safePlatform-out.git

lyfO_o

2022-06-27 7e7a275c0c4a07f5d27ec082538c25b838505998

up

已修改4个文件

已添加2个文件

	emergency/emergency-service/src/main/java/com/gkhy/safePlatform/emergency/controller/Test.java	6 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/accountController/LoginController.java	27 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java	302 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenConfig.java	76 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java	20 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	safePlatfrom-out-web/src/main/resources/config/application-dev.yaml	13 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 emergency/emergency-service/src/main/java/com/gkhy/safePlatform/emergency/controller/Test.java

@@ -1,6 +1,6 @@
package com.gkhy.safePlatform.emergency.controller;

import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
import org.apache.dubbo.config.annotation.DubboReference;
import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
@@ -13,14 +13,14 @@
public class Test {

    @DubboReference(check = false)
    private NameService nameService;
    private UserAccountService userAccountService;

//    private Logger logger = LogManager.getLogger(Test.class);


    @RequestMapping(value = "/t/rpc",method = RequestMethod.GET)
    public Object testRpc(String id){
        String resp = nameService.sayName(id);
        String resp = userAccountService.sayName(id);
        return resp;
    }
}

 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/accountController/LoginController.java

对比新文件
@@ -0,0 +1,27 @@
package com.gkhy.safePlatform.accountController;

import com.alibaba.fastjson.JSONObject;
import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
import com.gkhy.safePlatform.account.rpc.apimodel.model.UserLoginRespDTO;
import com.gkhy.safePlatform.commons.vo.ResultVO;
import org.apache.dubbo.config.annotation.DubboReference;
import org.apache.dubbo.config.annotation.DubboService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/auth")
public class LoginController {

    @DubboReference(check = false)
    private UserAccountService userAccountService;

    @RequestMapping("/login")
    public ResultVO<UserLoginRespDTO> authLogin(@RequestBody JSONObject loginForm){
        String username = loginForm.getString("username");
        String password = loginForm.getString("password");
        return userAccountService.authLogin(username, password);
    }
}

