diff --git a/modules/server/src/main/java/io/jpom/common/interceptor/LoginInterceptor.java b/modules/server/src/main/java/io/jpom/common/interceptor/LoginInterceptor.java index 35015f225..4c10ddcf3 100644 --- a/modules/server/src/main/java/io/jpom/common/interceptor/LoginInterceptor.java +++ b/modules/server/src/main/java/io/jpom/common/interceptor/LoginInterceptor.java @@ -58,14 +58,21 @@ public class LoginInterceptor extends BaseJpomInterceptor { notLogin = handlerMethod.getBeanType().getAnnotation(NotLogin.class); } if (notLogin == null) { - // - int code = this.checkHeaderUser(request, session); - if (code > 0) { - if (!this.tryGetHeaderUser(request, session)) { + // 这里需要判断请求头里是否有 Authorization 属性 + String authorization = request.getHeader(ServerOpenApi.HTTP_HEAD_AUTHORIZATION); + if (!StrUtil.isEmpty(authorization)) { + // jwt token 检测机制 + int code = this.checkHeaderUser(request, session); + if (code > 0) { this.responseLogin(request, response, handlerMethod, code); return false; } } + // 老版本登录拦截 + if (!this.tryGetHeaderUser(request, session)) { + this.responseLogin(request, response, handlerMethod, ServerConfigBean.AUTHORIZE_TIME_OUT_CODE); + return false; + } } reload(); // @@ -92,21 +99,21 @@ public class LoginInterceptor extends BaseJpomInterceptor { } return ServerConfigBean.RENEWAL_AUTHORIZE_CODE; } - UserModel user = (UserModel) session.getAttribute(SESSION_NAME); - UserService userService = SpringUtil.getBean(UserService.class); - UserModel newUser = userService.checkUser(claims.getId()); - if (newUser == null) { - return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; - } - if (null != user) { - String tokenUserId = JwtUtil.readUserId(claims); - boolean b = user.getId().equals(tokenUserId) && user.getUserMd5Key().equals(claims.getId()) - && user.getModifyTime() == newUser.getModifyTime(); - if (!b) { - return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; - } - } - session.setAttribute(LoginInterceptor.SESSION_NAME, newUser); +// UserModel user = (UserModel) session.getAttribute(SESSION_NAME); +// UserService userService = SpringUtil.getBean(UserService.class); +// UserModel newUser = userService.checkUser(claims.getId()); +// if (newUser == null) { +// return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; +// } +// if (null != user) { +// String tokenUserId = JwtUtil.readUserId(claims); +// boolean b = user.getId().equals(tokenUserId) && user.getUserMd5Key().equals(claims.getId()) +// && user.getModifyTime() == newUser.getModifyTime(); +// if (!b) { +// return ServerConfigBean.AUTHORIZE_TIME_OUT_CODE; +// } +// } +// session.setAttribute(LoginInterceptor.SESSION_NAME, newUser); return 0; } diff --git a/modules/server/src/main/java/io/jpom/controller/LoginControl.java b/modules/server/src/main/java/io/jpom/controller/LoginControl.java index 6df5e3a46..5be618425 100644 --- a/modules/server/src/main/java/io/jpom/controller/LoginControl.java +++ b/modules/server/src/main/java/io/jpom/controller/LoginControl.java @@ -227,7 +227,7 @@ public class LoginControl extends BaseServerController { @ResponseBody @NotLogin public String renewalToken() { - String token = getRequest().getHeader(ServerOpenApi.USER_TOKEN_HEAD); + String token = getRequest().getHeader(ServerOpenApi.HTTP_HEAD_AUTHORIZATION); if (StrUtil.isEmpty(token)) { return JsonMessage.getString(ServerConfigBean.AUTHORIZE_TIME_OUT_CODE, "刷新token失败"); } diff --git a/web-vue/src/api/config.js b/web-vue/src/api/config.js index 4cb4de254..8cd2d66e9 100644 --- a/web-vue/src/api/config.js +++ b/web-vue/src/api/config.js @@ -2,7 +2,9 @@ import Vue from 'vue'; import axios from 'axios'; import Qs from 'qs'; import store from '../store'; +import router from '../router'; import { NO_NOTIFY_KEY, NO_LOADING_KEY,TOKEN_HEADER_KEY} from '../utils/const'; +import { refreshToken } from './user'; import { notification } from 'ant-design-vue'; @@ -65,6 +67,12 @@ request.interceptors.response.use(response => { // 判断返回值,权限等... const res = response.data; + // 先判断 jwt token 状态 + if (res.code === 800 || res.code === 801) { + return checkJWTToken(res, response); + } + + // 其他情况 if (res.code !== 200) { // 如果 headers 里面配置了 tip: no 就不用弹出提示信息 if (!response.config.headers[NO_NOTIFY_KEY]) { @@ -75,12 +83,7 @@ request.interceptors.response.use(response => { }); } } - // 如果是登录信息失效 - if (res.code === 800) { - store.dispatch('logOut').then(() => { - location.reload(); - }) - } + return res; }, error => { // 如果 headers 里面配置了 loading: no 就不用 loading @@ -107,4 +110,47 @@ request.interceptors.response.use(response => { return Promise.reject(error); }); +// 判断 jwt token 状态 +function checkJWTToken(res, response) { + // 如果是登录信息失效 + if (res.code === 800) { + notification.warn({ + message: res.msg, + description: response.config.url, + duration: 3 + }); + store.dispatch('logOut').then(() => { + router.push('/login'); + }); + return false; + } + // 如果 jwt token 还可以续签 + if (res.code === 801) { + notification.close(); + notification.info({ + message: '登录信息过期,尝试自动续签...', + description: '如果不需要自动续签,请修改配置文件。该续签将不会影响页面。', + duration: 3 + }); + // 续签且重试请求 + return redoRequest(response.config); + } +} + +// 刷新 jwt token 并且重试上次请求 +function redoRequest(config) { + return new Promise(resolve => { + Promise.resolve(refreshToken()).then(result => { + if (result.code === 200) { + // 调用 store action 存储当前登录的用户名和 token + store.dispatch('login', result.data); + resolve(); + } + }); + }).then(() => { + // 重试原来的请求 + return request(config); + }); +} + export default request diff --git a/web-vue/src/api/user.js b/web-vue/src/api/user.js index 9d45b19a2..d9ab5399a 100644 --- a/web-vue/src/api/user.js +++ b/web-vue/src/api/user.js @@ -9,6 +9,14 @@ export function login(params) { }) } +// refresh token +export function refreshToken() { + return axios({ + url: '/renewal', + method: 'post' + }) +} + // 获取用户信息 export function getUserInfo() { return axios({ diff --git a/web-vue/src/pages/layout/user-header.vue b/web-vue/src/pages/layout/user-header.vue index 64501a359..ef6f2b0e8 100644 --- a/web-vue/src/pages/layout/user-header.vue +++ b/web-vue/src/pages/layout/user-header.vue @@ -248,7 +248,7 @@ export default {