youfool-project
/
youfool-course
generated from youfool-project/youfool-prj-springboot-template
16
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xsha/lroyia/task-20251024-055457 #1

Merged
lirh merged 2 commits from xsha/lroyia/task-20251024-055457 into master 2025-10-24 15:22:14 +08:00
Conversation 0 Commits 2 Files Changed 12 +294 -201
10 changed files with 294 additions and 201 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 7dcb73cb21 - Show all commits

5
pom.xml
View File

@ -58,11 +58,6 @@
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId> <artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency> </dependency>
<!-- OAuth2客户端 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-oauth2-client</artifactId>
</dependency>
<!-- Web相关依赖 --> <!-- Web相关依赖 -->
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>

34
src/main/java/com/chinaweal/youfool/course/config/SaTokenConfig.java Normal file
View File

@ -0,0 +1,34 @@
package com.chinaweal.youfool.course.config;
import cn.dev33.satoken.interceptor.SaInterceptor;
import cn.dev33.satoken.router.SaRouter;
import cn.dev33.satoken.stp.StpUtil;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* Sa-Token配置
*
* @author lroyia
* @since 2025/10/24
**/
@Configuration
public class SaTokenConfig implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 注册Sa-Token拦截器
registry.addInterceptor(new SaInterceptor())
.addPathPatterns("/**")
.excludePathPatterns(
"/login",
"/error",
"/webjars/**",
"/css/**",
"/js/**",
"/user/auth/**",
"/oauth2/**"
);
}
}

51
src/main/java/com/chinaweal/youfool/course/config/WebSecurityConfig.java
View File

@ -1,51 +0,0 @@
package com.chinaweal.youfool.course.config;
import com.chinaweal.youfool.course.security.OAuth2LoginFailureHandler;
import com.chinaweal.youfool.course.security.OAuth2LoginSuccessHandler;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.web.SecurityFilterChain;
/**
* Web安全配置
*
* @author lroyia
* @since 2025/10/24
**/
@Configuration
@EnableWebSecurity
public class WebSecurityConfig {
private final OAuth2LoginSuccessHandler oauth2LoginSuccessHandler;
private final OAuth2LoginFailureHandler oauth2LoginFailureHandler;
public WebSecurityConfig(OAuth2LoginSuccessHandler oauth2LoginSuccessHandler,
OAuth2LoginFailureHandler oauth2LoginFailureHandler) {
this.oauth2LoginSuccessHandler = oauth2LoginSuccessHandler;
this.oauth2LoginFailureHandler = oauth2LoginFailureHandler;
}
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests(authorize -> authorize
.requestMatchers("/login", "/error", "/webjars/**", "/css/**", "/js/**").permitAll()
.requestMatchers("/user/auth/**").permitAll()
.anyRequest().authenticated()
)
.oauth2Login(oauth2 -> oauth2
.loginPage("/login")
.successHandler(oauth2LoginSuccessHandler)
.failureHandler(oauth2LoginFailureHandler)
)
.csrf(csrf -> csrf.disable())
.formLogin(form -> form
.loginPage("/login")
.permitAll()
);
return http.build();
}
}

182
src/main/java/com/chinaweal/youfool/course/controller/OAuth2Controller.java Normal file
View File