 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java

@@ -1,155 +1,147 @@
//package com.gkhy.safePlatform.config.security;
//
//import com.alibaba.fastjson.JSONArray;
//import com.alibaba.fastjson.JSONObject;
//import com.gkhy.safePlatform.account.model.cache.CacheUser;
//import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
//import com.gkhy.safePlatform.commons.config.token.TokenConfig;
//import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
//import com.gkhy.safePlatform.commons.enums.ResultCodes;
//import com.gkhy.safePlatform.commons.exception.BusinessException;
//import com.gkhy.safePlatform.commons.utils.RedisUtils;
//import com.gkhy.safePlatform.commons.utils.StringUtils;
//import com.gkhy.safePlatform.commons.vo.ResultVO;
//import org.apache.dubbo.config.annotation.DubboReference;
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
//import org.springframework.security.core.GrantedAuthority;
//import org.springframework.security.core.authority.SimpleGrantedAuthority;
//import org.springframework.security.core.context.SecurityContextHolder;
//import org.springframework.stereotype.Component;
//import org.springframework.web.filter.OncePerRequestFilter;
//
//import javax.servlet.FilterChain;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import java.io.IOException;
//import java.io.PrintWriter;
//import java.util.ArrayList;
//import java.util.List;
//
///**
//* @Description: token登录过滤器
//*/
//@Component
//public class TokenAuthenticationFilter extends OncePerRequestFilter  {
//
//    @Autowired
//    private TokenConfig tokenConfig;
//    @Autowired
//    private RedisUtils redisUtil;
//    @DubboReference(check = false)
//    private NameService nameService;
//
//
//
//    @Override
//    protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {
//
//        try {
//            //获取当前认证成功用户权限信息
//            UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
//            if (authRequest != null) {
//                SecurityContextHolder.getContext().setAuthentication(authRequest);
//            }
//            // 执行下一个 filter 过滤器链
//            chain.doFilter(req, resp);
//        } catch (BusinessException e) {
//            // 返回异常
//            this.writeJSON(req, resp, new ResultVO<>(e.getError()));
//        } catch (Exception e) {
//            e.printStackTrace();
//            this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
//        }
//
//
//    }
//
//
//    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
//        // header获取token
//        String authToken = req.getHeader(tokenConfig.getHeader());
//        String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());
//
//        if(authToken != null) {
//            // header 传入 userId
//            if (StringUtils.isBlank(loginUserId)) {
//                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
//            }
//            // 登录成功时，会将权限数据存入redis
//            // 这里是验证获取权限信息
//            // 1.从redis中获取对应该用户的权限信息
//            String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
//            Object o = redisUtil.get(accessTokenKey);
//            // 2.token是否存在
//            if (o == null) {
//                // 是否存在
//                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
//            }else{
//                Long userId = Long.valueOf(loginUserId);
//                CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class);
//                assert userId.equals(cacheUser.getUserId());
//                if ( !authToken.equals(cacheUser.getAccessToken())) {
//                    throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
//                }
//
//                // 3.redis获取权限
//                String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
//                Object oo = redisUtil.get(authoritiesKey);
//                List<GrantedAuthority> authorities;
//                // 4.redis中是否存在
//                if (oo != null) {
//                    // 5.存在
//                    String json = oo.toString();
//                    authorities = JSONArray.parseArray(json, GrantedAuthority.class);
//                }else {
//                    authorities = new ArrayList<>();
//                    // 6.不存在=>数据库查询
//                    List<String> roleCodes = nameService.getUserRoleCodeByUserId(userId);
//                    // role
//                    for (String roleCode : roleCodes) {
//                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("ROLE_" + roleCode);
//                        authorities.add(simpleGrantedAuthority);
//                    }
//
//                    // permission
//                    List<String> permissions = nameService.getUserPermissionByUserId(userId);
//                    for (String permission : permissions) {
//                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
//                        authorities.add(simpleGrantedAuthority);
//                    }
//                }
//
//                // security对象中存入登陆者信息
//                return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);
//
//            }
//
//
//
//
//
//
//        }
//        return null;
//    }
//
//
//
//    protected void writeJSON(HttpServletRequest req,
//                             HttpServletResponse resp,
//                             ResultVO resultVO) throws IOException {
//        // 设置编码格式
//        resp.setContentType("text/json;charset=utf-8");
//        // 处理跨域问题
//        resp.setHeader("Access-Control-Allow-Origin", "*");
//        resp.setHeader("Access-Control-Allow-Methods", "POST, GET");
//
//        //输出JSON
//        PrintWriter out = resp.getWriter();
//        out.write(JSONObject.toJSONString(resultVO));
//        out.flush();
//        out.close();
//    }
//}
package com.gkhy.safePlatform.config.security;

import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
import com.gkhy.safePlatform.commons.co.CacheUser;
import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
import com.gkhy.safePlatform.commons.enums.ResultCodes;
import com.gkhy.safePlatform.commons.exception.BusinessException;
import com.gkhy.safePlatform.commons.utils.StringUtils;
import com.gkhy.safePlatform.commons.vo.ResultVO;
import org.apache.dubbo.config.annotation.DubboReference;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;

/**
* @Description: token登录过滤器
*/
@Component
public class TokenAuthenticationFilter extends OncePerRequestFilter  {

    @Autowired
    private TokenConfig tokenConfig;
    @DubboReference(check = false)
    private UserAccountService userAccountService;



    @Override
    protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {

        try {
            //获取当前认证成功用户权限信息
            UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
            if (authRequest != null) {
                SecurityContextHolder.getContext().setAuthentication(authRequest);
            }
            // 执行下一个 filter 过滤器链
            chain.doFilter(req, resp);
        } catch (BusinessException e) {
            // 返回异常
            this.writeJSON(req, resp, new ResultVO<>(e.getError()));
        } catch (Exception e) {
            e.printStackTrace();
            this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
        }


