mirror of
https://gitee.com/incloudcode/yexuejc-springboot.git
synced 2025-09-28 02:43:21 +08:00
Merge branch 'tmp111' into 2.x
# Conflicts: # README.md # UPDATE.md # doc/MENU.md # doc/SECURITY.md # pom.xml # yexuejc-springboot-base/pom.xml # yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/ConsumerAuthenticationProcessingFilter.java # yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/UserDetailsManager.java # yexuejc-springboot-base/src/test/java/com/yexuejc/springboot/base/security/MySecurityConfig.java # yexuejc-springboot-base/src/test/java/com/yexuejc/springboot/base/security/UserServiceImpl.java # yexuejc-springboot-base/src/test/java/com/yexuejc/springboot/base/web/SecurityCtrl.java
This commit is contained in:
@@ -62,13 +62,6 @@
|
||||
<artifactId>aliyun-sdk-oss</artifactId>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<!-- 阿里云消息服务MNS相关SDK -->
|
||||
<dependency>
|
||||
<groupId>com.aliyun.mns</groupId>
|
||||
<artifactId>aliyun-sdk-mns</artifactId>
|
||||
<classifier>jar-with-dependencies</classifier>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<!-- JJWT -->
|
||||
<dependency>
|
||||
<groupId>io.jsonwebtoken</groupId>
|
||||
@@ -105,9 +98,7 @@
|
||||
<groupId>com.h2database</groupId>
|
||||
<artifactId>h2</artifactId>
|
||||
<optional>true</optional>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-test</artifactId>
|
||||
|
||||
@@ -0,0 +1,28 @@
|
||||
package com.yexuejc.springboot.base.exception;
|
||||
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
|
||||
/**
|
||||
* 用户无权限
|
||||
*
|
||||
* @author maxf
|
||||
* @version 1.0
|
||||
* @ClassName UserNotAuthoriayException
|
||||
* @Description
|
||||
* @date 2018/11/20 20:13
|
||||
*/
|
||||
public class UserNotAuthoriayException extends AuthenticationException {
|
||||
private static final long serialVersionUID = 7752594158082817319L;
|
||||
|
||||
public UserNotAuthoriayException() {
|
||||
super("用户缺少权限");
|
||||
}
|
||||
|
||||
public UserNotAuthoriayException(String msg, Throwable t) {
|
||||
super(msg, t);
|
||||
}
|
||||
|
||||
public UserNotAuthoriayException(String msg) {
|
||||
super(msg);
|
||||
}
|
||||
}
|
||||
@@ -85,23 +85,8 @@ public class ConsumerAuthenticationProcessingFilter extends AbstractAuthenticati
|
||||
throw new AuthenticationServiceException(
|
||||
"Authentication method not supported: " + request.getMethod());
|
||||
}
|
||||
String logtype = obtainLogtype(request);
|
||||
System.out.println("登录方式:" + logtype);
|
||||
String username = "";
|
||||
String password = "";
|
||||
if (logtype == null) {
|
||||
logtype = "";
|
||||
}
|
||||
String openid = "";
|
||||
String smscode = "";
|
||||
/**第三方登录:微信 用户头像*/
|
||||
String head = "";
|
||||
String nickname = "";
|
||||
String sex = "";
|
||||
//根据不同登录方式做不同处理
|
||||
getParams(request, logtype, username, password, smscode, openid, sex, head, nickname);
|
||||
UsernamePasswordAuthenticationToken authRequest = new ConsumerToken(
|
||||
logtype, smscode, openid, username, password, head, nickname, sex);
|
||||
|
||||
UsernamePasswordAuthenticationToken authRequest = getParams(request);
|
||||
|
||||
// Allow subclasses to set the "details" property
|
||||
setDetails(request, authRequest);
|
||||
@@ -120,18 +105,23 @@ public class ConsumerAuthenticationProcessingFilter extends AbstractAuthenticati
|
||||
/**
|
||||
* 根据登录方式获取请求参数
|
||||
*
|
||||
* @param request 登录请求
|
||||
* @param logtype 登录类型
|
||||
* @param username 账号
|
||||
* @param password 密码
|
||||
* @param smscode 短信验证码
|
||||
* @param openid 第三封授权id
|
||||
* @param sex 附加:性别
|
||||
* @param head 附加:头像(源头像路径)
|
||||
* @param nickname 附加:昵称
