mirror of
https://github.com/luoye663/e5.git
synced 2024-12-25 11:18:50 +00:00
备份
This commit is contained in:
parent
a3b0e2a0e6
commit
c6233f66cf
21
pom.xml
21
pom.xml
@ -5,7 +5,7 @@
|
||||
<parent>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-parent</artifactId>
|
||||
<version>2.2.4.RELEASE</version>
|
||||
<version>2.3.1.RELEASE</version>
|
||||
<relativePath/> <!-- lookup parent from repository -->
|
||||
</parent>
|
||||
<groupId>io.qyi</groupId>
|
||||
@ -35,16 +35,23 @@
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<!-- log4j2 -->
|
||||
<!--排除自带的logging-->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-logging</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<!--log4j2-->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-log4j2</artifactId>
|
||||
</dependency>
|
||||
<!-- freemarker 模板引擎-->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-freemarker</artifactId>
|
||||
</dependency>
|
||||
<!--权限管理插件-->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
@ -22,12 +22,13 @@ import java.util.Map;
|
||||
public class RabbitMQConfig {
|
||||
@Value("")
|
||||
private String DirectQueueName;
|
||||
|
||||
/**
|
||||
* 处理死信队列的消费队列
|
||||
* */
|
||||
*/
|
||||
@Bean
|
||||
public Queue fanoutQueue1() {
|
||||
return new Queue("delay_queue1", true, false, false);
|
||||
return new Queue("delay_queue3", true, false, false);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -37,13 +38,14 @@ public class RabbitMQConfig {
|
||||
* HeadersExchange :通过添加属性key-value匹配
|
||||
* DirectExchange:按照routingkey分发到指定队列
|
||||
* TopicExchange:多关键字匹配
|
||||
*
|
||||
* @return
|
||||
*/
|
||||
@Bean
|
||||
public CustomExchange customExchangeDelay() {
|
||||
Map<String, Object> arg = new HashMap<>();
|
||||
arg.put("x-delayed-type", "direct");
|
||||
return new CustomExchange("delay","x-delayed-message",true, false,arg);
|
||||
return new CustomExchange("delay3", "x-delayed-message", true, false, arg);
|
||||
}
|
||||
|
||||
/*@Bean
|
||||
@ -54,7 +56,7 @@ public class RabbitMQConfig {
|
||||
//绑定 将队列和交换机绑定,
|
||||
@Bean
|
||||
public Binding bindingFanoutQueue1() {
|
||||
return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay").noargs();
|
||||
return BindingBuilder.bind(fanoutQueue1()).to(customExchangeDelay()).with("delay3").noargs();
|
||||
}
|
||||
|
||||
|
||||
|
@ -0,0 +1,65 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.security.access.AccessDecisionManager;
|
||||
import org.springframework.security.access.AccessDeniedException;
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.authentication.InsufficientAuthenticationException;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Iterator;
|
||||
|
||||
/**
|
||||
* 决策管理器
|
||||
*
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-06-15 16:11
|
||||
**/
|
||||
@Slf4j
|
||||
@Service
|
||||
public class MyAccessDecisionManager implements AccessDecisionManager {
|
||||
@Override
|
||||
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
|
||||
if (collection == null) {
|
||||
return;
|
||||
}
|
||||
System.out.println(o.toString()); // object is a URL.
