You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@iotdb.apache.org by qi...@apache.org on 2023/02/01 07:58:48 UTC
[iotdb-web-workbench] branch master updated: fix(JWTToken): sign secret move to properties (#42)
This is an automated email from the ASF dual-hosted git repository.
qiaojialin pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/iotdb-web-workbench.git
The following commit(s) were added to refs/heads/master by this push:
new 83c5ef9 fix(JWTToken): sign secret move to properties (#42)
83c5ef9 is described below
commit 83c5ef9b770585d2821655a0b967b06130f3ebcb
Author: Summer <43...@users.noreply.github.com>
AuthorDate: Wed Feb 1 15:58:42 2023 +0800
fix(JWTToken): sign secret move to properties (#42)
---
backend/doc/deploy.md | 2 +
.../java/org/apache/iotdb/admin/tool/JJwtTool.java | 47 ++++++++++++++++------
.../src/main/resources/application-dev.properties | 5 ++-
.../src/main/resources/application-prod.properties | 5 ++-
.../src/main/resources/application-test.properties | 5 ++-
5 files changed, 49 insertions(+), 15 deletions(-)
diff --git a/backend/doc/deploy.md b/backend/doc/deploy.md
index f6a3a0e..c267f8e 100644
--- a/backend/doc/deploy.md
+++ b/backend/doc/deploy.md
@@ -29,6 +29,8 @@
![](image/配置文件.PNG)
+务必在application-prod.properties中设置jwt.sign.secret
+
2 打包
![](image/打包.png)
diff --git a/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java b/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java
index 8804107..fe0fa29 100644
--- a/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java
+++ b/backend/src/main/java/org/apache/iotdb/admin/tool/JJwtTool.java
@@ -24,15 +24,30 @@ import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.util.StringUtils;
+import java.util.ArrayList;
import java.util.Date;
+import java.util.List;
/** date:2022/12/6 author:yzf project_name:backend */
@Slf4j
+@Configuration
+@ConfigurationProperties(prefix = "jwt.sign")
public class JJwtTool {
- private static String secret =
- "HSyJ0eXAiOiJKV1QasdfffffffSd3g8923402347523fffasdfasgwaegwaegawegawegawegawetwgewagagew"
- + "asdf23r23DEEasdfawef134t2fawt2g325gafasdfasdfiLCJhbGciOiJIUzI1NiJ9";
+
+ private static List<String> jwtCache = new ArrayList<>();
+ private static String secret;
+
+ public String getSecret() {
+ return secret;
+ }
+
+ public void setSecret(String payload) {
+ secret = payload;
+ }
public static String generateToken(User user) {
log.info("user=" + user.toString());
@@ -40,20 +55,28 @@ public class JJwtTool {
// Calendar instance = Calendar.getInstance();
// instance.add(Calendar.HOUR_OF_DAY, 24);
Date expireDate = new Date(new Date().getTime() + (1000 * 60 * 60 * 10));
- return Jwts.builder()
- .setHeaderParam("type", "JWT")
- .setSubject(user.getId() + "")
- .setIssuedAt(now) // 签发时间
- .claim("userId", user.getId())
- .claim("name", user.getName())
- .setExpiration(expireDate) // 过期时间
- .signWith(SignatureAlgorithm.HS512, secret)
- .compact();
+ String compact =
+ Jwts.builder()
+ .setHeaderParam("type", "JWT")
+ .setSubject(user.getId() + "")
+ .setIssuedAt(now) // 签发时间
+ .claim("userId", user.getId())
+ .claim("name", user.getName())
+ .setExpiration(expireDate) // 过期时间
+ .signWith(SignatureAlgorithm.HS512, secret)
+ .compact();
+ if (StringUtils.hasLength(compact) && !jwtCache.contains(compact)) {
+ jwtCache.add(compact);
+ }
+ return compact;
}
/** 解析token */
public static Claims getClaimsByToken(String token) {
try {
+ if (StringUtils.hasLength(token) && !jwtCache.contains(token)) {
+ return null;
+ }
return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
} catch (Exception e) {
System.out.println("validate is token error");
diff --git a/backend/src/main/resources/application-dev.properties b/backend/src/main/resources/application-dev.properties
index bd75be1..121476b 100644
--- a/backend/src/main/resources/application-dev.properties
+++ b/backend/src/main/resources/application-dev.properties
@@ -36,4 +36,7 @@ spring.servlet.multipart.max-file-size=200MB
spring.servlet.multipart.max-request-size=215MB
# All files generated during CSV import and export are stored in this folder
-file.temp-dir=./tempFile
\ No newline at end of file
+file.temp-dir=./tempFile
+
+# token secret
+jwt.sign.secret = HSyJ0eXAiOiJKV1QasdfffffffSd3g8923402347523fffasdfasgwaegwaegawegawegawegawetwgewagagewasdf23r23DEEasdfawef134t2fawt2g325gafasdfasdfiLCJhbGciOiJIUzI1NiJ9
diff --git a/backend/src/main/resources/application-prod.properties b/backend/src/main/resources/application-prod.properties
index e830534..66a5d2b 100644
--- a/backend/src/main/resources/application-prod.properties
+++ b/backend/src/main/resources/application-prod.properties
@@ -32,4 +32,7 @@ spring.servlet.multipart.max-file-size=200MB
spring.servlet.multipart.max-request-size=215MB
# All files generated during CSV import and export are stored in this folder
-file.temp-dir=./tempFile
\ No newline at end of file
+file.temp-dir=./tempFile
+
+# token secret
+jwt.sign.secret =
diff --git a/backend/src/main/resources/application-test.properties b/backend/src/main/resources/application-test.properties
index 7cd752d..f661868 100644
--- a/backend/src/main/resources/application-test.properties
+++ b/backend/src/main/resources/application-test.properties
@@ -30,4 +30,7 @@ spring.servlet.multipart.file-size-threshold=2KB
spring.servlet.multipart.max-file-size=200MB
spring.servlet.multipart.max-request-size=215MB
-file.temp-dir=./tempFile
\ No newline at end of file
+file.temp-dir=./tempFile
+
+# token secret
+jwt.sign.secret =