mirror of
https://github.com/luoye663/e5.git
synced 2024-12-26 03:38:53 +00:00
增加角色权限
This commit is contained in:
LuoYe_MyWork
parent
8a5f152315
commit
8b453b16b8
@ -22,12 +22,13 @@ import java.util.Map;
|
||||
public class RabbitMQConfig {
|
||||
@Value("")
|
||||
private String DirectQueueName;
|
||||
|
||||
/**
|
||||
* 处理死信队列的消费队列
|
||||
* */
|
||||
*/
|
||||
@Bean
|
||||
public Queue fanoutQueue1() {
|
||||
return new Queue("delay_queue1", true, false, false);
|
||||
return new Queue("delay_queue3", true, false, false);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -37,13 +38,14 @@ public class RabbitMQConfig {
|
||||
* HeadersExchange :通过添加属性key-value匹配
|
||||
* DirectExchange:按照routingkey分发到指定队列
|
||||
* TopicExchange:多关键字匹配
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Bean
|
||||
public CustomExchange customExchangeDelay() {
|
||||
Map<String, Object> arg = new HashMap<>();
|
||||
arg.put("x-delayed-type", "direct");
|
||||
return new CustomExchange("delay","x-delayed-message",true, false,arg);
|
||||
return new CustomExchange("delay3", "x-delayed-message", true, false, arg);
|
||||
}
|
||||
|
||||
/*@Bean
|
||||
@ -54,7 +56,7 @@ public class RabbitMQConfig {
|
||||
//绑定 将队列和交换机绑定,
|
||||
@Bean
|
||||
public Binding bindingFanoutQueue1() {
|
||||
return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay").noargs();
|
||||
return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay3").noargs();
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -2,6 +2,9 @@ package io.qyi.e5.config.security;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import io.qyi.e5.util.ResultUtil;
|
||||
import io.qyi.e5.util.redis.RedisUtil;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
@ -25,16 +28,21 @@ import java.util.Map;
|
||||
* @create: 2019-12-27 08:57
|
||||
**/
|
||||
@Component
|
||||
public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler {
|
||||
public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler {
|
||||
@Autowired
|
||||
RedisUtil redisUtil;
|
||||
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
|
||||
UsernamePasswordAuthenticationToken at = (UsernamePasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
Gson gson = new Gson();
|
||||
httpServletResponse.setContentType("application/json;charset=utf-8");
|
||||
PrintWriter writer = httpServletResponse.getWriter();
|
||||
Map<String, String> token = new HashMap<>();
|
||||
Map<String, Object> token = new HashMap<>();
|
||||
token.put("token", at.getToken());
|
||||
token.put("username", at.getName());
|
||||
token.put("authority", at.getAuthority());
|
||||
token.put("expire", (int) redisUtil.getExpire("token:" + at.getToken()));
|
||||
writer.write(gson.toJson(ResultUtil.success(token)) );
|
||||
writer.flush();
|
||||
}
|
||||
|
||||
@ -1,14 +1,15 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
||||
import io.qyi.e5.service.security.SecurityUserService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
|
||||
/**
|
||||
@ -24,64 +25,50 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@Autowired
|
||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
||||
|
||||
@Autowired
|
||||
private SecurityUserService securityUserService;
|
||||
|
||||
@Autowired
|
||||
UsernamePasswordAuthenticationConfig usernamePasswordAuthenticationConfig;
|
||||
|
||||
@Autowired
|
||||
UrlAccessDecisionManager myAccessDecisionManager;
|
||||
|
||||
@Autowired
|
||||
UrlInvocationSecurityMetadataSourceService myInvocationSecurityMetadataSourceService;
|
||||
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
System.out.println("AuthenticationManagerBuilder auth");
|
||||
// auth.userDetailsService(securityUserService).passwordEncoder(new BCryptPasswordEncoder());
|
||||
// auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
|
||||
// .withUser("user").password(new BCryptPasswordEncoder().encode("123")).roles("user").and()
|
||||
// .withUser("admin").password(new BCryptPasswordEncoder().encode("admin")).roles("USER", "ADMIN");
|
||||
}
|
||||
|
||||
// 通过重载该方法,可配置如何通过拦截器保护请求。
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
System.out.println("HttpSecurity http");
|
||||
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
http.csrf().disable()
|
||||
.apply(usernamePasswordAuthenticationConfig);
|
||||
/*关闭创建session*/
|
||||
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
/*formLogin()
|
||||
.loginPage("/user/login")// 登陆页面
|
||||
.loginProcessingUrl("/user/loginFrom")// 登陆表单提交请求
|
||||
.and()*/
|
||||
http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证
|
||||
// .and()
|
||||
// .authorizeRequests().antMatchers("/quartz/**").permitAll()//测试
|
||||
.anyRequest()// 任何请求
|
||||
.authenticated();// 都需要身份认证
|
||||
// http.exceptionHandling().accessDeniedHandler();
|
||||
// http.formLogin().loginProcessingUrl("api/getInfo");
|
||||
|
||||
// http.formLogin().usernameParameter("username");
|
||||
// http.formLogin().passwordParameter("password");
|
||||
|
||||
// http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证
|
||||
// .accessDecisionManager(myAccessDecisionManager)
|
||||
http.authorizeRequests().
