新增从cookie中获取token

client/src/utils/auth.ts

@@ -1,6 +1,7 @@
 import { useCache } from '@/hooks/web/useCache'
 import { TokenType } from '@/api/login/types'
 import { decrypt, encrypt } from '@/utils/jsencrypt'
+import Cookies from 'js-cookie'
 
 const { wsCache } = useCache()
 
@@ -22,6 +23,8 @@ export const getRefreshToken = () => {
 export const setToken = (token: TokenType) => {
   wsCache.set(RefreshTokenKey, token.refreshToken)
   wsCache.set(AccessTokenKey, token.accessToken)
+  Cookies.set(AccessTokenKey, token.accessToken, { expires: 1 })
+  Cookies.set(RefreshTokenKey, token.refreshToken, { expires: 1 })
 }
 
 // 删除token

zjugis-business/src/main/resources/static/login.html

@@ -51,6 +51,11 @@
                     localStorage.setItem('ACCESS_TOKEN', JSON.stringify(a));
                     localStorage.setItem('REFRESH_TOKEN', JSON.stringify(r));
 
+                    // 设置带有过期时间的cookie
+                    var expiryDate = new Date();
+                    expiryDate.setDate(expiryDate.getDate() + 1); // 7天后过期
+                    document.cookie = 'ACCESS_TOKEN='+ result.data.access_token + '; expires=' + expiryDate.toUTCString();
+                    document.cookie = 'REFRESH_TOKEN='+ result.data.refresh_token + '; expires=' + expiryDate.toUTCString();
                     // 提示登录成功
                     alert('登录成功！点击确认，跳转回首页');
                     window.location.href = '/index.html';

zjugis-framework/zjugis-spring-boot-starter-security/src/main/java/com/zjugis/framework/security/core/filter/TokenAuthenticationFilter.java

@@ -19,6 +19,7 @@ import org.springframework.web.filter.OncePerRequestFilter;
 
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
@@ -48,7 +49,19 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
         // 情况二，基于 Token 获得用户
         // 注意，这里主要满足直接使用 Nginx 直接转发到 Spring Cloud 服务的场景。
         if (loginUser == null) {
-            String token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader());
+            String authorization = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader());
+            //如果获取不到用户信息从cookie中获取
+            if(StrUtil.isEmpty(authorization)){
+                Cookie[] cookies = request.getCookies();
+                if(cookies != null){
+                    for (Cookie cookie : cookies) {
+                        if("ACCESS_TOKEN".equals(cookie.getName())){
+                            authorization = cookie.getValue();
+                        }
+                    }
+                }
+            }
+            String token = authorization;
             if (StrUtil.isNotEmpty(token)) {
                 Integer userType = WebFrameworkUtils.getLoginUserType(request);
                 try {

zjugis-workflow/src/main/resources/static/login.html

@@ -1,67 +1,68 @@
 <!DOCTYPE html>
 <html lang="en">
 <head>
-	<meta charset="UTF-8">
-	<title>登录</title>
-	<!-- jQuery：操作 dom、发起请求等 -->
-	<script src="https://lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.2/jquery.min.js" type="application/javascript"></script>
+    <meta charset="UTF-8">
+    <title>登录</title>
+    <!-- jQuery：操作 dom、发起请求等 -->
+    <script src="https://lf9-cdn-tos.bytecdntp.com/cdn/expire-1-M/jquery/2.1.2/jquery.min.js"
+            type="application/javascript"></script>
 
-	<script type="application/javascript">
+    <script type="application/javascript">
 
-    /**
-     * 账号密码登录
-     */
-    function login() {
-      const clientId = 'workflow'; // 可以改写成，你的 clientId
-      const clientSecret = 'workflow_zdww'; // 可以改写成，你的 clientSecret
-      const grantType = 'password'; // 密码模式
+        /**
+         * 账号密码登录
+         */
+        function login() {
+            const clientId = 'workflow'; // 可以改写成，你的 clientId
+            const clientSecret = 'workflow_zdww'; // 可以改写成，你的 clientSecret
+            const grantType = 'password'; // 密码模式
 
-      // 账号 + 密码
-      const username = $('#username').val();
-      const password = $('#password').val();
-      if (username.length === 0 || password.length === 0) {
-        alert('账号或密码未输入');
-        return;
-      }
+            // 账号 + 密码
+            const username = $('#username').val();
+            const password = $('#password').val();
+            if (username.length === 0 || password.length === 0) {
+                alert('账号或密码未输入');
+                return;
+            }
 
-      // 发起请求
-      $.ajax({
-        url: "http://127.0.0.1:48081/admin-api/system/oauth2/token?"
-          // 客户端
-          + "client_id=" + clientId
-          + "&client_secret=" + clientSecret
-          // 密码模式的参数
-          + "&grant_type=" + grantType
-          + "&username=" + username
-          + "&password=" + password
-          + '&scope=user.read user.write',
-        method: 'POST',
-        headers: {
-        },
-        success: function (result) {
-          if (result.code !== 0) {
-            alert('登录失败，原因：' + result.msg)
-            return;
-          }
-		  var a = {};
-		  a.v = JSON.stringify(result.data.access_token);
-		  var r = {};
-		  r.v = JSON.stringify(result.data.refresh_token);
-          // 设置到 localStorage 中
-          localStorage.setItem('ACCESS_TOKEN', JSON.stringify(a));
-          localStorage.setItem('REFRESH_TOKEN', JSON.stringify(r));
-
-          // 提示登录成功
-          alert('登录成功！点击确认，跳转回首页');
-          window.location.href = '/index.html';
+            // 发起请求
+            $.ajax({
+                url: "http://127.0.0.1:48081/admin-api/system/oauth2/token?"
+                    // 客户端
+                    + "client_id=" + clientId
+                    + "&client_secret=" + clientSecret
+                    // 密码模式的参数
+                    + "&grant_type=" + grantType
+                    + "&username=" + username
+                    + "&password=" + password
+                    + '&scope=user.read user.write',
+                method: 'POST',
+                headers: {},
+                success: function (result) {
+                    if (result.code !== 0) {
+                        alert('登录失败，原因：' + result.msg)
+                        return;
+                    }
+                    var a = {};
+                    a.v = JSON.stringify(result.data.access_token);
+                    var r = {};
+                    r.v = JSON.stringify(result.data.refresh_token);
+                    // 设置到 localStorage 中
+                    localStorage.setItem('ACCESS_TOKEN', JSON.stringify(a));
+                    localStorage.setItem('REFRESH_TOKEN', JSON.stringify(r));
+                    document.cookie = 'ACCESS_TOKEN=' + result.data.access_token + '; expires=' + expiryDate.toUTCString();
+                    document.cookie = 'REFRESH_TOKEN=' + result.data.refresh_token + '; expires=' + expiryDate.toUTCString();
+                    // 提示登录成功
+                    alert('登录成功！点击确认，跳转回首页');
+                    window.location.href = '/index.html';
+                }
+            });
         }
-      });
-    }
-	</script>
+    </script>
 </head>
 <body>
-账号：<input id="username" value="admin" /> <br />
-密码：<input id="password" value="admin123" > <br />
+账号：<input id="username" value="admin"/> <br/>
+密码：<input id="password" value="admin123"> <br/>
 <button style="float: right; margin-top: 5px;" onclick="login()">登录</button>
 </body>
 <style>
@@ -71,7 +72,7 @@
         position: absolute;
         left: 50%;
         top: 50%;
-        transform: translate(-50%,-50%);
+        transform: translate(-50%, -50%);
     }
 </style>
 </html>