优化权限，设置token失效时间为1年

f271e5a1 · 吴德鹏 · 3661ae7f · f271e5a1 · f271e5a1 · f271e5a1
--- a/src/main/java/com/example/afrishop_v3/controllers/AuthController.java
+++ b/src/main/java/com/example/afrishop_v3/controllers/AuthController.java
@@ -191,6 +191,7 @@ public class AuthController extends Controller {

        Authentication authentication;
        try {
+
            authentication = authenticationManager.authenticate(
                    new UsernamePasswordAuthenticationToken(userInfo.getUserId(), loginRequest.getPassword()));
        } catch (BadCredentialsException e) {
@@ -226,6 +227,7 @@ public class AuthController extends Controller {
        return new Result<>(userInfo);
    }

+
    //Verify sent user code
    @GetMapping("/verifyCode/{account}/{code}")
    public Result<Boolean> validateCode(@PathVariable("account") String account,

--- a/src/main/java/com/example/afrishop_v3/models/TbCfUserInfo.java
+++ b/src/main/java/com/example/afrishop_v3/models/TbCfUserInfo.java
@@ -65,6 +65,7 @@ public class TbCfUserInfo {
    /**
     * 密码
     */
+    @JsonIgnore
    private String password;
    /**
     * 上一次登录时间

--- a/src/main/java/com/example/afrishop_v3/security/WebSecurityConfig.java
+++ b/src/main/java/com/example/afrishop_v3/security/WebSecurityConfig.java
@@ -71,7 +71,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                "/goodsType/**", "/home/**", "/spider/**", "/store/**", "/shopify/**", "/community/**", "/version/**",
                "/flutterwave/notify/**", "/dpo/notify/**", "/advertisement/**", "/website/**", "/paypal/**", "/discover/bonus/**",
                "/problem/**", "/cube/**", "/activity/**", "/attributes/**", "/stripe/**", "/coupon/**", "/logistics/freeShippingThreshold",
-                "/visit/**", "/search/**", "/country/**", "/term/**", "/order/**", "/api/upload", "/cart/**", "/address/**").permitAll()
+                "/visit/**", "/search/**", "/country/**", "/term/**", "/api/upload", "/cart/**", "/address/**").permitAll()
                .antMatchers("/api/test/**").permitAll()
                .anyRequest().authenticated();


--- a/src/main/java/com/example/afrishop_v3/security/jwt/AuthTokenFilter.java
+++ b/src/main/java/com/example/afrishop_v3/security/jwt/AuthTokenFilter.java
 package com.example.afrishop_v3.security.jwt;

 import java.io.IOException;
+import java.util.Date;

+import javax.crypto.SecretKey;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;

 import com.example.afrishop_v3.security.services.UserDetailsServiceImpl;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.JwtBuilder;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -23,6 +30,9 @@ public class AuthTokenFilter extends OncePerRequestFilter {
 	@Autowired
 	private JwtUtils jwtUtils;

+	@Value("${bezkoder.app.jwtSecret}")
+	private String jwtSecret;
+
 	@Autowired
 	private UserDetailsServiceImpl userDetailsService;

@@ -42,9 +52,12 @@ public class AuthTokenFilter extends OncePerRequestFilter {
 				authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));

 				SecurityContextHolder.getContext().setAuthentication(authentication);
-				String token = jwtUtils.generateJwtToken(authentication);
-				logger.info("token:==============="+token);
-				response.setHeader("Authorization","Bearer "+token);
+//				String token = jwtUtils.generateJwtToken(authentication);
+//				logger.info("token:==============="+token);
+				Date expire = jwtUtils.getExpirationDateFromToken(jwt);
+				logger.info("token过期时间:==============="+expire);
+
+//				response.setHeader("Authorization","Bearer "+token);
 			}
 		} catch (Exception e) {
 			logger.error("Cannot set user authentication: {}", e);
@@ -62,4 +75,6 @@ public class AuthTokenFilter extends OncePerRequestFilter {

 		return null;
 	}
+
+
 }
--- a/src/main/java/com/example/afrishop_v3/security/jwt/JwtUtils.java
+++ b/src/main/java/com/example/afrishop_v3/security/jwt/JwtUtils.java
@@ -15,6 +15,8 @@ import org.springframework.stereotype.Component;

 import io.jsonwebtoken.*;

+import javax.crypto.SecretKey;
+
 @Component
 public class JwtUtils {
    private static final Logger logger = LoggerFactory.getLogger(JwtUtils.class);
@@ -32,11 +34,11 @@ public class JwtUtils {

        UserDetailsImpl userPrincipal = (UserDetailsImpl) authentication.getPrincipal();

-        //token设置过期时间为1年
+        //token设置过期时间为1年 3600l * 1000 * 24 * 365
        return Jwts.builder()
                .setSubject((userPrincipal.getId()))
                .setIssuedAt(new Date())
-                .setExpiration(new Date(new Date().getTime() + 3600l * 1000 * 24 * 365))
+                .setExpiration(new Date(new Date().getTime() + 3600l * 1000 * 24 * 365 ))
                .signWith(SignatureAlgorithm.HS512, jwtSecret)
                .compact();
    }
@@ -70,4 +72,21 @@ public class JwtUtils {

        return false;
    }
+
+    /**
+     * 获取jwt失效时间
+     */
+    public Date getExpirationDateFromToken(String token) {
+        return getClaimFromToken(token).getExpiration();
+    }
+
+    /**
+     * 获取jwt的payload部分
+     */
+    public Claims getClaimFromToken(String token) {
+        return Jwts.parser()   //得到DefaultJwtParser
+                .setSigningKey(jwtSecret)  //设置签名的秘钥
+                .parseClaimsJws(token.replace("jwt_", ""))
+                .getBody();
+    }
 }