From 049091c4a807d32d6204b122891fb3eb04236ddd Mon Sep 17 00:00:00 2001
From: "xueli.xue" <xueli.xue@dianping.com>
Date: Wed, 22 Mar 2017 20:36:46 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=BC=BA=E6=9D=83=E9=99=90=E6=A0=A1?=
 =?UTF-8?q?=E9=AA=8C=EF=BC=8C=E9=87=87=E7=94=A8=E5=8A=A8=E6=80=81=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95TOKEN=EF=BC=9B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md                                      |  7 +++++--
 .../interceptor/PermissionInterceptor.java     | 18 ++++++++++++++----
 .../template/common/common.exception.ftl       | 12 ++----------
 .../WEB-INF/template/jobcode/jobcode.index.ftl |  4 ++--
 4 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/README.md b/README.md
index 9034fb2a..6cead382 100644
--- a/README.md
+++ b/README.md
@@ -767,9 +767,12 @@ Tips: 历史版本(V1.3.x)目前已经Release至稳定版本, 进入维护阶段
 - 9、GLUE模式任务实例更新逻辑优化，原根据超时时间更新改为根据版本号更新，源码变动版本号加一；
 
 #### 6.12 版本 V1.6.1 特性 (Coding)
-- 1、通讯协议二进制据增强校验，处理非正常请求；
+- 1、通讯协议二进制据增强校验，拦截非正常请求；
 - 2、数据库地址配置优化；
-- 2、rolling日志，日志界面风格同glue任务编辑器；
+- 3、WebIDE交互重构；
+- 4、前端部分组件优化；
+- 5、增强权限校验，采用动态登录TOKEN；
+- 5、rolling日志，日志界面风格同glue任务编辑器；
 
 
 #### TODO LIST
diff --git a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java
index 97bcf5fc..d8ba4bef 100644
--- a/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java
+++ b/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/interceptor/PermissionInterceptor.java
@@ -2,11 +2,13 @@ package com.xxl.job.admin.controller.interceptor;
 
 import com.xxl.job.admin.controller.annotation.PermessionLimit;
 import com.xxl.job.admin.core.util.CookieUtil;
+import com.xxl.job.admin.core.util.PropertiesUtil;
 import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import java.math.BigInteger;
 
 /**
  * 权限拦截, 简易版
@@ -15,10 +17,16 @@ import javax.servlet.http.HttpServletResponse;
 public class PermissionInterceptor extends HandlerInterceptorAdapter {
 	
 	public static final String LOGIN_IDENTITY_KEY = "LOGIN_IDENTITY";
-	public static final String LOGIN_IDENTITY_VAL = "sdf!121sdf$78sd!8";
+	public static final String LOGIN_IDENTITY_TOKEN;
+    static {
+        String username = PropertiesUtil.getString("xxl.job.login.username");
+        String password = PropertiesUtil.getString("xxl.job.login.password");
+        String temp = username + "_" + password;
+        LOGIN_IDENTITY_TOKEN = new BigInteger(1, temp.getBytes()).toString(16);
+    }
 	
 	public static boolean login(HttpServletResponse response, boolean ifRemember){
-		CookieUtil.set(response, LOGIN_IDENTITY_KEY, LOGIN_IDENTITY_VAL, ifRemember);
+		CookieUtil.set(response, LOGIN_IDENTITY_KEY, LOGIN_IDENTITY_TOKEN, ifRemember);
 		return true;
 	}
 	public static void logout(HttpServletRequest request, HttpServletResponse response){
@@ -26,7 +34,7 @@ public class PermissionInterceptor extends HandlerInterceptorAdapter {
 	}
 	public static boolean ifLogin(HttpServletRequest request){
 		String indentityInfo = CookieUtil.getValue(request, LOGIN_IDENTITY_KEY);
-		if (indentityInfo==null || !LOGIN_IDENTITY_VAL.equals(indentityInfo.trim())) {
+		if (indentityInfo==null || !LOGIN_IDENTITY_TOKEN.equals(indentityInfo.trim())) {
 			return false;
 		}
 		return true;
@@ -43,7 +51,9 @@ public class PermissionInterceptor extends HandlerInterceptorAdapter {
 			HandlerMethod method = (HandlerMethod)handler;
 			PermessionLimit permission = method.getMethodAnnotation(PermessionLimit.class);
 			if (permission == null || permission.limit()) {
-				throw new Exception("登陆失效");
+				response.sendRedirect("/toLogin");
+				//request.getRequestDispatcher("/toLogin").forward(request, response);
+				return false;
 			}
 		}
 		
diff --git a/xxl-job-admin/src/main/webapp/WEB-INF/template/common/common.exception.ftl b/xxl-job-admin/src/main/webapp/WEB-INF/template/common/common.exception.ftl
index 749b1f46..15e09b53 100644
--- a/xxl-job-admin/src/main/webapp/WEB-INF/template/common/common.exception.ftl
+++ b/xxl-job-admin/src/main/webapp/WEB-INF/template/common/common.exception.ftl
@@ -22,18 +22,10 @@
 
 	<div class="dialog"> 
 	    <h1>应用程序异常</h1> 
-	    <p>抱歉！您访问的页面出现异常，请稍后重试或联系管理员。</p> 
-	    <p><a href="javascript:showErr();">详 情</a> 
-		<a href="javascript:window.location.href='${request.contextPath}/'">返 回</a> 
+	    <p>${exceptionMsg}</p>
+		<a href="javascript:window.location.href='${request.contextPath}/'">返 回</a>
 	    </p> 
-	    <div style="display:none;text-align: left;" id="err">${exceptionMsg}</div>
 	</div>
-  
-<script type="text/javascript">
-function showErr(){
-	document.getElementById("err").style.display = "";
-}
-</script>
 
 </body>
 </html>
\ No newline at end of file
diff --git a/xxl-job-admin/src/main/webapp/WEB-INF/template/jobcode/jobcode.index.ftl b/xxl-job-admin/src/main/webapp/WEB-INF/template/jobcode/jobcode.index.ftl
index 27973811..bfae3f29 100644
--- a/xxl-job-admin/src/main/webapp/WEB-INF/template/jobcode/jobcode.index.ftl
+++ b/xxl-job-admin/src/main/webapp/WEB-INF/template/jobcode/jobcode.index.ftl
@@ -35,7 +35,7 @@
                     <#-- left nav -->
                     <div class="collapse navbar-collapse pull-left" id="navbar-collapse">
                         <ul class="nav navbar-nav">
-                            <li class="active" ><a href="#">任务：${jobInfo.jobDesc}<span class="sr-only">(current)</span></a></li>
+                            <li class="active" ><a href="javascript:;">任务：${jobInfo.jobDesc}<span class="sr-only">(current)</span></a></li>
                         </ul>
                     </div>
 
@@ -79,7 +79,7 @@
         <div class="modal-dialog ">
             <div class="modal-content">
                 <div class="modal-header">
-                    <h4 class="modal-title" ><i class="fa fa-bars"></i>保存</h4>
+                    <h4 class="modal-title" ><i class="fa fa-fw fa-save"></i>保存</h4>
                 </div>
                 <div class="modal-body">
                     <form class="form-horizontal form" role="form" >