From 98fd519b7384c91ea6d33c00c3cdba1795b22e53 Mon Sep 17 00:00:00 2001
From: SZH <szh_hello@163.com>
Date: 星期一, 27 六月 2022 19:05:52 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'
---
emergency/pom.xml | 19 ++
safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/accountController/LoginController.java | 27 +++
emergency/emergency-rpc-api/pom.xml | 15 +
safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java | 302 ++++++++++++++++-----------------
safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java | 19 -
emergency/emergency-rpc-provider/src/main/java/com/gkhy/safePlatform/emergency/rpc/provider/EmergencyDemoRpcProvider.java | 2
safePlatfrom-out-web/src/main/resources/config/application-dev.yaml | 15 +
emergency/emergency-service/pom.xml | 6
emergency/emergency-rpc-provider/pom.xml | 7
emergency/emergency-service/src/main/java/com/gkhy/safePlatform/emergency/controller/Test.java | 6
goal-manage/goal-manage-rpc-api/pom.xml | 15 +
goal-manage/goal-manage-service/src/main/java/com/gkhy/safePlatform/goalManage/model/dto/req/CreateGoalReqDTO.java | 4
goal-manage/pom.xml | 16 +
safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenConfig.java | 76 ++++++++
14 files changed, 340 insertions(+), 189 deletions(-)
diff --git a/emergency/emergency-rpc-api/pom.xml b/emergency/emergency-rpc-api/pom.xml
index 05936e9..3e5e275 100644
--- a/emergency/emergency-rpc-api/pom.xml
+++ b/emergency/emergency-rpc-api/pom.xml
@@ -2,15 +2,18 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <artifactId>emergency</artifactId>
- <groupId>com.gkhy.safePlatfrom</groupId>
- <version>1.0-SNAPSHOT</version>
- </parent>
+<!-- <parent>-->
+<!-- <artifactId>emergency</artifactId>-->
+<!-- <groupId>com.gkhy.safePlatfrom</groupId>-->
+<!-- <version>1.0-SNAPSHOT</version>-->
+<!-- </parent>-->
<modelVersion>4.0.0</modelVersion>
<packaging>jar</packaging>
+ <groupId>com.gkhy.safePlatfrom</groupId>
<artifactId>emergency-rpc-api</artifactId>
+ <version>1.0-SNAPSHOT</version>
+
<distributionManagement>
<!--稳定版本的仓库地址,必须是允许上传的私服地址-->
@@ -73,4 +76,4 @@
</build>
-</project>
\ No newline at end of file
+</project>
diff --git a/emergency/emergency-rpc-provider/pom.xml b/emergency/emergency-rpc-provider/pom.xml
index e481007..ca06c2e 100644
--- a/emergency/emergency-rpc-provider/pom.xml
+++ b/emergency/emergency-rpc-provider/pom.xml
@@ -17,7 +17,12 @@
<groupId>com.gkhy.safePlatfrom</groupId>
<artifactId>emergency-rpc-api</artifactId>
</dependency>
+ <dependency>
+ <groupId>com.gkhy.safePlatfrom</groupId>
+ <artifactId>emergency-service</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
</dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/emergency/emergency-rpc-provider/src/main/java/com/gkhy/safePlatform/emergency/rpc/provider/EmergencyDemoRpcProvider.java b/emergency/emergency-rpc-provider/src/main/java/com/gkhy/safePlatform/emergency/rpc/provider/EmergencyDemoRpcProvider.java
index 744d278..1b84a95 100644
--- a/emergency/emergency-rpc-provider/src/main/java/com/gkhy/safePlatform/emergency/rpc/provider/EmergencyDemoRpcProvider.java
+++ b/emergency/emergency-rpc-provider/src/main/java/com/gkhy/safePlatform/emergency/rpc/provider/EmergencyDemoRpcProvider.java
@@ -8,6 +8,8 @@
@DubboService
public class EmergencyDemoRpcProvider implements EmergencyDemoRpcAPi {
+
+
@Override
public String sayHello(User user) {
if(user == null)
diff --git a/emergency/emergency-service/pom.xml b/emergency/emergency-service/pom.xml
index 7154fa8..a91f4c3 100644
--- a/emergency/emergency-service/pom.xml
+++ b/emergency/emergency-service/pom.xml
@@ -19,7 +19,11 @@
<artifactId>emergency-rpc-api</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
+ <dependency>
+ <groupId>com.gkhy.safePlatfrom</groupId>
+ <artifactId>account-rpc-api</artifactId>
+ </dependency>
</dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/emergency/emergency-service/src/main/java/com/gkhy/safePlatform/emergency/controller/Test.java b/emergency/emergency-service/src/main/java/com/gkhy/safePlatform/emergency/controller/Test.java
index 821dc7c..9cc6852 100644
--- a/emergency/emergency-service/src/main/java/com/gkhy/safePlatform/emergency/controller/Test.java
+++ b/emergency/emergency-service/src/main/java/com/gkhy/safePlatform/emergency/controller/Test.java
@@ -1,6 +1,6 @@
package com.gkhy.safePlatform.emergency.controller;
-import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
+import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
import org.apache.dubbo.config.annotation.DubboReference;
import org.apache.log4j.LogManager;
import org.apache.log4j.Logger;
@@ -13,14 +13,14 @@
public class Test {
@DubboReference(check = false)
- private NameService nameService;
+ private UserAccountService userAccountService;
// private Logger logger = LogManager.getLogger(Test.class);
@RequestMapping(value = "/t/rpc",method = RequestMethod.GET)
public Object testRpc(String id){
- String resp = nameService.sayName(id);
+ String resp = userAccountService.sayName(id);
return resp;
}
}
diff --git a/emergency/pom.xml b/emergency/pom.xml
index 908322e..16cbcd8 100644
--- a/emergency/pom.xml
+++ b/emergency/pom.xml
@@ -17,5 +17,22 @@
<module>emergency-rpc-provider</module>
</modules>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>com.gkhy.safePlatfrom</groupId>
+ <artifactId>account-rpc-api</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
-</project>
\ No newline at end of file
+ <dependencies>
+ <dependency>
+ <groupId>com.gkhy.safePlatfrom</groupId>
+ <artifactId>account-rpc-api</artifactId>
+ </dependency>
+ </dependencies>
+
+
+</project>
diff --git a/goal-manage/goal-manage-rpc-api/pom.xml b/goal-manage/goal-manage-rpc-api/pom.xml
index a7cb4cf..3ad198b 100644
--- a/goal-manage/goal-manage-rpc-api/pom.xml
+++ b/goal-manage/goal-manage-rpc-api/pom.xml
@@ -2,16 +2,19 @@
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
- <parent>
- <artifactId>goal-manage</artifactId>
- <groupId>com.gkhy.safePlatfrom</groupId>
- <version>1.0-SNAPSHOT</version>
- </parent>
+<!-- <parent>-->
+<!-- <artifactId>goal-manage</artifactId>-->
+<!-- <groupId>com.gkhy.safePlatfrom</groupId>-->
+<!-- <version>1.0-SNAPSHOT</version>-->
+<!-- </parent>-->
<modelVersion>4.0.0</modelVersion>
<packaging>jar</packaging>
+ <groupId>com.gkhy.safePlatfrom</groupId>
<artifactId>goal-manage-rpc-api</artifactId>
+ <version>1.0-SNAPSHOT</version>
+
<distributionManagement>
<!--稳定版本的仓库地址,必须是允许上传的私服地址-->
@@ -74,4 +77,4 @@
</build>
-</project>
\ No newline at end of file
+</project>
diff --git a/goal-manage/goal-manage-service/src/main/java/com/gkhy/safePlatform/goalManage/model/dto/req/CreateGoalReqDTO.java b/goal-manage/goal-manage-service/src/main/java/com/gkhy/safePlatform/goalManage/model/dto/req/CreateGoalReqDTO.java
new file mode 100644
index 0000000..04c8b99
--- /dev/null
+++ b/goal-manage/goal-manage-service/src/main/java/com/gkhy/safePlatform/goalManage/model/dto/req/CreateGoalReqDTO.java
@@ -0,0 +1,4 @@
+package com.gkhy.safePlatform.goalManage.model.dto.req;
+
+public class CreateGoalReqDTO {
+}
diff --git a/goal-manage/pom.xml b/goal-manage/pom.xml
index cbd44f7..8efe0cc 100644
--- a/goal-manage/pom.xml
+++ b/goal-manage/pom.xml
@@ -17,12 +17,26 @@
<module>goal-manage-rpc-provider</module>
</modules>
+ <dependencyManagement>
+ <dependencies>
+ <dependency>
+ <groupId>com.gkhy.safePlatfrom</groupId>
+ <artifactId>account-rpc-api</artifactId>
+ <version>1.0-SNAPSHOT</version>
+ </dependency>
+ </dependencies>
+ </dependencyManagement>
+
<dependencies>
<dependency>
<groupId>com.gkhy.safePlatfrom</groupId>
<artifactId>emergency-rpc-api</artifactId>
</dependency>
+ <dependency>
+ <groupId>com.gkhy.safePlatfrom</groupId>
+ <artifactId>account-rpc-api</artifactId>
