From 6836c25ab446cfcdc038f5f26f4f94159435cb95 Mon Sep 17 00:00:00 2001
From: lroyia <814876716@qq.com>
Date: Tue, 10 May 2022 09:25:53 +0800
Subject: [PATCH] =?UTF-8?q?3.2.0=EF=BC=8CsaToken=E7=99=BB=E5=BD=95?=
=?UTF-8?q?=E7=89=88=E5=AE=8C=E6=88=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
pom.xml | 9 +-
.../youfool/prj/common/util/StringUtils.java | 9 ++
.../youfool/prj/config/FilterConfig.java | 39 ------
.../youfool/prj/config/SaTokenConfig.java | 26 ++++
.../youfool/prj/config/SpringMvcConfig.java | 29 ++++
.../prj/controller/LoginController.java | 127 ++++++++++++++++++
.../prj/service/impl/StpInterfaceImpl.java | 31 +++++
src/main/resources/application-dev.yml | 21 +--
src/main/resources/application-prod.yml | 22 +--
src/main/resources/application.yml | 16 +++
10 files changed, 268 insertions(+), 61 deletions(-)
create mode 100644 src/main/java/com/chinaweal/youfool/prj/common/util/StringUtils.java
delete mode 100644 src/main/java/com/chinaweal/youfool/prj/config/FilterConfig.java
create mode 100644 src/main/java/com/chinaweal/youfool/prj/config/SaTokenConfig.java
create mode 100644 src/main/java/com/chinaweal/youfool/prj/config/SpringMvcConfig.java
create mode 100644 src/main/java/com/chinaweal/youfool/prj/controller/LoginController.java
create mode 100644 src/main/java/com/chinaweal/youfool/prj/service/impl/StpInterfaceImpl.java
diff --git a/pom.xml b/pom.xml
index 11b5cf9..5c49a13 100644
--- a/pom.xml
+++ b/pom.xml
@@ -40,7 +40,7 @@
com.chinaweal.youfool
youfool-framework-springboot
- 3.0.2-SNAPSHOT
+ 3.2.0-SNAPSHOT
@@ -72,6 +72,13 @@
youfool-increpack-maven-plugin
2.1.0
+
+
+ mysql
+ mysql-connector-java
+ 8.0.28
+
+
diff --git a/src/main/java/com/chinaweal/youfool/prj/common/util/StringUtils.java b/src/main/java/com/chinaweal/youfool/prj/common/util/StringUtils.java
new file mode 100644
index 0000000..1d0e891
--- /dev/null
+++ b/src/main/java/com/chinaweal/youfool/prj/common/util/StringUtils.java
@@ -0,0 +1,9 @@
+package com.chinaweal.youfool.prj.common.util;
+
+/**
+ * 字符串工具类
+ * @author lroyia
+ * @since 2022/4/20 15:04
+ **/
+public abstract class StringUtils {
+}
diff --git a/src/main/java/com/chinaweal/youfool/prj/config/FilterConfig.java b/src/main/java/com/chinaweal/youfool/prj/config/FilterConfig.java
deleted file mode 100644
index 262a7aa..0000000
--- a/src/main/java/com/chinaweal/youfool/prj/config/FilterConfig.java
+++ /dev/null
@@ -1,39 +0,0 @@
-package com.chinaweal.youfool.prj.config;
-
-import com.chinaweal.youfool.framework.springboot.filter.RepeatlyReadFilter;
-import com.chinaweal.youfool.framework.springboot.filter.RestLogFilter;
-import org.springframework.boot.web.servlet.FilterRegistrationBean;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-/**
- * @author itluck
- */
-@Configuration
-public class FilterConfig {
- /**
- * 日志记录过滤器
- */
- @Bean
- public FilterRegistrationBean restLogFilter() {
- FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
- registrationBean.setFilter(new RestLogFilter());
- registrationBean.addUrlPatterns("/*");
- registrationBean.setName("restLogFilter");
- registrationBean.setOrder(-99);
- return registrationBean;
- }
-
- /**
- * 开启重复读取request流,用于日志
- */
- @Bean
- public FilterRegistrationBean repeatlyReadFilter() {
- FilterRegistrationBean registrationBean = new FilterRegistrationBean<>();
- registrationBean.setFilter(new RepeatlyReadFilter());
