From 7b6a150bd2dde6ceaaa9f8699c5bba1dbf522873 Mon Sep 17 00:00:00 2001 From: Chopper711 Date: Wed, 19 Apr 2023 12:08:47 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E7=94=A8=E6=88=B7=E8=A2=AB=E7=A6=81?= =?UTF-8?q?=E7=94=A8=E3=80=81=E5=BA=97=E9=93=BA=E8=A2=AB=E7=A6=81=E7=94=A8?= =?UTF-8?q?=E3=80=81=E7=AE=A1=E7=90=86=E5=91=98=E8=A2=AB=E7=A6=81=E7=94=A8?= =?UTF-8?q?=EF=BC=8Ctoken=E6=9C=AA=E8=A2=AB=E6=B8=85=E9=99=A4=E9=97=AE?= =?UTF-8?q?=E9=A2=98=E5=A4=84=E7=90=86=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/BuyerAuthenticationFilter.java | 2 +- .../statistics/OnlineMemberStatistics.java | 3 +- .../main/java/cn/lili/cache/CachePrefix.java | 12 ++++++ .../common/security/context/UserContext.java | 2 +- .../lili/common/security/token/TokenUtil.java | 13 +++--- .../modules/member/service/MemberService.java | 10 ++++- .../member/serviceimpl/MemberServiceImpl.java | 41 ++++++++++++++++--- .../permission/service/AdminUserService.java | 7 ++++ .../serviceimpl/AdminUserServiceImpl.java | 17 +++++++- .../store/serviceimpl/StoreServiceImpl.java | 16 ++++++-- .../passport/AdminUserManagerController.java | 11 ++++- .../security/ManagerAuthenticationFilter.java | 5 ++- .../security/StoreAuthenticationFilter.java | 10 +++-- 13 files changed, 122 insertions(+), 27 deletions(-) diff --git a/buyer-api/src/main/java/cn/lili/security/BuyerAuthenticationFilter.java b/buyer-api/src/main/java/cn/lili/security/BuyerAuthenticationFilter.java index 7372a7d2a..7d81a2f84 100644 --- a/buyer-api/src/main/java/cn/lili/security/BuyerAuthenticationFilter.java +++ b/buyer-api/src/main/java/cn/lili/security/BuyerAuthenticationFilter.java @@ -99,7 +99,7 @@ public class BuyerAuthenticationFilter extends BasicAuthenticationFilter { AuthUser authUser = new Gson().fromJson(json, AuthUser.class); //校验redis中是否有权限 - if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER) + jwt)) { + if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER,authUser.getId()) + jwt)) { //构造返回信息 List auths = new ArrayList<>(); auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name())); diff --git a/consumer/src/main/java/cn/lili/timetask/handler/impl/statistics/OnlineMemberStatistics.java b/consumer/src/main/java/cn/lili/timetask/handler/impl/statistics/OnlineMemberStatistics.java index db9797b07..19f90bb1a 100644 --- a/consumer/src/main/java/cn/lili/timetask/handler/impl/statistics/OnlineMemberStatistics.java +++ b/consumer/src/main/java/cn/lili/timetask/handler/impl/statistics/OnlineMemberStatistics.java @@ -72,7 +72,8 @@ public class OnlineMemberStatistics implements EveryHourExecute { calendar.set(Calendar.MINUTE, 0); calendar.set(Calendar.SECOND, 0); calendar.set(Calendar.MILLISECOND, 0); - onlineMemberVOS.add(new OnlineMemberVO(calendar.getTime(), cache.keys(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER) + "*").size(), lastNum.get())); + onlineMemberVOS.add(new OnlineMemberVO(calendar.getTime(), cache.keys(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER) + "*").size(), + lastNum.get())); //写入缓存 cache.put(CachePrefix.ONLINE_MEMBER.getPrefix(), onlineMemberVOS); diff --git a/framework/src/main/java/cn/lili/cache/CachePrefix.java b/framework/src/main/java/cn/lili/cache/CachePrefix.java index c1481c65f..f25f042da 100644 --- a/framework/src/main/java/cn/lili/cache/CachePrefix.java +++ b/framework/src/main/java/cn/lili/cache/CachePrefix.java @@ -555,4 +555,16 @@ public enum CachePrefix { public String getPrefix(UserEnums user) { return "{" + this.name() + "_" + user.name() + "}_"; } + + /** + * 