@ -0,0 +1,182 @@
package com.chinaweal.youfool.course.controller;
import cn.dev33.satoken.session.SaSession;
import cn.dev33.satoken.stp.StpUtil;
import com.chinaweal.youfool.framework.springboot.user.entity.UserBase;
import com.chinaweal.youfool.course.common.constants.SessionConstants;
import com.chinaweal.youfool.course.entity.SysUser;
import com.chinaweal.youfool.course.service.SysUserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.servlet.view.RedirectView;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
/**
* OAuth2控制器
*
* @author lroyia
* @since 2025/10/24
**/
@Slf4j
@Controller
@RequestMapping("/oauth2")
public class OAuth2Controller {
@Value("${gitea.client-id}")
private String clientId;
@Value("${gitea.client-secret}")
private String clientSecret;
@Value("${gitea.auth-url}")
private String authUrl;
@Value("${gitea.token-url}")
private String tokenUrl;
@Value("${gitea.user-url}")
private String userUrl;
@Value("${gitea.redirect-uri}")
private String redirectUri;
@Autowired
private SysUserService sysUserService;
/**
* 跳转到Gitea授权页面
*
* @return 重定向到Gitea授权页面
*/
@GetMapping("/gitea/authorize")
public RedirectView authorize() {
String state = String.valueOf(System.currentTimeMillis());
String url = String.format("%s?client_id=%s&redirect_uri=%s&response_type=code&state=%s&scope=read:user",
authUrl, clientId, redirectUri, state);
return new RedirectView(url);
}
/**
* Gitea回调处理
*
* @param code 授权码
* @param state 状态
* @return 重定向到首页
*/
@GetMapping("/gitea/callback")
public RedirectView callback(@RequestParam String code, @RequestParam String state) {
try {
// 获取访问令牌
Map<String, String> tokenParams = new HashMap<>();
tokenParams.put("client_id", clientId);
tokenParams.put("client_secret", clientSecret);
tokenParams.put("code", code);
tokenParams.put("grant_type", "authorization_code");
tokenParams.put("redirect_uri", redirectUri);
RestTemplate restTemplate = new RestTemplate();
Map<String, Object> tokenResponse = restTemplate.postForObject(tokenUrl, tokenParams, Map.class);
if (tokenResponse == null || !tokenResponse.containsKey("access_token")) {
throw new RuntimeException("获取access_token失败");
}
String accessToken = (String) tokenResponse.get("access_token");
// 获取用户信息
Map<String, Object> userInfo = getUserInfo(accessToken);
// 处理用户登录
handleUserLogin(userInfo);
return new RedirectView("/course/");
} catch (Exception e) {
log.error("Gitea OAuth2回调处理失败", e);
return new RedirectView("/course/login?error=true&message=" + e.getMessage());
}
}
/**
* 获取用户信息
*
* @param accessToken 访问令牌
* @return 用户信息
*/
private Map<String, Object> getUserInfo(String accessToken) {
RestTemplate restTemplate = new RestTemplate();
Map<String, String> headers = new HashMap<>();
headers.put("Authorization", "token " + accessToken);
org.springframework.http.HttpEntity<?> entity = new org.springframework.http.HttpEntity<>(headers);
Map<String, Object> userInfo = restTemplate.exchange(userUrl,
org.springframework.http.HttpMethod.GET, entity, Map.class).getBody();
return userInfo;
}
/**
* 处理用户登录
*
* @param userInfo 用户信息
*/
private void handleUserLogin(Map<String, Object> userInfo) {
String username = (String) userInfo.get("username");
String email = (String) userInfo.get("email");
String avatarUrl = (String) userInfo.get("avatar_url");
Integer id = (Integer) userInfo.get("id");
log.info("Gitea用户登录成功: username={}, email={}, id={}", username, email, id);
// 生成Gitea Open ID
String giteaOpenId = String.valueOf(id);
// 检查用户是否已存在
SysUser sysUser = sysUserService.getUserByGiteaOpenId(giteaOpenId);
// 如果用户不存在,则创建新用户
if (sysUser == null) {
sysUser = new SysUser();
sysUser.setUsername(username);
sysUser.setNickname(username);
sysUser.setEmail(email);
sysUser.setAvatar(avatarUrl);
sysUser.setGiteaOpenId(giteaOpenId);
sysUserService.save(sysUser);
} else {
// 更新用户信息
sysUser.setEmail(email);
sysUser.setAvatar(avatarUrl);
sysUserService.updateById(sysUser);
}
// 使用Sa-Token登录
StpUtil.login(sysUser.getUserId());
SaSession session = StpUtil.getSession();
// 构建用户信息
UserBase userBase = new UserBase();
userBase.setUsername(sysUser.getUsername());
userBase.setEmail(sysUser.getEmail());
userBase.setAvatarUrl(sysUser.getAvatar());
userBase.setId(sysUser.getUserId());
// 设置权限
Set<String> permissionSet = new HashSet<>();
permissionSet.add("user");
userBase.setPermission(permissionSet);
// 将用户信息存储至session
session.set(SessionConstants.USER_KEY, userBase);
}
}