|
||||
log.info("object is a URL. {}", o.toString());
|
||||
//所请求的资源拥有的权限(一个资源对多个权限)
|
||||
Iterator<ConfigAttribute> iterator = collection.iterator();
|
||||
while (iterator.hasNext()) {
|
||||
ConfigAttribute configAttribute = iterator.next();
|
||||
//访问所请求资源所需要的权限
|
||||
String needPermission = configAttribute.getAttribute();
|
||||
log.info("访问 " + o.toString() + " 需要的权限是:" + needPermission);
|
||||
if (needPermission == null) {
|
||||
break;
|
||||
}
|
||||
//用户所拥有的权限authentication
|
||||
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
|
||||
for (GrantedAuthority ga : authorities) {
|
||||
if (needPermission.equals(ga.getAuthority())) {
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
//没有权限
|
||||
throw new AccessDeniedException(" 无权限! ");
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(ConfigAttribute configAttribute) {
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(Class<?> aClass) {
|
||||
return true;
|
||||
}
|
||||
}
|
@ -0,0 +1,68 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import org.springframework.security.access.ConfigAttribute;
|
||||
import org.springframework.security.access.SecurityConfig;
|
||||
import org.springframework.security.web.FilterInvocation;
|
||||
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
|
||||
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.*;
|
||||
|
||||
/**
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-06-17 16:25
|
||||
**/
|
||||
@Service
|
||||
public class MyInvocationSecurityMetadataSourceService implements FilterInvocationSecurityMetadataSource {
|
||||
|
||||
private HashMap<String, Collection<ConfigAttribute>> map =null;
|
||||
/**
|
||||
* 加载权限表中所有权限
|
||||
*/
|
||||
public void loadResourceDefine(){
|
||||
map = new HashMap<>();
|
||||
Collection<ConfigAttribute> array;
|
||||
ConfigAttribute cfg;
|
||||
List<Map<String, String>> permissions = new LinkedList<>();
|
||||
for(Map<String, String> permission : permissions) {
|
||||
array = new ArrayList<>();
|
||||
cfg = new SecurityConfig("ADMIN");
|
||||
//此处只添加了用户的名字,其实还可以添加更多权限的信息,例如请求方法到ConfigAttribute的集合中去。此处添加的信息将会作为MyAccessDecisionManager类的decide的第三个参数。
|
||||
array.add(cfg);
|
||||
//用权限的getUrl() 作为map的key,用ConfigAttribute的集合作为 value,
|
||||
map.put("/admin/test", array);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
|
||||
if(map ==null) loadResourceDefine();
|
||||
//object 中包含用户请求的request 信息
|
||||
HttpServletRequest request = ((FilterInvocation) o).getHttpRequest();
|
||||
AntPathRequestMatcher matcher;
|
||||
String resUrl;
|
||||
for(Iterator<String> iter = map.keySet().iterator(); iter.hasNext(); ) {
|
||||
resUrl = iter.next();
|
||||
matcher = new AntPathRequestMatcher(resUrl);
|
||||
if(matcher.matches(request)) {
|
||||
return map.get(resUrl);
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public Collection<ConfigAttribute> getAllConfigAttributes() {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean supports(Class<?> aClass) {
|
||||
return false;
|
||||
}
|
||||
}
|
@ -25,7 +25,7 @@ import java.util.Map;
|
||||
* @create: 2019-12-27 08:57
|
||||
**/
|
||||
@Component
|
||||
public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler {
|
||||
public class SecurityAuthenticationHandler implements AuthenticationSuccessHandler, AuthenticationFailureHandler , LogoutSuccessHandler {
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
|
||||
UsernamePasswordAuthenticationToken at = (UsernamePasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
@ -35,6 +35,7 @@ public class SecurityAuthenticationHandler implements AuthenticationSuccessHandl
|
||||
Map<String, String> token = new HashMap<>();
|
||||
token.put("token", at.getToken());
|
||||
token.put("username", at.getName());
|
||||
token.put("authority", at.getAuthority());
|
||||
writer.write(gson.toJson(ResultUtil.success(token)) );
|
||||
writer.flush();
|
||||
}
|
||||
|
@ -1,14 +1,17 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
||||