+ </dependency>
</dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/accountController/LoginController.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/accountController/LoginController.java
new file mode 100644
index 0000000..e257ec2
--- /dev/null
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/accountController/LoginController.java
@@ -0,0 +1,27 @@
+package com.gkhy.safePlatform.accountController;
+
+import com.alibaba.fastjson.JSONObject;
+import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
+import com.gkhy.safePlatform.account.rpc.apimodel.model.UserLoginRespDTO;
+import com.gkhy.safePlatform.commons.vo.ResultVO;
+import org.apache.dubbo.config.annotation.DubboReference;
+import org.apache.dubbo.config.annotation.DubboService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/auth")
+public class LoginController {
+
+ @DubboReference(check = false)
+ private UserAccountService userAccountService;
+
+ @RequestMapping("/login")
+ public ResultVO<UserLoginRespDTO> authLogin(@RequestBody JSONObject loginForm){
+ String username = loginForm.getString("username");
+ String password = loginForm.getString("password");
+ return userAccountService.authLogin(username, password);
+ }
+}
diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
index c9bd858..874b46f 100644
--- a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenAuthenticationFilter.java
@@ -1,155 +1,147 @@
-//package com.gkhy.safePlatform.config.security;
-//
-//import com.alibaba.fastjson.JSONArray;
-//import com.alibaba.fastjson.JSONObject;
-//import com.gkhy.safePlatform.account.model.cache.CacheUser;
-//import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
-//import com.gkhy.safePlatform.commons.config.token.TokenConfig;
-//import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
-//import com.gkhy.safePlatform.commons.enums.ResultCodes;
-//import com.gkhy.safePlatform.commons.exception.BusinessException;
-//import com.gkhy.safePlatform.commons.utils.RedisUtils;
-//import com.gkhy.safePlatform.commons.utils.StringUtils;
-//import com.gkhy.safePlatform.commons.vo.ResultVO;
-//import org.apache.dubbo.config.annotation.DubboReference;
-//import org.springframework.beans.factory.annotation.Autowired;
-//import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-//import org.springframework.security.core.GrantedAuthority;
-//import org.springframework.security.core.authority.SimpleGrantedAuthority;
-//import org.springframework.security.core.context.SecurityContextHolder;
-//import org.springframework.stereotype.Component;
-//import org.springframework.web.filter.OncePerRequestFilter;
-//
-//import javax.servlet.FilterChain;
-//import javax.servlet.ServletException;
-//import javax.servlet.http.HttpServletRequest;
-//import javax.servlet.http.HttpServletResponse;
-//import java.io.IOException;
-//import java.io.PrintWriter;
-//import java.util.ArrayList;
-//import java.util.List;
-//
-///**
-//* @Description: token登录过滤器
-//*/
-//@Component
-//public class TokenAuthenticationFilter extends OncePerRequestFilter {
-//
-// @Autowired
-// private TokenConfig tokenConfig;
-// @Autowired
-// private RedisUtils redisUtil;
-// @DubboReference(check = false)
-// private NameService nameService;
-//
-//
-//
-// @Override
-// protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {
-//
-// try {
-// //获取当前认证成功用户权限信息
-// UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
-// if (authRequest != null) {
-// SecurityContextHolder.getContext().setAuthentication(authRequest);
-// }
-// // 执行下一个 filter 过滤器链
-// chain.doFilter(req, resp);
-// } catch (BusinessException e) {
-// // 返回异常
-// this.writeJSON(req, resp, new ResultVO<>(e.getError()));
-// } catch (Exception e) {
-// e.printStackTrace();
-// this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
-// }
-//
-//
-// }
-//
-//
