登录增加启用码验证。token过期时间改为30分钟。

src/main/java/com/neotel/smfcore/common/utils/DateUtil.java

@@ -147,6 +147,18 @@ public class DateUtil {
         c.add(Calendar.DAY_OF_YEAR, days);
         return c.getTime();
     }
+    /**
+     * 日期+天数
+     * @param date
+     * @param seconds
+     * @return
+     */
+    public static Date addSeconds(Date date, int seconds){
+        Calendar c = Calendar.getInstance();
+        c.setTime(date);
+        c.add(Calendar.SECOND, seconds);
+        return c.getTime();
+    }
 
     public static Date getMinDate(Date date0, Date date1){
         return date0.before(date1)? date0 : date1;

src/main/java/com/neotel/smfcore/security/rest/AuthorizationController.java

@@ -15,11 +15,10 @@
  */
 package com.neotel.smfcore.security.rest;
 
+import com.neotel.smfcore.common.utils.*;
 import com.neotel.smfcore.security.annotation.AnonymousDeleteMapping;
 import com.neotel.smfcore.security.annotation.AnonymousGetMapping;
 import com.neotel.smfcore.security.annotation.AnonymousPostMapping;
-import com.neotel.smfcore.common.utils.EncryptUtils;
-import com.neotel.smfcore.common.utils.StringUtils;
 import com.neotel.smfcore.security.bean.RsaProperties;
 import com.neotel.smfcore.security.TokenProvider;
 import com.neotel.smfcore.security.bean.LoginProperties;
@@ -28,8 +27,6 @@ import com.neotel.smfcore.security.rest.bean.dto.OnlineUserDto;
 import com.neotel.smfcore.security.service.OnlineUserService;
 import com.neotel.smfcore.security.rest.bean.dto.AuthUserDto;
 import com.neotel.smfcore.security.rest.bean.dto.JwtUserDto;
-import com.neotel.smfcore.common.utils.RsaUtils;
-import com.neotel.smfcore.common.utils.SecurityUtils;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.RequiredArgsConstructor;
@@ -103,7 +100,8 @@ public class AuthorizationController {
         OnlineUserDto onlineUserDto = null;
         try {
             long seconds = onlineUserService.properties.getTokenValidityInSeconds() / 1000;
-            onlineUserDto = new OnlineUserDto(jwtUserDto.getUsername(), browser , ip, address, EncryptUtils.desEncrypt(token), new Date());
+            Date exTime= DateUtil.addSeconds(new Date(), new Long(seconds).intValue());
+            onlineUserDto = new OnlineUserDto(jwtUserDto.getUsername(), browser , ip, address, EncryptUtils.desEncrypt(token), new Date(),exTime);
         } catch (Exception e) {
             log.error(e.getMessage(),e);
         }

src/main/java/com/neotel/smfcore/security/rest/bean/dto/OnlineUserDto.java

@@ -59,6 +59,10 @@ public class OnlineUserDto {
      * 登录时间
      */
     private Date loginTime;
+    /**
+     * 过期时间
+     */
+    private  Date expiresTime;
 
 
 }

src/main/java/com/neotel/smfcore/security/service/OnlineUserService.java

@@ -23,6 +23,8 @@ import com.neotel.smfcore.security.rest.bean.dto.OnlineUserDto;
 import com.neotel.smfcore.common.utils.EncryptUtils;
 import com.neotel.smfcore.common.utils.FileUtil;
 import com.neotel.smfcore.common.utils.StringUtils;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.ExpiredJwtException;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.domain.Pageable;
 import org.springframework.scheduling.annotation.Async;
@@ -128,7 +130,23 @@ public class OnlineUserService {
      * @return /
      */
     public OnlineUserDto getOne(String key) {
-        return (OnlineUserDto)onlineUserMap.get(key);
+        OnlineUserDto dto = null;
+        dto = (OnlineUserDto) onlineUserMap.get(key);
+
+        Date currTime = new Date();
+        int result = dto.getExpiresTime().compareTo(new Date());
+        if (result > 0) {
+            //更新过期时间
+            long seconds = properties.getTokenValidityInSeconds() / 1000;
+            Date exTime = DateUtil.addSeconds(new Date(), new Long(seconds).intValue());
+            dto.setExpiresTime(exTime);
+
+        } else if (result < 0) {
+            this.kickOut(key);
+            //已过期抛异常
+            throw new ExpiredJwtException(null, null, "token 已过期");
+        }
+        return dto;
     }
 
     /**

src/main/java/com/neotel/smfcore/security/service/UserDetailsServiceImpl.java

@@ -17,6 +17,8 @@ package com.neotel.smfcore.security.service;
 
 import com.neotel.smfcore.common.exception.BadRequestException;
 import com.neotel.smfcore.common.exception.EntityNotFoundException;
+import com.neotel.smfcore.common.utils.Constants;
+import com.neotel.smfcore.common.utils.Md5Utls;
 import com.neotel.smfcore.security.bean.LoginProperties;
 import com.neotel.smfcore.security.rest.bean.dto.JwtUserDto;
 import com.neotel.smfcore.security.service.manager.IMenuManager;
@@ -85,6 +87,15 @@ public class UserDetailsServiceImpl implements UserDetailsService {
                 if (!user.getEnabled()) {
                     throw new BadRequestException("账号未激活！");
                 }
+                if(user.getUsername().equals(Constants.SUPER_USERNAME)){
+
+                }else {
+                    //判断激活码是否正确
+                    String code = Md5Utls.getMd5(user.getId(), user.getCreateDate());
+                    if (!code.equals(user.getCheckCode())) {
+                        throw new BadRequestException("账号未激活！");
+                    }
+                }
                 List<Long> dataScopes = new ArrayList<>();
                 jwtUserDto = new JwtUserDto(
                         user,

src/main/resources/config/application-dev.yml

@@ -36,8 +36,8 @@ jwt:
   token-start-with: Bearer
   # 必须使用最少88位的Base64对该令牌进行编码
   base64-secret: ZmQ0ZGI5NjQ0MDQwY2I4MjMxY2Y3ZmI3MjdhN2ZmMjNhODViOTg1ZGE0NTBjMGM4NDA5NzYxMjdjOWMwYWRmZTBlZjlhNGY3ZTg4Y2U3YTE1ODVkZDU5Y2Y3OGYwZWE1NzUzNWQ2YjFjZDc0NGMxZWU2MmQ3MjY1NzJmNTE0MzI=
-  # 令牌过期时间 此处单位/毫秒 ，默认4小时，可在此网站生成 https://www.convertworld.com/zh-hans/time/milliseconds.html
-  token-validity-in-seconds: 14400000
+  # 令牌过期时间 此处单位/毫秒 ，默认30分钟，可在此网站生成 https://www.convertworld.com/zh-hans/time/milliseconds.html
+  token-validity-in-seconds: 1800000
   # 在线用户key
   online-key: online-token-
   # 验证码