Skip to content
Toggle navigation
Projects
Groups
Snippets
Help
yangxiujun
/
paidan_demo
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit 478c3a36
authored
Jul 21, 2023
by
chamberone
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
feat: 添加应用ak认证方式,添加超级管理员角色
1 parent
05f7092d
Show whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
214 additions
and
10 deletions
project-gateway/src/main/java/com/dituhui/pea/gateway/config/AuthFilter.java
project-interface/src/main/java/com/dituhui/pea/enums/RedisKeyGroup.java
project-interface/src/main/java/com/dituhui/pea/pojo/AppDTO.java
project-interface/src/main/java/com/dituhui/pea/user/IUser.java
project-user/src/main/java/com/dituhui/pea/user/controller/UserController.java
project-user/src/main/java/com/dituhui/pea/user/dao/AppDao.java
project-user/src/main/java/com/dituhui/pea/user/entity/AppEntity.java
project-user/src/main/java/com/dituhui/pea/user/service/UserService.java
project-gateway/src/main/java/com/dituhui/pea/gateway/config/AuthFilter.java
View file @
478c3a3
...
@@ -9,9 +9,6 @@ import org.springframework.cloud.gateway.filter.GlobalFilter;
...
@@ -9,9 +9,6 @@ import org.springframework.cloud.gateway.filter.GlobalFilter;
import
org.springframework.core.Ordered
;
import
org.springframework.core.Ordered
;
import
org.springframework.http.HttpHeaders
;
import
org.springframework.http.HttpHeaders
;
import
org.springframework.http.server.reactive.ServerHttpRequest
;
import
org.springframework.http.server.reactive.ServerHttpRequest
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.stereotype.Component
;
import
org.springframework.stereotype.Component
;
import
org.springframework.web.server.ServerWebExchange
;
import
org.springframework.web.server.ServerWebExchange
;
...
@@ -60,29 +57,49 @@ public class AuthFilter implements GlobalFilter, Ordered {
...
@@ -60,29 +57,49 @@ public class AuthFilter implements GlobalFilter, Ordered {
if
(
StringUtils
.
isEmpty
(
authToken
))
{
if
(
StringUtils
.
isEmpty
(
authToken
))
{
authToken
=
exchange
.
getRequest
().
getQueryParams
().
getFirst
(
"token"
);
authToken
=
exchange
.
getRequest
().
getQueryParams
().
getFirst
(
"token"
);
}
}
UserLoginDTO
userDTO
=
null
;
if
(
StringUtils
.
isNotEmpty
(
authToken
))
{
if
(
log
.
isTraceEnabled
())
{
if
(
log
.
isTraceEnabled
())
{
log
.
trace
(
"token is {}"
,
authToken
);
log
.
trace
(
"token is {}"
,
authToken
);
}
}
UserLoginDTO
userDTO
=
null
;
if
(
StringUtils
.
isNotEmpty
(
authToken
))
{
// 查询token对应的用户
// 查询token对应的用户
String
value
=
redisService
.
get
(
RedisKeyGroup
.
authToken
+
":"
+
authToken
);
String
value
=
redisService
.
get
(
RedisKeyGroup
.
authToken
+
":"
+
authToken
);
if
(
null
!=
value
)
{
if
(
null
!=
value
)
{
userDTO
=
gson
.
fromJson
(
value
,
UserLoginDTO
.
class
);
userDTO
=
gson
.
fromJson
(
value
,
UserLoginDTO
.
class
);
}
}
}
}
// ak登录处理
if
(
StringUtils
.
isEmpty
(
authToken
))
{
String
ak
=
exchange
.
getRequest
().
getQueryParams
().
getFirst
(
"ak"
);
if
(
log
.
isTraceEnabled
())
{
log
.
trace
(
"ak is {}"
,
ak
);
}
if
(
StringUtils
.
isNotEmpty
(
ak
))
{
// 验证ak,设置userDTO
String
value
=
redisService
.
get
(
RedisKeyGroup
.
appKey
+
":"
+
ak
);
if
(
StringUtils
.
isNotEmpty
(
value
))
{
// 验证成功,设置为管理员
// AppDTO appDTO = gson.fromJson(value, AppDTO.class);
// String secret = appDTO.getSecret();
userDTO
=
new
UserLoginDTO
();
userDTO
.
setId
(
"1"
);
}
}
}
if
(
userDTO
==
null
)
{
if
(
userDTO
==
null
)
{
log
.
