优化

db28984f · fukai · 590e6ba8 · db28984f · db28984f · db28984f
Commit db28984f authored Nov 04, 2019 by fukai
8 changed files
--- a/src/main/java/org/sss/presentation/noui/api/request/NoUiRequest.java
+++ b/src/main/java/org/sss/presentation/noui/api/request/NoUiRequest.java
@@ -31,7 +31,8 @@ public class NoUiRequest {
 		this.userId = userId;
 		this.terminalType = terminalType;
 		this.mappingUrl = mappingUrl;
-		if(request.getRequestURI().startsWith(NoUiContextManager.openSourcePrefix))
+		if(request.getRequestURI().indexOf(NoUiContextManager.openSourcePrefix+"/") >= 0)
 		{
 			this.openSource = true; //开放访问路径
 		}

--- a/src/main/java/org/sss/presentation/noui/controller/AbstractCommonController.java
+++ b/src/main/java/org/sss/presentation/noui/controller/AbstractCommonController.java
@@ -166,6 +166,7 @@ public abstract class  AbstractCommonController {
 				}
 				String realPath = alias.getRelPath(aliasKey);
 				IBaseObject baseObject = context.getSession().getBaseObject(context.getRoot(), realPath);
 				data.put(aliasKey, NoUiPresentationUtil.handIBaseObject(context, baseObject, realPath));
 			}
 			return data;
@@ -178,8 +179,20 @@ public abstract class  AbstractCommonController {
 			for (Map.Entry<String, String> aliasEntry : alias.getRel().entrySet()) {
 				String aliasKey = aliasEntry.getKey();
 				String aliasPath = aliasEntry.getValue();
+				if(aliasPath == null)
+				{
+					log.error("错误的mapping："+noUiRequest.getMappingUrl()+"--"+aliasKey+"--"+aliasPath);
+					continue;
+				}
+				if(modifyEntry.getKey() == null)
+				{
+					log.error("错误的modifymap："+noUiRequest.getMappingUrl()+"--"+modifyMap);
+					continue;
+				}
 				if (aliasPath.startsWith(modifyEntry.getKey())) {
 					Object val = modifyEntry.getValue();
+					if(aliasKey == null)
+						continue;
 					data.put(aliasKey, NoUiPresentationUtil.handIBaseObject(context, val, aliasEntry.getValue()));
 					containsKeys.add(modifyEntry.getKey());
 				}
@@ -194,11 +207,12 @@ public abstract class  AbstractCommonController {
 				System.out.println("modify datafield:" + (modifyMap.get(key) instanceof IDatafield));
 				System.out.println("modify module:" + (modifyMap.get(key) instanceof IModule));
 				System.out.println("modify moduleList:" + (modifyMap.get(key) instanceof IModuleList));
+				if(key == null)
+					continue;
 				data.put(key, NoUiPresentationUtil.handIBaseObject(context, modifyMap.get(key), key));
 			}
 		}
 		return data;
 	}
 }
--- a/src/main/java/org/sss/presentation/noui/controller/LoginController.java
+++ b/src/main/java/org/sss/presentation/noui/controller/LoginController.java
@@ -5,6 +5,7 @@ import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
+import java.util.UUID;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
@@ -58,7 +59,7 @@ public class LoginController {
 				login.setUserId(userId);
 				login.setPassword(password);
 				// 给用户jwt加密生成token
-				String token = JWT.sign(login, 60L * 1000L * 30L);
+				String token = JWT.sign(login, NumericUtil.sessionTimeOut());
 				// 登陆成功后获取菜单并跳转到office交易
 				Map<String, Object> authMap = new HashMap<>();
@@ -74,6 +75,7 @@ public class LoginController {
 				Map<String, Object> retDatamap = new HashMap<String, Object>();
 				retDatamap.put("token", token);
 				retDatamap.put("menu", menuList);
+				retDatamap.put("salt", UUID.randomUUID().toString());
 				context.getSession().chain(true, "office");
 				byte[] sysmodBytes = NoUiPresentationUtil.sysmodToBytes(context);
 				// redis中存储用户相关信息

--- a/src/main/java/org/sss/presentation/noui/jwt/JWT.java
+++ b/src/main/java/org/sss/presentation/noui/jwt/JWT.java
@@ -35,9 +35,10 @@ public class JWT {
 		try {
 			final Map<String, Object> claims = verifier.verify(jwt);
 			if (claims.containsKey(EXP) && claims.containsKey(PAYLOAD)) {
-				long exp = (Long) claims.get(EXP);
+				//long exp = (Long) claims.get(EXP);
-				long currentTimeMillis = System.currentTimeMillis();
+				//long currentTimeMillis = System.currentTimeMillis();
-				if (exp > currentTimeMillis) {
+				//if (exp > currentTimeMillis) 
+				{
 					String json = (String) claims.get(PAYLOAD);
 					ObjectMapper objectMapper = new ObjectMapper();
 					return objectMapper.readValue(json, classT);