- registrationBean.addUrlPatterns("/*");
- registrationBean.setName("repeatlyReadFilter");
- registrationBean.setOrder(-100);
- return registrationBean;
- }
-}
diff --git a/src/main/java/com/chinaweal/youfool/prj/config/SaTokenConfig.java b/src/main/java/com/chinaweal/youfool/prj/config/SaTokenConfig.java
new file mode 100644
index 0000000..7e7310d
--- /dev/null
+++ b/src/main/java/com/chinaweal/youfool/prj/config/SaTokenConfig.java
@@ -0,0 +1,26 @@
+package com.chinaweal.youfool.prj.config;
+
+import cn.dev33.satoken.context.model.SaRequest;
+import cn.dev33.satoken.context.model.SaResponse;
+import cn.dev33.satoken.router.SaRouteFunction;
+import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.stp.StpUtil;
+
+/**
+ * SaToken权限与鉴权配置
+ * @author lroyia
+ * @since 2022/4/20 16:37
+ **/
+public class SaTokenConfig implements SaRouteFunction {
+
+ @Override
+ public void run(SaRequest request, SaResponse response, Object handler) {
+ // 根据路由划分模块,不同模块不同鉴权
+// SaRouter.match("/user/**", r -> StpUtil.checkPermission("user"));
+// SaRouter.match("/admin/**", r -> StpUtil.checkPermission("admin"));
+// SaRouter.match("/goods/**", r -> StpUtil.checkPermission("goods"));
+// SaRouter.match("/orders/**", r -> StpUtil.checkPermission("orders"));
+// SaRouter.match("/notice/**", r -> StpUtil.checkPermission("notice"));
+// SaRouter.match("/comment/**", r -> StpUtil.checkPermission("comment"));
+ }
+}
diff --git a/src/main/java/com/chinaweal/youfool/prj/config/SpringMvcConfig.java b/src/main/java/com/chinaweal/youfool/prj/config/SpringMvcConfig.java
new file mode 100644
index 0000000..4de6f3e
--- /dev/null
+++ b/src/main/java/com/chinaweal/youfool/prj/config/SpringMvcConfig.java
@@ -0,0 +1,29 @@
+package com.chinaweal.youfool.prj.config;
+
+import cn.dev33.satoken.interceptor.SaRouteInterceptor;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * spring mvc 配置
+ * @author lroyia
+ * @since 2022/2/8 18:04
+ **/
+@Configuration
+public class SpringMvcConfig implements WebMvcConfigurer {
+
+ /**
+ * 拦截器注册
+ * @param registry 注册对象
+ * @author lroyia
+ * @since 2022年4月20日 16:41:54
+ */
+ @Override
+ public void addInterceptors(InterceptorRegistry registry) {
+ // SaToken路由拦截与鉴权
+ registry.addInterceptor(new SaRouteInterceptor(new SaTokenConfig()))
+ .addPathPatterns("/**")
+ .excludePathPatterns("/user/auth/**");
+ }
+}
diff --git a/src/main/java/com/chinaweal/youfool/prj/controller/LoginController.java b/src/main/java/com/chinaweal/youfool/prj/controller/LoginController.java
new file mode 100644
index 0000000..8fa411d
--- /dev/null
+++ b/src/main/java/com/chinaweal/youfool/prj/controller/LoginController.java
@@ -0,0 +1,127 @@
+package com.chinaweal.youfool.prj.controller;
+
+import cn.dev33.satoken.session.SaSession;
+import cn.dev33.satoken.stp.SaTokenInfo;
+import cn.dev33.satoken.stp.StpUtil;
+import com.chinaweal.youfool.framework.springboot.common.base.BaseController;
+import com.chinaweal.youfool.framework.springboot.common.util.AssertUtils;
+import com.chinaweal.youfool.framework.springboot.common.util.RSAUtil;
+import com.chinaweal.youfool.framework.springboot.rest.RestResult;
+import com.chinaweal.youfool.framework.springboot.rest.ResultCode;
+import com.chinaweal.youfool.framework.springboot.user.entity.LoginInfo;
+import com.chinaweal.youfool.framework.springboot.user.entity.UserBase;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * 登录相关接口
+ *