|
||||
anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor());
|
||||
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
/*自定义*/
|
||||
http.csrf().disable().apply(usernamePasswordAuthenticationConfig);
|
||||
//自定义过滤器
|
||||
}
|
||||
/**
|
||||
* 自定义 FilterSecurityInterceptor ObjectPostProcessor 以替换默认配置达到动态权限的目的
|
||||
* @return ObjectPostProcessor
|
||||
*/
|
||||
private ObjectPostProcessor<FilterSecurityInterceptor> filterSecurityInterceptorObjectPostProcessor() {
|
||||
return new ObjectPostProcessor<FilterSecurityInterceptor>() {
|
||||
@Override
|
||||
public <O extends FilterSecurityInterceptor> O postProcess(O object) {
|
||||
object.setAccessDecisionManager(myAccessDecisionManager);
|
||||
object.setSecurityMetadataSource(myInvocationSecurityMetadataSourceService);
|
||||
return object;
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
/*@Bean
|
||||
public LinkTokenAuthenticationFilter linkTokenAuthenticationFilter (){
|
||||
return new LinkTokenAuthenticationFilter();
|
||||
}*/
|
||||
|
||||
/*@Bean
|
||||
public AccessDeniedHandler getAccessDeniedHandler() {
|
||||
return new RestAuthenticationAccessDeniedHandler();
|
||||
}*/
|
||||
|
||||
/* @Override
|
||||
public void configure(WebSecurity web) {
|
||||
System.out.println("WebSecurity web");
|
||||
String antPatterns = "/pdfjs-2.1.266/**,/favicon.ico,/css/**,/js/**,/ico/**,/images/**,/jquery-1.12.4/**,/uuid-1.4/**,/layui-2.4.5/**,/jquery-easyui-1.6.11/**,/zTree-3.5.33/**,/select2-4.0.5/**,/greensock-js-1.20.5/**";
|
||||
web.ignoring().antMatchers(antPatterns.split(","));
|
||||
}*/
|
||||
|
||||
}
|
||||
|
||||
@ -0,0 +1,66 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.security.access.AccessDecisionManager;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.authentication.InsufficientAuthenticationException;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Iterator;
|
||||
|
||||
/**
|
||||
* 决策管理器
|
||||
*
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-06-15 16:11
|
||||
**/
|
||||
@Slf4j
|
||||
@Service
|
||||
public class UrlAccessDecisionManager implements AccessDecisionManager {
|
||||
@Override
|
||||
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
|
||||
log.info("进入权限判断!");
|
||||
if (collection == null) {
|
||||
return;
|
||||
}
|
||||
log.info("object is a URL. {}", o.toString());
|
||||
//所请求的资源拥有的权限(一个资源对多个权限)
|
||||
Iterator<ConfigAttribute> iterator = collection.iterator();
|
||||
while (iterator.hasNext()) {
|
||||
ConfigAttribute configAttribute = iterator.next();
|
||||
//访问所请求资源所需要的权限
|
||||
String needPermission = configAttribute.getAttribute();
|
||||
log.info("访问 " + o.toString() + " 需要的权限是:" + needPermission);
|
||||
if (needPermission == null) {
|
||||
break;
|
||||
}
|
||||
//用户所拥有的权限authentication
|
||||
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
|
||||
for (GrantedAuthority ga : authorities) {
|
||||
if (needPermission.equals(ga.getAuthority())) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
//没有权限
|
||||
throw new AccessDeniedException("无权限!");
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(ConfigAttribute configAttribute) {
|
||||
log.info("进入权限判断! ConfigAttribute configAttribute");
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(Class<?> aClass) {
|
||||
log.info("进入权限判断! Class<?> aClass");
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,78 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-06-17 16:25
|
||||
**/
|
||||
@Slf4j
|
||||
@Service
|
||||
public class UrlInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
|
||||
|
||||
private HashMap<String, Collection<ConfigAttribute>> map =null;
|
||||
/**
|
||||
* 加载权限表中所有权限
|
||||
* 这里有一个坑,如果map返回是null,是不会AccessDecisionManager,默认放行。
|
||||
*/
|
||||
public void loadResourceDefine(){
|
||||
log.info("加载权限表中所有权限");
|
||||
map = new HashMap<>();
|
||||
Collection<ConfigAttribute> array;
|
||||
ConfigAttribute cfg;
|
||||
Map<String, String> permissions = new HashMap<>();
|
||||
permissions.put("/admin/**", "admin");
|
||||
permissions.put("/**", "user");
|
||||
