mirror of
https://github.com/luoye663/e5.git
synced 2025-01-13 14:31:31 +00:00
遗留问题,无法登录
This commit is contained in:
parent
62886be7c2
commit
96786ec566
@ -4,6 +4,7 @@ import com.baomidou.mybatisplus.core.toolkit.StringUtils;
|
|||||||
import com.fasterxml.jackson.core.JsonGenerator;
|
import com.fasterxml.jackson.core.JsonGenerator;
|
||||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||||
import io.qyi.e5.util.ResultUtil;
|
import io.qyi.e5.util.ResultUtil;
|
||||||
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.aspectj.lang.JoinPoint;
|
import org.aspectj.lang.JoinPoint;
|
||||||
import org.aspectj.lang.annotation.AfterThrowing;
|
import org.aspectj.lang.annotation.AfterThrowing;
|
||||||
import org.aspectj.lang.annotation.Aspect;
|
import org.aspectj.lang.annotation.Aspect;
|
||||||
@ -26,6 +27,7 @@ import java.io.PrintWriter;
|
|||||||
**/
|
**/
|
||||||
@Aspect
|
@Aspect
|
||||||
@Component
|
@Component
|
||||||
|
@Slf4j
|
||||||
public class WebExceptionAspect {
|
public class WebExceptionAspect {
|
||||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||||
|
|
||||||
@ -58,6 +60,11 @@ public class WebExceptionAspect {
|
|||||||
* @param content 输出内容
|
* @param content 输出内容
|
||||||
*/
|
*/
|
||||||
public static void writeContent(Integer code, String content, long time) {
|
public static void writeContent(Integer code, String content, long time) {
|
||||||
|
if (RequestContextHolder.getRequestAttributes()==null) {
|
||||||
|
log.error("writeContent 异常!");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
|
HttpServletResponse response = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes())
|
||||||
.getResponse();
|
.getResponse();
|
||||||
response.setCharacterEncoding("UTF-8");
|
response.setCharacterEncoding("UTF-8");
|
||||||
|
@ -1,11 +1,17 @@
|
|||||||
package io.qyi.e5.config.security;
|
package io.qyi.e5.config.security;
|
||||||
|
|
||||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
||||||
|
import io.qyi.e5.config.security.filter.LoginAuthenticationFilter;
|
||||||
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
|
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
|
import org.springframework.security.config.annotation.web.builders.WebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
@ -20,42 +26,59 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
|
|||||||
**/
|
**/
|
||||||
@Configuration
|
@Configuration
|
||||||
@EnableWebSecurity //开启wen安全功能
|
@EnableWebSecurity //开启wen安全功能
|
||||||
|
@EnableGlobalMethodSecurity(prePostEnabled = true)
|
||||||
|
@Slf4j
|
||||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
SecurityAuthenticationHandler securityAuthenticationHandler;
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
UsernamePasswordAuthenticationConfig usernamePasswordAuthenticationConfig;
|
UsernamePasswordAuthenticationProvider usernamePasswordAuthenticationProvider;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
UrlAccessDecisionManager myAccessDecisionManager;
|
UrlAccessDecisionManager myAccessDecisionManager;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
UrlInvocationSecurityMetadataSourceService myInvocationSecurityMetadataSourceService;
|
UrlInvocationSecurityMetadataSourceService myInvocationSecurityMetadataSourceService;
|
||||||
|
|
||||||
|
@Value("${web.static.filtrate}")
|
||||||
|
String[] webFiltrate;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||||
System.out.println("AuthenticationManagerBuilder auth");
|
System.out.println("AuthenticationManagerBuilder auth");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Override
|
||||||
|
public void configure(WebSecurity web) throws Exception {
|
||||||
|
// super.configure(web);
|
||||||
|
/*放行静态资源*/
|
||||||
|
web.ignoring().antMatchers(webFiltrate);
|
||||||
|
}
|
||||||
|
|
||||||
// 通过重载该方法,可配置如何通过拦截器保护请求。
|
// 通过重载该方法,可配置如何通过拦截器保护请求。
|
||||||
@Override
|
@Override
|
||||||
protected void configure(HttpSecurity http) throws Exception {
|
protected void configure(HttpSecurity http) throws Exception {
|
||||||
System.out.println("HttpSecurity http");
|
System.out.println("HttpSecurity http");
|
||||||
|
/*自定义*/
|
||||||
|
http.csrf().disable();
|
||||||
|
LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter();
|
||||||
|
|
||||||
|
log.info("自定义用户认证处理逻辑");
|
||||||
|
// 自定义用户认证处理逻辑时,需要指定AuthenticationManager,否则无法认证
|
||||||
|
authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
|
||||||
|
|
||||||
|
// 指定自定义的认证成功和失败的处理器
|
||||||
|
authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler);
|
||||||
|
authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler);
|
||||||
|
|
||||||
|
// 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前
|
||||||
|
http.authenticationProvider(usernamePasswordAuthenticationProvider).addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||||
|
http.authorizeRequests().anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor());
|
||||||
|
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||||
|
|
||||||
/*关闭创建session*/
|
/*关闭创建session*/
|
||||||
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||||
// http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证
|
|
||||||
// .accessDecisionManager(myAccessDecisionManager)
|
|
||||||
http.authorizeRequests().
