连接超时插入审计

backend/src/main/java/com/jiayue/ssi/backenum/BusinessType.java

@@ -16,6 +16,10 @@ public enum BusinessType
      */
     UNLOCK,
     /**
+     * 越权访问
+     */
+    BAC,
+    /**
      * 其它
      */
     OTHER,
@@ -76,4 +80,8 @@ public enum BusinessType
      * 清空数据
      */
     CLEAN,
+    /**
+     * 连接超时
+     */
+    CTO,
 }

backend/src/main/java/com/jiayue/ssi/controller/SysUserController.java

@@ -668,7 +668,6 @@ public class SysUserController {
      * @return
      */
     @GetMapping("/getUserRole")
-    @OperateLog(title = "用户管理", businessType = BusinessType.GETROLE, auditType = AuditType.SYS,operdesc = "获取授权角色信息")
     @PreventReplay
     public ResponseVO getUserRole(Long userId) throws CustomException {
         try {

backend/src/main/java/com/jiayue/ssi/filter/JwtAuthenticationTokenFilter.java

@@ -9,13 +9,18 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.jiayue.ssi.backenum.AuditType;
+import com.jiayue.ssi.backenum.BusinessStatus;
+import com.jiayue.ssi.backenum.BusinessType;
 import com.jiayue.ssi.constant.CacheConstants;
 import com.jiayue.ssi.constant.Constants;
 import com.jiayue.ssi.constant.LoginConstants;
 import com.jiayue.ssi.dto.UserVisitInfoDto;
+import com.jiayue.ssi.entity.SysOperLog;
 import com.jiayue.ssi.entity.SysPolicy;
 import com.jiayue.ssi.entity.SysUser;
 import com.jiayue.ssi.factory.LoginFactory;
+import com.jiayue.ssi.factory.OperateLogFactory;
 import com.jiayue.ssi.service.SysPolicyService;
 import com.jiayue.ssi.service.SysUserService;
 import com.jiayue.ssi.service.impl.UserServiceImpl;
@@ -64,6 +69,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
         SecurityContextHolder.getContext().getAuthentication();
         String token = request.getHeader("Authorization");
         if (!StringUtils.isEmpty(token)) {
+            String username = "";
             try {
                 Claims claims = jwtTokenUtil.getClaimsFromToken(token);
                 if (claims==null){
@@ -72,7 +78,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
                     return;
                 }
 
-                String username = claims.getSubject();
+                username = claims.getSubject();
                 if (username != null) {
                     if (CacheConstants.LOGIN_TOKEN_MAP.get(username) == null) {
                         ResponseInfo.doResponse(response, "令牌无效，请重新登录！", 406);
@@ -146,7 +152,6 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
             }
             catch (ExpiredJwtException expiredJwtException){
                 Claims claims = expiredJwtException.getClaims();
-                String username = claims.getSubject();
                 String cacheToken = CacheConstants.LOGIN_TOKEN_MAP.get(username);
                 //内存token和当前token一致  说明是当前登陆用户访问
                 if (cacheToken!=null && !token.equals(cacheToken)) {
@@ -175,6 +180,27 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
                 SysPolicy sysPolicy = sysPolicyService.getOne(new QueryWrapper<>());
                 Long expiration = sysPolicy.getInactiveLogout().longValue()*1000*60L;
                 if (System.currentTimeMillis()>lastOperTime+expiration){
+                    SysOperLog operLog = new SysOperLog();
+                    operLog.setStatus(BusinessStatus.FAIL.ordinal());
+                    // 请求的地址
+                    String ip = IPUtils.getIpAddr();
+                    operLog.setOperIp(ip);
+                    operLog.setOperUrl(org.apache.commons.lang3.StringUtils.substring(ServletUtils.getRequest().getRequestURI(), 0, 255));
+                    operLog.setOperName(username);
+                    // 设置请求方式
+                    operLog.setRequestMethod(ServletUtils.getRequest().getMethod());
+                    operLog.setCreateBy(username);
+                    // 设置action动作
+                    operLog.setBusinessType(BusinessType.CTO.ordinal());
+                    // 设置标题
+                    operLog.setTitle("连接超时");
+                    // 操作描述
+                    operLog.setOperdesc("连接超时");
+                    // 审计类型
+                    operLog.setAuditType(AuditType.SYS.ordinal());
+                    // 保存数据库
+                    OperateLogFactory.recordOper(operLog);
+
                     LocalCache.remove(CacheConstants.REACTIVE_KEY + token);
                     // 超出配置设定值则退出
                     ResponseInfo.doResponse(response, "超出非活动时长退出！", 406);