7
src/main/java/com/chinaweal/youfool/course/controller/PageController.java
View File

@ -1,5 +1,6 @@
package com.chinaweal.youfool.course.controller; package com.chinaweal.youfool.course.controller;
import cn.dev33.satoken.stp.StpUtil;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
@ -29,6 +30,9 @@ public class PageController {
*/ */
@GetMapping("/") @GetMapping("/")
public String index() { public String index() {
if (!StpUtil.isLogin()) {
return "redirect:/course/login";
}
return "index"; return "index";
} }
@ -39,6 +43,9 @@ public class PageController {
*/ */
@GetMapping("/index") @GetMapping("/index")
public String indexPage() { public String indexPage() {
if (!StpUtil.isLogin()) {
return "redirect:/course/login";
}
return "index"; return "index";
} }
} }

62
src/main/java/com/chinaweal/youfool/course/controller/TestController.java Normal file
View File

@ -0,0 +1,62 @@
package com.chinaweal.youfool.course.controller;
import cn.dev33.satoken.stp.StpUtil;
import com.chinaweal.youfool.framework.springboot.rest.RestResult;
import lombok.extern.slf4j.Slf4j;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
/**
* 测试控制器
*
* @author lroyia
* @since 2025/10/24
**/
@Slf4j
@RestController
@RequestMapping("/test")
public class TestController {
/**
* 测试接口需要登录
*
* @return 测试结果
*/
@GetMapping("/hello")
public RestResult<String> hello() {
return RestResult.ok("Hello, " + StpUtil.getLoginIdAsString() + "!");
}
/**
* 测试管理员权限
*
* @return 测试结果
*/
@GetMapping("/admin")
public RestResult<String> admin() {
StpUtil.checkPermission("admin");
return RestResult.ok("Admin access granted!");
}
/**
* 测试用户权限
*
* @return 测试结果
*/
@GetMapping("/user")
public RestResult<String> user() {
StpUtil.checkPermission("user");
return RestResult.ok("User access granted!");
}
/**
* 获取当前登录信息
*
* @return 登录信息
*/
@GetMapping("/info")
public RestResult<String> info() {
return RestResult.ok("Current login id: " + StpUtil.getLoginIdAsString());
}
}

31
src/main/java/com/chinaweal/youfool/course/security/OAuth2LoginFailureHandler.java
View File

@ -1,31 +0,0 @@
package com.chinaweal.youfool.course.security;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* OAuth2登录失败处理器
*
* @author lroyia
* @since 2025/10/24
**/
@Slf4j
@Component
public class OAuth2LoginFailureHandler implements AuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
log.error("OAuth2登录失败: {}", exception.getMessage());
// 重定向到登录页面,带上错误信息
response.sendRedirect("/course/login?error=true&message=" + java.net.URLEncoder.encode(exception.getMessage(), "UTF-8"));
}
}

96
src/main/java/com/chinaweal/youfool/course/security/OAuth2LoginSuccessHandler.java
View File

