优化security 登录

2025-07-13 23:37:28 +08:00 · 2018-11-21 11:31:15 +08:00 · 2018-11-21 11:31:15 +08:00 · df5204bc10
commit df5204bc10
parent 535b47bc9e
7 changed files with 102 additions and 28 deletions
--- a/pom.xml
+++ b/pom.xml
@ -5,7 +5,7 @@
    <groupId>com.yexuejc.springboot</groupId>
    <artifactId>yexuejc-springboot-parent</artifactId>
-    <version>1.1.5</version>
+    <version>1.1.6</version>
    <packaging>pom</packaging>
    <name>${project.artifactId}</name>
--- a/yexuejc-springboot-base/pom.xml
+++ b/yexuejc-springboot-base/pom.xml
@ -9,7 +9,7 @@
    <parent>
        <groupId>com.yexuejc.springboot</groupId>
        <artifactId>yexuejc-springboot-parent</artifactId>
-        <version>1.1.5</version>
+        <version>1.1.6</version>
        <!-- 本地打包：使用相对关联路径 -->
        <!--<relativePath>../../yexuejc</relativePath>-->
    </parent>
--- a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/exception/ClassConvertExeption.java
+++ b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/exception/ClassConvertExeption.java
@ -0,0 +1,24 @@
 package com.yexuejc.springboot.base.exception;
 /**
 * 类型转换异常
 *
 * @author: maxf
 * @date: 2018/5/12 18:36
 */
 public class ClassConvertExeption extends RuntimeException {
    private static final long serialVersionUID = -2390195902982826130L;
    /**
     * 错误码
     */
    private String code = "E";
    public ClassConvertExeption() {
        super("类型转换异常");
    }
    public ClassConvertExeption(String message) {
        super(message);
    }
 }
--- a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/SecurityConfig.java
+++ b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/SecurityConfig.java
@ -1,12 +1,10 @@
 package com.yexuejc.springboot.base.security;
 import com.yexuejc.springboot.base.autoconfigure.MutiRedisAutoConfiguration;
 import com.yexuejc.springboot.base.security.inte.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.context.annotation.Bean;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.BeanIds;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@ -17,6 +15,7 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.password.NoOpPasswordEncoder;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.context.SecurityContextRepository;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
@ -39,10 +38,6 @@ public abstract class SecurityConfig extends WebSecurityConfigurerAdapter {
        return super.authenticationManagerBean();
    }
    @Autowired
    @Qualifier(MutiRedisAutoConfiguration.BEAN_REDIS_TEMPLATE0)
    private RedisTemplate<Object, Object> redisTemplate0;
    @Bean
    public static NoOpPasswordEncoder passwordEncoder() {
@ -58,11 +53,31 @@ public abstract class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        UserDetailsService userDetailsService = new UserDetailsManager(getUserService());
+        UserDetailsService userDetailsService = createUserDetailsManager();
-        auth.authenticationProvider(new ConsumerAuthenticationProvider(userDetailsService, getUserService()));
+        AuthenticationProvider authenticationProvider = createConsumerAuthenticationProvider(userDetailsService);
        auth.authenticationProvider(authenticationProvider);
        auth.userDetailsService(userDetailsService);
    }
    /**
     * 初始化 AuthenticationProvider
     *
     * @param userDetailsService
     * @return
     */
    protected AuthenticationProvider createConsumerAuthenticationProvider(UserDetailsService userDetailsService) {
        return new ConsumerAuthenticationProvider(userDetailsService, getUserService());
    }
    /**
     * 初始化 UserDetailsService
     *
     * @return
     */
    protected UserDetailsService createUserDetailsManager() {
        return new UserDetailsManager(getUserService());
    }
    @Bean
    public ConsumerAuthenticationProcessingFilter consumerAuthenticationProcessingFilter(
@ -134,7 +149,7 @@ public abstract class SecurityConfig extends WebSecurityConfigurerAdapter {
                .cors()
                .and().servletApi().disable()
                .requestCache().disable()
-                .securityContext().securityContextRepository(new ConsumerSecurityContextRepository(redisTemplate0))
+                .securityContext().securityContextRepository(createConsumerSecurityContextRepository())
                .and()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
@ -142,6 +157,22 @@ public abstract class SecurityConfig extends WebSecurityConfigurerAdapter {