+ * @author lroyia
+ * @since 2022/4/20 15:02
+ **/
+@Slf4j
+@RestController
+@RequestMapping("/user/auth")
+public class LoginController extends BaseController {
+
+ /**
+ * 登录接口
+ *
+ * @param username 用户名
+ * @param password 密码
+ * @param encrypt 密码是否已经加密
+ * @return 登录结果
+ * @author lroyia
+ * @since 2022年4月20日 15:47:35
+ */
+ @PostMapping("login")
+ public RestResult doLogin(String username, String password, Boolean encrypt) {
+ AssertUtils.isNotBlank(username, password);
+ if (encrypt != null && encrypt) {
+ String privateKey = getPrivateKey();
+ try {
+ password = RSAUtil.decrypt(password, privateKey);
+ } catch (Exception e) {
+ log.error("密码解密失败:{}", password, e);
+ return RestResult.error(ResultCode.BUSINESS_LOGIC_ERROR, "密码解密失败");
+ }
+ }
+
+ // TODO:与数据库匹配校验,具体按用户信息表
+
+ // 匹配成功的话,登记登录信息 TODO:这里的userId是用户唯一号,应根据实际的数据库信息进行替换
+ StpUtil.login("userId");
+ SaSession session = StpUtil.getSession();
+ // 将用户信息存储至session TODO:登录信息存到这里
+ UserBase userBase = new UserBase();
+ Set permissionSet = new HashSet<>();
+ permissionSet.add("admin");
+ userBase.setPermission(permissionSet);
+ session.set("user", userBase);
+
+ return RestResult.ok();
+ }
+
+ /**
+ * 获取当前持有的公钥
+ *
+ * @return 获取结果
+ * @author lroyia
+ * @since 2022年4月20日 15:55:13
+ */
+ @GetMapping("publicKey")
+ public RestResult getCurrentPublicKey() {
+ return RestResult.ok(getPublicKey());
+ }
+
+ /**
+ * 登录信息
+ *
+ * @return 状态判断
+ * @author lroyia
+ * @since 2022年4月20日 15:58:26
+ */
+ @GetMapping("login/info")
+ public RestResult> loginInfo() {
+ boolean login = StpUtil.isLogin();
+ SaTokenInfo tokenInfo = StpUtil.getTokenInfo();
+ LoginInfo userInfo = new LoginInfo<>(login, null);
+ if (login) {
+ SaSession session = getSession();
+ userInfo.setUserInfo((UserBase) session.get("user"));
+ }
+ return RestResult.ok(userInfo);
+ }
+
+ /**
+ * 登出
+ *
+ * @return 操作结果
+ * @author lroyia
+ * @since 2022年4月20日 15:59:55
+ */
+ @GetMapping("logout")
+ public RestResult logout() {
+ StpUtil.logout();
+ return RestResult.ok();
+ }
+
+ /**
+ * 列出用户权限信息
+ *
+ * @return 权限列表
+ * @author lroyia
+ * @since 2022年4月20日 16:12:09
+ */
+ @GetMapping("perm/list")
+ public RestResult> getPermList() {
+ return RestResult.ok(StpUtil.getPermissionList());
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/com/chinaweal/youfool/prj/service/impl/StpInterfaceImpl.java b/src/main/java/com/chinaweal/youfool/prj/service/impl/StpInterfaceImpl.java
new file mode 100644
index 0000000..fbe15e4
--- /dev/null
+++ b/src/main/java/com/chinaweal/youfool/prj/service/impl/StpInterfaceImpl.java
@@ -0,0 +1,31 @@
+package com.chinaweal.youfool.prj.service.impl;
+
+import cn.dev33.satoken.stp.StpInterface;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * 授权服务
+ * @author lroyia
+ * @since 2022/4/20 15:42
+ **/
+@Service
+public class StpInterfaceImpl implements StpInterface {
+ @Override
+ public List getPermissionList(Object loginId, String loginType) {
+ List permList = new ArrayList<>();
+ // TODO:利用loginId去数据库查询权限,并存到list中
+ // 如:List permList = userService.getPermList(loginId);
+ return permList;
+ }
+
+ @Override
+ public List getRoleList(Object loginId, String loginType) {
+ List roleList = new ArrayList<>();
+ // TODO:利用loginId去数据库查询用户角色,并存到list中
+ // 如:List roleList = userService.getRoleList(loginId);
+ return roleList;
+ }
+}
diff --git a/src/main/resources/application-dev.yml b/src/main/resources/application-dev.yml
