修改非活动时间超出退出登录

backend/src/main/java/com/jiayue/ssi/aspectj/OperateLogAspect.java

@@ -201,7 +201,10 @@ public class OperateLogAspect {
                 // 密码
                 value = DesensitizedUtil.password(value);
             }
-
+            else if ("idcard".equals(name)){
+                // 身份证
+                value = DesensitizedUtil.idCardNum(value,5,2);
+            }
 
             map.put(name,value);
         }

backend/src/main/java/com/jiayue/ssi/config/WebSecurityConfig.java

@@ -2,6 +2,7 @@ package com.jiayue.ssi.config;
 
 import com.jiayue.ssi.filter.*;
 import com.jiayue.ssi.handler.*;
+import com.jiayue.ssi.service.SysPolicyService;
 import com.jiayue.ssi.service.SysUserService;
 import com.jiayue.ssi.service.impl.UserServiceImpl;
 import com.jiayue.ssi.util.JwtTokenUtil;
@@ -33,6 +34,8 @@ import org.springframework.security.web.firewall.HttpFirewall;
 @EnableGlobalMethodSecurity(prePostEnabled = true)
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
+    SysPolicyService sysPolicyService;
+    @Autowired
     UserServiceImpl userServiceImpl;
     @Autowired
     CustomAuthenticationFailureHandler customAuthenticationFailureHandler;
@@ -95,7 +98,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
         httpSecurity.addFilterBefore(new SqlFilter(), LogoutFilter.class);
         httpSecurity.addFilterBefore(new VerifyCodeFilter(), LogoutFilter.class);
         httpSecurity.addFilterBefore(new MailCodeFilter(), LogoutFilter.class);
-        httpSecurity.addFilterBefore(new JwtAuthenticationTokenFilter(userServiceImpl, jwtTokenUtil, sysUserService,bfhhs), LogoutFilter.class);
+        httpSecurity.addFilterBefore(new JwtAuthenticationTokenFilter(userServiceImpl, jwtTokenUtil, sysUserService,bfhhs,sysPolicyService), LogoutFilter.class);
 //        httpSecurity.headers().frameOptions().disable();
 //        httpSecurity.headers().httpStrictTransportSecurity().includeSubDomains(true).preload(true).maxAgeInSeconds(31536000);
         httpSecurity

backend/src/main/java/com/jiayue/ssi/constant/CacheConstants.java

@@ -26,7 +26,10 @@ public class CacheConstants {
      * 邮箱口令 key
      */
     public static final String MAIL_CODE_KEY = "mail_codes:";
-
+    /**
+     * 非活动退出 key
+     */
+    public static final String REACTIVE_KEY = "reactive:";
     /**
      * 防止邮箱口令频繁访问
      */

backend/src/main/java/com/jiayue/ssi/controller/SysPolicyController.java

@@ -78,8 +78,8 @@ public class SysPolicyController {
 
             if (sysPolicy.getInactiveLogout() == null) {
                 return ResponseVO.fail("非活动状态登出系统不能为空!");
-            } else if (!String.valueOf(sysPolicy.getInactiveLogout()).matches("^(?:[2-9]\\d|100)$")) {
-                return ResponseVO.fail("非活动状态登出系统请输入20-100整数");
+            } else if (!String.valueOf(sysPolicy.getInactiveLogout()).matches("^([1-9]|[1-2]\\d|30)$")) {
+                return ResponseVO.fail("非活动状态登出系统请输入1-30整数");
             }
 
             if (sysPolicy.getMemoryWarn() == null) {

backend/src/main/java/com/jiayue/ssi/filter/JwtAuthenticationTokenFilter.java

@@ -8,12 +8,15 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.jiayue.ssi.constant.CacheConstants;
 import com.jiayue.ssi.constant.Constants;
 import com.jiayue.ssi.constant.LoginConstants;
 import com.jiayue.ssi.dto.UserVisitInfoDto;
+import com.jiayue.ssi.entity.SysPolicy;
 import com.jiayue.ssi.entity.SysUser;
 import com.jiayue.ssi.factory.LoginFactory;
+import com.jiayue.ssi.service.SysPolicyService;
 import com.jiayue.ssi.service.SysUserService;
 import com.jiayue.ssi.service.impl.UserServiceImpl;
 import com.jiayue.ssi.util.*;
@@ -29,6 +32,7 @@ import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.util.StringUtils;
 import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.servlet.HandlerInterceptor;
 
 /**
  * jwt过滤器
@@ -45,12 +49,14 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
     UserServiceImpl userServiceImpl;
     JwtTokenUtil jwtTokenUtil;
     SysUserService sysUserService;
+    SysPolicyService sysPolicyService;
     int bfhhs;
 
-    public JwtAuthenticationTokenFilter(UserServiceImpl userServiceImpl, JwtTokenUtil jwtTokenUtil,SysUserService sysUserService,int bfhhs) {
+    public JwtAuthenticationTokenFilter(UserServiceImpl userServiceImpl, JwtTokenUtil jwtTokenUtil,SysUserService sysUserService,int bfhhs,SysPolicyService sysPolicyService) {
         this.userServiceImpl = userServiceImpl;
         this.jwtTokenUtil = jwtTokenUtil;
         this.sysUserService = sysUserService;
+        this.sysPolicyService = sysPolicyService;
         this.bfhhs = bfhhs;
     }
 
