|
@@ -5,6 +5,7 @@ import java.util.List;
|
5
|
5
|
|
6
|
6
|
import org.apache.shiro.crypto.hash.Sha256Hash;
|
7
|
7
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
8
|
+import org.springframework.beans.factory.annotation.Value;
|
8
|
9
|
import org.springframework.data.redis.core.StringRedisTemplate;
|
9
|
10
|
import org.springframework.stereotype.Service;
|
10
|
11
|
|
|
@@ -14,72 +15,77 @@ import com.yaozhitech.spring5.utils.JwtUtils;
|
14
|
15
|
@Service
|
15
|
16
|
public class UserService {
|
16
|
17
|
|
17
|
|
- private static final String encryptSalt = "F12839WhsnnEV$#23b";
|
|
18
|
+ @Value("${password.salt}")
|
|
19
|
+ private String encryptSalt;
|
18
|
20
|
|
19
|
21
|
@Autowired
|
20
|
22
|
private StringRedisTemplate redisTemplate;
|
21
|
|
-
|
22
|
|
- /**
|
23
|
|
- * 保存user登录信息,返回token
|
24
|
|
- * @param userDto
|
25
|
|
- */
|
26
|
|
- public String generateJwtToken(String username) {
|
27
|
|
- String salt = "12345";//JwtUtils.generateSalt();
|
28
|
|
- /**
|
29
|
|
- * @todo 将salt保存到数据库或者缓存中
|
30
|
|
- * redisTemplate.opsForValue().set("token:"+username, salt, 3600, TimeUnit.SECONDS);
|
31
|
|
- */
|
32
|
|
- return JwtUtils.sign(username, salt, 3600); //生成jwt token,设置过期时间为1小时
|
33
|
|
- }
|
34
|
|
-
|
35
|
|
- /**
|
36
|
|
- * 获取上次token生成时的salt值和登录用户信息
|
37
|
|
- * @param username
|
38
|
|
- * @return
|
39
|
|
- */
|
40
|
|
- public UserDto getJwtTokenInfo(String username) {
|
41
|
|
- String salt = "12345";
|
42
|
|
- /**
|
43
|
|
- * @todo 从数据库或者缓存中取出jwt token生成时用的salt
|
44
|
|
- * salt = redisTemplate.opsForValue().get("token:"+username);
|
45
|
|
- */
|
46
|
|
- UserDto user = getUserInfo(username);
|
47
|
|
- user.setSalt(salt);
|
48
|
|
- return user;
|
49
|
|
- }
|
50
|
23
|
|
51
|
|
- /**
|
52
|
|
- * 清除token信息
|
53
|
|
- * @param userName 登录用户名
|
54
|
|
- * @param terminal 登录终端
|
55
|
|
- */
|
56
|
|
- public void deleteLoginInfo(String username) {
|
57
|
|
- /**
|
58
|
|
- * @todo 删除数据库或者缓存中保存的salt
|
59
|
|
- * redisTemplate.delete("token:"+username);
|
60
|
|
- */
|
61
|
|
-
|
62
|
|
- }
|
63
|
|
-
|
64
|
|
- /**
|
65
|
|
- * 获取数据库中保存的用户信息,主要是加密后的密码
|
66
|
|
- * @param userName
|
67
|
|
- * @return
|
68
|
|
- */
|
69
|
|
- public UserDto getUserInfo(String userName) {
|
70
|
|
- UserDto user = new UserDto();
|
71
|
|
- user.setUserId(1L);
|
72
|
|
- user.setUsername("admin");
|
73
|
|
- user.setEncryptPwd(new Sha256Hash("123456", encryptSalt).toHex());
|
74
|
|
- return user;
|
75
|
|
- }
|
76
|
|
-
|
77
|
|
- /**
|
78
|
|
- * 获取用户角色列表,强烈建议从缓存中获取
|
79
|
|
- * @param userId
|
80
|
|
- * @return
|
81
|
|
- */
|
82
|
|
- public List<String> getUserRoles(Long userId){
|
83
|
|
- return Arrays.asList("admin");
|
84
|
|
- }
|
|
24
|
+ /**
|
|
25
|
+ * 保存user登录信息,返回token
|
|
26
|
+ *
|
|
27
|
+ * @param userDto
|
|
28
|
+ */
|
|
29
|
+ public String generateJwtToken(String username) {
|
|
30
|
+ String salt = "12345";// JwtUtils.generateSalt();
|
|
31
|
+ /**
|
|
32
|
+ * @todo 将salt保存到数据库或者缓存中 redisTemplate.opsForValue().set("token:"+username,
|
|
33
|
+ * salt, 3600, TimeUnit.SECONDS);
|
|
34
|
+ */
|
|
35
|
+ return JwtUtils.sign(username, salt, 3600); // 生成jwt token,设置过期时间为1小时
|
|
36
|
+ }
|
|
37
|
+
|
|
38
|
+ /**
|
|
39
|
+ * 获取上次token生成时的salt值和登录用户信息
|
|
40
|
+ *
|
|
41
|
+ * @param username
|
|
42
|
+ * @return
|
|
43
|
+ */
|
|
44
|
+ public UserDto getJwtTokenInfo(String username) {
|
|
45
|
+ String salt = "12345";
|
|
46
|
+ /**
|
|
47
|
+ * @todo 从数据库或者缓存中取出jwt token生成时用的salt salt =
|
|
48
|
+ * redisTemplate.opsForValue().get("token:"+username);
|
|
49
|
+ */
|
|
50
|
+ UserDto user = getUserInfo(username);
|
|
51
|
+ user.setSalt(salt);
|
|
52
|
+ return user;
|
|
53
|
+ }
|
|
54
|
+
|
|
55
|
+ /**
|
|
56
|
+ * 清除token信息
|
|
57
|
+ *
|
|
58
|
+ * @param userName 登录用户名
|
|
59
|
+ * @param terminal 登录终端
|
|
60
|
+ */
|
|
61
|
+ public void deleteLoginInfo(String username) {
|
|
62
|
+ /**
|
|
63
|
+ * @todo 删除数据库或者缓存中保存的salt redisTemplate.delete("token:"+username);
|
|
64
|
+ */
|
|
65
|
+
|
|
66
|
+ }
|
|
67
|
+
|
|
68
|
+ /**
|
|
69
|
+ * 获取数据库中保存的用户信息,主要是加密后的密码
|
|
70
|
+ *
|
|
71
|
+ * @param userName
|
|
72
|
+ * @return
|
|
73
|
+ */
|
|
74
|
+ public UserDto getUserInfo(String userName) {
|
|
75
|
+ UserDto user = new UserDto();
|
|
76
|
+ user.setUserId(1L);
|
|
77
|
+ user.setUsername("admin");
|
|
78
|
+ user.setEncryptPwd(new Sha256Hash("123456", encryptSalt).toHex());
|
|
79
|
+ return user;
|
|
80
|
+ }
|
|
81
|
+
|
|
82
|
+ /**
|
|
83
|
+ * 获取用户角色列表,强烈建议从缓存中获取
|
|
84
|
+ *
|
|
85
|
+ * @param userId
|
|
86
|
+ * @return
|
|
87
|
+ */
|
|
88
|
+ public List<String> getUserRoles(Long userId) {
|
|
89
|
+ return Arrays.asList("admin");
|
|
90
|
+ }
|
85
|
91
|
}
|