index 6fddaad..482616f 100644
--- a/src/main/resources/application-dev.yml
+++ b/src/main/resources/application-dev.yml
@@ -2,19 +2,20 @@ logging:
level:
dao: debug
youfool.dao: info
- com.chinaweal.youfool.framework.springboot.cms: debug
- com.chinaweal.youfool.prj: debug
+ com.chinaweal.youfool.framework.springboot.log: debug
+ com.chinaweal.youfool.pms: debug
+ filePath: D:\project\pms\logs
spring:
datasource:
dynamic:
datasource:
master:
- url: jdbc:mysql://127.0.0.1:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
- username: root
- password: 123456
- driver-class-name: com.mysql.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
+ url: jdbc:mysql://172.22.80.35:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+ username: chinaweal
+ password: ChinaWeal2021
+ driver-class-name: com.mysql.cj.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
youfool:
- url: jdbc:mysql://127.0.0.1:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
- username: root
- password: 123456
- driver-class-name: com.mysql.jdbc.Driver
\ No newline at end of file
+ url: jdbc:mysql://172.22.80.35:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+ username: chinaweal
+ password: ChinaWeal2021
+ driver-class-name: com.mysql.cj.jdbc.Driver
\ No newline at end of file
diff --git a/src/main/resources/application-prod.yml b/src/main/resources/application-prod.yml
index 8c276d8..257f5e1 100644
--- a/src/main/resources/application-prod.yml
+++ b/src/main/resources/application-prod.yml
@@ -1,21 +1,21 @@
logging:
level:
- dao: debug
+ dao: info
youfool.dao: info
- com.chinaweal.youfool.framework.springboot.log: debug
- com.chinaweal.youfool.pms: debug
+ com.chinaweal.youfool.framework.springboot.log: info
+ com.chinaweal.youfool.pms: info
filePath: D:\project\pms\logs
spring:
datasource:
dynamic:
datasource:
master:
- url: jdbc:mysql://127.0.0.1:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
- username: root
- password: 123456
- driver-class-name: com.mysql.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
+ url: jdbc:mysql://172.22.80.35:3306/crgs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+ username: chinaweal
+ password: ChinaWeal2021
+ driver-class-name: com.mysql.cj.jdbc.Driver # 3.2.0开始支持SPI可省略此配置
youfool:
- url: jdbc:mysql://127.0.0.1:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
- username: root
- password: 123456
- driver-class-name: com.mysql.jdbc.Driver
\ No newline at end of file
+ url: jdbc:mysql://172.22.80.35:3306/aiccs?characterEncoding=utf-8&useSSL=false&allowPublicKeyRetrieval=true&useUnicode=true&serverTimezone=UTC
+ username: chinaweal
+ password: ChinaWeal2021
+ driver-class-name: com.mysql.cj.jdbc.Driver
\ No newline at end of file
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index ce56e54..b2d0892 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -69,3 +69,19 @@ knife4j:
server:
servlet:
context-path: /prj
+# Sa-Token配置
+sa-token:
+ # token名称 (同时也是cookie名称)
+ token-name: satoken
+ # token有效期,单位s 默认30天, -1代表永不过期
+ timeout: 2592000
+ # token临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
+ activity-timeout: -1
+ # 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
+ is-concurrent: true
+ # 在多人登录同一账号时,是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
+ is-share: false
+ # token风格
+ token-style: uuid
+ # 是否输出操作日志
+ is-log: false
\ No newline at end of file