前端:整理首页
前端:修复订单列表和详情价格展示错误 前端:H5 页面的登陆拦截补充 后端 + 前端:增加 refreshToken 刷新 accessToken
This commit is contained in:
YunaiV
@@ -13,4 +13,6 @@ public interface OAuth2AccessTokenMapper {
|
||||
|
||||
void updateToInvalidByUserId(@Param("userId") Integer userId);
|
||||
|
||||
}
|
||||
void updateToInvalidByRefreshToken(@Param("refreshToken") String refreshToken);
|
||||
|
||||
}
|
||||
|
||||
@@ -11,4 +11,6 @@ public interface OAuth2RefreshTokenMapper {
|
||||
|
||||
void updateToInvalidByUserId(@Param("userId") Integer userId);
|
||||
|
||||
}
|
||||
OAuth2RefreshTokenDO selectById(@Param("id") String id);
|
||||
|
||||
}
|
||||
|
||||
@@ -82,18 +82,39 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
public CommonResult<OAuth2AuthenticationBO> checkToken(String accessToken) throws ServiceException {
|
||||
OAuth2AccessTokenDO accessTokenDO = oauth2AccessTokenMapper.selectByTokenId(accessToken);
|
||||
if (accessTokenDO == null) { // 不存在
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_TOKEN_NOT_FOUND.getCode());
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_ACCESS_TOKEN_NOT_FOUND.getCode());
|
||||
}
|
||||
if (accessTokenDO.getExpiresTime().getTime() < System.currentTimeMillis()) { // 已过期
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_TOKEN_EXPIRED.getCode());
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_ACCESS_TOKEN_EXPIRED.getCode());
|
||||
}
|
||||
if (!accessTokenDO.getValid()) { // 无效
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_TOKEN_INVALID.getCode());
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_ACCESS_TOKEN_INVALID.getCode());
|
||||
}
|
||||
// 转换返回
|
||||
return CommonResult.success(OAuth2Convert.INSTANCE.convertToAuthentication(accessTokenDO));
|
||||
}
|
||||
|
||||
@Override
|
||||
public CommonResult<OAuth2AccessTokenBO> refreshToken(String refreshToken) {
|
||||
OAuth2RefreshTokenDO refreshTokenDO = oauth2RefreshTokenMapper.selectById(refreshToken);
|
||||
// 校验刷新令牌是否合法
|
||||
if (refreshTokenDO == null) { // 不存在
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_REFRESH_TOKEN_NOT_FOUND.getCode());
|
||||
}
|
||||
if (refreshTokenDO.getExpiresTime().getTime() < System.currentTimeMillis()) { // 已过期
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_REFRESH_TOKEN_EXPIRED.getCode());
|
||||
}
|
||||
if (!refreshTokenDO.getValid()) { // 无效
|
||||
return ServiceExceptionUtil.error(UserErrorCodeEnum.OAUTH_INVALID_REFRESH_TOKEN_INVALID.getCode());
|
||||
}
|
||||
// 标记 refreshToken 对应的 accessToken 都不合法
|
||||
oauth2AccessTokenMapper.updateToInvalidByRefreshToken(refreshToken);
|
||||
// 创建访问令牌
|
||||
OAuth2AccessTokenDO oauth2AccessTokenDO = createOAuth2AccessToken(refreshTokenDO.getUserId(), refreshTokenDO.getId());
|
||||
// 转换返回
|
||||
return CommonResult.success(OAuth2Convert.INSTANCE.convertToAccessTokenWithExpiresIn(oauth2AccessTokenDO));
|
||||
}
|
||||
|
||||
/**
|
||||
* 移除用户对应的 Token
|
||||
*
|
||||
@@ -134,4 +155,4 @@ public class OAuth2ServiceImpl implements OAuth2Service {
|
||||
return UUID.randomUUID().toString().replaceAll("-", "");
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
@@ -26,4 +26,11 @@
|
||||
AND valid = 1
|
||||
</update>
|
||||
|
||||
</mapper>
|
||||
<update id="updateToInvalidByRefreshToken" parameterType="String">
|
||||
UPDATE oauth2_access_token
|
||||
SET valid = 0
|
||||
WHERE refresh_token = #{refreshToken}
|
||||
AND valid = 1
|
||||
</update>
|
||||
|
||||
</mapper>
|
||||
|
||||
@@ -17,4 +17,11 @@
|
||||
AND valid = 1
|
||||
</update>
|
||||
|
||||
</mapper>
|
||||
<select id="selectById" parameterType="String" resultType="OAuth2RefreshTokenDO">
|
||||
SELECT
|
||||
id, user_id, valid, expires_time, create_time
|
||||
FROM oauth2_refresh_token
|
||||
WHERE id = #{id}
|
||||
</select>
|
||||
|
||||
</mapper>
|
||||
|
||||
Reference in New Issue
Block a user