XMPoleManager.git

			@@ -1,14 +1,19 @@
			package com.sandu.common.security.token;

			import com.sandu.common.enums.AdminStatusStatus;
			import com.sandu.common.execption.BusinessException;
			import com.sandu.common.redis.RedisService;
			import com.sandu.common.security.LoginUserInfo;
			import com.sandu.common.security.config.SecurityProperties;
			import com.sandu.common.util.SpringContextHolder;
			import io.jsonwebtoken.*;
			import io.jsonwebtoken.io.Decoders;
			import io.jsonwebtoken.io.DecodingException;
			import io.jsonwebtoken.security.Keys;
			import lombok.AllArgsConstructor;
			import lombok.extern.slf4j.Slf4j;
			import org.springframework.beans.factory.InitializingBean;
			import org.springframework.boot.autoconfigure.cache.CacheProperties;
			import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
			import org.springframework.security.core.GrantedAuthority;
			import org.springframework.stereotype.Component;
			@@ -47,47 +52,62 @@
			if (loginUserInfo.getUserId() == null) {
			throw new IllegalArgumentException("用户id不能为空");
			}
			RedisService redisService = SpringContextHolder.getBean(RedisService.class);
			String authorities = loginUserInfo.getAuthorities().stream()
			.map(GrantedAuthority::getAuthority)
			.collect(Collectors.joining(","));

			long now = (new Date()).getTime();
			Date expiration = new Date(now + properties.getTokenValidityInSeconds());

			return Jwts.builder()
			String token = Jwts.builder()
			.setSubject(loginUserInfo.getUserId().toString())
			.claim(AUTHORITIES_KEY, authorities)
			//去除token中保留菜单权限数据
			// .claim(AUTHORITIES_KEY, authorities)
			.claim(CREDENTIALS_KEY, loginUserInfo.getAccount())
			.claim(ADMINISTRATOR_KEY, loginUserInfo.getAdministratorType())
			.setExpiration(expiration)
			.signWith(key, SignatureAlgorithm.HS512)
			.compact();

			String key = String.format("%d_%d", loginUserInfo.getUserId(), loginUserInfo.getAdministratorType());
			//改为讲菜单权限数据保存在redis中
			redisService.set(String.format("%s_%s", AUTHORITIES_KEY, token), authorities);
			redisService.set(key, token, 2592000);
			return token;
			}

			@Override
			public LoginUserInfo validateToken(String token) {
			try {
			RedisService redisService = SpringContextHolder.getBean(RedisService.class);
			String authorities = String.valueOf(redisService.get(String.format("%s_%s", AUTHORITIES_KEY, token)));

			Claims claims = Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(token).getBody();
			LoginUserInfo loginUserInfo = new LoginUserInfo();
			loginUserInfo.setUserId(Long.valueOf(claims.getSubject()));
			loginUserInfo.setAccount(String.valueOf(claims.get(CREDENTIALS_KEY)));
			loginUserInfo.setPermission(claims.get(AUTHORITIES_KEY).toString());
			//取消从token中取菜单数据
			// loginUserInfo.setPermission(claims.get(AUTHORITIES_KEY).toString());
			//从redis中获取菜单数据
			loginUserInfo.setPermission(authorities);
			loginUserInfo.setAdministratorType(Integer.parseInt(claims.get(ADMINISTRATOR_KEY).toString()));
			loginUserInfo.setToken(token);
			loginUserInfo.setStatus(AdminStatusStatus.NORMAL.getCode());
			String key = String.format("%d_%d", loginUserInfo.getUserId(), loginUserInfo.getAdministratorType());
			String redisToken = String.valueOf(redisService.get(key));
			//TODO 上线记得改回来
			// if (redisToken == null \|\| !token.equals(redisToken)) {
			// throw new BusinessException("token无效");
			// }
			return loginUserInfo;
			} catch (io.jsonwebtoken.security.SecurityException \| MalformedJwtException e) {
			log.info("Invalid JWT signature.");
			// e.printStackTrace();
			} catch (ExpiredJwtException e) {
			log.info("Expired JWT token.");
			// e.printStackTrace();
			} catch (UnsupportedJwtException \| DecodingException e) {
			log.info("Unsupported JWT token.");
			// e.printStackTrace();
			} catch (IllegalArgumentException e) {
			log.info("JWT token compact of handler are invalid.");
			// e.printStackTrace();
			}

			return null;