@ -1,96 +0,0 @@
package com.chinaweal.youfool.course.security;
import cn.dev33.satoken.session.SaSession;
import cn.dev33.satoken.stp.StpUtil;
import com.chinaweal.youfool.framework.springboot.user.entity.UserBase;
import com.chinaweal.youfool.course.common.constants.SessionConstants;
import com.chinaweal.youfool.course.entity.SysUser;
import com.chinaweal.youfool.course.service.SysUserService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
/**
* OAuth2登录成功处理器
*
* @author lroyia
* @since 2025/10/24
**/
@Slf4j
@Component
public class OAuth2LoginSuccessHandler implements AuthenticationSuccessHandler {
@Autowired
private SysUserService sysUserService;
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
Authentication authentication) throws IOException, ServletException {
OAuth2User oauth2User = (OAuth2User) authentication.getPrincipal();
Map<String, Object> attributes = oauth2User.getAttributes();
// 获取Gitea用户信息
String username = (String) attributes.get("username");
String email = (String) attributes.get("email");
String avatarUrl = (String) attributes.get("avatar_url");
Integer id = (Integer) attributes.get("id");
log.info("Gitea用户登录成功: username={}, email={}, id={}", username, email, id);
// 生成Gitea Open ID
String giteaOpenId = String.valueOf(id);
// 检查用户是否已存在
SysUser sysUser = sysUserService.getUserByGiteaOpenId(giteaOpenId);
// 如果用户不存在,则创建新用户
if (sysUser == null) {
sysUser = new SysUser();
sysUser.setUsername(username);
sysUser.setNickname(username);
sysUser.setEmail(email);
sysUser.setAvatar(avatarUrl);
sysUser.setGiteaOpenId(giteaOpenId);
sysUserService.save(sysUser);
} else {
// 更新用户信息
sysUser.setEmail(email);
sysUser.setAvatar(avatarUrl);
sysUserService.updateById(sysUser);
}
// 使用Sa-Token登录
StpUtil.login(sysUser.getUserId());
SaSession session = StpUtil.getSession();
// 构建用户信息
UserBase userBase = new UserBase();
userBase.setUsername(sysUser.getUsername());
userBase.setEmail(sysUser.getEmail());
userBase.setAvatarUrl(sysUser.getAvatar());
userBase.setId(sysUser.getUserId());
// 设置权限
Set<String> permissionSet = new HashSet<>();
permissionSet.add("user");
userBase.setPermission(permissionSet);
// 将用户信息存储至session
session.set(SessionConstants.USER_KEY, userBase);
// 重定向到首页
response.sendRedirect("/course/");
}
}

25
src/main/resources/application.yml
View File

@ -14,23 +14,14 @@ spring:
suffix: .html suffix: .html
encoding: UTF-8 encoding: UTF-8
mode: HTML mode: HTML
# OAuth2配置 # Gitea OAuth2配置
security: gitea:
oauth2: client-id: ${GITEA_CLIENT_ID:your-gitea-client-id}
client: client-secret: ${GITEA_CLIENT_SECRET:your-gitea-client-secret}
registration: auth-url: ${GITEA_AUTH_URL:https://gitea.com/login/oauth/authorize}
gitea: token-url: ${GITEA_TOKEN_URL:https://gitea.com/login/oauth/access_token}
client-id: ${GITEA_CLIENT_ID:your-gitea-client-id} user-url: ${GITEA_USER_URL:https://gitea.com/api/v1/user}
client-secret: ${GITEA_CLIENT_SECRET:your-gitea-client-secret} redirect-uri: ${BASE_URL:http://localhost:8080}/course/oauth2/gitea/callback
authorization-grant-type: authorization_code
redirect-uri: ${BASE_URL:http://localhost:8080}/course/login/oauth2/code/gitea
scope: read:user
provider:
gitea:
authorization-uri: ${GITEA_AUTH_URL:https://gitea.com/login/oauth/authorize}
token-uri: ${GITEA_TOKEN_URL:https://gitea.com/login/oauth/access_token}
user-info-uri: ${GITEA_USER_URL:https://gitea.com/api/v1/user}
user-name-attribute: username
datasource: datasource:
dynamic: dynamic:
primary: master #设置默认的数据源或者数据源组,默认值即为master primary: master #设置默认的数据源或者数据源组,默认值即为master

