feat: 登录和注销时操作客户端 cookie

cadecode · cadecode · commit 1fc3432ef68d · 2024-06-03T16:17:18.000+08:00
diff --git a/framework/framework_base/src/main/java/com/github/cadecode/uniboot/framework/base/security/strategy/JwtTokenAuthStrategyImpl.java b/framework/framework_base/src/main/java/com/github/cadecode/uniboot/framework/base/security/strategy/JwtTokenAuthStrategyImpl.java
@@ -1,6 +1,7 @@
 package com.github.cadecode.uniboot.framework.base.security.strategy;
 
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.extra.servlet.ServletUtil;
 import cn.hutool.json.JSONObject;
 import com.github.cadecode.uniboot.common.core.extension.strategy.StrategyContext;
 import com.github.cadecode.uniboot.common.core.util.TokenUtil;
@@ -64,6 +65,7 @@ public void handler(HttpServletRequest request, HttpServletResponse response, Fi
                     SecurityUtil.getExpiration(), SecurityUtil.getSecret());
             // token 放在请求头
             response.addHeader(HttpConst.HEAD_TOKEN, newJwtToken);
+            ServletUtil.addCookie(response, HttpConst.HEAD_TOKEN, newJwtToken, SecurityUtil.getExpiration().intValue());
         }
         filterChain.doFilter(request, response);
     }
diff --git a/framework/framework_base/src/main/java/com/github/cadecode/uniboot/framework/base/security/strategy/RedisTokenAuthStrategyImpl.java b/framework/framework_base/src/main/java/com/github/cadecode/uniboot/framework/base/security/strategy/RedisTokenAuthStrategyImpl.java
@@ -1,9 +1,11 @@
 package com.github.cadecode.uniboot.framework.base.security.strategy;
 
 import cn.hutool.core.util.StrUtil;
+import cn.hutool.extra.servlet.ServletUtil;
 import com.github.cadecode.uniboot.common.core.extension.strategy.StrategyContext;
 import com.github.cadecode.uniboot.common.plugin.cache.util.KeyGeneUtil;
 import com.github.cadecode.uniboot.common.plugin.cache.util.RedisUtil;
+import com.github.cadecode.uniboot.framework.api.consts.HttpConst;
 import com.github.cadecode.uniboot.framework.api.consts.KeyPrefixConst;
 import com.github.cadecode.uniboot.framework.api.enums.AuthErrorEnum;
 import com.github.cadecode.uniboot.framework.api.enums.AuthModelEnum;
@@ -49,6 +51,7 @@ public void handler(HttpServletRequest request, HttpServletResponse response, Fi
         }
         // 用户存在，刷新过期时间
         RedisUtil.expire(loginUserKey, SecurityUtil.getExpiration(), TimeUnit.SECONDS);
+        ServletUtil.addCookie(response, HttpConst.HEAD_TOKEN, uuidToken, SecurityUtil.getExpiration().intValue());
         // 设置 AuthenticationToken
         setAuthentication(request, sysUserDetails);
         filterChain.doFilter(request, response);
diff --git a/framework/framework_svc/src/main/java/com/github/cadecode/uniboot/framework/svc/bean/vo/SysUserVo.java b/framework/framework_svc/src/main/java/com/github/cadecode/uniboot/framework/svc/bean/vo/SysUserVo.java
@@ -2,6 +2,7 @@
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
 import com.github.cadecode.uniboot.common.core.web.response.PageParams;
+import com.github.cadecode.uniboot.framework.base.security.model.SysUserDetails;
 import com.github.cadecode.uniboot.framework.svc.bean.vo.SysMenuVo.SysMenuTreeResVo;
 import lombok.*;
 
@@ -128,6 +129,7 @@ public static class SysUserRolesResVo {
     @NoArgsConstructor
     @Builder
     public static class SysUserInfoResVo {
+        private SysUserDetails userDetails;
         private List<SysMenuTreeResVo> menuList;
     }
 }
diff --git a/framework/framework_svc/src/main/java/com/github/cadecode/uniboot/framework/svc/controller/SysUserController.java b/framework/framework_svc/src/main/java/com/github/cadecode/uniboot/framework/svc/controller/SysUserController.java
@@ -59,7 +59,7 @@ public class SysUserController {
     public SysUserInfoResVo getInfo() {
         SysUserDetails userDetails = SecurityUtil.getUserDetails(null);
         List<SysMenuTreeResVo> sysMenuTreeResVos = sysMenuService.listTreeVoByRoles(userDetails.getRoles());
-        return SysUserInfoResVo.builder().menuList(sysMenuTreeResVos).build();
+        return SysUserInfoResVo.builder().userDetails(userDetails).menuList(sysMenuTreeResVos).build();
     }
 