info
(
"未授权访问{} ip:{}"
,
url
,
getRemoteIP
(
exchange
));
log
.
info
(
"未授权访问{} ip:{}"
,
url
,
getRemoteIP
(
exchange
));
}
else
{
}
else
{
log
.
info
(
"用户:{} id:{} 访问{}"
,
userDTO
.
getAccount
(),
userDTO
.
getId
(),
url
);
log
.
info
(
"用户:{} id:{} 访问{}"
,
userDTO
.
getAccount
(),
userDTO
.
getId
(),
url
);
// 获取当前的请求对象信息
// 获取当前的请求对象信息
// exchange.getRequest().getHeaders().add("userId", userDTO.getId());
ServerHttpRequest
.
Builder
builder
=
exchange
.
getRequest
().
mutate
();
ServerHttpRequest
.
Builder
builder
=
exchange
.
getRequest
().
mutate
();
// 向header中设置新的key,存储解析好的token对应基本信息
// 向header中设置新的key,存储解析好的token对应基本信息
builder
.
header
(
"userId"
,
userDTO
.
getId
());
builder
.
header
(
"userId"
,
userDTO
.
getId
());
// 向下游传递
// 向下游传递
Authentication
authentication
=
new
UsernamePasswordAuthenticationToken
(
userDTO
.
getAccount
(),
null
,
null
);
//
Authentication authentication = new UsernamePasswordAuthenticationToken(userDTO.getAccount(), null, null);
SecurityContextHolder
.
getContext
().
setAuthentication
(
authentication
);
//
SecurityContextHolder.getContext().setAuthentication(authentication);
return
chain
.
filter
(
exchange
.
mutate
().
request
(
builder
.
build
()).
build
());
return
chain
.
filter
(
exchange
.
mutate
().
request
(
builder
.
build
()).
build
());
}
}
...
...
project-interface/src/main/java/com/dituhui/pea/enums/RedisKeyGroup.java
View file @
478c3a3
...
@@ -11,7 +11,7 @@ public enum RedisKeyGroup {
...
@@ -11,7 +11,7 @@ public enum RedisKeyGroup {
authToken
,
authToken
,
/**
/**
* 认证ak对应的
团队
信息
* 认证ak对应的
认证
信息
*/
*/
appKey
;
appKey
;
...
...
project-interface/src/main/java/com/dituhui/pea/pojo/AppDTO.java
0 → 100644
View file @
478c3a3
package
com
.
dituhui
.
pea
.
pojo
;
import
lombok.Data
;
@Data
public
class
AppDTO
{
/**
* 主键
*/
private
String
id
;
private
String
name
;
private
String
key
;
private
String
secret
;
}
project-interface/src/main/java/com/dituhui/pea/user/IUser.java
View file @
478c3a3
...
@@ -22,13 +22,34 @@ import com.dituhui.pea.pojo.WebResult;
...
@@ -22,13 +22,34 @@ import com.dituhui.pea.pojo.WebResult;
@FeignClient
(
value
=
"project-user"
,
contextId
=
"user"
)
@FeignClient
(
value
=
"project-user"
,
contextId
=
"user"
)
public
interface
IUser
{
public
interface
IUser
{
/**
* 登录接口
*
* @param user
* @return
*/
@RequestMapping
(
value
=
"/pea-user/login"
,
method
=
RequestMethod
.
POST
)
@RequestMapping
(
value
=
"/pea-user/login"
,
method
=
RequestMethod
.
POST
)
public
Result
<
UserLoginDTO
>
userLogin
(
@RequestBody
UserLoginParam
user
);
public
Result
<
UserLoginDTO
>
userLogin
(
@RequestBody
UserLoginParam
user
);
/**
* 获取用户信息
*
* @param userId
* @return
*/
@RequestMapping
(
value
=
"/pea-user/userInfo"
,
method
=
RequestMethod
.
GET
)
@RequestMapping
(
value
=
"/pea-user/userInfo"
,
method
=
RequestMethod
.
GET
)
public
Result
<
UserLoginDTO
>
getUserInfo
(
@RequestHeader
(
name
=
"userId"
,
required
=
true
)
String
userId
);
public
Result
<
UserLoginDTO
>
getUserInfo
(
@RequestHeader
(
name
=
"userId"
,
required
=
true
)
String
userId
);
/**
/**
* 刷新appkey接口<br>
* 初始化系统ak缓存,例如系统上线,新ak入库的时候
*
* @return
*/
@RequestMapping
(
value
=
"/pea-user/refreshAppkey"
,
method
=
RequestMethod
.
