onixbyte/helix-server
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

perf: 性能优化

Browse Source 
使用全局唯一 JWT Verifier 实例
This commit is contained in:
siujamo
2025-12-31 09:46:28 +08:00
parent 659d123f2b
commit c74a67cdc6
3 changed files with 36 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/java/com/onixbyte/helix/client/TokenClient.java
+18 -1
View File
@@ -1,7 +1,9 @@
package com.onixbyte.helix.client;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.onixbyte.helix.domain.entity.User;
import com.onixbyte.helix.properties.TokenProperties;
import com.onixbyte.helix.utils.DateTimeUtil;
@@ -24,6 +26,7 @@ public class TokenClient {
private final Algorithm algorithm;
private final TokenProperties tokenProperties;
private final JWTVerifier verifier;
/**
* Constructs a new TokenClient with the necessary algorithm and token properties.
@@ -33,9 +36,10 @@ public class TokenClient {
* validity period
*/
@Autowired
public TokenClient(Algorithm algorithm, TokenProperties tokenProperties) {
public TokenClient(Algorithm algorithm, TokenProperties tokenProperties, JWTVerifier verifier) {
this.algorithm = algorithm;
this.tokenProperties = tokenProperties;
this.verifier = verifier;
}
/**
@@ -56,4 +60,17 @@ public class TokenClient {
.withExpiresAt(DateTimeUtil.asInstant(expiresAt))
.sign(algorithm);
}
/**
* Verify and decode token.
*
* @param token a JWT token
* @return information included in the given token
* @throws com.auth0.jwt.exceptions.JWTVerificationException if the token is invalid, such as
* expired, or not signed by
* specific server
*/
public DecodedJWT verifyToken(String token) {
return verifier.verify(token);
}
}
src/main/java/com/onixbyte/helix/config/SecurityConfig.java
+9
View File
@@ -1,5 +1,7 @@
package com.onixbyte.helix.config;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.onixbyte.helix.filter.TokenAuthenticationFilter;
import com.onixbyte.helix.properties.CorsProperties;
@@ -206,4 +208,11 @@ public class SecurityConfig {
public Algorithm algorithm(TokenProperties properties) {
return Algorithm.HMAC256(properties.secret());
}
@Bean
public JWTVerifier verifier(Algorithm algorithm, TokenProperties tokenProperties) {
return JWT.require(algorithm)
.withIssuer(tokenProperties.issuer())
.build();
}
}
src/main/java/com/onixbyte/helix/filter/TokenAuthenticationFilter.java
+9 -8
View File
@@ -3,6 +3,7 @@ package com.onixbyte.helix.filter;
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.onixbyte.helix.client.TokenClient;
import com.onixbyte.helix.manager.AuthorityManager;
import com.onixbyte.helix.manager.UserManager;
import com.onixbyte.helix.security.authentication.UsernamePasswordAuthentication;
@@ -26,14 +27,18 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
private final static Logger log = LoggerFactory.getLogger(TokenAuthenticationFilter.class);
private final Algorithm algorithm;
private final UserManager userManager;
private final AuthorityManager authorityManager;
private final TokenClient tokenClient;
public TokenAuthenticationFilter(Algorithm algorithm, UserManager userManager, AuthorityManager authorityManager) {
this.algorithm = algorithm;
public TokenAuthenticationFilter(
UserManager userManager,
AuthorityManager authorityManager,
TokenClient tokenClient
) {
this.userManager = userManager;
this.authorityManager = authorityManager;
this.tokenClient = tokenClient;
}
@Override
@@ -54,12 +59,8 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
}
token = token.substring(7);
var verifier = JWT.require(algorithm)
.withIssuer("Helix Server")
.build();
try {
var decodedToken = verifier.verify(token);
var decodedToken = tokenClient.verifyToken(token);
var username = decodedToken.getSubject();
var user = userManager.selectByUsername(username);