                UsernamePasswordAuthenticationFilter.class);
    }
    /**
     * 创建 SecurityContextRepository
     *
     * @return
     */
    protected SecurityContextRepository createConsumerSecurityContextRepository() {
        return new ConsumerSecurityContextRepository(getRedisDB());
    }
    /**
     * 初始化放置用户信息的reids库
     *
     * @return
     */
    protected abstract RedisTemplate<Object, Object> getRedisDB();
    @Override
    public void configure(WebSecurity web) throws Exception {
--- a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/UserDetailsManager.java
+++ b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/UserDetailsManager.java
@ -1,6 +1,7 @@
 package com.yexuejc.springboot.base.security;
 import com.yexuejc.base.util.StrUtil;
 import com.yexuejc.springboot.base.exception.ClassConvertExeption;
 import com.yexuejc.springboot.base.exception.UserNotAuthoriayException;
 import com.yexuejc.springboot.base.security.inte.User;
 import com.yexuejc.springboot.base.security.inte.UserService;
@ -31,22 +32,34 @@ public class UserDetailsManager extends InMemoryUserDetailsManager {
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-        User consumer = userService.getConsumerByUserName(username);
+        return loadUser(username);
-        if (StrUtil.isEmpty(consumer)) {
+    }
-            throw new UsernameNotFoundException(username);
+
    protected ConsumerUser loadUser(String username) {
        Object user = userService.getConsumerByUserName(username);
        if (user instanceof User) {
            User consumer = (User) user;
            if (StrUtil.isEmpty(consumer)) {
                throw new UsernameNotFoundException(username);
            }
            // 处理用户权限
            List<GrantedAuthority> authorities = new ArrayList<>();
            if (StrUtil.isEmpty(consumer.getRoles())) {
                throw new UserNotAuthoriayException("用户" + username + "缺少权限");
            }
            for (String role : consumer.getRoles()) {
                authorities.add(new SimpleGrantedAuthority(role));
            }
            ConsumerUser consumerUser = new ConsumerUser(consumer.getMobile(), consumer.getPwd(),
                    consumer.getEnable(), consumer.getNonExpire(), true, consumer.getNonLock(),
                    authorities, consumer.getConsumerId(), null, System.currentTimeMillis());
            return consumerUser;
        } else if (user instanceof ConsumerUser) {
            return (ConsumerUser) user;
        } else {
            throw new ClassConvertExeption("获取登录用户信息返回结果类型必须是com.yexuejc.springboot.base.security.inte.User实现类" +
                    "或者com.yexuejc.springboot.base.security.ConsumerUser继承类");
        }
        // 处理用户权限
        List<GrantedAuthority> authorities = new ArrayList<>();
        if (StrUtil.isEmpty(consumer.getRoles())) {
            throw new UserNotAuthoriayException("用户" + username + "缺少权限");
        }
        for (String role : consumer.getRoles()) {
            authorities.add(new SimpleGrantedAuthority(role));
        }
        ConsumerUser consumerUser = new ConsumerUser(consumer.getMobile(), consumer.getPwd(),
                consumer.getEnable(), consumer.getNonExpire(), true, consumer.getNonLock(),
                authorities, consumer.getConsumerId(), null, System.currentTimeMillis());
        return consumerUser;
    }
 }
--- a/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/inte/UserService.java
+++ b/yexuejc-springboot-base/src/main/java/com/yexuejc/springboot/base/security/inte/UserService.java
@ -18,7 +18,7 @@ public interface UserService {
     * @param username 登录账号
     * @return
     */
-    User getConsumerByUserName(String username);
+    Object getConsumerByUserName(String username);
    /**
     * 校验短信验证码=>短信登录
--- a/yexuejc-springboot-base/src/test/java/com/yexuejc/springboot/base/security/MySecurityConfig.java
+++ b/yexuejc-springboot-base/src/test/java/com/yexuejc/springboot/base/security/MySecurityConfig.java
@ -47,6 +47,11 @@ public class MySecurityConfig extends SecurityConfig {
    @Qualifier(MutiRedisAutoConfiguration.BEAN_REDIS_TEMPLATE0)
    private RedisTemplate<Object, Object> redisTemplate0;
    @Override
    protected RedisTemplate<Object, Object> getRedisDB() {
        return redisTemplate0;
    }
    /**
     * 保存登录信息至redis
     *
@ -184,4 +189,5 @@ public class MySecurityConfig extends SecurityConfig {
            response.getWriter().close();
        });
    }
 }