POST
)
public
Result
<
Boolean
>
refreshAppkey
(
@RequestHeader
(
name
=
"userId"
,
required
=
true
)
String
userId
);
/**
* 获取当前登陆用户信息
* 获取当前登陆用户信息
*
*
* @param token 登录token
* @param token 登录token
...
...
project-user/src/main/java/com/dituhui/pea/user/controller/UserController.java
View file @
478c3a3
...
@@ -4,6 +4,7 @@ package com.dituhui.pea.user.controller;
...
@@ -4,6 +4,7 @@ package com.dituhui.pea.user.controller;
import
org.apache.commons.lang.StringUtils
;
import
org.apache.commons.lang.StringUtils
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.validation.annotation.Validated
;
import
org.springframework.validation.annotation.Validated
;
import
org.springframework.web.bind.annotation.RequestHeader
;
import
org.springframework.web.bind.annotation.RestController
;
import
org.springframework.web.bind.annotation.RestController
;
import
com.dituhui.pea.common.Result
;
import
com.dituhui.pea.common.Result
;
...
@@ -43,6 +44,11 @@ public class UserController implements IUser {
...
@@ -43,6 +44,11 @@ public class UserController implements IUser {
}
}
@Override
@Override
public
Result
<
Boolean
>
refreshAppkey
(
String
userId
)
{
return
userService
.
refreshAppkey
(
userId
);
}
@Override
public
WebResult
<
UserInfo
>
getCurrentUserInfo
(
String
userToken
,
Boolean
needTeamInfo
)
{
public
WebResult
<
UserInfo
>
getCurrentUserInfo
(
String
userToken
,
Boolean
needTeamInfo
)
{
return
null
;
return
null
;
}
}
...
...
project-user/src/main/java/com/dituhui/pea/user/dao/AppDao.java
0 → 100644
View file @
478c3a3
package
com
.
dituhui
.
pea
.
user
.
dao
;
import
org.springframework.data.jpa.repository.JpaRepository
;
import
org.springframework.data.jpa.repository.JpaSpecificationExecutor
;
import
org.springframework.data.repository.CrudRepository
;
import
com.dituhui.pea.user.entity.AppEntity
;
import
com.dituhui.pea.user.entity.ResourceEntity
;
/**
* app表 管理ak表的数据库访问层
*
*/
public
interface
AppDao
extends
JpaRepository
<
AppEntity
,
String
>,
JpaSpecificationExecutor
<
AppEntity
>,
CrudRepository
<
AppEntity
,
String
>
{
/**
* 查询key信息
*
* @param key
* @return
*/
ResourceEntity
findByKey
(
String
key
);
}
project-user/src/main/java/com/dituhui/pea/user/entity/AppEntity.java
0 → 100644
View file @
478c3a3
package
com
.
dituhui
.
pea
.
user
.
entity
;
import
lombok.Data
;
import
org.hibernate.annotations.GenericGenerator
;
import
org.springframework.data.annotation.CreatedDate
;
import
org.springframework.data.annotation.LastModifiedDate
;
import
org.springframework.data.jpa.domain.support.AuditingEntityListener
;
import
javax.persistence.*
;
import
javax.validation.constraints.NotBlank
;
import
java.io.Serializable
;
import
java.util.Date
;
/**
* 应用ak表 管理不同关联方使用的不同ak
*
*/
@Data
@Entity
@Table
(
name
=
"sys_app"
)
@EntityListeners
(
AuditingEntityListener
.
class
)
public
class
AppEntity
implements
Serializable
{
private
static
final
long
serialVersionUID
=
157258775707540233L
;
/**
* 主键
*/
@Id
@GeneratedValue
(
generator
=
"uuid"
)
@GenericGenerator
(
name
=
"uuid"
,
strategy
=
"uuid"
)
@Column
(
name
=
"ID"
,
unique
=
true
,
nullable
=
false
,
length
=
32
)
private
String
id
;
/**
* 名称
*/
@Column
(
name
=
"name"
)
@NotBlank
(
message
=
"名称不能为空!"