获取缓存key值 + 用户端 +自定义前缀 + * 例如:三端都有用户体系,需要分别登录,如果用户名一致,则redis中的权限可能会冲突出错 + * + * @param user 角色 + * @param customPrefix 自定义前缀 + * @return 缓存key值 + */ + public String getPrefix(UserEnums user, String customPrefix) { + return "{" + this.name() + "_" + user.name() + "}_" + customPrefix + "_"; + } } diff --git a/framework/src/main/java/cn/lili/common/security/context/UserContext.java b/framework/src/main/java/cn/lili/common/security/context/UserContext.java index a1c86caee..d2770beec 100644 --- a/framework/src/main/java/cn/lili/common/security/context/UserContext.java +++ b/framework/src/main/java/cn/lili/common/security/context/UserContext.java @@ -65,7 +65,7 @@ public class UserContext { AuthUser authUser = getAuthUser(accessToken); assert authUser != null; - if (!cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(authUser.getRole()) + accessToken)) { + if (!cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(authUser.getRole(), authUser.getId()) + accessToken)) { throw new ServiceException(ResultCode.USER_AUTHORITY_ERROR); } return authUser; diff --git a/framework/src/main/java/cn/lili/common/security/token/TokenUtil.java b/framework/src/main/java/cn/lili/common/security/token/TokenUtil.java index dc62def6d..ce8a91820 100644 --- a/framework/src/main/java/cn/lili/common/security/token/TokenUtil.java +++ b/framework/src/main/java/cn/lili/common/security/token/TokenUtil.java @@ -42,13 +42,13 @@ public class TokenUtil { //访问token String accessToken = createToken(authUser, tokenProperties.getTokenExpireTime()); - cache.put(CachePrefix.ACCESS_TOKEN.getPrefix(authUser.getRole()) + accessToken, 1, + cache.put(CachePrefix.ACCESS_TOKEN.getPrefix(authUser.getRole(), authUser.getId()) + accessToken, 1, tokenProperties.getTokenExpireTime(), TimeUnit.MINUTES); //刷新token生成策略:如果是长时间有效的token(用于app),则默认15天有效期刷新token。如果是普通用户登录,则刷新token为普通token2倍数 Long expireTime = authUser.getLongTerm() ? 15 * 24 * 60L : tokenProperties.getTokenExpireTime() * 2; String refreshToken = createToken(authUser, expireTime); - cache.put(CachePrefix.REFRESH_TOKEN.getPrefix(authUser.getRole()) + refreshToken, 1, expireTime, TimeUnit.MINUTES); + cache.put(CachePrefix.REFRESH_TOKEN.getPrefix(authUser.getRole(), authUser.getId()) + refreshToken, 1, expireTime, TimeUnit.MINUTES); token.setAccessToken(accessToken); token.setRefreshToken(refreshToken); @@ -85,11 +85,12 @@ public class TokenUtil { //如果缓存中有刷新token && - if (cache.hasKey(CachePrefix.REFRESH_TOKEN.getPrefix(userEnums) + oldRefreshToken)) { + if (cache.hasKey(CachePrefix.REFRESH_TOKEN.getPrefix(userEnums, authUser.getId()) + oldRefreshToken)) { Token token = new Token(); //访问token String accessToken = createToken(authUser, tokenProperties.getTokenExpireTime()); - cache.put(CachePrefix.ACCESS_TOKEN.getPrefix(userEnums) + accessToken, 1, tokenProperties.getTokenExpireTime(), TimeUnit.MINUTES); + cache.put(CachePrefix.ACCESS_TOKEN.getPrefix(userEnums, authUser.getId()) + accessToken, 1, tokenProperties.getTokenExpireTime(), + TimeUnit.MINUTES); //如果是信任登录设备,则刷新token长度继续延长 Long expirationTime = tokenProperties.getTokenExpireTime() * 2; @@ -101,10 +102,10 @@ public class TokenUtil { //刷新token生成策略:如果是长时间有效的token(用于app),则默认15天有效期刷新token。