feature-1.0-img:修改网关鉴权策略

3 years ago · 7998cb7641
1 changed files with 20 additions and 19 deletions
--- a/bnyer-gateway/src/main/java/com/bnyer/gateway/filter/AuthFilter.java
+++ b/bnyer-gateway/src/main/java/com/bnyer/gateway/filter/AuthFilter.java
@ -90,20 +90,20 @@ public class AuthFilter implements GlobalFilter, Ordered
            {
                return unauthorizedResponse(exchange, "令牌已过期或验证不正确！");
            }
-            String creatorkey = JwtUtils.getCreatorKey(claims);
-            boolean islogin = redisService.hasKey(getCreatorTokenKey(creatorkey));
+            String creatorPhone = JwtUtils.getCreatorPhone(claims);
+            boolean islogin = redisService.hasKey(getCreatorTokenKey(creatorPhone));
            if (!islogin)
            {
                return unauthorizedResponse(exchange, "登录状态已过期");
            }
            String creatorId = JwtUtils.getCreatorId(claims);
-            String creatorPhone = JwtUtils.getCreatorPhone(claims);
-            if (StringUtils.isEmpty(creatorId) || StringUtils.isEmpty(creatorPhone))
+            String creatorKey = JwtUtils.getCreatorKey(claims);
+            if (StringUtils.isEmpty(creatorId) || StringUtils.isEmpty(creatorKey))
            {
                return unauthorizedResponse(exchange, "令牌验证失败");
            }
            // 设置用户信息到请求
-            addHeader(mutate, SecurityConstants.CREATOR_KEY, creatorkey);
+            addHeader(mutate, SecurityConstants.CREATOR_KEY, creatorKey);
            addHeader(mutate, SecurityConstants.DETAILS_CREATOR_ID, creatorId);
            addHeader(mutate, SecurityConstants.DETAILS_PHONE, creatorPhone);
            // 内部请求来源参数清除
@ -116,21 +116,22 @@ public class AuthFilter implements GlobalFilter, Ordered
            {
                return unauthorizedResponse(exchange, "令牌已过期或验证不正确！");
            }
-            String tikTokUserkey = JwtUtils.getTiktokUserKey(claims);
-            boolean islogin = redisService.hasKey(getTiktokUserTokenKey(tikTokUserkey));
-            if (!islogin)
+
+            String openId = JwtUtils.getTiktokUserOpenid(claims);
+            boolean isLogin = redisService.hasKey(getTiktokUserTokenKey(openId));
+            if (!isLogin)
            {
                return unauthorizedResponse(exchange, "登录状态已过期");
            }
            String tikTokUserId = JwtUtils.getTikTokUserId(claims);
            String tikTokUserName = JwtUtils.getTikTokUserName(claims);
-            String openId = JwtUtils.getTiktokUserOpenid(claims);
-            if (StringUtils.isEmpty(tikTokUserId) || StringUtils.isEmpty(tikTokUserName)  || StringUtils.isEmpty(openId))
+            String tikTokUserKey = JwtUtils.getTiktokUserKey(claims);
+            if (StringUtils.isEmpty(tikTokUserId) || StringUtils.isEmpty(tikTokUserName)  || StringUtils.isEmpty(tikTokUserKey))
            {
                return unauthorizedResponse(exchange, "令牌验证失败");
            }
            // 设置用户信息到请求
-            addHeader(mutate, SecurityConstants.TIKTOK_USER_KEY, tikTokUserkey);
+            addHeader(mutate, SecurityConstants.TIKTOK_USER_KEY, tikTokUserKey);
            addHeader(mutate, SecurityConstants.DETAILS_TIKTOK_USER_ID, tikTokUserId);
            addHeader(mutate, SecurityConstants.DETAILS_TIKTOK_USERNAME, tikTokUserName);
            addHeader(mutate, SecurityConstants.DETAILS_TIKTOK_OPENID, openId);
@ -144,16 +145,16 @@ public class AuthFilter implements GlobalFilter, Ordered
            {
                return unauthorizedResponse(exchange, "令牌已过期或验证不正确！");
            }
-            String wechatUserKey = JwtUtils.getWechatUserKey(claims);
-            boolean isLogin = redisService.hasKey(getWechatUserTokenKey(wechatUserKey));
+            String openId = JwtUtils.getWechatUserOpenid(claims);
+            boolean isLogin = redisService.hasKey(getWechatUserTokenKey(openId));
            if (!isLogin)
            {
                return unauthorizedResponse(exchange, "登录状态已过期");
            }
            String wechatUserId = JwtUtils.getWechatUserId(claims);
            String wechatUserName = JwtUtils.getWechatUserName(claims);
-            String openId = JwtUtils.getWechatUserOpenid(claims);
-            if (StringUtils.isEmpty(wechatUserId) || StringUtils.isEmpty(wechatUserName) || StringUtils.isEmpty(openId))
+            String wechatUserKey = JwtUtils.getWechatUserKey(claims);
+            if (StringUtils.isEmpty(wechatUserId) || StringUtils.isEmpty(wechatUserName) || StringUtils.isEmpty(wechatUserKey))
            {
                return unauthorizedResponse(exchange, "令牌验证失败");
            }
@ -172,16 +173,16 @@ public class AuthFilter implements GlobalFilter, Ordered
            {
                return unauthorizedResponse(exchange, "令牌已过期或验证不正确！");
            }
-            String fhUserKey = JwtUtils.getFhUserKey(claims);
-            boolean isLogin = redisService.hasKey(getFhUserTokenKey(fhUserKey));
+            String openId = JwtUtils.getFhUserOpenid(claims);
+            boolean isLogin = redisService.hasKey(getFhUserTokenKey(openId));
            if (!isLogin)
            {
                return unauthorizedResponse(exchange, "登录状态已过期");
            }
            String fhUserId = JwtUtils.getFhUserId(claims);
            String fhUserName = JwtUtils.getFhUserName(claims);
-            String openId = JwtUtils.getFhUserOpenid(claims);
-            if (StringUtils.isEmpty(fhUserId) || StringUtils.isEmpty(fhUserName) || StringUtils.isEmpty(openId))
+            String fhUserKey = JwtUtils.getFhUserKey(claims);
+            if (StringUtils.isEmpty(fhUserId) || StringUtils.isEmpty(fhUserName) || StringUtils.isEmpty(fhUserKey))
            {
                return unauthorizedResponse(exchange, "令牌验证失败");
            }