Skip to content

N
nouiWithSpringMVC
Commit a5f78102 by WeiCong
Options

1.整理用户信息 

2.完善打包插件
parent f5f1108e
Showing with 83 additions and 171 deletions
pom.xml
......@@ -23,6 +23,7 @@
<properties>
<project.build.sourceEncoding>GBK</project.build.sourceEncoding>
<maven-dependency-plugin.version>3.2.0</maven-dependency-plugin.version>
<maven-jar-plugin_version>3.2.0</maven-jar-plugin_version>
<spring.version>5.1.3.RELEASE</spring.version>
<slf4j-api_version>1.7.25</slf4j-api_version>
<jul-to-slf4j_version>1.7.30</jul-to-slf4j_version>
......@@ -349,6 +350,30 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<version>${maven-jar-plugin_version}</version>
<configuration>
<includes>
<include>**/*.class</include>
<include>**/META-INF/*</include>
</includes>
<archive>
<manifest>
<!-- 配置加入依赖包 -->
<addClasspath>true</addClasspath>
<useUniqueVersions>false</useUniqueVersions>
<addDefaultImplementationEntries>true</addDefaultImplementationEntries>
<!-- 启动类,子类配置 -->
<!-- <mainClass>com.brilliance.esb.main.Starter</mainClass>-->
</manifest>
<!-- 生成的jar中,不要包含pom.xml和pom.properties这两个文件 -->
<addMavenDescriptor>false</addMavenDescriptor>
</archive>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-dependency-plugin</artifactId>
<version>${maven-dependency-plugin.version}</version>
<!-- 复制依赖 -->
......
src/main/java/org/sss/presentation/noui/common/Constants.java
......@@ -20,7 +20,6 @@ public class Constants {
public final static String SESSION = "session";
public final static String BACKGROUND_FLAG = "BackGroundRequest-";
public final static String APP_FLAG = "AppRequest-";
public static final String PAGINATION = "pagination";
public static final String PAGINATION_INDEX = "index";
......
src/main/java/org/sss/presentation/noui/context/NoUiContext.java
......@@ -3,7 +3,7 @@ package org.sss.presentation.noui.context;
import log.Log;
import log.LogFactory;
import org.sss.common.impl.AbstractContext;
import org.sss.presentation.noui.jwt.RedisLoginInfo;
import org.sss.presentation.noui.jwt.LoginInfo;
import org.sss.presentation.noui.util.NoUiUtils;
public class NoUiContext extends AbstractContext {
......@@ -16,9 +16,6 @@ public class NoUiContext extends AbstractContext {
@Override
public void logout(DataType arg0, String arg1) {
// if(redisLoginInfo != null){
// NoUiUtils.logout(redisLoginInfo.getUserId(),redisLoginInfo.getTerminalType());
// }
log.info("logout start:datatype["+arg0+"],userid["+arg1+"]");
if(arg0.equals(DataType.USER_NAME)){
NoUiUtils.logout(arg1,"*");
......@@ -31,14 +28,14 @@ public class NoUiContext extends AbstractContext {
return null;
}
private RedisLoginInfo redisLoginInfo;
private LoginInfo loginInfo;
public RedisLoginInfo getRedisLoginInfo()
public LoginInfo getLoginInfo()
{
return this.redisLoginInfo;
return this.loginInfo;
}
public void setRedisLoginInfo(RedisLoginInfo redisLoginInfo)
public void setLoginInfo(LoginInfo loginInfo)
{
this.redisLoginInfo = redisLoginInfo;
this.loginInfo = loginInfo;
}
}
src/main/java/org/sss/presentation/noui/context/NoUiPresentation.java
......@@ -81,7 +81,7 @@ public class NoUiPresentation extends AbstractNullPresentation {
@Override
public Object readFromSession(String name) {
return ((NoUiContext) this.ctx).getRedisLoginInfo().getContextMap().get(name);
return ((NoUiContext) this.ctx).getLoginInfo().getContextMap().get(name);
}
@Override
......@@ -96,7 +96,7 @@ public class NoUiPresentation extends AbstractNullPresentation {
@Override
public void writeToSession(String name, Object value) {
((NoUiContext) this.ctx).getRedisLoginInfo().getContextMap().put(name, value);
((NoUiContext) this.ctx).getLoginInfo().getContextMap().put(name, value);
}
public String getMessageCode() {
......
