3.2.0，saToken登录版完成

2022-05-10 09:25:53 +08:00 · 2022-05-10 09:25:53 +08:00 · 6836c25ab4
parent 72205525ef
commit 6836c25ab4
10 changed files with 268 additions and 61 deletions
--- a/pom.xml
+++ b/pom.xml
@ -40,7 +40,7 @@
        <dependency>
            <groupId>com.chinaweal.youfool</groupId>
            <artifactId>youfool-framework-springboot</artifactId>
-            <version>3.0.2-SNAPSHOT</version>
+            <version>3.2.0-SNAPSHOT</version>
        </dependency>
        <!--postgresql-->
        <dependency>
@ -72,6 +72,13 @@
            <artifactId>youfool-increpack-maven-plugin</artifactId>
            <version>2.1.0</version>
        </dependency>
+        <!-- https://mvnrepository.com/artifact/mysql/mysql-connector-java -->
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+            <version>8.0.28</version>
+        </dependency>
+
    </dependencies>

    <build>
--- a/src/main/java/com/chinaweal/youfool/prj/common/util/StringUtils.java
+++ b/src/main/java/com/chinaweal/youfool/prj/common/util/StringUtils.java
@ -0,0 +1,9 @@
+package com.chinaweal.youfool.prj.common.util;
+
+/**
+ * 字符串工具类
+ * @author lroyia
+ * @since 2022/4/20 15:04
+ **/
+public abstract class StringUtils {
+}
--- a/src/main/java/com/chinaweal/youfool/prj/config/FilterConfig.java
+++ b/src/main/java/com/chinaweal/youfool/prj/config/FilterConfig.java
@ -1,39 +0,0 @@
-package com.chinaweal.youfool.prj.config;
-
-import com.chinaweal.youfool.framework.springboot.filter.RepeatlyReadFilter;
-import com.chinaweal.youfool.framework.springboot.filter.RestLogFilter;
-import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-/**
- * @author itluck
- */
-@Configuration
-public class FilterConfig {
-    /**
-     * 日志记录过滤器
-     */
-    @Bean
-    public FilterRegistrationBean<RestLogFilter> restLogFilter() {
-        FilterRegistrationBean<RestLogFilter> registrationBean = new FilterRegistrationBean<>();
-        registrationBean.setFilter(new RestLogFilter());
-        registrationBean.addUrlPatterns("/*");
-        registrationBean.setName("restLogFilter");
-        registrationBean.setOrder(-99);
-        return registrationBean;
-    }
-
-    /**
-     * 开启重复读取request流，用于日志
-     */
-    @Bean
-    public FilterRegistrationBean<RepeatlyReadFilter> repeatlyReadFilter() {
-        FilterRegistrationBean<RepeatlyReadFilter> registrationBean = new FilterRegistrationBean<>();
-        registrationBean.setFilter(new RepeatlyReadFilter());
-        registrationBean.addUrlPatterns("/*");
-        registrationBean.setName("repeatlyReadFilter");
-        registrationBean.setOrder(-100);
-        return registrationBean;
-    }
-}
--- a/src/main/java/com/chinaweal/youfool/prj/config/SaTokenConfig.java
+++ b/src/main/java/com/chinaweal/youfool/prj/config/SaTokenConfig.java
@ -0,0 +1,26 @@
+package com.chinaweal.youfool.prj.config;
+
+import cn.dev33.satoken.context.model.SaRequest;
+import cn.dev33.satoken.context.model.SaResponse;
+import cn.dev33.satoken.router.SaRouteFunction;
+import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.stp.StpUtil;
+
+/**
+ * SaToken权限与鉴权配置
+ * @author lroyia
+ * @since 2022/4/20 16:37
+ **/
+public class SaTokenConfig implements SaRouteFunction {
+
+    @Override
+    public void run(SaRequest request, SaResponse response, Object handler) {
+        // 根据路由划分模块，不同模块不同鉴权
+//        SaRouter.match("/user/**", r -> StpUtil.checkPermission("user"));
+//        SaRouter.match("/admin/**", r -> StpUtil.checkPermission("admin"));
+//        SaRouter.match("/goods/**", r -> StpUtil.checkPermission("goods"));
+//        SaRouter.match("/orders/**", r -> StpUtil.checkPermission("orders"));
+//        SaRouter.match("/notice/**", r -> StpUtil.checkPermission("notice"));
+//        SaRouter.match("/comment/**", r -> StpUtil.checkPermission("comment"));
+    }
+}
--- a/src/main/java/com/chinaweal/youfool/prj/config/SpringMvcConfig.java
+++ b/src/main/java/com/chinaweal/youfool/prj/config/SpringMvcConfig.java
@ -0,0 +1,29 @@
+package com.chinaweal.youfool.prj.config;
+
+import cn.dev33.satoken.interceptor.SaRouteInterceptor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * spring mvc 配置
+ * @author lroyia
+ * @since 2022/2/8 18:04
+ **/
+@Configuration