|
||||
* @param request 登录请求
|
||||
*/
|
||||
protected void getParams(HttpServletRequest request, String logtype, String username, String password,
|
||||
String smscode, String openid, String sex, String head, String nickname) {
|
||||
protected UsernamePasswordAuthenticationToken getParams(HttpServletRequest request) {
|
||||
String logtype = obtainLogtype(request);
|
||||
System.out.println("登录方式:" + logtype);
|
||||
String username = "";
|
||||
String password = "";
|
||||
if (logtype == null) {
|
||||
logtype = "";
|
||||
}
|
||||
String openid = "";
|
||||
String smscode = "";
|
||||
/**第三方登录:微信 用户头像*/
|
||||
String head = "";
|
||||
String nickname = "";
|
||||
String sex = "";
|
||||
//根据不同登录方式做不同处理
|
||||
switch (logtype) {
|
||||
case LogTypeConsts.SMS:
|
||||
//短信登录
|
||||
@@ -165,6 +155,8 @@ public class ConsumerAuthenticationProcessingFilter extends AbstractAuthenticati
|
||||
password = obtainPassword(request);
|
||||
break;
|
||||
}
|
||||
return new ConsumerToken(
|
||||
logtype, smscode, openid, username, password, head, nickname, sex);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
package com.yexuejc.springboot.base.security;
|
||||
|
||||
import com.yexuejc.base.util.StrUtil;
|
||||
import com.yexuejc.springboot.base.exception.UserNotAuthoriayException;
|
||||
import com.yexuejc.springboot.base.security.inte.User;
|
||||
import com.yexuejc.springboot.base.security.inte.UserService;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
@@ -36,6 +37,9 @@ public class UserDetailsManager extends InMemoryUserDetailsManager {
|
||||
}
|
||||
// 处理用户权限
|
||||
List<GrantedAuthority> authorities = new ArrayList<>();
|
||||
if (StrUtil.isEmpty(consumer.getRoles())) {
|
||||
throw new UserNotAuthoriayException("用户" + username + "缺少权限");
|
||||
}
|
||||
for (String role : consumer.getRoles()) {
|
||||
authorities.add(new SimpleGrantedAuthority(role));
|
||||
}
|
||||
|
||||
@@ -9,6 +9,7 @@ import com.yexuejc.base.util.StrUtil;
|
||||
import com.yexuejc.springboot.base.autoconfigure.MutiRedisAutoConfiguration;
|
||||
import com.yexuejc.springboot.base.constant.BizConsts;
|
||||
import com.yexuejc.springboot.base.exception.ThirdPartyAuthorizationException;
|
||||
import com.yexuejc.springboot.base.exception.UserNotAuthoriayException;
|
||||
import com.yexuejc.springboot.base.security.inte.UserService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Qualifier;
|
||||
@@ -123,6 +124,8 @@ public class MySecurityConfig extends SecurityConfig {
|
||||
resps.setErr(RespsConsts.CODE_FAIL, new String[]{BizConsts.BASE_PWD_IS_ERR_MSG});
|
||||
} else if (exception instanceof UsernameNotFoundException) {
|
||||
resps.setErr(RespsConsts.CODE_FAIL, new String[]{BizConsts.BASE_ACCOUNT_NOT_FOUND_MSG});
|
||||
} else if (exception instanceof UserNotAuthoriayException) {
|
||||
resps.setErr(RespsConsts.CODE_FAIL, new String[]{exception.getMessage()});
|
||||
} else {
|
||||
resps.setErr(RespsConsts.CODE_FAIL, new String[]{BizConsts.BASE_SYS_ERR_MSG});
|
||||
}
|
||||
|
||||
@@ -52,6 +52,9 @@ public class UserServiceImpl implements UserService {
|
||||
QueryWrapper queryWrapper = new QueryWrapper();
|
||||
queryWrapper.eq("mobile", username);
|
||||
Consumer consumer = consumerMapper.selectOne(queryWrapper);
|
||||
ArrayList roles = new ArrayList<>();
|
||||
roles.add("ROLE_CONSUMER");
|
||||
consumer.setRoles(roles);
|
||||
return consumer;
|
||||
}
|
||||
|
||||
|
||||
@@ -19,4 +19,5 @@ import org.springframework.web.bind.annotation.RestController;
|
||||
@RestController
|
||||
public class SecurityCtrl {
|
||||
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user