-// private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
-// // header获取token
-// String authToken = req.getHeader(tokenConfig.getHeader());
-// String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());
-//
-// if(authToken != null) {
-// // header 传入 userId
-// if (StringUtils.isBlank(loginUserId)) {
-// throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
-// }
-// // 登录成功时,会将权限数据存入redis
-// // 这里是验证获取权限信息
-// // 1.从redis中获取对应该用户的权限信息
-// String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
-// Object o = redisUtil.get(accessTokenKey);
-// // 2.token是否存在
-// if (o == null) {
-// // 是否存在
-// throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
-// }else{
-// Long userId = Long.valueOf(loginUserId);
-// CacheUser cacheUser = JSONObject.parseObject(o.toString(), CacheUser.class);
-// assert userId.equals(cacheUser.getUserId());
-// if ( !authToken.equals(cacheUser.getAccessToken())) {
-// throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
-// }
-//
-// // 3.redis获取权限
-// String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
-// Object oo = redisUtil.get(authoritiesKey);
-// List<GrantedAuthority> authorities;
-// // 4.redis中是否存在
-// if (oo != null) {
-// // 5.存在
-// String json = oo.toString();
-// authorities = JSONArray.parseArray(json, GrantedAuthority.class);
-// }else {
-// authorities = new ArrayList<>();
-// // 6.不存在=>数据库查询
-// List<String> roleCodes = nameService.getUserRoleCodeByUserId(userId);
-// // role
-// for (String roleCode : roleCodes) {
-// SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("ROLE_" + roleCode);
-// authorities.add(simpleGrantedAuthority);
-// }
-//
-// // permission
-// List<String> permissions = nameService.getUserPermissionByUserId(userId);
-// for (String permission : permissions) {
-// SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
-// authorities.add(simpleGrantedAuthority);
-// }
-// }
-//
-// // security对象中存入登陆者信息
-// return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);
-//
-// }
-//
-//
-//
-//
-//
-//
-// }
-// return null;
-// }
-//
-//
-//
-// protected void writeJSON(HttpServletRequest req,
-// HttpServletResponse resp,
-// ResultVO resultVO) throws IOException {
-// // 设置编码格式
-// resp.setContentType("text/json;charset=utf-8");
-// // 处理跨域问题
-// resp.setHeader("Access-Control-Allow-Origin", "*");
-// resp.setHeader("Access-Control-Allow-Methods", "POST, GET");
-//
-// //输出JSON
-// PrintWriter out = resp.getWriter();
-// out.write(JSONObject.toJSONString(resultVO));
-// out.flush();
-// out.close();
-// }
-//}
+package com.gkhy.safePlatform.config.security;
+
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
+import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
+import com.gkhy.safePlatform.commons.co.CacheUser;
+import com.gkhy.safePlatform.commons.enums.RedisKeyEnum;
+import com.gkhy.safePlatform.commons.enums.ResultCodes;
+import com.gkhy.safePlatform.commons.exception.BusinessException;
+import com.gkhy.safePlatform.commons.utils.StringUtils;
+import com.gkhy.safePlatform.commons.vo.ResultVO;
+import org.apache.dubbo.config.annotation.DubboReference;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+* @Description: token登录过滤器
+*/
+@Component
+public class TokenAuthenticationFilter extends OncePerRequestFilter {
+
+ @Autowired
+ private TokenConfig tokenConfig;
+ @DubboReference(check = false)
+ private UserAccountService userAccountService;
+
+
+
+ @Override
+ protected void doFilterInternal(HttpServletRequest req, HttpServletResponse resp, FilterChain chain) throws IOException, ServletException {
+
+ try {
+ //获取当前认证成功用户权限信息
+ UsernamePasswordAuthenticationToken authRequest = getAuthentication(req, resp);
+ if (authRequest != null) {
+ SecurityContextHolder.getContext().setAuthentication(authRequest);
+ }
+ // 执行下一个 filter 过滤器链
+ chain.doFilter(req, resp);
+ } catch (BusinessException e) {