+public class SpringMvcConfig implements WebMvcConfigurer {
+
+    /**
+     * 拦截器注册
+     * @param registry  注册对象
+     * @author lroyia
+     * @since  2022年4月20日 16:41:54
+     */
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        // SaToken路由拦截与鉴权
+        registry.addInterceptor(new SaRouteInterceptor(new SaTokenConfig()))
+                .addPathPatterns("/**")
+                .excludePathPatterns("/user/auth/**");
+    }
+}
--- a/src/main/java/com/chinaweal/youfool/prj/controller/LoginController.java
+++ b/src/main/java/com/chinaweal/youfool/prj/controller/LoginController.java
@ -0,0 +1,127 @@
+package com.chinaweal.youfool.prj.controller;
+
+import cn.dev33.satoken.session.SaSession;
+import cn.dev33.satoken.stp.SaTokenInfo;
+import cn.dev33.satoken.stp.StpUtil;
+import com.chinaweal.youfool.framework.springboot.common.base.BaseController;
+import com.chinaweal.youfool.framework.springboot.common.util.AssertUtils;
+import com.chinaweal.youfool.framework.springboot.common.util.RSAUtil;
+import com.chinaweal.youfool.framework.springboot.rest.RestResult;
+import com.chinaweal.youfool.framework.springboot.rest.ResultCode;
+import com.chinaweal.youfool.framework.springboot.user.entity.LoginInfo;
+import com.chinaweal.youfool.framework.springboot.user.entity.UserBase;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * 登录相关接口
+ *
+ * @author lroyia
+ * @since 2022/4/20 15:02
+ **/
+@Slf4j
+@RestController
+@RequestMapping("/user/auth")
+public class LoginController extends BaseController {
+
+    /**
+     * 登录接口
+     *
+     * @param username 用户名
+     * @param password 密码
+     * @param encrypt  密码是否已经加密
+     * @return 登录结果
+     * @author lroyia
+     * @since 2022年4月20日 15:47:35
+     */
+    @PostMapping("login")
+    public RestResult<?> doLogin(String username, String password, Boolean encrypt) {
+        AssertUtils.isNotBlank(username, password);
+        if (encrypt != null && encrypt) {
+            String privateKey = getPrivateKey();
+            try {
+                password = RSAUtil.decrypt(password, privateKey);
+            } catch (Exception e) {
+                log.error("密码解密失败：{}", password, e);
+                return RestResult.error(ResultCode.BUSINESS_LOGIC_ERROR, "密码解密失败");
+            }
+        }
+
+        // TODO：与数据库匹配校验，具体按用户信息表
+
+        // 匹配成功的话，登记登录信息 TODO:这里的userId是用户唯一号，应根据实际的数据库信息进行替换
+        StpUtil.login("userId");
+        SaSession session = StpUtil.getSession();
+        // 将用户信息存储至session TODO:登录信息存到这里
+        UserBase userBase = new UserBase();
+        Set<String> permissionSet = new HashSet<>();
+        permissionSet.add("admin");
+        userBase.setPermission(permissionSet);
+        session.set("user", userBase);
+
+        return RestResult.ok();
+    }
+
+    /**
+     * 获取当前持有的公钥
+     *
+     * @return 获取结果
+     * @author lroyia
+     * @since 2022年4月20日 15:55:13
+     */
+    @GetMapping("publicKey")
+    public RestResult<String> getCurrentPublicKey() {
+        return RestResult.ok(getPublicKey());
+    }
+
+    /**
+     * 登录信息
+     *
+     * @return 状态判断
+     * @author lroyia
+     * @since 2022年4月20日 15:58:26
+     */
+    @GetMapping("login/info")
+    public RestResult<LoginInfo<UserBase>> loginInfo() {
+        boolean login = StpUtil.isLogin();
+        SaTokenInfo tokenInfo = StpUtil.getTokenInfo();
+        LoginInfo<UserBase> userInfo = new LoginInfo<>(login, null);
+        if (login) {
+            SaSession session = getSession();
+            userInfo.setUserInfo((UserBase) session.get("user"));
+        }
+        return RestResult.ok(userInfo);
+    }
+
+    /**
+     * 登出
+     *
+     * @return 操作结果
+     * @author lroyia
+     * @since 2022年4月20日 15:59:55
+     */
+    @GetMapping("logout")
+    public RestResult<?> logout() {
+        StpUtil.logout();
+        return RestResult.ok();
+    }
+
+    /**
+     * 列出用户权限信息
+     *
+     * @return 权限列表
+     * @author lroyia
+     * @since 2022年4月20日 16:12:09
+     */
+    @GetMapping("perm/list")
+    public RestResult<List<String>> getPermList() {
+        return RestResult.ok(StpUtil.getPermissionList());
+    }
+}
--- a/src/main/java/com/chinaweal/youfool/prj/service/impl/StpInterfaceImpl.java
+++ b/src/main/java/com/chinaweal/youfool/prj/service/impl/StpInterfaceImpl.java
