集成微信登录双token

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java

@@ -150,6 +150,27 @@ public class SysLoginController
         return ajax;
     }
 
+    /**
+     * 刷新token
+     * @param refreshToken
+     * @return
+     */
+    @PostMapping("/refreshToken")
+    public AjaxResult refreshToken(String refreshToken)
+    {
+        if (StringUtils.isEmpty(refreshToken)) {
+            return AjaxResult.error("refresh_token不能为空");
+        }
+        if (!loginService.checkRefreshTokenValid(refreshToken)) {
+            return AjaxResult.error("登录已过期，请重新登录");
+        }
+        String newToken = loginService.createNewAccessToken(refreshToken);
+        AjaxResult ajax = AjaxResult.success();
+        ajax.put(Constants.TOKEN, newToken);
+        ajax.put(Constants.EXPIRES_IN, 7200);
+        return ajax;
+    }
+
     /**
      * 一体机身份证登录
      * @param loginBody

ruoyi-common/src/main/java/com/ruoyi/common/constant/CacheConstants.java

@@ -49,4 +49,9 @@ public class CacheConstants
      *pc岗位ids
      */
     public static final String SYS_JOB_IDS = "job_ids:";
+
+    /**
+     * 刷新token
+     */
+    public static final String LOGIN_SITE_REFRESH_KEY = "login_site_user:refresh_token:";
 }

ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java

@@ -100,6 +100,16 @@ public class Constants
      */
     public static final String TOKEN = "token";
 
+    /**
+     * 超时时间
+     */
+    public static final String EXPIRES_IN="expiresIn";
+
+    /**
+     * 刷新token
+     */
+    public static final String REFRESH_TOKEN="refreshToken";
+
     /**
      * 令牌前缀
      */
@@ -177,4 +187,6 @@ public class Constants
 
     public static final Integer Del_FLAG_DELETE = 2;
     public static final Integer Del_FLAG_EXISTS = 0;
+
+    public static final long REDIS_TIME_OUT=7200;
 }

ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java

@@ -48,7 +48,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
         }
         if (StringUtils.isNotNull(loginSiteUser) && StringUtils.isNull(SiteSecurityUtils.getAuthentication()))
         {
-            tokenSiteService.verifyToken(loginSiteUser);
+            //tokenSiteService.verifyToken(loginSiteUser);
             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginSiteUser, null,loginSiteUser.getAuthorities());
             authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
             SecurityContextHolder.getContext().setAuthentication(authenticationToken);

ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java

@@ -173,7 +173,23 @@ public class SysLoginService
         recordLoginInfo(appUser);
         AsyncManager.me().execute(AsyncFactory.recordLogininfor(appUser.getName(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
         recordLoginInfo(appUser);
-        // 生成token //tokenSiteService.noExpireCreateToken(loginSiteUser);//createTokenHourTwo
+        // 生成token //tokenSiteService.noExpireCreateToken(loginSiteUser);//createTokenHourTwo//createTokenSevenDay
+        return tokenSiteService.createTokenSevenDay(loginSiteUser);
+    }
+
+    /**
+     * 生成refreshToken
+     * @param appUser
+     * @return
+     */
+    public String loginUserrefreshToken(AppUser appUser)
+    {
+        LoginSiteUser loginSiteUser = new LoginSiteUser();
+        loginSiteUser.setUserId(appUser.getUserId());
+        loginSiteUser.setUser(appUser);
+        recordLoginInfo(appUser);
+        AsyncManager.me().execute(AsyncFactory.recordLogininfor(appUser.getName(), Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
+        recordLoginInfo(appUser);
         return tokenSiteService.createTokenSevenDay(loginSiteUser);
     }
 
