mirror of
https://github.com/luoye663/e5.git
synced 2024-12-25 11:18:50 +00:00
遗留问题,无法登录
This commit is contained in:
parent
62886be7c2
commit
96786ec566
@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.toolkit.StringUtils;
|
||||
import com.fasterxml.jackson.core.JsonGenerator;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import io.qyi.e5.util.ResultUtil;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.aspectj.lang.JoinPoint;
|
||||
import org.aspectj.lang.annotation.AfterThrowing;
|
||||
import org.aspectj.lang.annotation.Aspect;
|
||||
@ -26,6 +27,7 @@ import java.io.PrintWriter;
|
||||
**/
|
||||
@Aspect
|
||||
@Component
|
||||
@Slf4j
|
||||
public class WebExceptionAspect {
|
||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
|
||||
@ -58,6 +60,11 @@ public class WebExceptionAspect {
|
||||
* @param content 输出内容
|
||||
*/
|
||||
public static void writeContent(Integer code, String content, long time) {
|
||||
if (RequestContextHolder.getRequestAttributes()==null) {
|
||||
log.error("writeContent 异常!");
|
||||
return;
|
||||
}
|
||||
|
||||
HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
|
||||
.getResponse();
|
||||
response.setCharacterEncoding("UTF-8");
|
||||
|
@ -1,11 +1,17 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
||||
import io.qyi.e5.config.security.filter.LoginAuthenticationFilter;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
@ -20,42 +26,59 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
|
||||
**/
|
||||
@Configuration
|
||||
@EnableWebSecurity //开启wen安全功能
|
||||
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||
@Slf4j
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
@Autowired
|
||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
||||
|
||||
|
||||
@Autowired
|
||||
UsernamePasswordAuthenticationConfig usernamePasswordAuthenticationConfig;
|
||||
|
||||
UsernamePasswordAuthenticationProvider usernamePasswordAuthenticationProvider;
|
||||
@Autowired
|
||||
UrlAccessDecisionManager myAccessDecisionManager;
|
||||
|
||||
@Autowired
|
||||
UrlInvocationSecurityMetadataSourceService myInvocationSecurityMetadataSourceService;
|
||||
|
||||
@Value("${web.static.filtrate}")
|
||||
String[] webFiltrate;
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
System.out.println("AuthenticationManagerBuilder auth");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void configure(WebSecurity web) throws Exception {
|
||||
// super.configure(web);
|
||||
/*放行静态资源*/
|
||||
web.ignoring().antMatchers(webFiltrate);
|
||||
}
|
||||
|
||||
// 通过重载该方法,可配置如何通过拦截器保护请求。
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
System.out.println("HttpSecurity http");
|
||||
/*自定义*/
|
||||
http.csrf().disable();
|
||||
LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter();
|
||||
|
||||
log.info("自定义用户认证处理逻辑");
|
||||
// 自定义用户认证处理逻辑时,需要指定AuthenticationManager,否则无法认证
|
||||
authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
|
||||
|
||||
// 指定自定义的认证成功和失败的处理器
|
||||
authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler);
|
||||
authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler);
|
||||
|
||||
// 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前
|
||||
http.authenticationProvider(usernamePasswordAuthenticationProvider).addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
http.authorizeRequests().anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor());
|
||||
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
/*关闭创建session*/
|
||||
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
// http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证
|
||||
// .accessDecisionManager(myAccessDecisionManager)
|
||||
http.authorizeRequests().
|
||||
anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor());
|
||||
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
/*自定义*/
|
||||
http.csrf().disable().apply(usernamePasswordAuthenticationConfig);
|
||||
//自定义过滤器
|
||||
}
|
||||
|
||||
/**
|
||||
* 自定义 FilterSecurityInterceptor ObjectPostProcessor 以替换默认配置达到动态权限的目的
|
||||
* @return ObjectPostProcessor
|
||||
|
@ -1,51 +0,0 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
||||
import io.qyi.e5.config.security.filter.LoginAuthenticationFilter;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-02-28 16:24
|
||||
**/
|
||||
@Component
|
||||
public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
|
||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
@Autowired
|
||||
UsernamePasswordAuthenticationProvider usernamePasswordAuthenticationProvider;
|
||||
@Autowired
|
||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
||||
|
||||
|
||||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter();
|
||||
|
||||
|
||||
logger.info("自定义用户认证处理逻辑");
|
||||
// 自定义用户认证处理逻辑时,需要指定AuthenticationManager,否则无法认证
|
||||
authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
|
||||
|
||||
// 指定自定义的认证成功和失败的处理器
|
||||
authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler);
|
||||
authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler);
|
||||
// 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前
|
||||
http.authenticationProvider(usernamePasswordAuthenticationProvider)
|
||||
.addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
|
||||
}
|
||||
|
||||
}
|
@ -52,7 +52,7 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
log.info("--------------Token鉴权---------------");
|
||||
/*设置跨域*/
|
||||
HttpServletResponse response = httpServletResponse;
|
||||
response.setHeader("Access-Control-Allow-Origin", "*");
|
||||
response.setHeader("Access-Control-Allow-Origin", "e5.qyi.io");
|
||||
response.setHeader("Access-Control-Allow-Credentials", "true");
|
||||
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST");
|
||||
response.setHeader("Access-Control-Max-Age", "3600");
|
||||
|
@ -1,6 +1,7 @@
|
||||
package io.qyi.e5.config.security.filter;
|
||||
|
||||
import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||
@ -23,6 +24,7 @@ import java.io.IOException;
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-02-28 11:56
|
||||
**/
|
||||
@Slf4j
|
||||
public class LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
|
||||
protected LoginAuthenticationFilter(String defaultFilterProcessesUrl) {
|
||||
super(defaultFilterProcessesUrl);
|
||||
@ -34,6 +36,7 @@ public class LoginAuthenticationFilter extends AbstractAuthenticationProcessingF
|
||||
|
||||
public LoginAuthenticationFilter() {
|
||||
super(new AntPathRequestMatcher("/auth2/receive", "GET"));
|
||||
log.info("注册 LoginAuthenticationFilter");
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user