)
private
String
name
;
/**
* key
*/
@Column
(
name
=
"key"
)
private
String
key
;
/**
* secret
*/
@Column
(
name
=
"secret"
)
private
String
secret
;
/**
* 创建人
*/
@Column
(
name
=
"CREATED_BY"
)
private
String
createdBy
;
/**
* 创建时间
*/
@Column
(
name
=
"CREATED_TIME"
)
@CreatedDate
private
Date
createdTime
;
/**
* 更新人
*/
@Column
(
name
=
"UPDATED_BY"
)
private
String
updatedBy
;
/**
* 更新时间
*/
@Column
(
name
=
"UPDATED_TIME"
)
@LastModifiedDate
private
Date
updatedTime
;
}
project-user/src/main/java/com/dituhui/pea/user/service/UserService.java
View file @
478c3a3
...
@@ -23,6 +23,7 @@ import com.dituhui.pea.enums.StatusCodeEnum;
...
@@ -23,6 +23,7 @@ import com.dituhui.pea.enums.StatusCodeEnum;
import
com.dituhui.pea.enums.ThirdPartyEnum
;
import
com.dituhui.pea.enums.ThirdPartyEnum
;
import
com.dituhui.pea.exception.BusinessException
;
import
com.dituhui.pea.exception.BusinessException
;
import
com.dituhui.pea.order.IOrganization
;
import
com.dituhui.pea.order.IOrganization
;
import
com.dituhui.pea.pojo.AppDTO
;
import
com.dituhui.pea.pojo.OrganizationDTO
;
import
com.dituhui.pea.pojo.OrganizationDTO
;
import
com.dituhui.pea.pojo.ResourceInfo
;
import
com.dituhui.pea.pojo.ResourceInfo
;
import
com.dituhui.pea.pojo.RoleInfo
;
import
com.dituhui.pea.pojo.RoleInfo
;
...
@@ -31,11 +32,13 @@ import com.dituhui.pea.pojo.UserInfo;
...
@@ -31,11 +32,13 @@ import com.dituhui.pea.pojo.UserInfo;
import
com.dituhui.pea.pojo.UserLoginDTO
;
import
com.dituhui.pea.pojo.UserLoginDTO
;
import
com.dituhui.pea.user.commom.RedisService
;
import
com.dituhui.pea.user.commom.RedisService
;
import
com.dituhui.pea.user.constant.TextConstant
;
import
com.dituhui.pea.user.constant.TextConstant
;
import
com.dituhui.pea.user.dao.AppDao
;
import
com.dituhui.pea.user.dao.ResourceDao
;
import
com.dituhui.pea.user.dao.ResourceDao
;
import
com.dituhui.pea.user.dao.RoleDao
;
import
com.dituhui.pea.user.dao.RoleDao
;
import
com.dituhui.pea.user.dao.RoleResourceDao
;
import
com.dituhui.pea.user.dao.RoleResourceDao
;
import
com.dituhui.pea.user.dao.UserDao
;
import
com.dituhui.pea.user.dao.UserDao
;
import
com.dituhui.pea.user.dao.UserRoleDao
;
import
com.dituhui.pea.user.dao.UserRoleDao
;
import
com.dituhui.pea.user.entity.AppEntity
;
import
com.dituhui.pea.user.entity.ResourceEntity
;
import
com.dituhui.pea.user.entity.ResourceEntity
;
import
com.dituhui.pea.user.entity.RoleEntity
;
import
com.dituhui.pea.user.entity.RoleEntity
;
import
com.dituhui.pea.user.entity.RoleResourceEntity
;
import
com.dituhui.pea.user.entity.RoleResourceEntity
;
...
@@ -68,6 +71,10 @@ public class UserService {
...
@@ -68,6 +71,10 @@ public class UserService {
*/
*/
private
static
final
int
LIVE_TIME_MILLIS
=
7200000
;
private
static
final
int
LIVE_TIME_MILLIS
=
7200000
;
private
static
final
Gson
gson
=
new
Gson
();
private
static
final
Gson
gson
=
new
Gson
();
/**
* 超管id
*/
private
static
final
String
SUPER_ADMIN_ID
=
"1"
;
@Autowired
@Autowired
UserDao
userDao
;
UserDao
userDao
;
...
@@ -93,6 +100,9 @@ public class UserService {
...
@@ -93,6 +100,9 @@ public class UserService {
@Autowired
@Autowired
IOrganization
organizationService
;
IOrganization
organizationService
;
@Autowired
AppDao
appDao
;
public
Result
<
UserLoginDTO
>
userLogin
(
String
account
,
String
password
)
{
public
Result
<
UserLoginDTO
>
userLogin
(
String
account
,
String
password
)
{
UserEntity
user
=
userDao
.
findByAccountAndPassword
(
account
,
SecureUtil
.
md5
(
password
));
UserEntity
user
=
userDao
.
findByAccountAndPassword
(
account
,
SecureUtil
.
md5
(
password
));
log
.
info
(
"{}/{} login"
,
account
,
password
);
log
.
info
(
"{}/{} login"
,
account
,
password
);
...