Iterator<Map.Entry<String, String>> iterator = permissions.entrySet().iterator();
|
||||
while (iterator.hasNext()) {
|
||||
Map.Entry<String, String> next = iterator.next();
|
||||
String key = next.getKey();
|
||||
String value = next.getValue();
|
||||
|
||||
array = new ArrayList<>();
|
||||
cfg = new SecurityConfig(value);
|
||||
array.add(cfg);
|
||||
map.put(key, array);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
|
||||
if(map ==null) loadResourceDefine();
|
||||
//object 中包含用户请求的request 信息
|
||||
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
|
||||
AntPathRequestMatcher matcher;
|
||||
String resUrl;
|
||||
for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
|
||||
resUrl = iter.next();
|
||||
matcher = new AntPathRequestMatcher(resUrl);
|
||||
if(matcher.matches(request)) {
|
||||
return map.get(resUrl);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(Class<?> aClass) {
|
||||
return FilterInvocation.class.isAssignableFrom(aClass);
|
||||
}
|
||||
}
|
||||
@ -1,12 +1,15 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
||||
import io.qyi.e5.config.security.filter.LoginAuthenticationFilter;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.stereotype.Component;
|
||||
@ -25,10 +28,12 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap
|
||||
@Autowired
|
||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
||||
|
||||
|
||||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter();
|
||||
|
||||
|
||||
logger.info("自定义用户认证处理逻辑");
|
||||
// 自定义用户认证处理逻辑时,需要指定AuthenticationManager,否则无法认证
|
||||
authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
|
||||
@ -36,12 +41,11 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap
|
||||
// 指定自定义的认证成功和失败的处理器
|
||||
authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler);
|
||||
authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler);
|
||||
|
||||
// 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前
|
||||
http.authenticationProvider(usernamePasswordAuthenticationProvider)
|
||||
.addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -18,9 +18,7 @@ import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* @program: e5
|
||||
@ -41,11 +39,15 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
|
||||
@Value("${isdebug}")
|
||||
boolean isDebug;
|
||||
|
||||
@Value("${user.admin.githubId}")
|
||||
int adminGithubId;
|
||||
|
||||
@Value("${user.token.expire}")
|
||||
private int tokenExpire;
|
||||
|
||||
@Autowired
|
||||
RedisUtil redisUtil;
|
||||
|
||||
|
||||
|
||||
@Autowired
|
||||
IGithubService githubService;
|
||||
|
||||
@ -59,16 +61,22 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
|
||||
String state = authenticationToken.getState();
|
||||
logger.info("Github 认证: code:{} state:{} Token:", code, state);
|
||||
Map<String, Object> userInfo_redis = new HashMap<>();
|
||||
|
||||
/*是否调试模式*/
|
||||
if (isDebug) {
|
||||
List<String> list = new ArrayList<>();
|
||||
list.add("admin");
|
||||
list.add("user");
|
||||
String[] l =list.toArray(new String[list.size()]);
|
||||
String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString());
|
||||
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken("debugName",
|
||||
"DebugAvatar", 19658189,token, AuthorityUtils.createAuthorityList("user"));
|
||||
"DebugAvatar", adminGithubId, token, "admin", AuthorityUtils.createAuthorityList(l));
|
||||
authenticationToken1.setDetails(authenticationToken);
|
||||
userInfo_redis.put("github_name", "debug");
|
||||
userInfo_redis.put("github_id", 19658189);
|
||||
userInfo_redis.put("github_id", adminGithubId);
|
||||
userInfo_redis.put("avatar_url", "https://www.baidu.com");
|
||||
redisUtil.hmset(token_ + token, userInfo_redis, 3600);
|
||||
userInfo_redis.put("authority", list);
|
||||
redisUtil.hmset(token_ + token, userInfo_redis, tokenExpire);
|
||||
return authenticationToken1;
|
||||
}
|
||||
if (!redisUtil.hasKey(states + state)) {
|
||||
@ -105,16 +113,24 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
|
||||
}
|
||||
|
||||
String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString());