如果是普通用户登录,则刷新token为普通token2倍数 String refreshToken = createToken(authUser, expirationTime); - cache.put(CachePrefix.REFRESH_TOKEN.getPrefix(userEnums) + refreshToken, 1, expirationTime, TimeUnit.MINUTES); + cache.put(CachePrefix.REFRESH_TOKEN.getPrefix(userEnums, authUser.getId()) + refreshToken, 1, expirationTime, TimeUnit.MINUTES); token.setAccessToken(accessToken); token.setRefreshToken(refreshToken); - cache.remove(CachePrefix.REFRESH_TOKEN.getPrefix(userEnums) + oldRefreshToken); + cache.remove(CachePrefix.REFRESH_TOKEN.getPrefix(userEnums, authUser.getId()) + oldRefreshToken); return token; } else { throw new ServiceException(ResultCode.USER_AUTH_EXPIRED); diff --git a/framework/src/main/java/cn/lili/modules/member/service/MemberService.java b/framework/src/main/java/cn/lili/modules/member/service/MemberService.java index e4b6d4d18..430bb1d67 100644 --- a/framework/src/main/java/cn/lili/modules/member/service/MemberService.java +++ b/framework/src/main/java/cn/lili/modules/member/service/MemberService.java @@ -11,11 +11,10 @@ import cn.lili.modules.member.entity.dto.MemberAddDTO; import cn.lili.modules.member.entity.dto.MemberEditDTO; import cn.lili.modules.member.entity.vo.MemberSearchVO; import cn.lili.modules.member.entity.vo.MemberVO; -import cn.lili.modules.member.entity.vo.QRLoginResultVo; import cn.lili.modules.member.entity.vo.QRCodeLoginSessionVo; +import cn.lili.modules.member.entity.vo.QRLoginResultVo; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.service.IService; -import org.elasticsearch.monitor.os.OsStats; import java.util.List; import java.util.Map; @@ -260,6 +259,13 @@ public interface MemberService extends IService { */ void logout(UserEnums userEnums); + /** + * 登出 + * + * @param userId 用户id + */ + void logout(String userId); + /** * 修改会员是否拥有店铺 * diff --git a/framework/src/main/java/cn/lili/modules/member/serviceimpl/MemberServiceImpl.java b/framework/src/main/java/cn/lili/modules/member/serviceimpl/MemberServiceImpl.java index 90a97a7c7..a798bc4df 100644 --- a/framework/src/main/java/cn/lili/modules/member/serviceimpl/MemberServiceImpl.java +++ b/framework/src/main/java/cn/lili/modules/member/serviceimpl/MemberServiceImpl.java @@ -19,7 +19,6 @@ import cn.lili.common.security.token.Token; import cn.lili.common.sensitive.SensitiveWordsFilter; import cn.lili.common.utils.*; import cn.lili.common.vo.PageVO; -import cn.lili.modules.connect.config.ConnectAuthEnum; import cn.lili.modules.connect.entity.Connect; import cn.lili.modules.connect.entity.dto.ConnectAuthUser; import cn.lili.modules.connect.service.ConnectService; @@ -309,7 +308,8 @@ public class MemberServiceImpl extends ServiceImpl impleme this.save(member); // 发送会员注册信息 - applicationEventPublisher.publishEvent(new TransactionCommitSendMQEvent("new member register", rocketmqCustomProperties.getMemberTopic(), MemberTagsEnum.MEMBER_REGISTER.name(), member)); + applicationEventPublisher.publishEvent(new TransactionCommitSendMQEvent("new member register", rocketmqCustomProperties.getMemberTopic(), + MemberTagsEnum.MEMBER_REGISTER.name(), member)); } @Override @@ -456,7 +456,8 @@ public class MemberServiceImpl extends ServiceImpl impleme checkMember(memberAddDTO.getUsername(), memberAddDTO.getMobile()); //添加会员 - Member member = new Member(memberAddDTO.getUsername(), new BCryptPasswordEncoder().encode(memberAddDTO.getPassword()), memberAddDTO.getMobile()); + Member member = new Member(memberAddDTO.getUsername(), new BCryptPasswordEncoder().encode(memberAddDTO.getPassword()), + memberAddDTO.getMobile()); registerHandler(member); return member; } @@ -525,7 +526,8 @@ public class MemberServiceImpl extends ServiceImpl impleme memberPointMessage.setPoint(point); memberPointMessage.setType(type); memberPointMessage.setMemberId(memberId); - applicationEventPublisher.publishEvent(new TransactionCommitSendMQEvent("update