backend/src/main/java/com/jiayue/ssi/handler/RestAccessDeniedHandler.java

@@ -3,6 +3,9 @@ package com.jiayue.ssi.handler;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import com.jiayue.ssi.annotation.OperateLog;
+import com.jiayue.ssi.backenum.AuditType;
+import com.jiayue.ssi.backenum.BusinessType;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.web.access.AccessDeniedHandler;
 import org.springframework.stereotype.Service;
@@ -19,6 +22,7 @@ import java.io.IOException;
 @Service
 public class RestAccessDeniedHandler implements AccessDeniedHandler {
     @Override
+    @OperateLog(title = "权限认证", businessType = BusinessType.BAC, auditType = AuditType.SYS,operdesc = "没有接口访问权限")
     public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException {
         response.setHeader("Access-Control-Allow-Origin", "*");
         response.setStatus(402);

backend/src/main/resources/mapper/system/SysOperLogMapper.xml

@@ -12,6 +12,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 		<result property="method"         column="method"         />
 		<result property="requestMethod"  column="request_method" />
 		<result property="operatorType"   column="operator_type"  />
+		<result property="operdesc"   column="operdesc"  />
 		<result property="operName"       column="oper_name"      />
 		<result property="deptName"       column="dept_name"      />
 		<result property="operUrl"        column="oper_url"       />
@@ -32,13 +33,13 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 	</resultMap>
 
 	<sql id="selectOperLogVo">
-        select oper_id, title, business_type, audit_type, method, request_method, operator_type, oper_name, dept_name, oper_url, oper_ip, oper_location, oper_param, json_result, status, error_msg, oper_time, cost_time
+        select oper_id, title, business_type, audit_type, method, request_method, operator_type, oper_name, dept_name, oper_url, oper_ip, oper_location, oper_param, json_result, status, error_msg, oper_time, cost_time,operdesc
         from sys_oper_log
     </sql>
 
 	<insert id="insertOperlog" parameterType="SysOperLog">
-		insert into sys_oper_log(title, business_type,audit_type ,method, request_method, operator_type, oper_name, dept_name, oper_url, oper_ip, oper_location, oper_param, json_result, status, error_msg, cost_time, oper_time,create_by,create_time,del_flag)
-        values (#{title}, #{businessType}, #{auditType}, #{method}, #{requestMethod}, #{operatorType}, #{operName}, #{deptName}, #{operUrl}, #{operIp}, #{operLocation}, #{operParam}, #{jsonResult}, #{status}, #{errorMsg}, #{costTime}, sysdate(),#{createBy},sysdate(),0)
+		insert into sys_oper_log(title, business_type,audit_type ,method, request_method, operator_type, oper_name, dept_name, oper_url, oper_ip, oper_location, oper_param, json_result, status, error_msg, cost_time, oper_time,create_by,create_time,del_flag,operdesc)
+        values (#{title}, #{businessType}, #{auditType}, #{method}, #{requestMethod}, #{operatorType}, #{operName}, #{deptName}, #{operUrl}, #{operIp}, #{operLocation}, #{operParam}, #{jsonResult}, #{status}, #{errorMsg}, #{costTime}, sysdate(),#{createBy},sysdate(),0,#{operdesc})
 	</insert>
 
 	<select id="selectOperLogList" parameterType="SysOperLog" resultMap="SysOperLogResult">