    }


    private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
        // header获取token
        String authToken = req.getHeader(tokenConfig.getHeader());
        String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());

        if(authToken != null) {
            // header 传入 userId
            if (StringUtils.isBlank(loginUserId)) {
                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
            }
            // 登录成功时，会将权限数据存入redis
            // 这里是验证获取权限信息
            // 1.从redis中获取对应该用户的权限信息
            String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
            String o = userAccountService.getValueByKeyFromRedis(accessTokenKey);
            // 2.token是否存在
            if (o == null) {
                // 是否存在
                throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
            }else{
                Long userId = Long.valueOf(loginUserId);
                CacheUser cacheUser = JSONObject.parseObject(o, CacheUser.class);
                assert userId.equals(cacheUser.getUserId());
                if ( !authToken.equals(cacheUser.getAccessToken())) {
                    throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
                }

                // 3.redis获取权限
                String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
                String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey);
                List<GrantedAuthority> authorities;
                // 4.redis中是否存在
                if (oo != null) {
                    // 5.存在
                    authorities = JSONArray.parseArray(oo, GrantedAuthority.class);
                }else {
                    authorities = new ArrayList<>();
                    // 6.不存在=>数据库查询
                    String roleCode = userAccountService.getUserRoleCodeByUserId(userId);
                    // role
                    authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode));

                    // permission
                    List<String> permissions = userAccountService.getUserPermissionByUserId(userId);
                    for (String permission : permissions) {
                        SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
                        authorities.add(simpleGrantedAuthority);
                    }
                }

                // security对象中存入登陆者信息
                return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);

            }






        }
        return null;
    }



    protected void writeJSON(HttpServletRequest req,
                             HttpServletResponse resp,
                             ResultVO resultVO) throws IOException {
        // 设置编码格式
        resp.setContentType("text/json;charset=utf-8");
        // 处理跨域问题
        resp.setHeader("Access-Control-Allow-Origin", "*");
        resp.setHeader("Access-Control-Allow-Methods", "POST, GET");

        //输出JSON
        PrintWriter out = resp.getWriter();
        out.write(JSONObject.toJSONString(resultVO));
        out.flush();
        out.close();
    }
}

 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenConfig.java

对比新文件
@@ -0,0 +1,76 @@
package com.gkhy.safePlatform.config.security;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;


/**
* @Description: jwt工具类
* @date 2022/6/14 10:34
*/
@Component
public class TokenConfig {


    @Value("${token.secret}")
    private String secret;
    @Value("${token.expiration}")
    private Long expiration;
    @Value("${token.refreshExpiration}")
    private Long refreshExpiration;
    @Value("${token.header}")
    private String header;
    @Value("${token.tokenHead}")
    private String tokenHead;
    @Value("${token.loginUserHeader}")
    private String loginUserHeader;


    public String getSecret() {
        return secret;
    }

    public void setSecret(String secret) {
        this.secret = secret;
    }

    public Long getExpiration() {
        return expiration;
    }

    public void setExpiration(Long expiration) {
        this.expiration = expiration;
    }

    public Long getRefreshExpiration() {
        return refreshExpiration;
    }

    public void setRefreshExpiration(Long refreshExpiration) {
        this.refreshExpiration = refreshExpiration;
    }

    public String getHeader() {
        return header;
    }

    public void setHeader(String header) {
        this.header = header;
    }

    public String getTokenHead() {
        return tokenHead;
    }

    public void setTokenHead(String tokenHead) {
        this.tokenHead = tokenHead;
    }

    public String getLoginUserHeader() {
        return loginUserHeader;
    }

    public void setLoginUserHeader(String loginUserHeader) {
        this.loginUserHeader = loginUserHeader;
    }
}

 safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java

@@ -1,6 +1,6 @@
package com.gkhy.safePlatform.config.security;

import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
import com.gkhy.safePlatform.config.security.customzie.CustomizeAccessDeniedHandler;
import com.gkhy.safePlatform.config.security.customzie.CustomizeAuthenticationEntryPoint;
import org.apache.dubbo.config.annotation.DubboReference;
@@ -14,6 +14,7 @@
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