member point", rocketmqCustomProperties.getMemberTopic(), MemberTagsEnum.MEMBER_POINT_CHANGE.name(), memberPointMessage)); + applicationEventPublisher.publishEvent(new TransactionCommitSendMQEvent("update member point", + rocketmqCustomProperties.getMemberTopic(), MemberTagsEnum.MEMBER_POINT_CHANGE.name(), memberPointMessage)); return true; } return false; @@ -540,6 +542,10 @@ public class MemberServiceImpl extends ServiceImpl impleme updateWrapper.set("disabled", status); updateWrapper.in("id", memberIds); + //如果是禁用 + if (Boolean.FALSE.equals(status)) { + disableMemberLogout(memberIds); + } return this.update(updateWrapper); } @@ -680,8 +686,33 @@ public class MemberServiceImpl extends ServiceImpl impleme @Override public void logout(UserEnums userEnums) { String currentUserToken = UserContext.getCurrentUserToken(); + + AuthUser authUser = UserContext.getAuthUser(currentUserToken); + if (CharSequenceUtil.isNotEmpty(currentUserToken)) { - cache.remove(CachePrefix.ACCESS_TOKEN.getPrefix(userEnums) + currentUserToken); + cache.remove(CachePrefix.ACCESS_TOKEN.getPrefix(userEnums, authUser.getId()) + currentUserToken); + cache.vagueDel(CachePrefix.REFRESH_TOKEN.getPrefix(userEnums, authUser.getId()) ); + } + } + + @Override + public void logout(String userId) { + + cache.vagueDel(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MANAGER, userId)); + cache.vagueDel(CachePrefix.REFRESH_TOKEN.getPrefix(UserEnums.MANAGER, userId)); + } + + /** + * 禁用会员会员token删除 + * + * @param memberIds 会员id + */ + public void disableMemberLogout(List memberIds) { + if (memberIds != null) { + memberIds.forEach(memberId -> { + cache.vagueDel(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER, memberId)); + cache.vagueDel(CachePrefix.REFRESH_TOKEN.getPrefix(UserEnums.MEMBER, memberId)); + }); } } diff --git a/framework/src/main/java/cn/lili/modules/permission/service/AdminUserService.java b/framework/src/main/java/cn/lili/modules/permission/service/AdminUserService.java index edc55c6e2..4fc2cdb7e 100644 --- a/framework/src/main/java/cn/lili/modules/permission/service/AdminUserService.java +++ b/framework/src/main/java/cn/lili/modules/permission/service/AdminUserService.java @@ -107,4 +107,11 @@ public interface AdminUserService extends IService { */ void logout(UserEnums userEnums); + /** + * 登出 + * + * @param adminUserIds 用户id + */ + void logout(List adminUserIds); + } diff --git a/framework/src/main/java/cn/lili/modules/permission/serviceimpl/AdminUserServiceImpl.java b/framework/src/main/java/cn/lili/modules/permission/serviceimpl/AdminUserServiceImpl.java index 64f52872d..a0da41fab 100644 --- a/framework/src/main/java/cn/lili/modules/permission/serviceimpl/AdminUserServiceImpl.java +++ b/framework/src/main/java/cn/lili/modules/permission/serviceimpl/AdminUserServiceImpl.java @@ -142,11 +142,24 @@ public class AdminUserServiceImpl extends ServiceImpl adminUserIds) { + if (adminUserIds == null || adminUserIds.isEmpty()) { + return; + } + adminUserIds.forEach(adminUserId -> { + cache.vagueDel(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MANAGER, adminUserId)); + cache.vagueDel(CachePrefix.REFRESH_TOKEN.getPrefix(UserEnums.MANAGER, adminUserId)); + }); + } @Override public AdminUser findByUsername(String username) { @@ -234,6 +247,8 @@ public class AdminUserServiceImpl extends ServiceImpl queryWrapper = new QueryWrapper<>(); queryWrapper.in("user_id", ids); userRoleService.remove(queryWrapper); + + this.logout(ids); } /** diff --git