+ // 返回异常
+ this.writeJSON(req, resp, new ResultVO<>(e.getError()));
+ } catch (Exception e) {
+ e.printStackTrace();
+ this.writeJSON(req, resp, new ResultVO<>(ResultCodes.SERVER_ERROR));
+ }
+
+
+ }
+
+
+ private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest req,HttpServletResponse resp) {
+ // header获取token
+ String authToken = req.getHeader(tokenConfig.getHeader());
+ String loginUserId = req.getHeader(tokenConfig.getLoginUserHeader());
+
+ if(authToken != null) {
+ // header 传入 userId
+ if (StringUtils.isBlank(loginUserId)) {
+ throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_LACK);
+ }
+ // 登录成功时,会将权限数据存入redis
+ // 这里是验证获取权限信息
+ // 1.从redis中获取对应该用户的权限信息
+ String accessTokenKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_TOKEN, loginUserId);
+ String o = userAccountService.getValueByKeyFromRedis(accessTokenKey);
+ // 2.token是否存在
+ if (o == null) {
+ // 是否存在
+ throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_SIGN_INVALID);
+ }else{
+ Long userId = Long.valueOf(loginUserId);
+ CacheUser cacheUser = JSONObject.parseObject(o, CacheUser.class);
+ assert userId.equals(cacheUser.getUserId());
+ if ( !authToken.equals(cacheUser.getAccessToken())) {
+ throw new BusinessException(ResultCodes.CLIENT_CREDENTIALS_TOKEN_INVALID);
+ }
+
+ // 3.redis获取权限
+ String authoritiesKey = RedisKeyEnum.authKey(RedisKeyEnum.AUTH_AUTHORITIES, userId);
+ String oo = userAccountService.getValueByKeyFromRedis(authoritiesKey);
+ List<GrantedAuthority> authorities;
+ // 4.redis中是否存在
+ if (oo != null) {
+ // 5.存在
+ authorities = JSONArray.parseArray(oo, GrantedAuthority.class);
+ }else {
+ authorities = new ArrayList<>();
+ // 6.不存在=>数据库查询
+ String roleCode = userAccountService.getUserRoleCodeByUserId(userId);
+ // role
+ authorities.add(new SimpleGrantedAuthority("ROLE_" + roleCode));
+
+ // permission
+ List<String> permissions = userAccountService.getUserPermissionByUserId(userId);
+ for (String permission : permissions) {
+ SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority(permission);
+ authorities.add(simpleGrantedAuthority);
+ }
+ }
+
+ // security对象中存入登陆者信息
+ return new UsernamePasswordAuthenticationToken(userId,authToken,authorities);
+
+ }
+
+
+
+
+
+
+ }
+ return null;
+ }
+
+
+
+ protected void writeJSON(HttpServletRequest req,
+ HttpServletResponse resp,
+ ResultVO resultVO) throws IOException {
+ // 设置编码格式
+ resp.setContentType("text/json;charset=utf-8");
+ // 处理跨域问题
+ resp.setHeader("Access-Control-Allow-Origin", "*");
+ resp.setHeader("Access-Control-Allow-Methods", "POST, GET");
+
+ //输出JSON
+ PrintWriter out = resp.getWriter();
+ out.write(JSONObject.toJSONString(resultVO));
+ out.flush();
+ out.close();
+ }
+}
diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenConfig.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenConfig.java
new file mode 100644
index 0000000..f443806
--- /dev/null
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/TokenConfig.java
@@ -0,0 +1,76 @@
+package com.gkhy.safePlatform.config.security;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+
+/**
+* @Description: jwt工具类
+* @date 2022/6/14 10:34
+*/
+@Component
+public class TokenConfig {
+
+
+ @Value("${token.secret}")
+ private String secret;
+ @Value("${token.expiration}")
+ private Long expiration;
+ @Value("${token.refreshExpiration}")
+ private Long refreshExpiration;
+ @Value("${token.header}")
+ private String header;
+ @Value("${token.tokenHead}")
+ private String tokenHead;
+ @Value("${token.loginUserHeader}")
+ private String loginUserHeader;
+
+
+ public String getSecret() {
+ return secret;
+ }
+
+ public void setSecret(String secret) {
+ this.secret = secret;
+ }
+
+ public Long getExpiration() {
+ return expiration;
+ }
+
+ public void setExpiration(Long expiration) {
+ this.expiration = expiration;
+ }
+
+ public Long getRefreshExpiration() {