--- a/src/main/java/org/sss/presentation/noui/jwt/TokenInterceptor.java
+++ b/src/main/java/org/sss/presentation/noui/jwt/TokenInterceptor.java
@@ -59,10 +59,17 @@ public class TokenInterceptor implements HandlerInterceptor {
 			responseMessage(response, response.getWriter(), rt);
 			return false;
 		}
+		//验证token是否一致 
+		if(!token.equals(redisLoginInfo.getToken())){
+			Result rt = new Result(ErrorCodes.LOGIN_TOKEN_CHECKERROR, "token失效，该用户被强迫下线", null);
+			responseMessage(response, response.getWriter(), rt);
+			return false;
+		}
 		// 验证登录时间
 		if (System.currentTimeMillis() > redisLoginInfo.getExpiredTime()) {
-			Result rt = new Result(ErrorCodes.LOGIN_TIMEOUT, "登录时间超长，请重新登录", null);
+			Result rt = new Result(ErrorCodes.LOGIN_TIMEOUT, "会话超时，请重新登录。超时时间戳："+redisLoginInfo.getExpiredTime()+
+					"，当前时间戳："+System.currentTimeMillis(), null);
 			responseMessage(response, response.getWriter(), rt);
 			return false;
 		}

--- a/src/main/java/org/sss/presentation/noui/listener/NoUiApiInitListener.java
+++ b/src/main/java/org/sss/presentation/noui/listener/NoUiApiInitListener.java
@@ -24,7 +24,8 @@ public class NoUiApiInitListener implements ServletContextListener {
 	private static final String LOGIN_CONTEXT_NAME = "loginContextName";
 	private static final String OPEN_PREFIX = "openPrefix";
 	private static final String OPEN_TRANS = "openTrans";
+	private static final int ENDLESS_TIME = 5*24*60*60;
 	@Override
 	public void contextDestroyed(ServletContextEvent arg0) {
@@ -36,10 +37,13 @@ public class NoUiApiInitListener implements ServletContextListener {
 		String dbType = context.getInitParameter(DATABASE_SUPPORT_TYPE);
 		int timeout = Integer.valueOf(context.getInitParameter(NOUI_TIMEOUT)); //秒数
 		if(timeout > 0)
 			RedisUtil.setSessionTimeOut(timeout);
 		else
-			RedisUtil.setSessionTimeOut(3*30*24*60*60); //一个月
+			RedisUtil.setSessionTimeOut(ENDLESS_TIME); //一个月
+		log.debug("timeout:"+timeout);
+		log.debug("sessionTimeout:"+RedisUtil.getSessionTimeOut());
 		NoUiContextManager.dbType = dbType;
 		NoUiContextManager.loginContextName = context.getInitParameter(LOGIN_CONTEXT_NAME);
 		String openSource = context.getInitParameter(OPEN_PREFIX);

--- a/src/main/java/org/sss/presentation/noui/util/NoUiPresentationUtil.java
+++ b/src/main/java/org/sss/presentation/noui/util/NoUiPresentationUtil.java
@@ -68,6 +68,7 @@ public class NoUiPresentationUtil {
 						}
 						if (baseObject instanceof IModuleList<?> && value instanceof List<?>) {
 							IModuleList<IModule> moduleList = (IModuleList<IModule>) baseObject;
+							moduleList.clear();
 							List<Map<String, Object>> valueList = (List<Map<String, Object>>) value;
 							for (Map<String, Object> m : valueList) {
 								IModule module = moduleList.add();
@@ -78,6 +79,7 @@ public class NoUiPresentationUtil {
 					}
 				}
 			} catch (Exception e) {
+				e.printStackTrace();
 				log.error("Input command error", e);
 				throw new NoUiException("Input command error", e);
 			}
@@ -87,7 +89,7 @@ public class NoUiPresentationUtil {
 	}
 	private static void handleDatafield(IContext context, IDatafield<Object> dataField, Object value) {
-		if (null == value)
+		if (null == value || dataField == null)
 			return;
 		Class<?> dataType = dataField.getDataType();
 		if (dataType.equals(String.class)) {

--- a/src/main/java/org/sss/presentation/noui/util/RedisUtil.java
+++ b/src/main/java/org/sss/presentation/noui/util/RedisUtil.java
@@ -70,6 +70,8 @@ public class RedisUtil {
 	public static Object get(String key) {
 		Jedis jedis = jedisPool.getResource();
 		Object getObj = jedis.get(key.getBytes());
+		if(getObj == null)
+			return null;
 		Object obj = SerializeUtil.unserialize((byte[]) getObj);
 		jedis.close();
 		return obj;