@@ -30,12 +31,8 @@
    @Resource
    private CustomizeAuthenticationEntryPoint authenticationEntryPoint;

//    @Resource
//    private TokenAuthenticationFilter tokenAuthenticationFilter;

    @DubboReference(check = false)
    private NameService nameService;

    @Resource
    private TokenAuthenticationFilter tokenAuthenticationFilter;



@@ -48,15 +45,15 @@
        // 关闭session
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        // 登录json放行
        http.authorizeRequests().anyRequest().permitAll();
        http.authorizeRequests().antMatchers("/auth/login").permitAll();
        // 关闭
        http.headers().cacheControl();
        // jwt过滤器
//        http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        // 没有登录,没有权限 => 自定义返回
        http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint).accessDeniedHandler(accessDeniedHandler);
        // 请求认证访问
//        http.authorizeRequests().anyRequest().authenticated();
        http.authorizeRequests().anyRequest().authenticated();
        // 允许跨域访问
        http.cors();

@@ -80,8 +77,7 @@
    @Bean
    @Qualifier("myUserDetailService")
    protected UserDetailsService userDetailsService(){
//        return username -> nameService.getUserDetailsByUsername(username);
        return null;
        return (username)-> (UserDetails) new Object();
    }



 safePlatfrom-out-web/src/main/resources/config/application-dev.yaml

@@ -24,7 +24,7 @@
dubbo:
  registry:
    protocol: nacos
    address: nacos://192.168.0.62:18848?namespace=e07a2454-136b-4498-99eb-09dae3336ebe&username=gkhy_safeplatform_out&password=9485uyJHISes09t
    address: nacos://192.168.0.52:8848?namespace=e07a2454-136b-4498-99eb-09dae3336ebe&username=gkhy_safeplatform_out&password=9485uyJHISes09t
  application:
    name: gkhy-safeplatform-account-provider
  scan:
@@ -41,13 +41,20 @@
    check: false

minio:
  endPoint: 192.168.0.62
  endPoint: 192.168.0.52
  port: 9001
  accessKey: kH6eiQtNrWqGNb1r
  secretKey: ff5ykVUJJn0hi5PghsitdGNSsrW0Xrju
  secure: false
  bucketName: szh-stu
  urlPrefix: http://192.168.0.62/file
  urlPrefix: http://192.168.0.52/file


token:
  header: Authorization
  secret: safe666
  expiration: 7200
  refreshExpiration: 14400
  tokenHead: Bearer
  loginUserHeader: uid

			@@ -1,6 +1,6 @@
			package com.gkhy.safePlatform.emergency.controller;

			import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
			import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
			import org.apache.dubbo.config.annotation.DubboReference;
			import org.apache.log4j.LogManager;
			import org.apache.log4j.Logger;
			@@ -13,14 +13,14 @@
			public class Test {

			@DubboReference(check = false)
			private NameService nameService;
			private UserAccountService userAccountService;

			// private Logger logger = LogManager.getLogger(Test.class);


			@RequestMapping(value = "/t/rpc",method = RequestMethod.GET)
			public Object testRpc(String id){
			String resp = nameService.sayName(id);
			String resp = userAccountService.sayName(id);
			return resp;
			}
			}

对比新文件
			@@ -0,0 +1,27 @@
			package com.gkhy.safePlatform.accountController;

			import com.alibaba.fastjson.JSONObject;
			import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
			import com.gkhy.safePlatform.account.rpc.apimodel.model.UserLoginRespDTO;
			import com.gkhy.safePlatform.commons.vo.ResultVO;
			import org.apache.dubbo.config.annotation.DubboReference;
			import org.apache.dubbo.config.annotation.DubboService;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.web.bind.annotation.RequestBody;
			import org.springframework.web.bind.annotation.RequestMapping;
			import org.springframework.web.bind.annotation.RestController;

			@RestController
			@RequestMapping("/auth")
			public class LoginController {

			@DubboReference(check = false)
			private UserAccountService userAccountService;