|
||||
|
||||
/*配置角色,这里只是简单的配置,实际上需要从数据库中读取角色*/
|
||||
List<String> list = new ArrayList<>();
|
||||
list.add("user");
|
||||
if (adminGithubId == github.getGithubId()) {
|
||||
list.add("admin");
|
||||
}
|
||||
String[] Authority =list.toArray(new String[list.size()]);
|
||||
/*写token信息到redis*/
|
||||
userInfo_redis.put("github_name", github.getName());
|
||||
userInfo_redis.put("github_id", github.getGithubId());
|
||||
userInfo_redis.put("avatar_url", github.getAvatarUrl());
|
||||
redisUtil.hmset(token_ + token, userInfo_redis, 3600);
|
||||
userInfo_redis.put("authority", Authority);
|
||||
redisUtil.hmset(token_ + token, userInfo_redis, tokenExpire);
|
||||
|
||||
|
||||
// 创建一个已认证的token
|
||||
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(github.getName(),
|
||||
github.getAvatarUrl(), github.getGithubId(), token, AuthorityUtils.createAuthorityList("user"));
|
||||
github.getAvatarUrl(), github.getGithubId() , AuthorityUtils.createAuthorityList(Authority));
|
||||
|
||||
// 设置一些详细信息
|
||||
authenticationToken1.setDetails(authenticationToken);
|
||||
|
||||
@ -29,8 +29,11 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
||||
|
||||
private String Token;
|
||||
|
||||
private String Authority;
|
||||
|
||||
private int github_id;
|
||||
|
||||
|
||||
// 创建未认证的用户名密码认证对象
|
||||
public UsernamePasswordAuthenticationToken() {
|
||||
super(null);
|
||||
@ -64,15 +67,17 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
||||
}
|
||||
|
||||
// 创建已认证的用户密码认证对象
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, Collection<? extends GrantedAuthority> authorities) {
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, String Authority, Collection<? extends GrantedAuthority> authorities) {
|
||||
super(authorities);
|
||||
this.name = name;
|
||||
this.avatar_url = avatar_url;
|
||||
this.github_id = github_id;
|
||||
this.Token = token;
|
||||
this.Authority = Authority;
|
||||
super.setAuthenticated(true);
|
||||
}
|
||||
|
||||
|
||||
public String getToken() {
|
||||
return Token;
|
||||
}
|
||||
@ -132,4 +137,12 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
||||
public void setGithub_id(int github_id) {
|
||||
this.github_id = github_id;
|
||||
}
|
||||
|
||||
public String getAuthority() {
|
||||
return Authority;
|
||||
}
|
||||
|
||||
public void setAuthority(String authority) {
|
||||
Authority = authority;
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,16 +1,15 @@
|
||||
package io.qyi.e5.config.security.filter;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonObject;
|
||||
import com.google.gson.JsonParser;
|
||||
import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
|
||||
import io.qyi.e5.util.SpringUtil;
|
||||
import io.qyi.e5.util.redis.RedisUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
@ -18,7 +17,8 @@ import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
@ -29,25 +29,27 @@ import java.util.Map;
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-04-05 00:42
|
||||
**/
|
||||
@Slf4j
|
||||
public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
|
||||
String token = httpServletRequest.getHeader("token");
|
||||
if (token != null) {
|
||||
RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class);
|
||||
if (redisUtil.hasKey("token:" + token)) {
|
||||
Map<Object, Object> userInfo = redisUtil.hmget("token:" + token);
|
||||
RedisUtil RedisUtil = SpringUtil.getBean(RedisUtil.class);
|
||||
if (RedisUtil.hasKey("token:" + token)) {
|
||||
Map<Object, Object> userInfo = RedisUtil.hmget("token:" + token);
|
||||
// 将未认证的Authentication转换成自定义的用户认证Token
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken();
|
||||
List<String> list = (List<String>)userInfo.get("authority");
|
||||
String[] authority = list.toArray(new String[list.size()]);
|
||||
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(userInfo.get("github_name") == null ? "" : userInfo.get("github_name").toString(),
|
||||
userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), AuthorityUtils.createAuthorityList("user"));
|
||||
authenticationToken1.setDetails(authenticationToken);