src/main/java/org/sss/presentation/noui/controller/AbstractCommonController.java
......@@ -22,8 +22,11 @@ import org.sss.presentation.noui.context.NoUiContext;
import org.sss.presentation.noui.context.NoUiContextManager;
import org.sss.presentation.noui.context.NoUiPresentation;
import org.sss.presentation.noui.context.TxInfo;
import org.sss.presentation.noui.jwt.RedisLoginInfo;
import org.sss.presentation.noui.util.*;
import org.sss.presentation.noui.jwt.LoginInfo;
import org.sss.presentation.noui.util.DataSecurityUtil;
import org.sss.presentation.noui.util.EhcacheUtils;
import org.sss.presentation.noui.util.NoUiPresentationUtil;
import org.sss.presentation.noui.util.StringUtil;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
......@@ -70,14 +73,15 @@ public abstract class AbstractCommonController {
context.getSession().storeData(key, paramsMap.get(key));
}
// 设置old sysmod
RedisLoginInfo redisLoginInfo = null;
LoginInfo loginInfo = null;
if (!StringUtils.isEmpty(noUiRequest.getUserId())){
//开放模式下
redisLoginInfo = (RedisLoginInfo) EhcacheUtils.get(StringUtil.userUniqueId(noUiRequest));
loginInfo = (LoginInfo) EhcacheUtils.get(StringUtil.userUniqueId(noUiRequest));
if (loginInfo != null) {
if(loginInfo.getSysmod()!=null){
NoUiPresentationUtil.setSysmod(context, (byte[]) loginInfo.getSysmod());
}
context.setLoginInfo(loginInfo);
}
if (redisLoginInfo != null) {
NoUiPresentationUtil.setSysmod(context, (byte[]) redisLoginInfo.getSysmod());
context.setRedisLoginInfo(redisLoginInfo);
}
// 交易跳转
......@@ -161,12 +165,12 @@ public abstract class AbstractCommonController {
IOUtils.write(data, response.getOutputStream());
}
// 保存新的RedisLoginInfo
if (redisLoginInfo != null) //当为开放模式下,redisLoginInfo 为空
// 保存新的LoginInfo
if (loginInfo != null) //当为开放模式下
{
byte[] sysmodBytes = NoUiPresentationUtil.sysmodToBytes(context);
redisLoginInfo.setSysmod(sysmodBytes);
EhcacheUtils.set(StringUtil.userUniqueId(noUiRequest), redisLoginInfo);
loginInfo.setSysmod(sysmodBytes);
EhcacheUtils.set(StringUtil.userUniqueId(noUiRequest), loginInfo);
}
Map<String, Object> paginationData = new HashMap<>();
Map<String, Object> afterReturnData = handleReturnData(eventType, context, noUiRequest, alias,paginationData);
......
src/main/java/org/sss/presentation/noui/controller/FileBrowserController.java
......@@ -13,7 +13,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.sss.presentation.noui.api.response.NoUiVersion;
import org.sss.presentation.noui.common.Constants;
import org.sss.presentation.noui.jwt.RedisLoginInfo;
import org.sss.presentation.noui.jwt.LoginInfo;
import org.sss.presentation.noui.util.EhcacheUtils;
import org.sss.presentation.noui.util.StringUtil;
......@@ -53,7 +53,7 @@ public class FileBrowserController {
//redis获取token
Set<String> keys = EhcacheUtils.keys(Constants.SESSION + "." + usrName);
if (!keys.isEmpty()) {
token = ((RedisLoginInfo) keys.toArray()[0]).getToken();
token = ((LoginInfo) keys.toArray()[0]).getToken();
} else
return false;
StringBuilder sb = new StringBuilder(usrName);
......
src/main/java/org/sss/presentation/noui/controller/LoginController.java
......@@ -23,7 +23,7 @@ import org.sss.presentation.noui.context.NoUiContextManager;
import org.sss.presentation.noui.context.TxInfo;
import org.sss.presentation.noui.jwt.JWT;
import org.sss.presentation.noui.jwt.JwtLogin;
import org.sss.presentation.noui.jwt.RedisLoginInfo;
import org.sss.presentation.noui.jwt.LoginInfo;
import org.sss.presentation.noui.util.*;
import javax.servlet.http.HttpServletRequest;
......@@ -110,14 +110,14 @@ public class LoginController {
// redis中存储用户相关信息
IDatafield inridf = (IDatafield) context.getSession().getBaseObject(context.getRoot(), "sysmod\\usr\\inr");
RedisLoginInfo redisLoginInfo = new RedisLoginInfo(userId, token, NumericUtil.sessionTimeOut(), sysmodBytes, noUiRequest.getTerminalType());
redisLoginInfo.setUserInr((String) inridf.getValue()); //设置当前用户主键
LoginInfo loginInfo = new LoginInfo(userId, token, NumericUtil.sessionTimeOut(), sysmodBytes, noUiRequest.getTerminalType());
loginInfo.setUserInr((String) inridf.getValue()); //设置当前用户主键
request.getSession().setAttribute("token", token);
NoUiUtils.logout(userId, "*"); //清理可能存在的历史缓存
EhcacheUtils.set(StringUtil.userUniqueId(noUiRequest), redisLoginInfo);
EhcacheUtils.set(StringUtil.userUniqueId(noUiRequest), loginInfo);
EhcacheUtils.set(StringUtil.getCacheSessionId(noUiRequest.getUserId()), request.getSession().getId());
//解决初次登陆,超期限登陆
......
