrationBean
<
AdminAuthenticationFilter
>
authenticationFilter
=
new
FilterRegistrationBean
<>();
authenticationFilter
.
setFilter
(
adminAuthenticationFilter
);
authenticationFilter
.
addUrlPatterns
(
"/api/admin/*"
,
"/api/comments"
);
authenticationFilter
.
addUrlPatterns
(
"/api/admin/*"
,
"/api/co
ntent/co
mments"
);
authenticationFilter
.
setOrder
(
1
);
return
authenticationFilter
;
}
...
...
src/main/java/run/halo/app/controller/admin/api/AdminController.java
浏览文件 @
f5701691
...
...
@@ -52,4 +52,11 @@ public class AdminController {
public
void
logout
()
{
adminService
.
clearToken
();
}
@PostMapping
(
"refresh/{refreshToken}"
)
@ApiOperation
(
"Refreshes token"
)
@CacheLock
public
AuthToken
refresh
(
@PathVariable
(
"refreshToken"
)
String
refreshToken
)
{
return
adminService
.
refreshToken
(
refreshToken
);
}
}
src/main/java/run/halo/app/service/AdminService.java
浏览文件 @
f5701691
...
...
@@ -45,4 +45,13 @@ public interface AdminService {
*/
@NonNull
StatisticDTO
getCount
();
/**
* Refreshes token.
*
* @param refreshToken refresh token must not be blank
* @return authentication token
*/
@NonNull
AuthToken
refreshToken
(
@NonNull
String
refreshToken
);
}
src/main/java/run/halo/app/service/impl/AdminServiceImpl.java
浏览文件 @
f5701691
...
...
@@ -2,6 +2,7 @@ package run.halo.app.service.impl;
import
cn.hutool.core.lang.Validator
;
import
lombok.extern.slf4j.Slf4j
;
import
org.springframework.lang.NonNull
;
import
org.springframework.stereotype.Service
;
import
org.springframework.util.Assert
;
import
run.halo.app.cache.StringCacheStore
;
...
...
@@ -93,21 +94,7 @@ public class AdminServiceImpl implements AdminService {
}
// Generate new token
AuthToken
token
=
new
AuthToken
();
token
.
setAccessToken
(
HaloUtils
.
randomUUIDWithoutDash
());
token
.
setExpiredIn
(
ACCESS_TOKEN_EXPIRED_SECONDS
);
token
.
setRefreshToken
(
HaloUtils
.
randomUUIDWithoutDash
());
// Cache those tokens, just for clearing
cacheStore
.
putAny
(
SecurityUtils
.
buildAccessTokenKey
(
user
),
token
.
getAccessToken
(),
REFRESH_TOKEN_EXPIRED_DAYS
,
TimeUnit
.
DAYS
);
cacheStore
.
putAny
(
SecurityUtils
.
buildRefreshTokenKey
(
user
),
token
.
getRefreshToken
(),
REFRESH_TOKEN_EXPIRED_DAYS
,
TimeUnit
.
DAYS
);
// Cache those tokens with user id
cacheStore
.
putAny
(
SecurityUtils
.
buildTokenAccessKey
(
token
.
getAccessToken
()),
user
.
getId
(),
ACCESS_TOKEN_EXPIRED_SECONDS
,
TimeUnit
.
SECONDS
);
cacheStore
.
putAny
(
SecurityUtils
.
buildTokenRefreshKey
(
token
.
getRefreshToken
()),
user
.
getId
(),
REFRESH_TOKEN_EXPIRED_DAYS
,
TimeUnit
.
DAYS
);
return
token
;
return
buildAuthToken
(
user
);
}
@Override
...
...
@@ -162,4 +149,52 @@ public class AdminServiceImpl implements AdminService {
return
statisticDTO
;
}
@Override
public
AuthToken
refreshToken
(
String
refreshToken
)
{
Assert
.
hasText
(
refreshToken
,
"Refresh token must not be blank"
);
Integer
userId
=
cacheStore
.
getAny
(
SecurityUtils
.
buildTokenRefreshKey
(
refreshToken
),
Integer
.
class
)
.
orElseThrow
(()
->
new
BadRequestException
(
"The refresh token may have been expired already"
));
// Get user info
User
user
=
userService
.
getById
(
userId
);
// Remove all token
cacheStore
.
getAny
(
SecurityUtils
.
buildAccessTokenKey
(
user
),
String
.
class
).
ifPresent
(
accessToken
->
{
cacheStore
.
delete
(
SecurityUtils
.
buildTokenAccessKey
(
accessToken
));
});
cacheStore
.
delete
(
SecurityUtils
.
buildTokenRefreshKey
(
refreshToken
));
cacheStore
.
delete
(
SecurityUtils
.
buildAccessTokenKey
(
user
));
cacheStore
.
delete
(
SecurityUtils
.
buildRefreshTokenKey
(
user
));
return
buildAuthToken
(
user
);
}
/**
* Builds authentication token.
*
* @param user user info must not be null
* @return authentication token
*/
@NonNull
private
AuthToken
buildAuthToken
(
@NonNull
User
user
)
{
Assert
.
notNull
(
user
,
"User must not be null"
);
// Generate new token
AuthToken
token
=
new
AuthToken
();
token
.
setAccessToken
(
HaloUtils
.
randomUUIDWithoutDash
());
token
.
setExpiredIn
(
ACCESS_TOKEN_EXPIRED_SECONDS
);
token
.
setRefreshToken
(
HaloUtils
.
randomUUIDWithoutDash
());
// Cache those tokens, just for clearing
cacheStore
.
putAny
(
SecurityUtils
.
buildAccessTokenKey
(
user
),
token
.
getAccessToken
(),
REFRESH_TOKEN_EXPIRED_DAYS
,
TimeUnit
.
DAYS
);
cacheStore
.
putAny
(
SecurityUtils
.
buildRefreshTokenKey
(
user
),
token
.
getRefreshToken
(),
REFRESH_TOKEN_EXPIRED_DAYS
,
TimeUnit
.
DAYS
);
// Cache those tokens with user id
cacheStore
.
putAny
(
SecurityUtils
.
buildTokenAccessKey
(
token
.
getAccessToken
()),
user
.
getId
(),
ACCESS_TOKEN_EXPIRED_SECONDS
,
TimeUnit
.
SECONDS
);
cacheStore
.
putAny
(
SecurityUtils
.
buildTokenRefreshKey
(
token
.
getRefreshToken
()),
user
.
getId
(),
REFRESH_TOKEN_EXPIRED_DAYS
,
TimeUnit
.
DAYS
);
return
token
;
}
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录