@@ -159,6 +165,27 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
                     return;
                 }
             }
+
+            // 先判断非活动时长
+            if (LocalCache.get(CacheConstants.REACTIVE_KEY + token)==null){
+                ResponseInfo.doResponse(response, "超出非活动时长退出！", 406);
+                return;
+            }
+            else {
+                Long lastOperTime = (Long)LocalCache.get(CacheConstants.REACTIVE_KEY + token);
+                // 获取非活动配置值
+                SysPolicy sysPolicy = sysPolicyService.getOne(new QueryWrapper<>());
+                Long expiration = sysPolicy.getInactiveLogout().longValue()*1000*60L;
+                if (System.currentTimeMillis()>lastOperTime+expiration){
+                    LocalCache.remove(CacheConstants.REACTIVE_KEY + token);
+                    // 超出配置设定值则退出
+                    ResponseInfo.doResponse(response, "超出非活动时长退出！", 406);
+                    return;
+                }
+                else{
+                    LocalCache.set(CacheConstants.REACTIVE_KEY + token,System.currentTimeMillis(),1000*60*60);
+                }
+            }
         } else {
             if ("POST".equalsIgnoreCase(request.getMethod()) && defaultFilterProcessUrl.equals(request.getServletPath())) {
                 // 判断并发会话数是否满足

backend/src/main/java/com/jiayue/ssi/handler/CustomAuthenticationSuccessHandler.java

@@ -127,6 +127,9 @@ public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthent
             }
         }
         CacheConstants.LOGIN_TOKEN_MAP.put(username,token);
+        // 登录成功后将用户本次操作时间存入缓存，为了判断非活动退出时应用,60分钟自动失效
+        LocalCache.set(CacheConstants.REACTIVE_KEY + token,System.currentTimeMillis(),1000*60*60);
+
 
         String obj = JSONUtil.toJsonStr(ResponseVO.success(token));
         // token加密处理

backend/src/main/java/com/jiayue/ssi/interceptor/TokenStatusInterceptor.java

@@ -1,6 +1,8 @@
 package com.jiayue.ssi.interceptor;
 
+import com.jiayue.ssi.constant.CacheConstants;
 import com.jiayue.ssi.util.JwtTokenUtil;
+import com.jiayue.ssi.util.LocalCache;
 import com.jiayue.ssi.util.ResponseInfo;
 import io.jsonwebtoken.Claims;
 import org.springframework.web.servlet.HandlerInterceptor;

backend/src/main/java/com/jiayue/ssi/util/JwtTokenUtil.java

@@ -1,17 +1,10 @@
 package com.jiayue.ssi.util;
 
-
-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
-import com.jiayue.ssi.entity.SysPolicy;
 import com.jiayue.ssi.entity.SysUser;
-import com.jiayue.ssi.service.SysPolicyService;
 import io.jsonwebtoken.*;
 import lombok.Data;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.stereotype.Component;
-
-import java.text.SimpleDateFormat;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -25,9 +18,6 @@ import java.util.Map;
 @Component
 public class JwtTokenUtil {
 
-    @Autowired
-    SysPolicyService sysPolicyService;
-
     private String secret = "jiayue";
 
     private String authorization;
@@ -39,9 +29,8 @@ public class JwtTokenUtil {
      * @return 令牌
      */
     private String generateToken(Map<String, Object> claims) {
-        SysPolicy sysPolicy = sysPolicyService.getOne(new QueryWrapper<>());
-        // 过期时长30分钟(毫秒)
-        Long expiration = sysPolicy.getInactiveLogout().longValue()*1000*60L;
+        // 过期时长60分钟
+        Long expiration = 60*1000*60L;
         Date expirationDate = new Date(System.currentTimeMillis() + expiration);
         return Jwts.builder().setClaims(claims).setExpiration(expirationDate).setIssuedAt(new Date(System.currentTimeMillis())).signWith(SignatureAlgorithm.HS512, secret).compact();
     }

ui/src/views/sysManager/sysPolicy/index.vue

@@ -123,7 +123,7 @@ export default {
         ],
         inactiveLogout: [
           { required: true, message: "非活动状态登出系统不能为空", trigger: "blur" },
-          { pattern: /^(?:[2-9]\d|100)$/, message: "请输入20-100整数", trigger: "blur"}
+          { pattern: /^([1-9]|[1-2]\d|30)$/, message: "请输入1-30整数", trigger: "blur"}
         ],
         auditLog: [
           { required: true, message: "审计日志保留月数不能为空", trigger: "blur" },

ui/src/views/sysManager/userManager/index.vue

@@ -116,6 +116,7 @@
             <vxe-table-column title="操作" width="320">
               <template slot-scope="scope">
                 <el-button
+                  v-if="scope.row.id !== 1 && scope.row.id !== 2"
                   size="mini"
                   type="text"
                   icon="el-icon-edit"
@@ -124,7 +125,7 @@
                 >初始/重置密码
                 </el-button>
                 <el-button
-                  v-if="scope.row.id !== 1"
+                  v-if="scope.row.id !== 1 && scope.row.id !== 2"
                   size="mini"
                   type="text"
                   icon="el-icon-delete"
@@ -627,6 +628,13 @@ export default {
         });
         return
       }
+      if (_selectData.id == 2) {
+        this.$message({
+          type: 'warning',
+          message: '内置审计管理员不能删除!'
+        });
+        return
+      }
       this.$prompt('请输入密码', '鉴别操作', {
         confirmButtonText: '确定',
         cancelButtonText: '取消',
@@ -704,6 +712,21 @@ export default {
         });
         return
       }
+      if (_selectData.id == 1) {
+        this.$message({
+          type: 'warning',
+          message: '内置系统管理员不能修改!'
+        });
+        return
+      }
+      if (_selectData.id == 2) {
+        this.$message({
+          type: 'warning',
+          message: '内置审计管理员不能修改!'
+        });
+        return
+      }
+
       this.form = _selectData;
       this.open = true;
       this.title = "修改用户";