feat: 鉴权方式更新

config-init/config/project-gateway.yaml

@@ -3,9 +3,9 @@ spring:
     gateway:
       routes:
         - id: user
-          uri: lb://user
+          uri: lb://project-user
           predicates:
-            - Path=/user/**, /v1/team/**, /v1/user/**
+            - Path=/pea-user/**, /user/**, /v1/team/**, /v1/user/**
         - id: order
           uri: lb://project-order
           predicates:
@@ -24,5 +24,5 @@ spring:
             - Path=/dispatch/**
 
 auth:
-  path: /test/**,/user/**,/v1/**,/gis/** # 需要认证的路边列表，多个用逗号连接
+  path: /test/**,/v1/**,/gis/** # 需要认证的路边列表，多个用逗号连接
 

project-gateway/src/main/java/com/dituhui/pea/gateway/auth/UserAuthService.java

@@ -52,25 +52,6 @@ public class UserAuthService {
     }
 
     /**
-     * 获得团队信息 - 通过ak
-     *
-     * @param ak 团队ak
-     * @return
-     */
-    public TeamInfo getTeamInfo(String ak) {
-        TeamInfo teamInfo = (TeamInfo) redisService.get(RedisKeyGroup.appKey.toString() + ":" + ak);
-        if (null == teamInfo) {
-            WebResult<TeamInfo> teamInfoResult = iTeam.queryByAppKey(ak);
-            teamInfo = teamInfoResult.getResult();
-            if (null != teamInfo) {
-                // 设置7天后过期
-                redisService.set(RedisKeyGroup.appKey.toString() + ":" + ak, teamInfo, 7 * 24 * 3600L);
-            }
-        }
-        return teamInfo;
-    }
-
-    /**
      * 对输入参数签名
      *
      * @param params 参数
@@ -115,7 +96,7 @@ public class UserAuthService {
         UserInfo userInfo = result.getResult();
         UserDetails ud = createUser(userInfo.getAccount(), null, new String[]{"user"});
         String token = UUID.randomUUID().toString().replace("-", "");
-        UserAuthInfo userAuthInfo = new UserAuthInfo(userInfo.getId(), userInfo.getTeamId(), ud.getUsername(),
+        UserAuthInfo userAuthInfo = new UserAuthInfo(userInfo.getId(), ud.getUsername(),
                 ud.getPassword(), "user");
         // 设置一天后过期
         redisService.set(RedisKeyGroup.authToken + ":" + token, userAuthInfo, 24 * 3600L);
@@ -145,7 +126,7 @@ public class UserAuthService {
         }
         UserDetails ud = createUser(userInfo.getAccount(), userInfo.getPassword(), new String[]{"user"});
         String token = UUID.randomUUID().toString().replace("-", "");
-        UserAuthInfo userAuthInfo = new UserAuthInfo(userInfo.getId(), userInfo.getTeamId(), ud.getUsername(),
+        UserAuthInfo userAuthInfo = new UserAuthInfo(userInfo.getId(), ud.getUsername(),
                 ud.getPassword(), "user");
         // 设置一天后过期
         redisService.set(RedisKeyGroup.authToken + ":" + token, userAuthInfo, 24 * 3600L);
@@ -193,7 +174,7 @@ public class UserAuthService {
         }
         if (ud != null) {
             String token = UUID.randomUUID().toString().replace("-", "");
-            UserAuthInfo userAuthInfo = new UserAuthInfo(userInfo.getId(), userInfo.getTeamId(), ud.getUsername(),
+            UserAuthInfo userAuthInfo = new UserAuthInfo(userInfo.getId(), ud.getUsername(),
                     ud.getPassword(), "user");
             // 设置一天后过期
             redisService.set(RedisKeyGroup.authToken.toString() + ":" + token, userAuthInfo, 24 * 3600L);

project-gateway/src/main/java/com/dituhui/pea/gateway/config/SleuthFilter.java

@@ -13,7 +13,6 @@ import com.dituhui.pea.enums.StatusCodeEnum;
 import com.dituhui.pea.exception.BusinessException;
 import com.dituhui.pea.gateway.auth.UserAuthService;
 import com.dituhui.pea.gateway.commom.RedisService;
-import com.dituhui.pea.pojo.TeamInfo;
 import com.dituhui.pea.pojo.UserAuthInfo;
 import com.google.common.collect.Lists;
 import lombok.extern.slf4j.Slf4j;
@@ -67,8 +66,8 @@ public class SleuthFilter implements GlobalFilter, Ordered {
         if (requestHeader != null && requestHeader.startsWith("Bearer ")) {
             authToken = requestHeader.substring(7);
         }
-        String ak = exchange.getRequest().getQueryParams().getFirst("ak");
-        String requestSign = exchange.getRequest().getQueryParams().getFirst("sign");
+        // String ak = exchange.getRequest().getQueryParams().getFirst("ak");
+        // String requestSign = exchange.getRequest().getQueryParams().getFirst("sign");
         if (log.isTraceEnabled()) {
             log.trace("token is " + authToken);
         }
@@ -80,18 +79,6 @@ public class SleuthFilter implements GlobalFilter, Ordered {
                 // 写入用户token
                 doTags("token", authToken);
             }
-        } else if (StringUtils.isNotEmpty(ak) && StringUtils.isNotEmpty(requestSign)) {
-            // 通过ak查询团队信息
-            TeamInfo teamInfo = this.userAuthService.getTeamInfo(ak);
-            if (null != teamInfo) {
-                // 检查签名
-                String serverSign = this.userAuthService.signRequest(exchange.getRequest().getQueryParams().toSingleValueMap(),
-                        teamInfo.getSecret());
-                if (StringUtils.equalsIgnoreCase(requestSign, serverSign)) {
-                    user = new UserAuthInfo(teamInfo.getAdminId(), teamInfo.getId(), "ak",
-                            "ak", "user");
-                }
-            }
         }
         if (null == user) {
             // 找不到用户登录信息，且在鉴权范围内的请求路径则被拦截
@@ -139,10 +126,6 @@ public class SleuthFilter implements GlobalFilter, Ordered {
             // 写入用户id
             doTags("userId", user.getUserId());
         }
-        if (StringUtils.isNotEmpty(user.getTeamId())) {
-            // 写入团队id
-            doTags("teamId", user.getTeamId());
-        }
         // 客户端IP标签
         doTags("clientIp", getRemoteIP(exchange));
         // 时间戳标签