import io.qyi.e5.service.security.SecurityUserService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.access.AccessDecisionManager;
|
||||
import org.springframework.security.config.annotation.ObjectPostProcessor;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
|
||||
/**
|
||||
@ -24,56 +27,58 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@Autowired
|
||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
||||
|
||||
@Autowired
|
||||
private SecurityUserService securityUserService;
|
||||
|
||||
@Autowired
|
||||
UsernamePasswordAuthenticationConfig usernamePasswordAuthenticationConfig;
|
||||
|
||||
@Autowired
|
||||
MyAccessDecisionManager myAccessDecisionManager;
|
||||
|
||||
@Autowired
|
||||
MyInvocationSecurityMetadataSourceService myInvocationSecurityMetadataSourceService;
|
||||
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
System.out.println("AuthenticationManagerBuilder auth");
|
||||
// auth.userDetailsService(securityUserService).passwordEncoder(new BCryptPasswordEncoder());
|
||||
// auth.inMemoryAuthentication().passwordEncoder(new BCryptPasswordEncoder())
|
||||
// .withUser("user").password(new BCryptPasswordEncoder().encode("123")).roles("user").and()
|
||||
// .withUser("admin").password(new BCryptPasswordEncoder().encode("admin")).roles("USER", "ADMIN");
|
||||
}
|
||||
|
||||
// 通过重载该方法,可配置如何通过拦截器保护请求。
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
System.out.println("HttpSecurity http");
|
||||
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
http.csrf().disable()
|
||||
.apply(usernamePasswordAuthenticationConfig);
|
||||
/* http.authorizeRequests()
|
||||
.withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
|
||||
@Override
|
||||
public <O extends FilterSecurityInterceptor> O postProcess(O o) {
|
||||
o.setSecurityMetadataSource(myInvocationSecurityMetadataSourceService);
|
||||
o.setAccessDecisionManager(myAccessDecisionManager);
|
||||
return o;
|
||||
}
|
||||
});*/
|
||||
/*关闭创建session*/
|
||||
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证
|
||||
// .and()
|
||||
// .authorizeRequests().antMatchers("/quartz/**").permitAll()//测试
|
||||
.anyRequest()// 任何请求
|
||||
.authenticated();// 都需要身份认证
|
||||
|
||||
|
||||
// http.authorizeRequests().antMatchers("/user/login", "/user/loginFrom", "/auth2/getGithubUrl").permitAll()// 指定相应的请求 不需要验证
|
||||
// .accessDecisionManager(myAccessDecisionManager)
|
||||
http.authorizeRequests().anyRequest().authenticated().withObjectPostProcessor(filterSecurityInterceptorObjectPostProcessor());
|
||||
http.addFilterBefore(new LinkTokenAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
|
||||
/*自定义*/
|
||||
http.csrf().disable().apply(usernamePasswordAuthenticationConfig);
|
||||
//自定义过滤器
|
||||
}
|
||||
/**
|
||||
* 自定义 FilterSecurityInterceptor ObjectPostProcessor 以替换默认配置达到动态权限的目的
|
||||
* @return ObjectPostProcessor
|
||||
*/
|
||||
private ObjectPostProcessor<FilterSecurityInterceptor> filterSecurityInterceptorObjectPostProcessor() {
|
||||
return new ObjectPostProcessor<FilterSecurityInterceptor>() {
|
||||
@Override
|
||||
public <O extends FilterSecurityInterceptor> O postProcess(O object) {
|
||||
object.setAccessDecisionManager(myAccessDecisionManager);
|
||||
object.setSecurityMetadataSource(myInvocationSecurityMetadataSourceService);
|
||||
return object;
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
/*@Bean
|
||||
public LinkTokenAuthenticationFilter linkTokenAuthenticationFilter (){
|
||||
return new LinkTokenAuthenticationFilter();
|
||||
}*/
|
||||
|
||||
/*@Bean
|
||||
public AccessDeniedHandler getAccessDeniedHandler() {
|
||||
return new RestAuthenticationAccessDeniedHandler();
|
||||
}*/
|
||||
|
||||
/* @Override
|
||||
public void configure(WebSecurity web) {
|
||||
System.out.println("WebSecurity web");
|
||||
String antPatterns = "/pdfjs-2.1.266/**,/favicon.ico,/css/**,/js/**,/ico/**,/images/**,/jquery-1.12.4/**,/uuid-1.4/**,/layui-2.4.5/**,/jquery-easyui-1.6.11/**,/zTree-3.5.33/**,/select2-4.0.5/**,/greensock-js-1.20.5/**";