@@ -121,13 +131,22 @@ public class UserService {
...
@@ -121,13 +131,22 @@ public class UserService {
.
collect
(
Collectors
.
toList
()));
.
collect
(
Collectors
.
toList
()));
// 获取资源
// 获取资源
List
<
ResourceEntity
>
resources
=
null
;
if
(
ids
.
contains
(
SUPER_ADMIN_ID
))
{
// 超管处理,不用配置资源自动拥有所有权限
resources
=
resourceDao
.
findAll
();
}
else
{
// 普通用户
List
<
RoleResourceEntity
>
roleResources
=
roleResourceDao
.
findByRoleIdIn
(
ids
);
List
<
RoleResourceEntity
>
roleResources
=
roleResourceDao
.
findByRoleIdIn
(
ids
);
log
.
info
(
"role : {} roleResources:{}"
,
ids
,
CollectionUtils
.
isNotEmpty
(
roleResources
));
log
.
info
(
"role : {} roleResources:{}"
,
ids
,
CollectionUtils
.
isNotEmpty
(
roleResources
));
if
(
CollectionUtils
.
isNotEmpty
(
roleResources
))
{
if
(
CollectionUtils
.
isNotEmpty
(
roleResources
))
{
List
<
String
>
resourceIds
=
roleResources
.
stream
().
map
(
r
->
r
.
getResourceId
())
List
<
String
>
resourceIds
=
roleResources
.
stream
().
map
(
r
->
r
.
getResourceId
())
.
collect
(
Collectors
.
toList
());
.
collect
(
Collectors
.
toList
());
List
<
ResourceEntity
>
resources
=
resourceDao
.
findAllById
(
resourceIds
);
resources
=
resourceDao
.
findAllById
(
resourceIds
);
}
}
if
(
CollectionUtils
.
isNotEmpty
(
resources
))
{
// 菜单嵌套处理+菜单排序
// 菜单嵌套处理+菜单排序
List
<
ResourceInfo
>
levelOne
=
resources
.
stream
()
List
<
ResourceInfo
>
levelOne
=
resources
.
stream
()
.
filter
(
r
->
StringUtils
.
isEmpty
(
r
.
getParentId
())
&&
r
.
getType
()
==
1
)
.
filter
(
r
->
StringUtils
.
isEmpty
(
r
.
getParentId
())
&&
r
.
getType
()
==
1
)
...
@@ -570,4 +589,33 @@ public class UserService {
...
@@ -570,4 +589,33 @@ public class UserService {
}
}
toUserEntity
.
setSex
(
formUserInfo
.
getSex
());
toUserEntity
.
setSex
(
formUserInfo
.
getSex
());
}
}
public
Result
<
Boolean
>
refreshAppkey
(
String
userId
)
{
// 超级管理员才能执行此命令
RoleEntity
role
=
null
;
List
<
UserRoleEntity
>
userRoles
=
userRoleDao
.
findByUserId
(
userId
);
if
(
CollectionUtils
.
isNotEmpty
(
userRoles
))
{
List
<
String
>
ids
=
userRoles
.
stream
().
map
(
r
->
r
.
getRoleId
()).
collect
(
Collectors
.
toList
());
List
<
RoleEntity
>
roles
=
roleDao
.
findAllById
(
ids
);
if
(
CollectionUtils
.
isNotEmpty
(
roles
))
{
role
=
roles
.
stream
().
filter
(
r
->
StringUtils
.
equals
(
r
.
getId
(),
SUPER_ADMIN_ID
)).
findFirst
()
.
orElse
(
null
);
}
}
if
(
null
==
role
)
{
return
Result
.
failure
(
"超级管理员才能执行此命令"
);
}
// 缓存所有key
List
<
AppEntity
>
keyList
=
appDao
.
findAll
();
if
(
CollectionUtils
.
isNotEmpty
(
keyList
))
{
for
(
AppEntity
appkey
:
keyList
)
{
redisService
.
set
(
RedisKeyGroup
.
appKey
+
":"
+
appkey
.
getKey
(),
gson
.
toJson
(
BeanUtil
.
copyProperties
(
appkey
,
AppDTO
.
class
)));
}
}
return
Result
.
success
(
true
);
}
}
}
Write
Preview
Markdown
is supported
Attach a file
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to post a comment