src/main/java/org/sss/presentation/noui/jwt/RedisLoginInfo.java src/main/java/org/sss/presentation/noui/jwt/LoginInfo.java
......@@ -4,7 +4,7 @@ import java.io.Serializable;
import java.util.HashMap;
import java.util.Map;
public class RedisLoginInfo implements Serializable {
public class LoginInfo implements Serializable {
/**
*
*/
......@@ -44,11 +44,11 @@ public class RedisLoginInfo implements Serializable {
this.contextMap = contextMap;
}
public RedisLoginInfo() {
public LoginInfo() {
}
public RedisLoginInfo(String userId, String token, long expiredTime, Object sysmod,String terminalType) {
public LoginInfo(String userId, String token, long expiredTime, Object sysmod, String terminalType) {
this.userId = userId;
this.token = token;
this.expiredTime = expiredTime;
......
src/main/java/org/sss/presentation/noui/jwt/OpenTransInterceptor.java deleted 100644 → 0
package org.sss.presentation.noui.jwt;
import com.google.gson.Gson;
import log.Log;
import log.LogFactory;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;
import org.sss.presentation.noui.api.request.NoUiRequest;
import org.sss.presentation.noui.api.response.ErrorCodes;
import org.sss.presentation.noui.api.response.NoUiVersion;
import org.sss.presentation.noui.api.response.Result;
import org.sss.presentation.noui.common.Constants;
import org.sss.presentation.noui.context.NoUiContextManager;
import org.sss.presentation.noui.util.EhcacheUtils;
import org.sss.presentation.noui.util.NumericUtil;
import org.sss.presentation.noui.util.StringUtil;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.PrintWriter;
public class OpenTransInterceptor implements HandlerInterceptor {
protected static final Log log = LogFactory.getLog(OpenTransInterceptor.class);
@Autowired
private NoUiVersion noUiVersion;
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception arg3) throws Exception {
}
public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView model) throws Exception {
}
// 拦截每个请求
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
response.setCharacterEncoding(Constants.ENCODING);
NoUiRequest noUiRequest = new NoUiRequest(request, "", null);
String token = noUiRequest.getToken();
String userId = noUiRequest.getUserId();
String terminalType = noUiRequest.getTerminalType(); // APP WEB
RedisLoginInfo redisLoginInfo = null;
if (!StringUtils.isEmpty(noUiRequest.getUserId())) //开放模式下
redisLoginInfo = (RedisLoginInfo) EhcacheUtils.get(StringUtil.userUniqueId(noUiRequest));
//如果是已登录状态,要刷新超时时间
if (redisLoginInfo != null && System.currentTimeMillis() <= redisLoginInfo.getExpiredTime()) {
// 重新刷入登陆时间
RedisLoginInfo nweRedisLoginInfo = new RedisLoginInfo(userId, token, NumericUtil.sessionTimeOut(), redisLoginInfo.getSysmod(), noUiRequest.getTerminalType());
EhcacheUtils.set(Constants.SESSION + "." + userId + "." + terminalType, nweRedisLoginInfo);
EhcacheUtils.set(StringUtil.getCacheSessionId(userId),request.getSession().getId());
}
String url = request.getRequestURI();
String trnnam = null;
int idx1 = url.indexOf(NoUiContextManager.openSourcePrefix);
int begpos = idx1 + NoUiContextManager.openSourcePrefix.length() + 1;
int idx2 = url.indexOf("/", begpos);
if (idx2 > 0)
trnnam = url.substring(begpos, idx2);
if (trnnam == null) {
Result rt = new Result(ErrorCodes.UNKNOEW_TRANS, "未知的交易", null, noUiVersion.getVersion());
