From d6e2f4ceb5292f30c1fc6c131c32931e9d08074c Mon Sep 17 00:00:00 2001 From: 2b3c511 <1916417519@qq.com> Date: Wed, 1 Feb 2023 14:53:23 +0800 Subject: [PATCH] [Fix]token --- backend/doc/deploy.md | 2 + .../org/apache/iotdb/admin/tool/JJwtTool.java | 47 ++++++++++++++----- .../main/resources/application-dev.properties | 5 +- .../resources/application-prod.properties | 5 +- .../resources/application-test.properties | 5 +- 5 files changed, 49 insertions(+), 15 deletions(-) diff --git a/backend/doc/deploy.md b/backend/doc/deploy.md index f6a3a0ec..c267f8ed 100644 --- a/backend/doc/deploy.md +++ b/backend/doc/deploy.md @@ -29,6 +29,8 @@ ![](image/配置文件.PNG) +务必在application-prod.properties中设置jwt.sign.secret + 2 打包 ![](image/打包.png) diff --git a/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java b/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java index 8804107a..fe0fa29c 100644 --- a/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java +++ b/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java @@ -24,15 +24,30 @@ import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import lombok.extern.slf4j.Slf4j; +import org.springframework.boot.context.properties.ConfigurationProperties; +import org.springframework.context.annotation.Configuration; +import org.springframework.util.StringUtils; +import java.util.ArrayList; import java.util.Date; +import java.util.List; /** date:2022/12/6 author:yzf project_name:backend */ @Slf4j +@Configuration +@ConfigurationProperties(prefix = "jwt.sign") public class JJwtTool { - private static String secret = - "HSyJ0eXAiOiJKV1QasdfffffffSd3g8923402347523fffasdfasgwaegwaegawegawegawegawetwgewagagew" - + "asdf23r23DEEasdfawef134t2fawt2g325gafasdfasdfiLCJhbGciOiJIUzI1NiJ9"; + + private static List jwtCache = new ArrayList<>(); + private static String secret; + + public String getSecret() { + return secret; + } + + public void setSecret(String payload) { + secret = payload; + } public static String generateToken(User user) { log.info("user=" + user.toString()); @@ -40,20 +55,28 @@ public static String generateToken(User user) { // Calendar instance = Calendar.getInstance(); // instance.add(Calendar.HOUR_OF_DAY, 24); Date expireDate = new Date(new Date().getTime() + (1000 * 60 * 60 * 10)); - return Jwts.builder() - .setHeaderParam("type", "JWT") - .setSubject(user.getId() + "") - .setIssuedAt(now) // 签发时间 - .claim("userId", user.getId()) - .claim("name", user.getName()) - .setExpiration(expireDate) // 过期时间 - .signWith(SignatureAlgorithm.HS512, secret) - .compact(); + String compact = + Jwts.builder() + .setHeaderParam("type", "JWT") + .setSubject(user.getId() + "") + .setIssuedAt(now) // 签发时间 + .claim("userId", user.getId()) + .claim("name", user.getName()) + .setExpiration(expireDate) // 过期时间 + .signWith(SignatureAlgorithm.HS512, secret) + .compact(); + if (StringUtils.hasLength(compact) && !jwtCache.contains(compact)) { + jwtCache.add(compact); + } + return compact; } /** 解析token */ public static Claims getClaimsByToken(String token) { try { + if (StringUtils.hasLength(token) && !jwtCache.contains(token)) { + return null; + } return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody(); } catch (Exception e) { System.out.println("validate is token error"); diff --git a/backend/src/main/resources/application-dev.properties b/backend/src/main/resources/application-dev.properties index bd75be18..121476b0 100644 --- a/backend/src/main/resources/application-dev.properties +++ b/backend/src/main/resources/application-dev.properties @@ -36,4 +36,7 @@ spring.servlet.multipart.max-file-size=200MB spring.servlet.multipart.max-request-size=215MB # All files generated during CSV import and export are stored in this folder -file.temp-dir=./tempFile \ No newline at end of file +file.temp-dir=./tempFile + +# token secret +jwt.sign.secret = HSyJ0eXAiOiJKV1QasdfffffffSd3g8923402347523fffasdfasgwaegwaegawegawegawegawetwgewagagewasdf23r23DEEasdfawef134t2fawt2g325gafasdfasdfiLCJhbGciOiJIUzI1NiJ9 diff --git a/backend/src/main/resources/application-prod.properties b/backend/src/main/resources/application-prod.properties index e8305349..66a5d2b7 100644 --- a/backend/src/main/resources/application-prod.properties +++ b/backend/src/main/resources/application-prod.properties @@ -32,4 +32,7 @@ spring.servlet.multipart.max-file-size=200MB spring.servlet.multipart.max-request-size=215MB # All files generated during CSV import and export are stored in this folder -file.temp-dir=./tempFile \ No newline at end of file +file.temp-dir=./tempFile + +# token secret +jwt.sign.secret = diff --git a/backend/src/main/resources/application-test.properties b/backend/src/main/resources/application-test.properties index 7cd752d6..f661868b 100644 --- a/backend/src/main/resources/application-test.properties +++ b/backend/src/main/resources/application-test.properties @@ -30,4 +30,7 @@ spring.servlet.multipart.file-size-threshold=2KB spring.servlet.multipart.max-file-size=200MB spring.servlet.multipart.max-request-size=215MB -file.temp-dir=./tempFile \ No newline at end of file +file.temp-dir=./tempFile + +# token secret +jwt.sign.secret =