@@ -294,6 +310,8 @@ public class SysLoginService
                 }
                 String token = loginUserIdApp(existingUser);
                 ajax.put(Constants.TOKEN, token);
+                ajax.put(Constants.EXPIRES_IN,Constants.REDIS_TIME_OUT);
+                ajax.put(Constants.REFRESH_TOKEN,loginUserrefreshToken(existingUser));
                 ajax.put("isNewUser", false);
                 ajax.put("idCard",existingUser.getIdCard());
                 ajax.put("isCompanyUser",existingUser.getIsCompanyUser());
@@ -332,6 +350,8 @@ public class SysLoginService
                 }
                 ajax.put("isNewUser", isNewUser);
                 ajax.put(Constants.TOKEN, token);
+                ajax.put(Constants.EXPIRES_IN,Constants.REDIS_TIME_OUT);
+                ajax.put(Constants.REFRESH_TOKEN,loginUserrefreshToken(existingUser));
                 System.out.println("返回ajax====================================="+JSON.toJSONString(ajax));
                 return ajax;
             }
@@ -793,6 +813,8 @@ public class SysLoginService
             updateAppUserCommon(specialUser, null, null, null,specialUser.getOrgType());
             String token = loginUserIdApp(specialUser);
             ajax.put(Constants.TOKEN, token);
+            ajax.put(Constants.EXPIRES_IN,Constants.REDIS_TIME_OUT);
+            ajax.put(Constants.REFRESH_TOKEN,loginUserrefreshToken(specialUser));
             ajax.put("isNewUser", false);
             ajax.put("idCard", StringUtil.desensitizeIdCard(specialUser.getIdCard()));
             ajax.put("isCompanyUser", specialUser.getIsCompanyUser());
@@ -820,6 +842,8 @@ public class SysLoginService
             updateAppUserCommon(existingUser, null, null, userType,orgType);
             String token = loginUserIdApp(existingUser);
             ajax.put(Constants.TOKEN, token);
+            ajax.put(Constants.EXPIRES_IN,Constants.REDIS_TIME_OUT);
+            ajax.put(Constants.REFRESH_TOKEN,loginUserrefreshToken(existingUser));
             ajax.put("isNewUser", false);
             ajax.put("idCard", existingUser.getIdCard());
             ajax.put("isCompanyUser", existingUser.getIsCompanyUser());
@@ -857,6 +881,8 @@ public class SysLoginService
         phoneUser.setIsCompanyUser(userType);
         String token = loginUserIdApp(phoneUser);
         ajax.put(Constants.TOKEN, token);
+        ajax.put(Constants.EXPIRES_IN,Constants.REDIS_TIME_OUT);
+        ajax.put(Constants.REFRESH_TOKEN,loginUserrefreshToken(phoneUser));
         ajax.put("isNewUser", false);
         ajax.put("idCard", phoneUser.getIdCard());
         ajax.put("isCompanyUser", phoneUser.getIsCompanyUser());
@@ -881,6 +907,8 @@ public class SysLoginService
         appUserService.insertAppUser(newUser);
         String token = loginUserIdApp(newUser);
         ajax.put(Constants.TOKEN, token);
+        ajax.put(Constants.EXPIRES_IN,Constants.REDIS_TIME_OUT);
+        ajax.put(Constants.REFRESH_TOKEN,loginUserrefreshToken(newUser));
         ajax.put("isNewUser", true);
         ajax.put("idCard", null);
         ajax.put("isCompanyUser", userType);
@@ -968,6 +996,27 @@ public class SysLoginService
         return getAjax(appUser);
     }
 
+    /**
+     * 判断是否7天有效
+     * @param refreshToken
+     * @return
+     */
+    public boolean checkRefreshTokenValid(String refreshToken) {
+        String key = CacheConstants.LOGIN_SITE_REFRESH_KEY + refreshToken;
+        return redisCache.hasKey(key);
+    }
+
+    /**
+     * 获取新token
+     * @param refreshToken
+     * @return
+     */
+    public String createNewAccessToken(String refreshToken) {
+        String key = CacheConstants.LOGIN_SITE_REFRESH_KEY + refreshToken;
+        LoginSiteUser user = redisCache.getCacheObject(key);
+        return tokenSiteService.createTokenHourTwo(user);
+    }
+
     /**
      * 获取ajax
      * @param appUser
@@ -977,6 +1026,8 @@ public class SysLoginService
         AjaxResult ajax = AjaxResult.success();
         String token=loginUserIdApp(appUser);
         ajax.put(Constants.TOKEN, token);
+        ajax.put(Constants.EXPIRES_IN,Constants.REDIS_TIME_OUT);
+        ajax.put(Constants.REFRESH_TOKEN,loginUserrefreshToken(appUser));
         ajax.put("isNewUser", false);
         ajax.put("idCard",appUser.getIdCard());
         ajax.put("isCompanyUser",appUser.getIsCompanyUser());

ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenSiteService.java

@@ -50,10 +50,12 @@ public class TokenSiteService
 
     //刷新token时间为7天
     protected static final int REFRESH_TOKEN_OUTIME =7;
-
+    //1秒
     protected static final long MILLIS_SECOND = 1000;
-
+    //分钟
     protected static final long MILLIS_MINUTE = 60 * MILLIS_SECOND;
+    //每天
+    protected static final long MILLIS_DAY = 24 * 60 * MILLIS_SECOND;
 
     private static final Long MILLIS_MINUTE_TEN = 20 * 60 * 1000L;
 
@@ -146,7 +148,10 @@ public class TokenSiteService
         String token = IdUtils.fastUUID();
         LoginSiteUser.setToken(token);
         setUserAgent(LoginSiteUser);
-        refreshToken(LoginSiteUser);
+
+        //redis存2个小时
+        String userKey = getTokenKey(token, String.valueOf(LoginSiteUser.getUserId()));
+        redisCache.setCacheObject(userKey, LoginSiteUser, 2, TimeUnit.HOURS);
 
         Map<String, Object> claims = new HashMap<>();
         claims.put(Constants.APP_LOGIN_USER_KEY, token);
@@ -169,7 +174,9 @@ public class TokenSiteService
         String token = IdUtils.fastUUID();
         LoginSiteUser.setToken(token);
         setUserAgent(LoginSiteUser);
-        refreshToken(LoginSiteUser);
+
+        //存入7天
+        redisCache.setCacheObject(CacheConstants.LOGIN_SITE_REFRESH_KEY + token,LoginSiteUser,REFRESH_TOKEN_OUTIME,TimeUnit.DAYS);
 
         Map<String, Object> claims = new HashMap<>();
         claims.put(Constants.APP_LOGIN_USER_KEY, token);