			@RequestMapping("/login")
			public ResultVO<UserLoginRespDTO> authLogin(@RequestBody JSONObject loginForm){
			String username = loginForm.getString("username");
			String password = loginForm.getString("password");
			return userAccountService.authLogin(username, password);
			}
			}

			@@ -1,155 +1,147 @@
			//package com.gkhy.safePlatform.config.security;
			//
			//import com.alibaba.fastjson.JSONArray;
			//import com.alibaba.fastjson.JSONObject;
			//import com.gkhy.safePlatform.account.model.cache.CacheUser;
			//import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
			//import com.gkhy.safePlatform.commons.config.token.TokenConfig;
			//import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
			//import com.gkhy.safePlatform.commons.enums.ResultCodes;
			//import com.gkhy.safePlatform.commons.exception.BusinessException;
			//import com.gkhy.safePlatform.commons.utils.RedisUtils;
			//import com.gkhy.safePlatform.commons.utils.StringUtils;
			//import com.gkhy.safePlatform.commons.vo.ResultVO;
			//import org.apache.dubbo.config.annotation.DubboReference;
			//import org.springframework.beans.factory.annotation.Autowired;
			//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
			//import org.springframework.security.core.GrantedAuthority;
			//import org.springframework.security.core.authority.SimpleGrantedAuthority;
			//import org.springframework.security.core.context.SecurityContextHolder;
			//import org.springframework.stereotype.Component;
			//import org.springframework.web.filter.OncePerRequestFilter;
			//
			//import javax.servlet.FilterChain;
			//import javax.servlet.ServletException;
			//import javax.servlet.http.HttpServletRequest;
			//import javax.servlet.http.HttpServletResponse;
			//import java.io.IOException;
			//import java.io.PrintWriter;
			//import java.util.ArrayList;
			//import java.util.List;
			//
			///**
			//* @Description: token登录过滤器
			//*/
			//@Component
			//public class TokenAuthenticationFilter extends OncePerRequestFilter {
			//
			// @Autowired
			// private TokenConfig tokenConfig;
			// @Autowired
			// private RedisUtils redisUtil;
			// @DubboReference(check = false)
			// private NameService nameService;
			//
			//
			//
			// @Override
			// protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {
			//
			// try {
			// //获取当前认证成功用户权限信息
			// UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
			// if (authRequest != null) {
			// SecurityContextHolder.getContext().setAuthentication(authRequest);
			// }
			// // 执行下一个 filter 过滤器链
			// chain.doFilter(req, resp);
			// } catch (BusinessException e) {
			// // 返回异常
			// this.writeJSON(req, resp, new ResultVO<>(e.getError()));
			// } catch (Exception e) {
			// e.printStackTrace();
			// this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
			// }
			//
			//
			// }
			//
			//
			// private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
			// // header获取token
			// String authToken = req.getHeader(tokenConfig.getHeader());
			// String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());
			//
			// if(authToken != null) {
			// // header 传入 userId
			// if (StringUtils.isBlank(loginUserId)) {
			// throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
			// }
			// // 登录成功时，会将权限数据存入redis
			// // 这里是验证获取权限信息
			// // 1.从redis中获取对应该用户的权限信息
			// String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
			// Object o = redisUtil.get(accessTokenKey);
			// // 2.token是否存在
			// if (o == null) {
			// // 是否存在
			// throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
			// }else{
			// Long userId = Long.valueOf(loginUserId);
			// CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class);
			// assert userId.equals(cacheUser.getUserId());
			// if ( !authToken.equals(cacheUser.getAccessToken())) {
			// throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
			// }
			//
			// // 3.redis获取权限
			// String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
			// Object oo = redisUtil.get(authoritiesKey);
			// List<GrantedAuthority> authorities;
			// // 4.redis中是否存在
			// if (oo != null) {
			// // 5.存在
			// String json = oo.toString();
			// authorities = JSONArray.parseArray(json, GrantedAuthority.class);
			// }else {
			// authorities = new ArrayList<>();
			// // 6.不存在=>数据库查询
			// List<String> roleCodes = nameService.getUserRoleCodeByUserId(userId);
			// // role
			// for (String roleCode : roleCodes) {
			// SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("ROLE_" + roleCode);
			// authorities.add(simpleGrantedAuthority);
			// }
			//
			// // permission
			// List<String> permissions = nameService.getUserPermissionByUserId(userId);
			// for (String permission : permissions) {
			// SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
			// authorities.add(simpleGrantedAuthority);
			// }
			// }
			//
			// // security对象中存入登陆者信息
			// return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);
			//
			// }
			//
			//
			//
			//
			//
			//
			// }
			// return null;
			// }
			//
			//
			//
			// protected void writeJSON(HttpServletRequest req,
			// HttpServletResponse resp,
			// ResultVO resultVO) throws IOException {
			// // 设置编码格式
			// resp.setContentType("text/json;charset=utf-8");
			// // 处理跨域问题
			// resp.setHeader("Access-Control-Allow-Origin", "*");
			// resp.setHeader("Access-Control-Allow-Methods", "POST, GET");
			//
			// //输出JSON
			// PrintWriter out = resp.getWriter();
			// out.write(JSONObject.toJSONString(resultVO));
			// out.flush();
			// out.close();
			// }
			//}
			package com.gkhy.safePlatform.config.security;