@ -0,0 +1,31 @@
+package com.chinaweal.youfool.prj.service.impl;
+
+import cn.dev33.satoken.stp.StpInterface;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * 授权服务
+ * @author lroyia
+ * @since 2022/4/20 15:42
+ **/
+@Service
+public class StpInterfaceImpl implements StpInterface {
+    @Override
+    public List<String> getPermissionList(Object loginId, String loginType) {
+        List<String> permList = new ArrayList<>();
+        // TODO:利用loginId去数据库查询权限，并存到list中
+        // 如：List<String> permList = userService.getPermList(loginId);
+        return permList;
+    }
+
+    @Override
+    public List<String> getRoleList(Object loginId, String loginType) {
+        List<String> roleList = new ArrayList<>();
+        // TODO:利用loginId去数据库查询用户角色，并存到list中
+        // 如：List<String> roleList = userService.getRoleList(loginId);
+        return roleList;
+    }
+}
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@ -2,19 +2,20 @@ logging:
  level:
    dao: debug
    youfool.dao: info
-    com.chinaweal.youfool.framework.springboot.cms: debug
-    com.chinaweal.youfool.prj: debug
+    com.chinaweal.youfool.framework.springboot.log: debug
+    com.chinaweal.youfool.pms: debug
+  filePath: D:\project\pms\logs
 spring:
  datasource:
    dynamic:
      datasource:
        master:
-          url: jdbc:mysql://127.0.0.1:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
-          username: root
-          password: 123456
-          driver-class-name: com.mysql.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
+          url: jdbc:mysql://172.22.80.35:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+          username: chinaweal
+          password: ChinaWeal2021
+          driver-class-name: com.mysql.cj.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
        youfool:
-          url: jdbc:mysql://127.0.0.1:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
-          username: root
-          password: 123456
-          driver-class-name: com.mysql.jdbc.Driver
+          url: jdbc:mysql://172.22.80.35:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+          username: chinaweal
+          password: ChinaWeal2021
+          driver-class-name: com.mysql.cj.jdbc.Driver
--- a/src/main/resources/application-prod.yml
+++ b/src/main/resources/application-prod.yml
@ -1,21 +1,21 @@
 logging:
  level:
-    dao: debug
+    dao: info
    youfool.dao: info
-    com.chinaweal.youfool.framework.springboot.log: debug
-    com.chinaweal.youfool.pms: debug
+    com.chinaweal.youfool.framework.springboot.log: info
+    com.chinaweal.youfool.pms: info
  filePath: D:\project\pms\logs
 spring:
  datasource:
    dynamic:
      datasource:
        master:
-          url: jdbc:mysql://127.0.0.1:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
-          username: root
-          password: 123456
-          driver-class-name: com.mysql.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
+          url: jdbc:mysql://172.22.80.35:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+          username: chinaweal
+          password: ChinaWeal2021
+          driver-class-name: com.mysql.cj.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
        youfool:
-          url: jdbc:mysql://127.0.0.1:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
-          username: root
-          password: 123456
-          driver-class-name: com.mysql.jdbc.Driver
+          url: jdbc:mysql://172.22.80.35:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+          username: chinaweal
+          password: ChinaWeal2021
+          driver-class-name: com.mysql.cj.jdbc.Driver
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@ -69,3 +69,19 @@ knife4j:
 server:
  servlet:
    context-path: /prj
+# Sa-Token配置
+sa-token:
+  # token名称 (同时也是cookie名称)
+  token-name: satoken
+  # token有效期，单位s 默认30天, -1代表永不过期
+  timeout: 2592000
+  # token临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
+  activity-timeout: -1
+  # 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
+  is-concurrent: true
+  # 在多人登录同一账号时，是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
+  is-share: false
+  # token风格
+  token-style: uuid
+  # 是否输出操作日志
+  is-log: false