a/framework/src/main/java/cn/lili/modules/store/serviceimpl/StoreServiceImpl.java b/framework/src/main/java/cn/lili/modules/store/serviceimpl/StoreServiceImpl.java index a145a47fa..3f8b4dc5c 100644 --- a/framework/src/main/java/cn/lili/modules/store/serviceimpl/StoreServiceImpl.java +++ b/framework/src/main/java/cn/lili/modules/store/serviceimpl/StoreServiceImpl.java @@ -9,6 +9,7 @@ import cn.lili.common.exception.ServiceException; import cn.lili.common.properties.RocketmqCustomProperties; import cn.lili.common.security.AuthUser; import cn.lili.common.security.context.UserContext; +import cn.lili.common.security.enums.UserEnums; import cn.lili.common.utils.BeanUtil; import cn.lili.common.vo.PageVO; import cn.lili.modules.goods.entity.dos.GoodsSku; @@ -227,7 +228,7 @@ public class StoreServiceImpl extends ServiceImpl implements } else { store.setStoreDisable(StoreStatusEnum.REFUSED.value()); } - cache.remove(CachePrefix.STORE.getPrefix()+store.getId()); + cache.remove(CachePrefix.STORE.getPrefix() + store.getId()); return this.updateById(store); } @@ -244,6 +245,13 @@ public class StoreServiceImpl extends ServiceImpl implements if (update) { goodsService.underStoreGoods(id); } + + //删除店员token + clerkService.list(new LambdaQueryWrapper().eq(Clerk::getStoreId, id)).forEach(clerk -> { + cache.vagueDel(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, clerk.getMemberId())); + cache.vagueDel(CachePrefix.REFRESH_TOKEN.getPrefix(UserEnums.STORE, clerk.getMemberId())); + }); + return update; } @@ -371,7 +379,8 @@ public class StoreServiceImpl extends ServiceImpl implements clerkService.remove(new LambdaQueryWrapper().eq(Clerk::getShopkeeper, true)); List clerkList = new ArrayList<>(); //遍历已开启的店铺 - for (Store store : this.list(new LambdaQueryWrapper().eq(Store::getDeleteFlag, false).eq(Store::getStoreDisable, StoreStatusEnum.OPEN.name()))) { + for (Store store : this.list(new LambdaQueryWrapper().eq(Store::getDeleteFlag, false).eq(Store::getStoreDisable, + StoreStatusEnum.OPEN.name()))) { clerkList.add(new Clerk(store)); } clerkService.saveBatch(clerkList); @@ -381,7 +390,8 @@ public class StoreServiceImpl extends ServiceImpl implements public List getToMemberHistory(String memberId) { AuthUser currentUser = UserContext.getCurrentUser(); List skuIdList = new ArrayList<>(); - for (FootPrint footPrint : footprintService.list(new LambdaUpdateWrapper().eq(FootPrint::getStoreId, currentUser.getStoreId()).eq(FootPrint::getMemberId, memberId))) { + for (FootPrint footPrint : + footprintService.list(new LambdaUpdateWrapper().eq(FootPrint::getStoreId, currentUser.getStoreId()).eq(FootPrint::getMemberId, memberId))) { if (footPrint.getSkuId() != null) { skuIdList.add(footPrint.getSkuId()); } diff --git a/manager-api/src/main/java/cn/lili/controller/passport/AdminUserManagerController.java b/manager-api/src/main/java/cn/lili/controller/passport/AdminUserManagerController.java index 80ca8903c..04be319d9 100644 --- a/manager-api/src/main/java/cn/lili/controller/passport/AdminUserManagerController.java +++ b/manager-api/src/main/java/cn/lili/controller/passport/AdminUserManagerController.java @@ -30,6 +30,7 @@ import org.springframework.web.bind.annotation.