|
||||
web.ignoring().antMatchers(antPatterns.split(","));
|
||||
}*/
|
||||
|
||||
}
|
||||
|
@ -1,12 +1,15 @@
|
||||
package io.qyi.e5.config.security;
|
||||
|
||||
import io.qyi.e5.config.security.filter.LinkTokenAuthenticationFilter;
|
||||
import io.qyi.e5.config.security.filter.LoginAuthenticationFilter;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.web.DefaultSecurityFilterChain;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
import org.springframework.stereotype.Component;
|
||||
@ -25,10 +28,12 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap
|
||||
@Autowired
|
||||
SecurityAuthenticationHandler securityAuthenticationHandler;
|
||||
|
||||
|
||||
@Override
|
||||
public void configure(HttpSecurity http) throws Exception {
|
||||
LoginAuthenticationFilter authenticationFilter = new LoginAuthenticationFilter();
|
||||
|
||||
|
||||
logger.info("自定义用户认证处理逻辑");
|
||||
// 自定义用户认证处理逻辑时,需要指定AuthenticationManager,否则无法认证
|
||||
authenticationFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
|
||||
@ -36,12 +41,11 @@ public class UsernamePasswordAuthenticationConfig extends SecurityConfigurerAdap
|
||||
// 指定自定义的认证成功和失败的处理器
|
||||
authenticationFilter.setAuthenticationSuccessHandler(securityAuthenticationHandler);
|
||||
authenticationFilter.setAuthenticationFailureHandler(securityAuthenticationHandler);
|
||||
|
||||
// 把自定义的用户名密码认证过滤器和处理器添加到UsernamePasswordAuthenticationFilter过滤器之前
|
||||
http.authenticationProvider(usernamePasswordAuthenticationProvider)
|
||||
.addFilterBefore(authenticationFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
@ -41,11 +41,13 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
|
||||
@Value("${isdebug}")
|
||||
boolean isDebug;
|
||||
|
||||
@Value("${user.admin.githubId}")
|
||||
int adminGithubId;
|
||||
|
||||
@Autowired
|
||||
RedisUtil redisUtil;
|
||||
|
||||
|
||||
|
||||
@Autowired
|
||||
IGithubService githubService;
|
||||
|
||||
@ -59,15 +61,17 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
|
||||
String state = authenticationToken.getState();
|
||||
logger.info("Github 认证: code:{} state:{} Token:", code, state);
|
||||
Map<String, Object> userInfo_redis = new HashMap<>();
|
||||
|
||||
/*是否调试模式*/
|
||||
if (isDebug) {
|
||||
String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString());
|
||||
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken("debugName",
|
||||
"DebugAvatar", 19658189,token, AuthorityUtils.createAuthorityList("user"));
|
||||
"DebugAvatar", adminGithubId, token, "ADMIN", AuthorityUtils.createAuthorityList("ROLE_ADMIN1"));
|
||||
authenticationToken1.setDetails(authenticationToken);
|
||||
userInfo_redis.put("github_name", "debug");
|
||||
userInfo_redis.put("github_id", 19658189);
|
||||
userInfo_redis.put("github_id", adminGithubId);
|
||||
userInfo_redis.put("avatar_url", "https://www.baidu.com");
|
||||
userInfo_redis.put("authority","ROLE_ADMIN1");
|
||||
redisUtil.hmset(token_ + token, userInfo_redis, 3600);
|
||||
return authenticationToken1;
|
||||
}
|
||||
@ -105,16 +109,23 @@ public class UsernamePasswordAuthenticationProvider implements AuthenticationPro
|
||||
}
|
||||
|
||||
String token = EncryptUtil.getInstance().SHA1Hex(UUID.randomUUID().toString());
|
||||
/*配置角色*/
|
||||
String Authority = "ROLE_user";
|
||||
if (adminGithubId == github.getGithubId()) {
|
||||
Authority = "ROLE_admin";
|
||||
}
|
||||
|
||||
/*写token信息到redis*/
|
||||
userInfo_redis.put("github_name", github.getName());
|
||||
userInfo_redis.put("github_id", github.getGithubId());
|
||||
userInfo_redis.put("avatar_url", github.getAvatarUrl());
|
||||
userInfo_redis.put("authority",Authority);
|
||||
redisUtil.hmset(token_ + token, userInfo_redis, 3600);
|
||||
|
||||
|
||||
// 创建一个已认证的token
|
||||
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(github.getName(),
|
||||
github.getAvatarUrl(), github.getGithubId(), token, AuthorityUtils.createAuthorityList("user"));
|
||||