			import com.alibaba.fastjson.JSONArray;
			import com.alibaba.fastjson.JSONObject;
			import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
			import com.gkhy.safePlatform.commons.co.CacheUser;
			import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
			import com.gkhy.safePlatform.commons.enums.ResultCodes;
			import com.gkhy.safePlatform.commons.exception.BusinessException;
			import com.gkhy.safePlatform.commons.utils.StringUtils;
			import com.gkhy.safePlatform.commons.vo.ResultVO;
			import org.apache.dubbo.config.annotation.DubboReference;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
			import org.springframework.security.core.GrantedAuthority;
			import org.springframework.security.core.authority.SimpleGrantedAuthority;
			import org.springframework.security.core.context.SecurityContextHolder;
			import org.springframework.stereotype.Component;
			import org.springframework.web.filter.OncePerRequestFilter;

			import javax.servlet.FilterChain;
			import javax.servlet.ServletException;
			import javax.servlet.http.HttpServletRequest;
			import javax.servlet.http.HttpServletResponse;
			import java.io.IOException;
			import java.io.PrintWriter;
			import java.util.ArrayList;
			import java.util.List;

			/**
			* @Description: token登录过滤器
			*/
			@Component
			public class TokenAuthenticationFilter extends OncePerRequestFilter {

			@Autowired
			private TokenConfig tokenConfig;
			@DubboReference(check = false)
			private UserAccountService userAccountService;



			@Override
			protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {

			try {
			//获取当前认证成功用户权限信息
			UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
			if (authRequest != null) {
			SecurityContextHolder.getContext().setAuthentication(authRequest);
			}
			// 执行下一个 filter 过滤器链
			chain.doFilter(req, resp);
			} catch (BusinessException e) {
			// 返回异常
			this.writeJSON(req, resp, new ResultVO<>(e.getError()));
			} catch (Exception e) {
			e.printStackTrace();
			this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
			}


			}


			private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
			// header获取token
			String authToken = req.getHeader(tokenConfig.getHeader());
			String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());

			if(authToken != null) {
			// header 传入 userId
			if (StringUtils.isBlank(loginUserId)) {
			throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
			}
			// 登录成功时，会将权限数据存入redis
			// 这里是验证获取权限信息
			// 1.从redis中获取对应该用户的权限信息
			String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
			String o = userAccountService.getValueByKeyFromRedis(accessTokenKey);
			// 2.token是否存在
			if (o == null) {
			// 是否存在
			throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
			}else{
			Long userId = Long.valueOf(loginUserId);
			CacheUser cacheUser = JSONObject.parseObject(o, CacheUser.class);
			assert userId.equals(cacheUser.getUserId());
			if ( !authToken.equals(cacheUser.getAccessToken())) {
			throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
			}