*; import javax.validation.Valid; import javax.validation.constraints.NotNull; +import java.util.ArrayList; import java.util.List; @@ -161,7 +162,7 @@ public class AdminUserManagerController { @ApiOperation(value = "添加用户") public ResultMessage register(@Valid AdminUserDTO adminUser, @RequestParam(required = false) List roles) { - int rolesMaxSize=10; + int rolesMaxSize = 10; try { if (roles != null && roles.size() >= rolesMaxSize) { throw new ServiceException(ResultCode.PERMISSION_BEYOND_TEN); @@ -183,6 +184,14 @@ public class AdminUserManagerController { } user.setStatus(status); adminUserService.updateById(user); + + //登出用户 + if (Boolean.FALSE.equals(status)) { + List userIds = new ArrayList<>(); + userIds.add(userId); + adminUserService.logout(userIds); + } + return ResultUtil.success(); } diff --git a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java index ddd981cb2..d38493178 100644 --- a/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java +++ b/manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java @@ -86,7 +86,8 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter { //如果不是超级管理员, 则鉴权 if (Boolean.FALSE.equals(authUser.getIsSuper())) { //获取缓存中的权限 - Map> permission = (Map>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.MANAGER) + authUser.getId()); + Map> permission = + (Map>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.MANAGER) + authUser.getId()); //获取数据(GET 请求)权限 if (request.getMethod().equals(RequestMethod.GET.name())) { @@ -143,7 +144,7 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter { AuthUser authUser = new Gson().fromJson(json, AuthUser.class); //校验redis中是否有权限 - if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MANAGER) + jwt)) { + if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MANAGER, authUser.getId()) + jwt)) { //用户角色 List auths = new ArrayList<>(); auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name())); diff --git a/seller-api/src/main/java/cn/lili/security/StoreAuthenticationFilter.java b/seller-api/src/main/java/cn/lili/security/StoreAuthenticationFilter.java index d4459ed11..c0b147af9 100644 --- a/seller-api/src/main/java/cn/lili/security/StoreAuthenticationFilter.java +++ b/seller-api/src/main/java/cn/lili/security/StoreAuthenticationFilter.java @@ -51,7 +51,8 @@ public class StoreAuthenticationFilter extends BasicAuthenticationFilter { @SneakyThrows @Override - protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { + protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, + ServletException { //从header中获取jwt String jwt = request.getHeader(SecurityEnum.HEADER_TOKEN.getValue()); //如果没有token 则return @@ -89,7 +90,7 @@ public class StoreAuthenticationFilter extends BasicAuthenticationFilter { AuthUser authUser = new Gson().fromJson(json, AuthUser.class); //校验redis中是否有权限 - if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE) + jwt)) { + if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)) { //用户角色 List auths = new ArrayList<>(); auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name())); @@ -124,13 +125,14 @@ public class StoreAuthenticationFilter extends BasicAuthenticationFilter { //如果不是超级管理员, 则鉴权 if (!authUser.getIsSuper()) { //获取缓存中的权限 - Map> permission = (Map>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.STORE) + authUser.getId()); + Map> permission = + (Map>) cache.get(CachePrefix.PERMISSION_LIST.getPrefix(UserEnums.STORE) + authUser.getId()); //获取数据(GET 请求)权限 if (request.getMethod().equals(RequestMethod.GET.name())) { //如果用户的超级权限和查阅权限都不包含当前请求的api if (match(permission.get(PermissionEnum.SUPER.name()), requestUrl) - ||match(permission.get(PermissionEnum.QUERY.name()), requestUrl)) { + || match(permission.get(PermissionEnum.QUERY.name()), requestUrl)) { } else { ResponseUtil.output(response, ResponseUtil.resultMap(false, 400, "权限不足")); log.error("当前请求路径:{},所拥有权限:{}", requestUrl, JSONUtil.toJsonStr(permission));