responseMessage(response, response.getWriter(), rt);
return false;
}
//交易必须是配置允许开放的交易
log.debug("开放访问交易名:" + trnnam);
if (!NoUiContextManager.openTransactions.contains(trnnam)) {
Result rt = new Result(ErrorCodes.FORBIDDEN_TRANS, "非法访问", null, noUiVersion.getVersion());
responseMessage(response, response.getWriter(), rt);
return false;
}
return true;
}
// 请求不通过,返回错误信息给客户端
private void responseMessage(HttpServletResponse response, PrintWriter out, Result result) {
response.setContentType("application/json; charset="+Constants.ENCODING);
String json = new Gson().toJson(result);
out.print(json);
out.flush();
out.close();
}
}
\ No newline at end of file
src/main/java/org/sss/presentation/noui/jwt/TokenInterceptor.java
......@@ -47,10 +47,6 @@ public class TokenInterceptor implements HandlerInterceptor {
return false;
}
//如果为后台直接调用交易,则直接跳过token验证,无需redis缓存
if (token.startsWith(Constants.BACKGROUND_FLAG)) {
return true;
}
//服务调用
if (token.startsWith(Constants.APP_FLAG)) {
return true;
......@@ -64,39 +60,39 @@ public class TokenInterceptor implements HandlerInterceptor {
return false;
}
RedisLoginInfo redisLoginInfo = (RedisLoginInfo) EhcacheUtils.get(StringUtil.userUniqueId(noUiRequest));
if (redisLoginInfo == null) {
LoginInfo loginInfo = (LoginInfo) EhcacheUtils.get(StringUtil.userUniqueId(noUiRequest));
if (loginInfo == null) {
Result rt = new Result(ErrorCodes.LOGIN_ERROR, "登陆异常", null, noUiVersion.getVersion());
responseMessage(response, response.getWriter(), rt);
return false;
}
//验证token是否一致
if (!token.equals(redisLoginInfo.getToken())) {
if (!token.equals(loginInfo.getToken())) {
Result rt = new Result(ErrorCodes.LOGIN_TOKEN_CHECKERROR, "token失效,该用户被强迫下线", null, noUiVersion.getVersion());
responseMessage(response, response.getWriter(), rt);
return false;
}
// 验证登录时间
if (System.currentTimeMillis() > redisLoginInfo.getExpiredTime()) {
if (System.currentTimeMillis() > loginInfo.getExpiredTime()) {
Result rt = new Result(ErrorCodes.LOGIN_TIMEOUT, "会话超时,请重新登录。超时时间戳:" + redisLoginInfo.getExpiredTime() +
Result rt = new Result(ErrorCodes.LOGIN_TIMEOUT, "会话超时,请重新登录。超时时间戳:" + loginInfo.getExpiredTime() +
",当前时间戳:" + System.currentTimeMillis(), null, noUiVersion.getVersion());
responseMessage(response, response.getWriter(), rt);
return false;
}
// 重新刷入登陆时间
RedisLoginInfo nweRedisLoginInfo = new RedisLoginInfo(userId, token, NumericUtil.sessionTimeOut(), redisLoginInfo.getSysmod(), noUiRequest.getTerminalType());
EhcacheUtils.set(Constants.SESSION + "." + userId + "." + terminalType, nweRedisLoginInfo);
EhcacheUtils.set(StringUtil.getCacheSessionId(userId),request.getSession().getId());
LoginInfo nweLoginInfo = new LoginInfo(userId, token, NumericUtil.sessionTimeOut(), loginInfo.getSysmod(), noUiRequest.getTerminalType());
EhcacheUtils.set(StringUtil.userUniqueId(noUiRequest), nweLoginInfo);
EhcacheUtils.set(StringUtil.getCacheSessionId(userId), request.getSession().getId());
NoUiUtils.setLoginInfo(nweRedisLoginInfo);
NoUiUtils.setLoginInfo(nweLoginInfo);
return true;
}
// 请求不通过,返回错误信息给客户端
private void responseMessage(HttpServletResponse response, PrintWriter out, Result result) {
response.setContentType("application/json; charset="+Constants.ENCODING);
response.setContentType("application/json; charset=" + Constants.ENCODING);
String json = new Gson().toJson(result);
out.print(json);
out.flush();
......
