diff --git a/mall-security/src/main/java/com/macro/mall/security/util/JwtTokenUtil.java b/mall-security/src/main/java/com/macro/mall/security/util/JwtTokenUtil.java index 3c4338d..81eb969 100644 --- a/mall-security/src/main/java/com/macro/mall/security/util/JwtTokenUtil.java +++ b/mall-security/src/main/java/com/macro/mall/security/util/JwtTokenUtil.java @@ -1,5 +1,7 @@ package com.macro.mall.security.util; +import cn.hutool.core.date.DateUtil; +import cn.hutool.core.util.StrUtil; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; @@ -120,25 +122,49 @@ public class JwtTokenUtil { } /** - * 判断token是否可以被刷新 - */ - private boolean canRefresh(String token) { - return !isTokenExpired(token); - } - - - /** - * 当原来的token没过期是可以刷新 + * 当原来的token没过期时是可以刷新的 * * @param oldToken 带tokenHead的token */ public String refreshHeadToken(String oldToken) { + if(StrUtil.isEmpty(oldToken)){ + return null; + } String token = oldToken.substring(tokenHead.length()); - if (canRefresh(token)) { - Claims claims = getClaimsFromToken(token); + if(StrUtil.isEmpty(token)){ + return null; + } + //token校验不通过 + Claims claims = getClaimsFromToken(token); + if(claims==null){ + return null; + } + //如果token已经过期,不支持刷新 + if(isTokenExpired(token)){ + return null; + } + //如果token在30分钟之内刚刷新过,返回原token + if(tokenRefreshJustBefore(token,30*60)){ + return token; + }else{ claims.put(CLAIM_KEY_CREATED, new Date()); return generateToken(claims); } - return null; + } + + /** + * 判断token在指定时间内是否刚刚刷新过 + * @param token 原token + * @param time 指定时间(秒) + */ + private boolean tokenRefreshJustBefore(String token, int time) { + Claims claims = getClaimsFromToken(token); + Date created = claims.get(CLAIM_KEY_CREATED, Date.class); + Date refreshDate = new Date(); + //刷新时间在创建时间的指定时间内 + if(refreshDate.after(created)&&refreshDate.before(DateUtil.offsetSecond(created,time))){ + return true; + } + return false; } }