07 29 02 fix 递归算法

src/main/java/com/imed/costaccount/common/aop/TokenAspect.java

@@ -1,36 +1,38 @@
-package com.imed.costaccount.common.aop;
-
-import cn.hutool.core.util.StrUtil;
-import com.imed.costaccount.common.token.ThreadLocalToken;
-import lombok.extern.slf4j.Slf4j;
-import org.aspectj.lang.ProceedingJoinPoint;
-import org.aspectj.lang.annotation.Around;
-import org.aspectj.lang.annotation.Aspect;
-import org.aspectj.lang.annotation.Pointcut;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-@Aspect
-@Component
-@Slf4j
-public class TokenAspect {
-
-    @Autowired
-    private ThreadLocalToken local;
-
-    @Pointcut("execution(public * com.imed.costaccount.web.*.*(..)))")
-    public void tokenPointCut() {
-
-    }
-
-    @Around("tokenPointCut()")
-    public Object tokenAround(ProceedingJoinPoint point) throws Throwable {
-        String token = local.getToken();
-        Object result =  point.proceed();
-        if (StrUtil.isBlank(token)) {
-            return result;
-        }
-        local.clear();
-        return result;
-    }
-}
+//package com.imed.costaccount.common.aop;
+//
+//import cn.hutool.core.util.StrUtil;
+//import com.imed.costaccount.common.token.ThreadLocalToken;
+//import com.imed.costaccount.common.util.Result;
+//import lombok.extern.slf4j.Slf4j;
+//import org.aspectj.lang.ProceedingJoinPoint;
+//import org.aspectj.lang.annotation.Around;
+//import org.aspectj.lang.annotation.Aspect;
+//import org.aspectj.lang.annotation.Pointcut;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.stereotype.Component;
+//
+//@Aspect
+//@Component
+//@Slf4j
+//public class TokenAspect {
+//
+//    @Autowired
+//    private ThreadLocalToken local;
+//
+//    @Pointcut("execution(public * com.imed.costaccount.web.*.*(..)))")
+//    public void tokenPointCut() {
+//
+//    }
+//
+//    @Around("tokenPointCut()")
+//    public Object tokenAround(ProceedingJoinPoint point) throws Throwable {
+//        Result result = (Result) point.proceed();
+//        String token = local.getToken();
+//        if (StrUtil.isNotBlank(token)) {
+//            result.setToken(token);
+//            local.clear();
+//            return result;
+//        }
+//        return result;
+//    }
+//}

src/main/java/com/imed/costaccount/common/shiro/OAuth2Filter.java

@@ -2,10 +2,11 @@ package com.imed.costaccount.common.shiro;
 
 import cn.hutool.core.util.StrUtil;
 import cn.hutool.json.JSONUtil;
+import com.auth0.jwt.exceptions.TokenExpiredException;
+import com.imed.costaccount.common.token.ThreadLocalToken;
 import com.imed.costaccount.common.util.ErrorResult;
 import com.imed.costaccount.common.token.RedisUtil;
 import com.imed.costaccount.common.token.JwtUtil;
-import com.imed.costaccount.common.token.ThreadLocalToken;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.shiro.authc.AuthenticationException;
 import org.apache.shiro.authc.AuthenticationToken;
@@ -31,8 +32,8 @@ public class  OAuth2Filter extends AuthenticatingFilter {
     @Autowired
     private JwtUtil jwtUtil;
 
-    @Autowired
-    private ThreadLocalToken local;
+//    @Autowired
+//    private ThreadLocalToken local;
 
     @Autowired
     private RedisUtil redisUtil;
@@ -88,40 +89,31 @@ public class  OAuth2Filter extends AuthenticatingFilter {
         resp.setHeader("Access-Control-Allow-Credentials", "true");
         resp.setHeader("Access-Control-Allow-Origin", req.getHeader("Origin"));
 
-        local.clear();
+//        local.clear();
         String token = this.getRequestToken(req);
+        // 如果前端传过来的token是null
         if (StrUtil.isBlank(token)) {
             String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "请先登录"));
             resp.getWriter().print(json);
             return false;
         }
-        // 判断redis中是否存在该用户的token，如果不存在或者不一致那么标识token无效
-        int userId = jwtUtil.getUserId(token);
-        String str = (String) redisUtil.get(userId + "");
-        if (StrUtil.isBlank(str)) {
-            String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "登录过期"));
-            resp.getWriter().print(json);
-            return false;
-        }
-        if (!str.equalsIgnoreCase(token)) {
-            String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "令牌无效，请重新登录"));
-            resp.getWriter().print(json);
-            return false;
-        }
 