2
src/main/resources/templates/login.html
View File

@ -136,7 +136,7 @@
<span></span> <span></span>
</div> </div>
<a href="/oauth2/authorization/gitea" class="gitea-login-btn"> <a href="/course/oauth2/gitea/authorize" class="gitea-login-btn">
<svg class="gitea-icon" viewBox="0 0 24 24" fill="currentColor"> <svg class="gitea-icon" viewBox="0 0 24 24" fill="currentColor">
<path d="M4.209 4.603c-.247 0-.525.02-.84.088-.333.07-1.28.283-2.054 1.027C-.403 7.25.035 9.685.089 10.052c.065.446.263 1.686 1.21 2.768 1.766 2.141 5.51 2.092 5.51 2.092s.462 1.103 1.168 2.119c.955 1.263 1.936 2.248 2.89 2.367 2.406 0 7.212-.004 7.212-.004s.458.004 1.08-.394c.535-.324 1.013-.893 1.013-.893s.492-.527 1.18-1.73c.21-.37.385-.729.538-1.068 0 0 2.107-4.471 2.107-8.823-.042-1.318-.367-1.55-.443-1.627-.156-.156-.366-.153-.366-.153s-4.475.252-6.792.306c-.508.011-1.012.023-1.512.027v4.474l-.634-.301c0-1.39-.004-4.17-.004-4.17-1.107.016-3.405-.084-3.405-.084s-5.399-.27-5.987-.324c-.112-.012-.263-.02-.42-.02zm.531 1.268c.163.011.405.027.658.054l.426.05 3.23.294c.407.038.848.072 1.295.104 0 0 .39.023.948.054.558.031 1.243.065 1.243.065.55.027 1.107.038 1.243.046.39.015.604.015.604.015l.007 4.586 2.394 1.135V6.324c.492-.004.983-.015 1.463-.023l.847-.015c1.18-.023 2.344-.07 2.344-.07l.273-.015c.156 0 .294-.004.422-.004.863 0 1.027.169 1.077.218.112.113.135.42.15.508.015.124.046.365.058.697.031 1.336-.218 3.098-.631 4.688-.073.28-.156.562-.248.836-.27.83-.956 2.478-.956 2.478-.14.352-.304.75-.499 1.169-.397.852-.82 1.627-.82 1.627s-.23.374-.615.665a2.525 2.525 0 0 1-.523.267c-.15.046-.306.02-.508.027l-.603.015c-.607.008-1.206.004-1.206.004H11.25c-1.278-.12-2.44-2.152-3.03-3.042-.793-1.224-1.549-3.12-1.549-3.12l-.812-.02c-.407-.008-.844-.02-1.203-.02-1.647 0-3.12-.52-3.87-1.399C.13 9.98-.191 7.767.652 6.564c.472-.677 1.2-1.06 1.845-1.24a4.45 4.45 0 0 1 1.243-.153z"/> <path d="M4.209 4.603c-.247 0-.525.02-.84.088-.333.07-1.28.283-2.054 1.027C-.403 7.25.035 9.685.089 10.052c.065.446.263 1.686 1.21 2.768 1.766 2.141 5.51 2.092 5.51 2.092s.462 1.103 1.168 2.119c.955 1.263 1.936 2.248 2.89 2.367 2.406 0 7.212-.004 7.212-.004s.458.004 1.08-.394c.535-.324 1.013-.893 1.013-.893s.492-.527 1.18-1.73c.21-.37.385-.729.538-1.068 0 0 2.107-4.471 2.107-8.823-.042-1.318-.367-1.55-.443-1.627-.156-.156-.366-.153-.366-.153s-4.475.252-6.792.306c-.508.011-1.012.023-1.512.027v4.474l-.634-.301c0-1.39-.004-4.17-.004-4.17-1.107.016-3.405-.084-3.405-.084s-5.399-.27-5.987-.324c-.112-.012-.263-.02-.42-.02zm.531 1.268c.163.011.405.027.658.054l.426.05 3.23.294c.407.038.848.072 1.295.104 0 0 .39.023.948.054.558.031 1.243.065 1.243.065.55.027 1.107.038 1.243.046.39.015.604.015.604.015l.007 4.586 2.394 1.135V6.324c.492-.004.983-.015 1.463-.023l.847-.015c1.18-.023 2.344-.07 2.344-.07l.273-.015c.156 0 .294-.004.422-.004.863 0 1.027.169 1.077.218.112.113.135.42.15.508.015.124.046.365.058.697.031 1.336-.218 3.098-.631 4.688-.073.28-.156.562-.248.836-.27.83-.956 2.478-.956 2.478-.14.352-.304.75-.499 1.169-.397.852-.82 1.627-.82 1.627s-.23.374-.615.665a2.525 2.525 0 0 1-.523.267c-.15.046-.306.02-.508.027l-.603.015c-.607.008-1.206.004-1.206.004H11.25c-1.278-.12-2.44-2.152-3.03-3.042-.793-1.224-1.549-3.12-1.549-3.12l-.812-.02c-.407-.008-.844-.02-1.203-.02-1.647 0-3.12-.52-3.87-1.399C.13 9.98-.191 7.767.652 6.564c.472-.677 1.2-1.06 1.845-1.24a4.45 4.45 0 0 1 1.243-.153z"/>
</svg> </svg>