github.getAvatarUrl(), github.getGithubId(), token, Authority, AuthorityUtils.createAuthorityList(Authority));
|
||||
|
||||
// 设置一些详细信息
|
||||
authenticationToken1.setDetails(authenticationToken);
|
||||
|
@ -29,6 +29,8 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
||||
|
||||
private String Token;
|
||||
|
||||
private String Authority;
|
||||
|
||||
private int github_id;
|
||||
|
||||
// 创建未认证的用户名密码认证对象
|
||||
@ -55,21 +57,23 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
||||
|
||||
|
||||
// 创建已认证的用户密码认证对象
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, Collection<? extends GrantedAuthority> authorities) {
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id,String Authority, Collection<? extends GrantedAuthority> authorities) {
|
||||
super(authorities);
|
||||
this.name = name;
|
||||
this.avatar_url = avatar_url;
|
||||
this.github_id = github_id;
|
||||
this.Authority = Authority;
|
||||
super.setAuthenticated(true);
|
||||
}
|
||||
|
||||
// 创建已认证的用户密码认证对象
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, Collection<? extends GrantedAuthority> authorities) {
|
||||
public UsernamePasswordAuthenticationToken(String name, String avatar_url, int github_id, String token, String Authority, Collection<? extends GrantedAuthority> authorities) {
|
||||
super(authorities);
|
||||
this.name = name;
|
||||
this.avatar_url = avatar_url;
|
||||
this.github_id = github_id;
|
||||
this.Token = token;
|
||||
this.Authority = Authority;
|
||||
super.setAuthenticated(true);
|
||||
}
|
||||
|
||||
@ -132,4 +136,12 @@ public class UsernamePasswordAuthenticationToken extends AbstractAuthenticationT
|
||||
public void setGithub_id(int github_id) {
|
||||
this.github_id = github_id;
|
||||
}
|
||||
|
||||
public String getAuthority() {
|
||||
return Authority;
|
||||
}
|
||||
|
||||
public void setAuthority(String authority) {
|
||||
Authority = authority;
|
||||
}
|
||||
}
|
||||
|
@ -1,16 +1,14 @@
|
||||
package io.qyi.e5.config.security.filter;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonObject;
|
||||
import com.google.gson.JsonParser;
|
||||
import io.qyi.e5.config.security.UsernamePasswordAuthenticationToken;
|
||||
import io.qyi.e5.util.SpringUtil;
|
||||
import io.qyi.e5.util.redis.RedisUtil;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
@ -18,7 +16,6 @@ import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
@ -31,20 +28,19 @@ import java.util.Map;
|
||||
**/
|
||||
public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
|
||||
String token = httpServletRequest.getHeader("token");
|
||||
if (token != null) {
|
||||
RedisUtil redisUtil = SpringUtil.getBean(RedisUtil.class);
|
||||
if (redisUtil.hasKey("token:" + token)) {
|
||||
Map<Object, Object> userInfo = redisUtil.hmget("token:" + token);
|
||||
RedisUtil RedisUtil = SpringUtil.getBean(RedisUtil.class);
|
||||
if (RedisUtil.hasKey("token:" + token)) {
|
||||
Map<Object, Object> userInfo = RedisUtil.hmget("token:" + token);
|
||||
// 将未认证的Authentication转换成自定义的用户认证Token
|
||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken();
|
||||
UsernamePasswordAuthenticationToken authenticationToken1 = new UsernamePasswordAuthenticationToken(userInfo.get("github_name") == null ? "" : userInfo.get("github_name").toString(),
|
||||
userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), AuthorityUtils.createAuthorityList("user"));
|
||||
authenticationToken1.setDetails(authenticationToken);
|
||||
userInfo.get("avatar_url").toString(), (int) userInfo.get("github_id"), userInfo.get("authority").toString(), AuthorityUtils.createAuthorityList("user"));
|
||||
SecurityContextHolder.getContext().setAuthentication(authenticationToken1);
|
||||
System.out.println("完成授权");
|
||||
System.out.println("完成授权,角色:" + userInfo.get("authority").toString());
|
||||
}
|
||||
}
|
||||
System.out.println("--------------Token鉴权---------------");
|
||||
@ -63,12 +59,4 @@ public class LinkTokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public void sendJson(HttpServletResponse httpServletResponse, Object o) throws IOException {
