From 17acf2ba7a2b410030339b73b53fbc193d9ea420 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 24 七月 2023 19:22:47 +0800
Subject: [PATCH] !402 判断不同端 clientid 是否有效 Merge pull request !402 from MichelleChung/5.X

---
 ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java |   16 ++++++++++++++++
 ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java                          |    1 +
 ruoyi-admin/src/main/java/org/dromara/web/service/impl/XcxAuthStrategy.java                             |    1 +
 ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java       |    1 +
 ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java                           |    1 +
 ruoyi-admin/src/main/java/org/dromara/web/service/impl/PasswordAuthStrategy.java                        |    1 +
 ruoyi-admin/src/main/java/org/dromara/web/service/impl/SmsAuthStrategy.java                             |    1 +
 7 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java
index ab510a7..c284e3d 100644
--- a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java
@@ -66,6 +66,7 @@
         // 渚嬪: 鍚庡彴鐢ㄦ埛30鍒嗛挓杩囨湡 app鐢ㄦ埛1澶╄繃鏈�
         model.setTimeout(client.getTimeout());
         model.setActiveTimeout(client.getActiveTimeout());
+        model.setExtra(LoginHelper.CLIENT_KEY, clientId);
         // 鐢熸垚token
         LoginHelper.login(loginUser, model);
 
diff --git a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/PasswordAuthStrategy.java b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/PasswordAuthStrategy.java
index 3a27cb2..401dfb2 100644
--- a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/PasswordAuthStrategy.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/PasswordAuthStrategy.java
@@ -76,6 +76,7 @@
         // 渚嬪: 鍚庡彴鐢ㄦ埛30鍒嗛挓杩囨湡 app鐢ㄦ埛1澶╄繃鏈�
         model.setTimeout(client.getTimeout());
         model.setActiveTimeout(client.getActiveTimeout());
+        model.setExtra(LoginHelper.CLIENT_KEY, clientId);
         // 鐢熸垚token
         LoginHelper.login(loginUser, model);
 
diff --git a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SmsAuthStrategy.java b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SmsAuthStrategy.java
index 7bc08f5..3fd0569 100644
--- a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SmsAuthStrategy.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SmsAuthStrategy.java
@@ -66,6 +66,7 @@
         // 渚嬪: 鍚庡彴鐢ㄦ埛30鍒嗛挓杩囨湡 app鐢ㄦ埛1澶╄繃鏈�
         model.setTimeout(client.getTimeout());
         model.setActiveTimeout(client.getActiveTimeout());
+        model.setExtra(LoginHelper.CLIENT_KEY, clientId);
         // 鐢熸垚token
         LoginHelper.login(loginUser, model);
 
diff --git a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java
index 2c0f15f..d0d4b43 100644
--- a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java
@@ -103,6 +103,7 @@
         // 渚嬪: 鍚庡彴鐢ㄦ埛30鍒嗛挓杩囨湡 app鐢ㄦ埛1澶╄繃鏈�
         model.setTimeout(client.getTimeout());
         model.setActiveTimeout(client.getActiveTimeout());
+        model.setExtra(LoginHelper.CLIENT_KEY, clientId);
         // 鐢熸垚token
         LoginHelper.login(loginUser, model);
 
diff --git a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/XcxAuthStrategy.java b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/XcxAuthStrategy.java
index 548031e..5a6f43a 100644
--- a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/XcxAuthStrategy.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/XcxAuthStrategy.java
@@ -61,6 +61,7 @@
         // 渚嬪: 鍚庡彴鐢ㄦ埛30鍒嗛挓杩囨湡 app鐢ㄦ埛1澶╄繃鏈�
         model.setTimeout(client.getTimeout());
         model.setActiveTimeout(client.getActiveTimeout());
+        model.setExtra(LoginHelper.CLIENT_KEY, clientId);
         // 鐢熸垚token
         LoginHelper.login(loginUser, model);
 
diff --git a/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java b/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java
index 9ee4216..22c160a 100644
--- a/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java
+++ b/ruoyi-common/ruoyi-common-satoken/src/main/java/org/dromara/common/satoken/utils/LoginHelper.java
@@ -34,6 +34,7 @@
     public static final String LOGIN_USER_KEY = "loginUser";
     public static final String TENANT_KEY = "tenantId";
     public static final String USER_KEY = "userId";
+    public static final String CLIENT_KEY = "clientid";
 
     /**
      * 鐧诲綍绯荤粺 鍩轰簬 璁惧绫诲瀷
diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
index 6936bc3..7ac920f 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
@@ -1,9 +1,13 @@
 package org.dromara.common.security.config;
 
+import cn.dev33.satoken.exception.NotLoginException;
 import cn.dev33.satoken.interceptor.SaInterceptor;
 import cn.dev33.satoken.router.SaRouter;
 import cn.dev33.satoken.stp.StpUtil;
+import org.dromara.common.core.utils.ServletUtils;
 import org.dromara.common.core.utils.SpringUtils;
+import org.dromara.common.core.utils.StringUtils;
+import org.dromara.common.satoken.utils.LoginHelper;
 import org.dromara.common.security.config.properties.SecurityProperties;
 import org.dromara.common.security.handler.AllUrlHandler;
 import lombok.RequiredArgsConstructor;
@@ -44,6 +48,18 @@
                     // 妫�鏌ユ槸鍚︾櫥褰� 鏄惁鏈塼oken
                     StpUtil.checkLogin();
 
+                    // 妫�鏌� header 閲岀殑 clientId 涓� token 閲岀殑鏄惁涓�鑷�
+                    String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);
+                    String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
+                    if (!StringUtils.equals(headerCid, clientId)) {
+                        // token 鏃犳晥
+                        throw NotLoginException.newInstance(
+                            StpUtil.getLoginType(),
+                            NotLoginException.INVALID_TOKEN,
+                            NotLoginException.NOT_TOKEN_MESSAGE,
+                            StpUtil.getTokenValue());
+                    }
+
                     // 鏈夋晥鐜囧奖鍝� 鐢ㄤ簬涓存椂娴嬭瘯
                     // if (log.isDebugEnabled()) {
                     //     log.debug("鍓╀綑鏈夋晥鏃堕棿: {}", StpUtil.getTokenTimeout());

--
Gitblit v1.9.3