From 4aa116cd7a705a5d046a08854b37fbc60c101ed0 Mon Sep 17 00:00:00 2001 From: pixel <303176530@qq.com> Date: Sat, 28 Dec 2019 18:32:47 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0jwt=E4=B8=BB=E5=8A=A8?= =?UTF-8?q?=E5=A4=B1=E6=95=88=E5=8A=9F=E8=83=BD=EF=BC=88next:=E5=A4=9A?= =?UTF-8?q?=E7=82=B9=E7=99=BB=E5=BD=95=E9=99=90=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/api/sys_jwt_blacklist.go | 28 +++++++++++++++++++ QMPlusServer/init/initRouter/init_router.go | 3 +- QMPlusServer/init/registTable/regist_table.go | 1 + QMPlusServer/middleware/jwt.go | 12 ++++++++ .../model/sysModel/sys_jwt_blacklist.go | 23 +++++++++++++++ QMPlusServer/model/sysModel/sys_user.go | 6 ++-- QMPlusServer/router/sys_jwt.go | 14 ++++++++++ QMPlusVuePage/src/api/jwt.js | 16 +++++++++++ QMPlusVuePage/src/store/module/user.js | 7 +++++ QMPlusVuePage/src/utils/request.js | 10 ++++--- QMPlusVuePage/src/view/layout/index.vue | 4 +-- 11 files changed, 114 insertions(+), 10 deletions(-) create mode 100644 QMPlusServer/controller/api/sys_jwt_blacklist.go create mode 100644 QMPlusServer/model/sysModel/sys_jwt_blacklist.go create mode 100644 QMPlusServer/router/sys_jwt.go create mode 100644 QMPlusVuePage/src/api/jwt.js diff --git a/QMPlusServer/controller/api/sys_jwt_blacklist.go b/QMPlusServer/controller/api/sys_jwt_blacklist.go new file mode 100644 index 00000000..c8114d8c --- /dev/null +++ b/QMPlusServer/controller/api/sys_jwt_blacklist.go @@ -0,0 +1,28 @@ +package api + +import ( + "fmt" + "gin-vue-admin/controller/servers" + "gin-vue-admin/model/sysModel" + "github.com/gin-gonic/gin" +) + +// @Tags jwt +// @Summary jwt加入黑名单 +// @Security ApiKeyAuth +// @accept application/json +// @Produce application/json +// @Success 200 {string} string "{"success":true,"data":{},"msg":"拉黑成功"}" +// @Router /jwt/jsonInBlacklist [post] +func JsonInBlacklist(c *gin.Context){ + token := c.Request.Header.Get("x-token") + ModelJwt := sysModel.JwtBlacklist{ + Jwt:token, + } + err := ModelJwt.JsonInBlacklist() + if err != nil { + servers.ReportFormat(c, false, fmt.Sprintf("jwt作废失败,%v", err), gin.H{}) + } else { + servers.ReportFormat(c, true, "jwt作废成功", gin.H{}) + } +} diff --git a/QMPlusServer/init/initRouter/init_router.go b/QMPlusServer/init/initRouter/init_router.go index d6bce93e..eef9e51b 100644 --- a/QMPlusServer/init/initRouter/init_router.go +++ b/QMPlusServer/init/initRouter/init_router.go @@ -24,6 +24,7 @@ func InitRouter() *gin.Engine { router.InitApiRouter(ApiGroup) // 注册功能api路由 router.InitFileUploadAndDownloadRouter(ApiGroup) // 文件上传下载功能路由 router.InitWorkflowRouter(ApiGroup) // 工作流相关路由 - router.InitCasbinRouter(ApiGroup) + router.InitCasbinRouter(ApiGroup) // 权限相关路由 + router.InitJwtRouter(ApiGroup) // jwt相关路由 return Router } diff --git a/QMPlusServer/init/registTable/regist_table.go b/QMPlusServer/init/registTable/regist_table.go index cc24ea21..538db74f 100644 --- a/QMPlusServer/init/registTable/regist_table.go +++ b/QMPlusServer/init/registTable/regist_table.go @@ -13,6 +13,7 @@ func RegistTable(db *gorm.DB) { sysModel.SysMenu{}, sysModel.SysApi{}, sysModel.SysBaseMenu{}, + sysModel.JwtBlacklist{}, dbModel.ExaFileUploadAndDownload{}, sysModel.SysWorkflow{}, sysModel.SysWorkflowStepInfo{}, diff --git a/QMPlusServer/middleware/jwt.go b/QMPlusServer/middleware/jwt.go index c647aff9..2311aef4 100644 --- a/QMPlusServer/middleware/jwt.go +++ b/QMPlusServer/middleware/jwt.go @@ -3,6 +3,7 @@ package middleware import ( "errors" "gin-vue-admin/controller/servers" + "gin-vue-admin/model/sysModel" "github.com/dgrijalva/jwt-go" "github.com/gin-gonic/gin" uuid "github.com/satori/go.uuid" @@ -13,6 +14,9 @@ func JWTAuth() gin.HandlerFunc { return func(c *gin.Context) { // 我们这里jwt鉴权取头部信息 x-token 登录时回返回token信息 这里前端需要把token存储到cookie或者本地localSstorage中 不过需要跟后端协商过期时间 可以约定刷新令牌或者重新登录 token := c.Request.Header.Get("x-token") + ModelToken := sysModel.JwtBlacklist{ + Jwt:token, + } if token == "" { servers.ReportFormat(c, false, "未登录或非法访问", gin.H{ "reload": true, @@ -20,6 +24,13 @@ func JWTAuth() gin.HandlerFunc { c.Abort() return } + if ModelToken.IsBlacklist(token){ + servers.ReportFormat(c, false, "授权已失效", gin.H{ + "reload": true, + }) + c.Abort() + return + } j := NewJWT() // parseToken 解析token包含的信息 claims, err := j.ParseToken(token) @@ -135,3 +146,4 @@ func (j *JWT) RefreshToken(tokenString string) (string, error) { } return "", TokenInvalid } + diff --git a/QMPlusServer/model/sysModel/sys_jwt_blacklist.go b/QMPlusServer/model/sysModel/sys_jwt_blacklist.go new file mode 100644 index 00000000..0fd97970 --- /dev/null +++ b/QMPlusServer/model/sysModel/sys_jwt_blacklist.go @@ -0,0 +1,23 @@ +package sysModel + +import ( + "gin-vue-admin/init/qmsql" + "github.com/jinzhu/gorm" +) + +type JwtBlacklist struct { + gorm.Model + Jwt string `gorm:"type:text"` +} + +func(j *JwtBlacklist)JsonInBlacklist()(err error){ + err = qmsql.DEFAULTDB.Create(j).Error + return +} + + +//判断JWT是否在黑名单内部 +func (j *JwtBlacklist)IsBlacklist(Jwt string)(bool){ + isNotFound := qmsql.DEFAULTDB.Where("jwt = ?",Jwt).First(j).RecordNotFound() + return !isNotFound +} \ No newline at end of file diff --git a/QMPlusServer/model/sysModel/sys_user.go b/QMPlusServer/model/sysModel/sys_user.go index dba4b607..24f0a5b9 100644 --- a/QMPlusServer/model/sysModel/sys_user.go +++ b/QMPlusServer/model/sysModel/sys_user.go @@ -29,9 +29,9 @@ type SysUser struct { func (u *SysUser) Regist() (err error, userInter *SysUser) { var user SysUser //判断用户名是否注册 - findErr := qmsql.DEFAULTDB.Where("username = ?", u.Username).First(&user).Error - //err为nil表明读取到了 不能注册 - if findErr == nil { + notResigt := qmsql.DEFAULTDB.Where("username = ?", u.Username).First(&user).RecordNotFound() + //notResigt为false表明读取到了 不能注册 + if !notResigt { return errors.New("用户名已注册"), nil } else { // 否则 附加uuid 密码md5简单加密 注册 diff --git a/QMPlusServer/router/sys_jwt.go b/QMPlusServer/router/sys_jwt.go new file mode 100644 index 00000000..7788e1b8 --- /dev/null +++ b/QMPlusServer/router/sys_jwt.go @@ -0,0 +1,14 @@ +package router + +import ( + "gin-vue-admin/controller/api" + "gin-vue-admin/middleware" + "github.com/gin-gonic/gin" +) + +func InitJwtRouter(Router *gin.RouterGroup) { + ApiRouter := Router.Group("jwt").Use(middleware.JWTAuth()).Use(middleware.CasbinHandler()) + { + ApiRouter.POST("jsonInBlacklist", api.JsonInBlacklist) //jwt加入黑名单 + } +} \ No newline at end of file diff --git a/QMPlusVuePage/src/api/jwt.js b/QMPlusVuePage/src/api/jwt.js new file mode 100644 index 00000000..a4be8429 --- /dev/null +++ b/QMPlusVuePage/src/api/jwt.js @@ -0,0 +1,16 @@ +import service from '@/utils/request' + +// @Tags jwt +// @Summary jwt加入黑名单 +// @Security ApiKeyAuth +// @accept application/json +// @Produce application/json +// @Success 200 {string} string "{"success":true,"data":{},"msg":"拉黑成功"}" +// @Router /jwt/jsonInBlacklist [post] + +export const jsonInBlacklist = () => { + return service({ + url: "/jwt/jsonInBlacklist", + method: 'post', + }) +} \ No newline at end of file diff --git a/QMPlusVuePage/src/store/module/user.js b/QMPlusVuePage/src/store/module/user.js index e2fe3c1f..91ec3eba 100644 --- a/QMPlusVuePage/src/store/module/user.js +++ b/QMPlusVuePage/src/store/module/user.js @@ -1,4 +1,5 @@ import { login } from '@/api/user' +import { jsonInBlacklist } from '@/api/jwt' import router from '@/router/index' export const user = { namespaced: true, @@ -52,6 +53,12 @@ export const user = { router.push({ path: '/layout/dashbord' }) } } + }, + async LoginOut({ commit }) { + const res = await jsonInBlacklist() + if (res.success) { + commit("LoginOut") + } } }, getters: { diff --git a/QMPlusVuePage/src/utils/request.js b/QMPlusVuePage/src/utils/request.js index 60a64c7b..35ef3125 100644 --- a/QMPlusVuePage/src/utils/request.js +++ b/QMPlusVuePage/src/utils/request.js @@ -61,11 +61,13 @@ service.interceptors.response.use( Message({ showClose: true, message: response.data.msg, - type: 'error' + type: 'error', + onClose: () => { + if (response.data.data && response.data.data.reload) { + store.commit('user/LoginOut') + } + } }) - if (response.data.data && response.data.data.reload) { - store.commit('user/LoginOut') - } return Promise.reject(response.data.msg) } }, diff --git a/QMPlusVuePage/src/view/layout/index.vue b/QMPlusVuePage/src/view/layout/index.vue index 3661021d..91381088 100644 --- a/QMPlusVuePage/src/view/layout/index.vue +++ b/QMPlusVuePage/src/view/layout/index.vue @@ -51,7 +51,7 @@