         // 内容是否过期
         try {
             jwtUtil.verifierToken(token);
+        } catch (TokenExpiredException e) {
+            resp.setStatus(499);
+            resp.getWriter().print("token过期");
+            String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "令牌过期，请重新登录"));
+            resp.getWriter().print(json);
+            return false;
         } catch (Exception e) {
-//            // 无效的令牌
-            resp.setStatus(400);
+            resp.setStatus(499);
             resp.getWriter().print("无效的令牌");
-            String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "令牌过期，请重新登录"));
+            String json = JSONUtil.toJsonStr(ErrorResult.errorMsg(499, "令牌异常，请重新登录"));
             resp.getWriter().print(json);
             return false;
         }
-        // 执行realm
-        local.setToken(token);
         return executeLogin(request, response);
     }
 

src/main/java/com/imed/costaccount/common/shiro/OAuth2Realm.java

@@ -15,6 +15,7 @@ import org.apache.shiro.authz.SimpleAuthorizationInfo;
 import org.apache.shiro.realm.AuthorizingRealm;
 import org.apache.shiro.subject.PrincipalCollection;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
 
 import java.util.Objects;

src/main/java/com/imed/costaccount/common/token/JwtUtil.java

@@ -22,14 +22,10 @@ public class JwtUtil {
     @Value("${cost.jwt.expire}")
     private Integer expire;
 
-    @Autowired
-    private RedisUtil redisUtil;
-
-    public String createToken(int empId) {
+    public String createToken(int userId) {
         Date date = DateUtil.offset(new DateTime(), DateField.DAY_OF_YEAR, expire).toJdkDate();
         Algorithm algorithm = Algorithm.HMAC256(secret);
-        String token = JWT.create().withClaim("userId", empId).withExpiresAt(date).sign(algorithm);
-        redisUtil.set(empId + "", token, Duration.ofDays(expire));
+        String token = JWT.create().withClaim("userId", userId).withExpiresAt(date).sign(algorithm);
         return token;
     }
 

src/main/java/com/imed/costaccount/common/util/Result.java

@@ -22,6 +22,8 @@ public class Result {
     // 响应中的数据
     private Object data;
 
+    private String token;
+
     @JsonIgnore
     private String ok;	// 不使用
 
@@ -136,4 +138,11 @@ public class Result {
         this.ok = ok;
     }
 
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(String token) {
+        this.token = token;
+    }
 }

src/main/java/com/imed/costaccount/service/impl/AccountingServiceImpl.java

@@ -196,11 +196,21 @@ public class AccountingServiceImpl extends ServiceImpl<AccountingMapper, Account
     public void updateAccount(AccountingEditDTO accountingEditDTO, User user) {
         // TODO: 2021/7/28 追踪溯源需求不满足
         Integer id = accountingEditDTO.getId();
-        this.checkAccountingCode(accountingEditDTO.getAccountingCode(), user.getHospId());
+//        this.checkAccountingCode(accountingEditDTO.getAccountingCode(), user.getHospId());
+        Accounting  one = this.baseMapper.selectOne(
+                new QueryWrapper<Accounting>().lambda().select(Accounting::getId)
+                        .eq(Accounting::getAccountingCode, accountingEditDTO.getAccountingCode())
+                        .eq(Accounting::getHospId, user.getHospId())
+                        .last("limit 1")
+        );
+
         Accounting byId = this.getById(id);
         if (Objects.isNull(byId)) {
             throw new CostException(500, "当前选中会计科目已被移除");
         }
+        if (Objects.nonNull(one) && !byId.getAccountingCode().equals(one.getAccountingCode())) {
+                throw new CostException(500, "会计科目代码已存在，请重新生成");
+        }
         // 直接修改
         byId.setAccountingCode(accountingEditDTO.getAccountingCode());
         byId.setAccountingName(accountingEditDTO.getAccountingName());

src/main/java/com/imed/costaccount/service/impl/UserServiceImpl.java

@@ -9,6 +9,7 @@ import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.imed.costaccount.common.exception.CostException;
 import com.imed.costaccount.common.token.JwtUtil;
+import com.imed.costaccount.common.token.RedisUtil;
 import com.imed.costaccount.common.util.BeanUtil;
 import com.imed.costaccount.common.util.PageUtils;
 import com.imed.costaccount.common.util.Result;
@@ -45,9 +46,12 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
 
     private HospitalService hosptailService;
 
-    public UserServiceImpl(JwtUtil jwtUtil, HospitalService hosptailService) {
+    private final RedisUtil redisUtil;
+
+    public UserServiceImpl(JwtUtil jwtUtil, HospitalService hosptailService, RedisUtil redisUtil) {
         this.jwtUtil = jwtUtil;
         this.hosptailService = hosptailService;
+        this.redisUtil = redisUtil;
     }
 
 
@@ -79,7 +83,8 @@ public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements Us
             throw new CostException("密码错误");
         }
         String token = jwtUtil.createToken(one.getId());
-
+        // 保存到redis 有效期一天
+//        redisUtil.set(one.getId() + "", token, 60 * 60 * 24 * 1000);
         return LoginVO.builder().token(token).name(one.getName()).userid(one.getId()).build();
     }
 

src/main/resources/application.yml

@@ -27,4 +27,4 @@ logging:
 cost:
   jwt:
     secret: 12321312asdsdsfdfsd
-    expire: 1000
+    expire: 1