     @ApiOperation("修改用户信息（用户中心）")
diff --git a/framework/framework_svc/src/main/java/com/github/cadecode/uniboot/framework/svc/security/SignOutSuccessHandler.java b/framework/framework_svc/src/main/java/com/github/cadecode/uniboot/framework/svc/security/SignOutSuccessHandler.java
@@ -43,6 +43,7 @@ public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse resp
             String loginUserKey = KeyGeneUtil.key(KeyPrefixConst.LOGIN_USER, uuidToken);
             RedisUtil.del(loginUserKey);
         }
+        ServletUtil.addCookie(response, HttpConst.HEAD_TOKEN, "", 0);
         // 写入响应
         ApiResult<Object> result = ApiResult.error(AuthErrorEnum.TOKEN_LOGOUT).path(FrameSecurityConfig.LOGOUT_URL);
         response.setStatus(AuthErrorEnum.TOKEN_LOGOUT.getStatus());

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`package com.github.cadecode.uniboot.framework.base.security.strategy;`
`2`	`2`
`3`	`3`	`import cn.hutool.core.util.StrUtil;`
	`4`	`+import cn.hutool.extra.servlet.ServletUtil;`
`4`	`5`	`import cn.hutool.json.JSONObject;`
`5`	`6`	`import com.github.cadecode.uniboot.common.core.extension.strategy.StrategyContext;`
`6`	`7`	`import com.github.cadecode.uniboot.common.core.util.TokenUtil;`
`@@ -64,6 +65,7 @@ public void handler(HttpServletRequest request, HttpServletResponse response, Fi`
`64`	`65`	`SecurityUtil.getExpiration(), SecurityUtil.getSecret());`
`65`	`66`	`// token 放在请求头`
`66`	`67`	`response.addHeader(HttpConst.HEAD_TOKEN, newJwtToken);`
	`68`	`+ ServletUtil.addCookie(response, HttpConst.HEAD_TOKEN, newJwtToken, SecurityUtil.getExpiration().intValue());`
`67`	`69`	`}`
`68`	`70`	`filterChain.doFilter(request, response);`
`69`	`71`	`}`
Original file line number	Diff line number	Diff line change
`@@ -2,6 +2,7 @@`
`2`	`2`
`3`	`3`	`import com.fasterxml.jackson.annotation.JsonIgnore;`
`4`	`4`	`import com.github.cadecode.uniboot.common.core.web.response.PageParams;`
	`5`	`+import com.github.cadecode.uniboot.framework.base.security.model.SysUserDetails;`
`5`	`6`	`import com.github.cadecode.uniboot.framework.svc.bean.vo.SysMenuVo.SysMenuTreeResVo;`
`6`	`7`	`import lombok.*;`
`7`	`8`
`@@ -128,6 +129,7 @@ public static class SysUserRolesResVo {`
`128`	`129`	`@NoArgsConstructor`
`129`	`130`	`@Builder`
`130`	`131`	`public static class SysUserInfoResVo {`
	`132`	`+ private SysUserDetails userDetails;`
`131`	`133`	`private List<SysMenuTreeResVo> menuList;`
`132`	`134`	`}`
`133`	`135`	`}`
Original file line number	Diff line number	Diff line change
`@@ -59,7 +59,7 @@ public class SysUserController {`
`59`	`59`	`public SysUserInfoResVo getInfo() {`
`60`	`60`	`SysUserDetails userDetails = SecurityUtil.getUserDetails(null);`
`61`	`61`	`List<SysMenuTreeResVo> sysMenuTreeResVos = sysMenuService.listTreeVoByRoles(userDetails.getRoles());`
`62`		`- return SysUserInfoResVo.builder().menuList(sysMenuTreeResVos).build();`
	`62`	`+ return SysUserInfoResVo.builder().userDetails(userDetails).menuList(sysMenuTreeResVos).build();`
`63`	`63`	`}`
`64`	`64`
`65`	`65`	`@ApiOperation("修改用户信息（用户中心）")`
Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,7 @@ public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse resp`
`43`	`43`	`String loginUserKey = KeyGeneUtil.key(KeyPrefixConst.LOGIN_USER, uuidToken);`
`44`	`44`	`RedisUtil.del(loginUserKey);`
`45`	`45`	`}`
	`46`	`+ ServletUtil.addCookie(response, HttpConst.HEAD_TOKEN, "", 0);`
`46`	`47`	`// 写入响应`
`47`	`48`	`ApiResult<Object> result = ApiResult.error(AuthErrorEnum.TOKEN_LOGOUT).path(FrameSecurityConfig.LOGOUT_URL);`
`48`	`49`	`response.setStatus(AuthErrorEnum.TOKEN_LOGOUT.getStatus());`