|
||||
userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), AuthorityUtils.createAuthorityList(authority));
|
||||
SecurityContextHolder.getContext().setAuthentication(authenticationToken1);
|
||||
System.out.println("完成授权");
|
||||
log.info("完成授权,角色:{}" , Arrays.toString(authority) );
|
||||
}
|
||||
}
|
||||
System.out.println("--------------Token鉴权---------------");
|
||||
log.info("--------------Token鉴权---------------");
|
||||
/*设置跨域*/
|
||||
HttpServletResponse response = httpServletResponse;
|
||||
response.setHeader("Access-Control-Allow-Origin", "*");
|
||||
@ -57,18 +59,11 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, token");
|
||||
/*如果是OPTIONS则结束请求*/
|
||||
if (HttpMethod.OPTIONS.toString().equals(httpServletRequest.getMethod())) {
|
||||
log.debug("OPTIONS请求");
|
||||
response.setStatus(HttpStatus.NO_CONTENT.value());
|
||||
} else {
|
||||
filterChain.doFilter(httpServletRequest, response);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public void sendJson(HttpServletResponse httpServletResponse, Object o) throws IOException {
|
||||
Gson gson = new Gson();
|
||||
String s = gson.toJson(o);
|
||||
PrintWriter writer = httpServletResponse.getWriter();
|
||||
writer.write(s);
|
||||
writer.flush();
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,13 +1,9 @@
|
||||
package io.qyi.e5.service.rabbitMQ.impl;
|
||||
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.google.gson.Gson;
|
||||
import com.rabbitmq.client.Channel;
|
||||
import io.qyi.e5.outlook.entity.Outlook;
|
||||
import io.qyi.e5.outlook.service.IOutlookService;
|
||||
import io.qyi.e5.service.task.ITask;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.amqp.core.Message;
|
||||
@ -17,7 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Type;
|
||||
|
||||
/**
|
||||
* @program: msgpush
|
||||
@ -25,9 +20,9 @@ import java.lang.reflect.Type;
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-01-13 23:35
|
||||
**/
|
||||
@Slf4j
|
||||
@Service
|
||||
public class ListenerImpl {
|
||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
|
||||
@Autowired
|
||||
IOutlookService outlookService;
|
||||
@ -35,14 +30,17 @@ public class ListenerImpl {
|
||||
ITask Task;
|
||||
|
||||
@RabbitHandler
|
||||
@RabbitListener(queues = "delay_queue1", containerFactory = "rabbitListenerContainerFactory")
|
||||
@RabbitListener(queues = "delay_queue3", containerFactory = "rabbitListenerContainerFactory")
|
||||
public void listen(Message message, Channel channel) throws IOException {
|
||||
logger.info("消费者1开始处理消息: {},时间戳:{}" ,message,System.currentTimeMillis());
|
||||
log.info("消费者1开始处理消息: {},时间戳:{}" ,message,System.currentTimeMillis());
|
||||
System.out.println("消费者1开始处理消息:"+System.currentTimeMillis());
|
||||
int github_id = Integer.valueOf(new String(message.getBody()));
|
||||
Task.executeE5(github_id);
|
||||
boolean b = Task.executeE5(github_id);
|
||||
|
||||
channel.basicAck(message.getMessageProperties().getDeliveryTag(), true);
|
||||
/*再次进行添加任务*/
|
||||
Task.sendTaskOutlookMQ(github_id);
|
||||
if (b) {
|
||||
Task.sendTaskOutlookMQ(github_id);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -1,39 +0,0 @@
|
||||
package io.qyi.e5.service.security;
|
||||
|
||||
import io.qyi.e5.user.mapper.UserMapper;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
/**
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-02-26 21:38
|
||||
**/
|
||||
@Component
|
||||
public class SecurityUserService implements UserDetailsService {
|
||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
@Autowired
|
||||
private UserMapper userMapper;
|
||||
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
|
||||
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
|
||||
String encode = bCryptPasswordEncoder.encode("123");
|
||||
String encodePasswd = encode;
|
||||
logger.info("登录用户名: {} , 密码:{}",s,encodePasswd);
|
||||
UserDetails userDetails = new User(s, encode, AuthorityUtils.createAuthorityList("admin"));
|
||||
return userDetails;
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user