src/main/java/org/sss/presentation/noui/util/NoUiPresentationUtil.java
......@@ -61,7 +61,7 @@ public class NoUiPresentationUtil {
for (Map<String, Object> m : valueList) {
IModule module = moduleList.add();
for (Map.Entry<String, Object> entry : m.entrySet())
handleDatafield(context, (IDatafield<Object>) module.get(changeForELCS(entry.getKey())), entry.getValue());
handleDatafield(context, (IDatafield<Object>) module.get(obfuscationPath(entry.getKey())), entry.getValue());
}
}
}
......@@ -286,7 +286,7 @@ public class NoUiPresentationUtil {
IModule module = (IModule)moduleList.get(index);
Collection<IDatafield> datafields = module.getDatafields();
for (IDatafield datafield : datafields) {
map.put(changeForELCS(datafield.getName()), handle(datafield.getValue(), datafield));
map.put(obfuscationPath(datafield.getName()), handle(datafield.getValue(), datafield));
}
list.add(map);
}
......@@ -376,8 +376,8 @@ public class NoUiPresentationUtil {
return sysmodBytes;
}
//偏移 头4 尾7
public static String changeForELCS(String str){
//混淆路径,算法:偏移 头4 尾7
public static String obfuscationPath(String str){
if(NoUiUtils.fieldencode){
String btw_str = str.substring(1,str.length()-1);
String head = change(str.charAt(0),4);
......
src/main/java/org/sss/presentation/noui/util/NoUiUtils.java
......@@ -10,7 +10,7 @@ import org.sss.presentation.noui.api.request.NoUiRequest;
import org.sss.presentation.noui.common.Constants;
import org.sss.presentation.noui.context.NoUiContext;
import org.sss.presentation.noui.context.NoUiPresentation;
import org.sss.presentation.noui.jwt.RedisLoginInfo;
import org.sss.presentation.noui.jwt.LoginInfo;
import org.sss.util.ContainerUtils;
import java.util.ArrayList;
......@@ -124,10 +124,10 @@ public class NoUiUtils {
}
}
public static ThreadLocal<RedisLoginInfo> tl = new ThreadLocal<RedisLoginInfo>();
public static ThreadLocal<LoginInfo> tl = new ThreadLocal<LoginInfo>();
public static void setLoginInfo(RedisLoginInfo redisLoginInfo){
tl.set(redisLoginInfo);
public static void setLoginInfo(LoginInfo loginInfo){
tl.set(loginInfo);
}
......@@ -151,27 +151,6 @@ public class NoUiUtils {
}
public final static String salt= "706798214808651@;RHxC";
/**
*
* @param keyParams 要素
* @return
*/
public static String genSafeCode(String[] keyParams)
{
StringBuilder sb = new StringBuilder();
sb = sb.append(tl.get().getUserInr()).reverse();
for(String item : keyParams)
{
sb.append(item);
}
sb.append(getToken());
sb.append(salt);
return DigestUtils.md5Hex(sb.toString());
}
public static boolean verfyParams(String[] keyParams,String safeCode)
{
return safeCode.equals(genSafeCode(keyParams));
}
public static String getDatapath() {
return datapath;
......
src/main/java/org/sss/presentation/noui/util/ResourceAcccessEncryptUtil.java
......@@ -2,7 +2,7 @@ package org.sss.presentation.noui.util;
import cfca.sadk.algorithm.sm2.SM3Digest;
import org.sss.presentation.noui.common.Constants;
import org.sss.presentation.noui.jwt.RedisLoginInfo;
import org.sss.presentation.noui.jwt.LoginInfo;
public class ResourceAcccessEncryptUtil {
private static final String KEY = "session.##.WEB";
......@@ -23,9 +23,9 @@ public class ResourceAcccessEncryptUtil {
if (obj == null) {
return false;
}
RedisLoginInfo redisLoginInfo = (RedisLoginInfo) obj;
LoginInfo loginInfo = (LoginInfo) obj;
StringBuilder raw = new StringBuilder();
raw.append(redisLoginInfo.getToken());
raw.append(loginInfo.getToken());
raw.append(SALT);
raw.append(rawuid);
raw.append(SALT);
......
src/main/java/org/sss/presentation/noui/util/StringUtil.java
......@@ -8,14 +8,16 @@ import java.security.MessageDigest;
public class StringUtil {
public static boolean isEmpty(String str) {
if (str == null || str.trim().equals("")){
if (str == null || str.trim().equals("")) {
return true;
}
return false;
}
public static String userUniqueId(NoUiRequest request) {
return Constants.SESSION + "." + request.getUserId() + "." + request.getTerminalType();
String setKey = new StringBuilder(Constants.SESSION).append(".").
append(request.getUserId()).append(".").append(request.getTerminalType()).toString();
return setKey;
}
/**
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment