fantasy1621821/fycd-big-data-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

modified: some auth config

Browse Source
This commit is contained in:
張明輝
2022-11-14 02:46:28 +08:00
parent 19e34d089e
commit efd3fca1c7
8 changed files with 90 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
security-core/src/main/java/org/fycd/bigdata/config/jwt/AuthEntryPointJwt.java
View File

@@ -19,7 +19,7 @@ public class AuthEntryPointJwt implements AuthenticationEntryPoint {
@Override @Override
public void commence(HttpServletRequest request, HttpServletResponse response, org.springframework.security.core.AuthenticationException authException) throws IOException, ServletException { public void commence(HttpServletRequest request, HttpServletResponse response, org.springframework.security.core.AuthenticationException authException) throws IOException, ServletException {
log.error("Unauthorized error: {}", authException.getMessage()); // log.error("未授權的請求: {}", authException.getMessage());
response.setContentType(MediaType.APPLICATION_JSON_VALUE); response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

13
security-core/src/main/java/org/fycd/bigdata/exception/TokenRefreshException.java Normal file
View File

@@ -0,0 +1,13 @@
package org.fycd.bigdata.exception;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.ResponseStatus;
import java.text.MessageFormat;
@ResponseStatus(HttpStatus.FORBIDDEN)
public class TokenRefreshException extends RuntimeException{
public TokenRefreshException(String token, String message) {
super(MessageFormat.format("Failed for {0}: {1}", token, message));
}
}

18
security-core/src/main/java/org/fycd/bigdata/repository/dao/RefreshTokenDaoSub.java
View File

@@ -1,11 +1,25 @@
package org.fycd.bigdata.repository.dao; package org.fycd.bigdata.repository.dao;
import org.fycd.bigdata.pojo.RefreshTokenSub; import org.fycd.bigdata.pojo.RefreshTokenSub;
import org.fycd.bigdata.pojo.UserSub;
import org.springframework.stereotype.Repository; import org.springframework.stereotype.Repository;
import java.util.Optional;
@Repository @Repository
public class RefreshTokenDaoSub { public class RefreshTokenDaoSub {
public RefreshTokenSub findByToken(String token) { public Optional<RefreshTokenSub> findByToken(String token) {
return new RefreshTokenSub(); return Optional.of(new RefreshTokenSub());
}
public void delete(RefreshTokenSub token) {
}
public void save(RefreshTokenSub token) {
}
public int deleteByUser(UserSub userSub) {
return 1;
} }
} }

4
security-core/src/main/java/org/fycd/bigdata/repository/dao/UserDaoSub.java
View File

@@ -10,4 +10,8 @@ public class UserDaoSub {
public Optional<UserSub> findByUsername (String username) { public Optional<UserSub> findByUsername (String username) {
return Optional.of(new UserSub()); return Optional.of(new UserSub());
} }
public Optional<UserSub> findById (Long id) {
return Optional.of(new UserSub());
}
} }

53
security-core/src/main/java/org/fycd/bigdata/service/RefreshTokenService.java Normal file
View File

@@ -0,0 +1,53 @@
package org.fycd.bigdata.service;
import lombok.RequiredArgsConstructor;
import org.fycd.bigdata.exception.TokenRefreshException;
import org.fycd.bigdata.pojo.RefreshTokenSub;
import org.fycd.bigdata.repository.dao.RefreshTokenDaoSub;
import org.fycd.bigdata.repository.dao.UserDaoSub;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.time.LocalDateTime;
import java.util.Optional;
import java.util.UUID;
@Service
@RequiredArgsConstructor
public class RefreshTokenService {
@Value("${app.security.jwtExpiration")
private Long refreshTokenDuration;
private final UserDaoSub userDao;
private final RefreshTokenDaoSub refreshTokenDao;
public Optional<RefreshTokenSub> findByToken(String token) {
return refreshTokenDao.findByToken(token);
}
public RefreshTokenSub createRefreshToken(Long userId) {
RefreshTokenSub refreshToken = new RefreshTokenSub();
refreshToken.setUser(userDao.findById(userId).get());
refreshToken.setExpiryDate(LocalDateTime.now().plusSeconds(refreshTokenDuration));
refreshToken.setToken(UUID.randomUUID().toString());
refreshTokenDao.save(refreshToken);
return refreshToken;
}
public RefreshTokenSub verifyExpiration(RefreshTokenSub token) {
if (token.getExpiryDate().compareTo(LocalDateTime.now()) < 0) {
refreshTokenDao.delete(token);
throw new TokenRefreshException(token.getToken(), "Refresh Token 已過期");
}
return token;
}
@Transactional
public int deleteByUserId(Long userId) {
return refreshTokenDao.deleteByUser(userDao.findById(userId).get());
}
}

2
src/main/resources/application-dev.yml
View File

@@ -1,4 +1,4 @@
app: app:
security: security:
jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe
jwtExpirationMs: 86400000 jwtExpiration: 86400000

2
src/main/resources/application-prod.yml
View File

@@ -1,4 +1,4 @@
app: app:
security: security:
jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe
jwtExpirationMs: 86400000 jwtExpiration: 86400000

6
src/main/resources/application.yml
View File

@@ -1,7 +1,3 @@
spring: spring:
profiles: profiles:
active: dev active: dev
app:
security:
jwtSecret: asdnkqldwk;l!@NLKASd12inkasldlxv.,xcvmkasldkqwe
jwtExpirationMs: 86400000