|
||||
Gson gson = new Gson();
|
||||
String s = gson.toJson(o);
|
||||
PrintWriter writer = httpServletResponse.getWriter();
|
||||
writer.write(s);
|
||||
writer.flush();
|
||||
}
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
package io.qyi.e5.controller;
|
||||
package io.qyi.e5.controller.admin;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.google.gson.Gson;
|
||||
@ -10,8 +10,12 @@ import org.springframework.amqp.core.MessageProperties;
|
||||
import org.springframework.amqp.rabbit.connection.CorrelationData;
|
||||
import org.springframework.amqp.rabbit.core.RabbitTemplate;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.annotation.Secured;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.UUID;
|
||||
@ -22,8 +26,8 @@ import java.util.UUID;
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-03-16 01:01
|
||||
**/
|
||||
@Controller
|
||||
@RestController
|
||||
@RequestMapping("/admin")
|
||||
public class TestController {
|
||||
@Autowired
|
||||
RabbitTemplate rabbitTemplate;
|
||||
@ -53,6 +57,12 @@ public class TestController {
|
||||
return "ok";
|
||||
}
|
||||
|
||||
@GetMapping("/test")
|
||||
@PreAuthorize("hasRole('ROLE_ADMIN')")
|
||||
public String test() {
|
||||
return "ok";
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
@ -1,11 +1,6 @@
|
||||
package io.qyi.e5.service.rabbitMQ.impl;
|
||||
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.google.gson.Gson;
|
||||
import com.rabbitmq.client.Channel;
|
||||
import io.qyi.e5.outlook.entity.Outlook;
|
||||
import io.qyi.e5.outlook.service.IOutlookService;
|
||||
import io.qyi.e5.service.task.ITask;
|
||||
import org.slf4j.Logger;
|
||||
@ -17,7 +12,6 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.lang.reflect.Type;
|
||||
|
||||
/**
|
||||
* @program: msgpush
|
||||
@ -35,7 +29,7 @@ public class ListenerImpl {
|
||||
ITask Task;
|
||||
|
||||
@RabbitHandler
|
||||
@RabbitListener(queues = "delay_queue1", containerFactory = "rabbitListenerContainerFactory")
|
||||
@RabbitListener(queues = "delay_queue3", containerFactory = "rabbitListenerContainerFactory")
|
||||
public void listen(Message message, Channel channel) throws IOException {
|
||||
logger.info("消费者1开始处理消息: {},时间戳:{}" ,message,System.currentTimeMillis());
|
||||
System.out.println("消费者1开始处理消息:"+System.currentTimeMillis());
|
||||
|
@ -1,39 +0,0 @@
|
||||
package io.qyi.e5.service.security;
|
||||
|
||||
import io.qyi.e5.user.mapper.UserMapper;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.authority.AuthorityUtils;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.factory.PasswordEncoderFactories;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
/**
|
||||
* @program: e5
|
||||
* @description:
|
||||
* @author: 落叶随风
|
||||
* @create: 2020-02-26 21:38
|
||||
**/
|
||||
@Component
|
||||
public class SecurityUserService implements UserDetailsService {
|
||||
private final Logger logger = LoggerFactory.getLogger(this.getClass());
|
||||
@Autowired
|
||||
private UserMapper userMapper;
|
||||
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
|
||||
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
|
||||
String encode = bCryptPasswordEncoder.encode("123");
|
||||
String encodePasswd = encode;
|
||||
logger.info("登录用户名: {} , 密码:{}",s,encodePasswd);
|
||||
UserDetails userDetails = new User(s, encode, AuthorityUtils.createAuthorityList("admin"));
|
||||
return userDetails;
|
||||
}
|
||||
}
|
@ -4,7 +4,7 @@
|
||||
<!--Configuration后面的status,这个用于设置log4j2自身内部的信息输出,可以不设置,
|
||||
当设置成trace时,会看到log4j2内部各种详细输出-->
|
||||
<!--monitorInterval:Log4j能够自动检测修改配置 文件和重新配置本身,设置间隔秒数-->
|
||||
<configuration status="DEBUG" monitorInterval="5">
|
||||
<configuration status="INFO" monitorInterval="5">
|
||||
<Properties>
|
||||
<!-- 日志模板 -->
|
||||
<Property name="log_pattern" value="[%d{HH:mm:ss:SSS}] [%p] - %l - %m%n"/>
|
||||
|
Loading…
Reference in New Issue
Block a user