yoyuz/my_site
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修改网盘显示等细节,登陆验证更加严格,同时允许一台设备在线

Browse Source
This commit is contained in:
yoyuzh
2026-03-20 18:08:59 +08:00
parent 43358e29d7
commit f8ea5a6f85
37 changed files with 1541 additions and 100 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
backend/src/main/java/com/yoyuzh/auth/JwtTokenProvider.java
View File

@@ -11,6 +11,7 @@ import javax.crypto.SecretKey;
import java.nio.charset.StandardCharsets;
import java.time.Instant;
import java.util.Date;
import org.springframework.util.StringUtils;
@Component
public class JwtTokenProvider {
@@ -39,15 +40,20 @@ public class JwtTokenProvider {
secretKey = Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8));
}
public String generateAccessToken(Long userId, String username) {
public String generateAccessToken(Long userId, String username, String sessionId) {
Instant now = Instant.now();
return Jwts.builder()
var builder = Jwts.builder()
.subject(username)
.claim("uid", userId)
.issuedAt(Date.from(now))
.expiration(Date.from(now.plusSeconds(jwtProperties.getAccessExpirationSeconds())))
.signWith(secretKey)
.compact();
.signWith(secretKey);
if (StringUtils.hasText(sessionId)) {
builder.claim("sid", sessionId);
}
return builder.compact();
}
public boolean validateToken(String token) {
@@ -68,6 +74,21 @@ public class JwtTokenProvider {
return uid == null ? null : Long.parseLong(uid.toString());
}
public String getSessionId(String token) {
Object sessionId = parseClaims(token).get("sid");
return sessionId == null ? null : sessionId.toString();
}
public boolean hasMatchingSession(String token, String activeSessionId) {
String tokenSessionId = getSessionId(token);
if (!StringUtils.hasText(activeSessionId)) {
return !StringUtils.hasText(tokenSessionId);
}
return activeSessionId.equals(tokenSessionId);
}
private Claims parseClaims(String token) {
return Jwts.parser().verifyWith(secretKey).build().parseSignedClaims(token).getPayload();
}