			// 3.redis获取权限
			String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
			String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey);
			List<GrantedAuthority> authorities;
			// 4.redis中是否存在
			if (oo != null) {
			// 5.存在
			authorities = JSONArray.parseArray(oo, GrantedAuthority.class);
			}else {
			authorities = new ArrayList<>();
			// 6.不存在=>数据库查询
			String roleCode = userAccountService.getUserRoleCodeByUserId(userId);
			// role
			authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode));

			// permission
			List<String> permissions = userAccountService.getUserPermissionByUserId(userId);
			for (String permission : permissions) {
			SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
			authorities.add(simpleGrantedAuthority);
			}
			}

			// security对象中存入登陆者信息
			return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);

			}






			}
			return null;
			}



			protected void writeJSON(HttpServletRequest req,
			HttpServletResponse resp,
			ResultVO resultVO) throws IOException {
			// 设置编码格式
			resp.setContentType("text/json;charset=utf-8");
			// 处理跨域问题
			resp.setHeader("Access-Control-Allow-Origin", "*");
			resp.setHeader("Access-Control-Allow-Methods", "POST, GET");

			//输出JSON
			PrintWriter out = resp.getWriter();
			out.write(JSONObject.toJSONString(resultVO));
			out.flush();
			out.close();
			}
			}

对比新文件
			@@ -0,0 +1,76 @@
			package com.gkhy.safePlatform.config.security;

			import org.springframework.beans.factory.annotation.Value;
			import org.springframework.stereotype.Component;


			/**
			* @Description: jwt工具类
			* @date 2022/6/14 10:34
			*/
			@Component
			public class TokenConfig {


			@Value("${token.secret}")
			private String secret;
			@Value("${token.expiration}")
			private Long expiration;
			@Value("${token.refreshExpiration}")
			private Long refreshExpiration;
			@Value("${token.header}")
			private String header;
			@Value("${token.tokenHead}")
			private String tokenHead;
			@Value("${token.loginUserHeader}")
			private String loginUserHeader;


			public String getSecret() {
			return secret;
			}

			public void setSecret(String secret) {
			this.secret = secret;
			}

			public Long getExpiration() {
			return expiration;
			}

			public void setExpiration(Long expiration) {
			this.expiration = expiration;
			}

			public Long getRefreshExpiration() {
			return refreshExpiration;
			}

			public void setRefreshExpiration(Long refreshExpiration) {
			this.refreshExpiration = refreshExpiration;
			}

			public String getHeader() {
			return header;
			}

			public void setHeader(String header) {
			this.header = header;
			}

			public String getTokenHead() {
			return tokenHead;
			}

			public void setTokenHead(String tokenHead) {
			this.tokenHead = tokenHead;
			}

			public String getLoginUserHeader() {
			return loginUserHeader;
			}

			public void setLoginUserHeader(String loginUserHeader) {
			this.loginUserHeader = loginUserHeader;
			}
			}

			@@ -24,7 +24,7 @@
			dubbo:
			registry:
			protocol: nacos
			address: nacos://192.168.0.62:18848?namespace=e07a2454-136b-4498-99eb-09dae3336ebe&username=gkhy_safeplatform_out&password=9485uyJHISes09t
			address: nacos://192.168.0.52:8848?namespace=e07a2454-136b-4498-99eb-09dae3336ebe&username=gkhy_safeplatform_out&password=9485uyJHISes09t
			application:
			name: gkhy-safeplatform-account-provider
			scan:
			@@ -41,13 +41,20 @@
			check: false

			minio:
			endPoint: 192.168.0.62
			endPoint: 192.168.0.52
			port: 9001
			accessKey: kH6eiQtNrWqGNb1r
			secretKey: ff5ykVUJJn0hi5PghsitdGNSsrW0Xrju
			secure: false
			bucketName: szh-stu
			urlPrefix: http://192.168.0.62/file
			urlPrefix: http://192.168.0.52/file


			token:
			header: Authorization
			secret: safe666
			expiration: 7200
			refreshExpiration: 14400
			tokenHead: Bearer
			loginUserHeader: uid