+ return refreshExpiration;
+ }
+
+ public void setRefreshExpiration(Long refreshExpiration) {
+ this.refreshExpiration = refreshExpiration;
+ }
+
+ public String getHeader() {
+ return header;
+ }
+
+ public void setHeader(String header) {
+ this.header = header;
+ }
+
+ public String getTokenHead() {
+ return tokenHead;
+ }
+
+ public void setTokenHead(String tokenHead) {
+ this.tokenHead = tokenHead;
+ }
+
+ public String getLoginUserHeader() {
+ return loginUserHeader;
+ }
+
+ public void setLoginUserHeader(String loginUserHeader) {
+ this.loginUserHeader = loginUserHeader;
+ }
+}
diff --git a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java
index d152a68..3c6ef70 100644
--- a/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java
+++ b/safePlatfrom-out-web/src/main/java/com/gkhy/safePlatform/config/security/WebSecurityConfig.java
@@ -1,6 +1,6 @@
package com.gkhy.safePlatform.config.security;
-import com.gkhy.safePlatform.account.rpc.apimodel.NameService;
+import com.gkhy.safePlatform.account.rpc.apimodel.UserAccountService;
import com.gkhy.safePlatform.config.security.customzie.CustomizeAccessDeniedHandler;
import com.gkhy.safePlatform.config.security.customzie.CustomizeAuthenticationEntryPoint;
import org.apache.dubbo.config.annotation.DubboReference;
@@ -14,6 +14,7 @@
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
@@ -30,12 +31,8 @@
@Resource
private CustomizeAuthenticationEntryPoint authenticationEntryPoint;
-// @Resource
-// private TokenAuthenticationFilter tokenAuthenticationFilter;
-
- @DubboReference(check = false)
- private NameService nameService;
-
+ @Resource
+ private TokenAuthenticationFilter tokenAuthenticationFilter;
@@ -48,15 +45,15 @@
// 关闭session
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
// 登录json放行
- http.authorizeRequests().anyRequest().permitAll();
+ http.authorizeRequests().antMatchers("/auth/login").permitAll();
// 关闭
http.headers().cacheControl();
// jwt过滤器
-// http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
+ http.addFilterBefore(tokenAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
// 没有登录,没有权限 => 自定义返回
http.exceptionHandling().authenticationEntryPoint(authenticationEntryPoint).accessDeniedHandler(accessDeniedHandler);
// 请求认证访问
-// http.authorizeRequests().anyRequest().authenticated();
+ http.authorizeRequests().anyRequest().authenticated();
// 允许跨域访问
http.cors();
@@ -80,7 +77,7 @@
@Bean
@Qualifier("myUserDetailService")
protected UserDetailsService userDetailsService(){
- return username -> nameService.getUserDetailsByUsername(username);
+ return (username)-> (UserDetails) new Object();
}
diff --git a/safePlatfrom-out-web/src/main/resources/config/application-dev.yaml b/safePlatfrom-out-web/src/main/resources/config/application-dev.yaml
index 63cfbe7..4279034 100644
--- a/safePlatfrom-out-web/src/main/resources/config/application-dev.yaml
+++ b/safePlatfrom-out-web/src/main/resources/config/application-dev.yaml
@@ -11,7 +11,7 @@
datasource:
one:
driver-class-name: com.mysql.cj.jdbc.Driver
- url: jdbc:mysql://192.168.0.52:3306/safeplatform.out.dev?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=Asia/Shanghai
+ url: jdbc:mysql://twt.sinanoaq.com:13306/zhongtai.demo?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8&useSSL=false&serverTimezone=Asia/Shanghai
username: root
password: Sinanoaq#415
type: com.alibaba.druid.pool.DruidDataSource
@@ -43,11 +43,18 @@
minio:
endPoint: 192.168.0.52
port: 9001
- accessKey: MhLac53T2KD88fwD
- secretKey: dGcLziFwyKaXuMcug385cfb6iGy61U8q
+ accessKey: kH6eiQtNrWqGNb1r
+ secretKey: ff5ykVUJJn0hi5PghsitdGNSsrW0Xrju
secure: false
- bucketName: safeplatform-dev
+ bucketName: szh-stu
urlPrefix: http://192.168.0.52/file
+token:
+ header: Authorization
+ secret: safe666
+ expiration: 7200
+ refreshExpiration: 14400
+ tokenHead: Bearer
+ loginUserHeader: uid
--
Gitblit v1.9.2