|
|
||||||
anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor());
|
|
||||||
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
|
||||||
/*自定义*/
|
|
||||||
http.csrf().disable().apply(usernamePasswordAuthenticationConfig);
|
|
||||||
//自定义过滤器
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 自定义 FilterSecurityInterceptor ObjectPostProcessor 以替换默认配置达到动态权限的目的
|
* 自定义 FilterSecurityInterceptor ObjectPostProcessor 以替换默认配置达到动态权限的目的
|
||||||
* @return ObjectPostProcessor
|
* @return ObjectPostProcessor
|
||||||
|
@ -1,51 +0,0 @@
|
|||||||
package io.qyi.e5.config.security;
|
|
||||||
|
|
||||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
|
||||||
import io.qyi.e5.config.security.filter.LoginAuthenticationFilter;
|
|
||||||
import org.slf4j.Logger;
|
|
||||||
import org.slf4j.LoggerFactory;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
|
||||||
import org.springframework.context.annotation.Bean;
|
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
|
||||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
|
||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
|
||||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
|
||||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
|
||||||
import org.springframework.stereotype.Component;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* @program: e5
|
|
||||||
* @description:
|
|
||||||
* @author: 落叶随风
|
|
||||||
* @create: 2020-02-28 16:24
|
|
||||||
**/
|
|
||||||
@Component
|
|
||||||
public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
|
|
||||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
|
||||||
@Autowired
|
|
||||||
UsernamePasswordAuthenticationProvider usernamePasswordAuthenticationProvider;
|
|
||||||
@Autowired
|
|
||||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public void configure(HttpSecurity http) throws Exception {
|
|
||||||
LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter();
|
|
||||||
|
|
||||||
|
|
||||||
logger.info("自定义用户认证处理逻辑");
|
|
||||||
// 自定义用户认证处理逻辑时,需要指定AuthenticationManager,否则无法认证
|
|
||||||
authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
|
|
||||||
|
|
||||||
// 指定自定义的认证成功和失败的处理器
|
|
||||||
authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler);
|
|
||||||
authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler);
|
|
||||||
// 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前
|
|
||||||
http.authenticationProvider(usernamePasswordAuthenticationProvider)
|
|
||||||
.addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
|
||||||
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
@ -52,7 +52,7 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
|
|||||||
log.info("--------------Token鉴权---------------");
|
log.info("--------------Token鉴权---------------");
|
||||||
/*设置跨域*/
|
/*设置跨域*/
|
||||||
HttpServletResponse response = httpServletResponse;
|
HttpServletResponse response = httpServletResponse;
|
||||||
response.setHeader("Access-Control-Allow-Origin", "*");
|
response.setHeader("Access-Control-Allow-Origin", "e5.qyi.io");
|
||||||
response.setHeader("Access-Control-Allow-Credentials", "true");
|
response.setHeader("Access-Control-Allow-Credentials", "true");
|
||||||
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST");
|
response.setHeader("Access-Control-Allow-Methods", "GET, HEAD, POST");
|
||||||
response.setHeader("Access-Control-Max-Age", "3600");
|
response.setHeader("Access-Control-Max-Age", "3600");
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
package io.qyi.e5.config.security.filter;
|
package io.qyi.e5.config.security.filter;
|
||||||
|
|
||||||
import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
|
import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
|
||||||
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.http.HttpMethod;
|
import org.springframework.http.HttpMethod;
|
||||||
import org.springframework.security.authentication.AuthenticationServiceException;
|
import org.springframework.security.authentication.AuthenticationServiceException;
|
||||||
@ -23,6 +24,7 @@ import java.io.IOException;
|
|||||||
* @author: 落叶随风
|
* @author: 落叶随风
|
||||||
* @create: 2020-02-28 11:56
|
* @create: 2020-02-28 11:56
|
||||||
**/
|
**/
|
||||||
|
@Slf4j
|
||||||
public class LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
|
public class LoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
|
||||||
protected LoginAuthenticationFilter(String defaultFilterProcessesUrl) {
|
protected LoginAuthenticationFilter(String defaultFilterProcessesUrl) {
|
||||||
super(defaultFilterProcessesUrl);
|
super(defaultFilterProcessesUrl);
|
||||||
@ -34,6 +36,7 @@ public class LoginAuthenticationFilter extends AbstractAuthenticationProcessingF
|
|||||||
|
|
||||||
public LoginAuthenticationFilter() {
|
public LoginAuthenticationFilter() {
|
||||||
super(new AntPathRequestMatcher("/auth2/receive", "GET"));
|
super(new AntPathRequestMatcher("/auth2/receive", "GET"));
|
||||||
|
log.info("注册 LoginAuthenticationFilter");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user