diff --git a/common/common-utils/src/main/java/cn/bunny/common/constant/SecurityConstant.java b/common/common-utils/src/main/java/cn/bunny/common/constant/SecurityConstant.java new file mode 100644 index 0000000..f19be58 --- /dev/null +++ b/common/common-utils/src/main/java/cn/bunny/common/constant/SecurityConstant.java @@ -0,0 +1,14 @@ +package cn.bunny.common.constant; + +import lombok.Data; +import org.springframework.context.annotation.Configuration; + +import java.util.Arrays; +import java.util.List; + +@Configuration +@Data +public class SecurityConstant { + public static String[] annotations = {"/", "/test/**", "/diagram-viewer/**", "/editor-app/**", "/*.html", "/admin/system/index/login", "/favicon.ico", "/swagger-resources/**", "/webjars/**", "/v3/**", "/swagger-ui.html/**", "/doc.html"}; + public static List annotationsList = Arrays.asList(annotations); +} diff --git a/common/common-utils/src/main/java/cn/bunny/common/result/Result.java b/common/common-utils/src/main/java/cn/bunny/common/result/Result.java index 54896bb..2b0bcd7 100644 --- a/common/common-utils/src/main/java/cn/bunny/common/result/Result.java +++ b/common/common-utils/src/main/java/cn/bunny/common/result/Result.java @@ -24,9 +24,7 @@ public class Result { */ protected static Result build(T data) { Result result = new Result<>(); - if (data != null) { - result.setData(data); - } + result.setData(data); return result; } @@ -56,6 +54,7 @@ public class Result { Result result = build(body); result.setCode(code); result.setMessage(message); + result.setData(null); return result; } diff --git a/common/spring-security/src/main/java/cn/bunny/security/config/WebSecurityConfig.java b/common/spring-security/src/main/java/cn/bunny/security/config/WebSecurityConfig.java index d589e84..33bc879 100644 --- a/common/spring-security/src/main/java/cn/bunny/security/config/WebSecurityConfig.java +++ b/common/spring-security/src/main/java/cn/bunny/security/config/WebSecurityConfig.java @@ -1,46 +1,46 @@ package cn.bunny.security.config; +import cn.bunny.common.constant.SecurityConstant; import cn.bunny.security.custom.CustomPasswordEncoder; import cn.bunny.security.filter.TokenAuthenticationFilter; +import cn.bunny.security.filter.TokenLoginFilter; import cn.bunny.security.handelr.SecurityAccessDeniedHandler; import cn.bunny.security.handelr.SecurityAuthenticationEntryPoint; -import cn.bunny.security.service.MyUserDetailsService; -import org.jetbrains.annotations.NotNull; +import cn.bunny.security.service.CustomAuthorizationManagerService; +import cn.bunny.security.service.CustomUserDetailsService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.redis.core.RedisTemplate; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.authentication.AuthenticationProvider; -import org.springframework.security.authentication.dao.DaoAuthenticationProvider; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; -import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.session.SessionRegistry; import org.springframework.security.core.session.SessionRegistryImpl; import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.security.web.util.matcher.RegexRequestMatcher; @Configuration @EnableWebSecurity @EnableMethodSecurity public class WebSecurityConfig { + @Autowired + AuthenticationConfiguration authenticationConfiguration; @Autowired private RedisTemplate redisTemplate; @Autowired - private MyUserDetailsService myUserDetailsService; + private CustomUserDetailsService customUserDetailsService; @Autowired private CustomPasswordEncoder customPasswordEncoder; + @Autowired + private CustomAuthorizationManagerService customAuthorizationManager; @Bean public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception { - httpSecurity.authorizeHttpRequests(authorize -> { - authorize.requestMatchers("/", "/test/**", "/diagram-viewer/**", "/editor-app/**", "/*.html", "/admin/system/index/login", - "/favicon.ico", "/swagger-resources/**", "/webjars/**", "/v3/**", "/swagger-ui.html/**", "/doc.html").permitAll().anyRequest().authenticated(); - }) + httpSecurity // 前端段分离不需要---禁用明文验证 .httpBasic(AbstractHttpConfigurer::disable) // 前端段分离不需要---禁用默认登录页 @@ -49,39 +49,35 @@ public class WebSecurityConfig { .logout(AbstractHttpConfigurer::disable) // 前端段分离不需要---csrf攻击 .csrf(AbstractHttpConfigurer::disable) - // 跨域访问权限 + // 跨域访问权限,如果需要可以关闭后自己配置跨域访问 .cors(AbstractHttpConfigurer::disable) // 前后端分离不需要---因为是无状态的 - .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) + .sessionManagement(AbstractHttpConfigurer::disable) + // 前后端分离不需要---记住我,e -> e.rememberMeParameter("rememberBunny").rememberMeCookieName("rememberBunny").key("BunnyKey") + .rememberMe(AbstractHttpConfigurer::disable) + .authorizeHttpRequests(authorize -> { + // 如果访问路径有下面的,不需要访问权限 + authorize.requestMatchers(SecurityConstant.annotations).permitAll(); + // 有样式文件,不需要访问权限 + authorize.requestMatchers(RegexRequestMatcher.regexMatcher("^\\S*[css|js]$")).permitAll(); + // 上面都不是需要鉴权访问 + authorize.anyRequest().access(customAuthorizationManager); + }) .exceptionHandling(exception -> { // 请求未授权接口 exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint()); // 没有权限访问 exception.accessDeniedHandler(new SecurityAccessDeniedHandler()); }) - // 记住我 - .rememberMe(e -> e.rememberMeParameter("rememberBunny").rememberMeCookieName("rememberBunny").key("BunnyKey")) // 自定义过滤器 - // .addFilterAt(TokenLoginFilter(), UsernamePasswordAuthenticationFilter.class) - // .addFilter(new TokenLoginFilter(redisTemplate)) - .addFilterBefore(new TokenAuthenticationFilter(redisTemplate), UsernamePasswordAuthenticationFilter.class); + .addFilterBefore(new TokenAuthenticationFilter(redisTemplate), UsernamePasswordAuthenticationFilter.class) + .addFilterAt(new TokenLoginFilter(authenticationConfiguration, redisTemplate), UsernamePasswordAuthenticationFilter.class) + // 自定义密码加密器和用户登录 + .passwordManagement(customPasswordEncoder).userDetailsService(customUserDetailsService); return httpSecurity.build(); } - @Bean - public AuthenticationProvider authenticationProvider() { - DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); - provider.setPasswordEncoder(customPasswordEncoder); - provider.setUserDetailsService(myUserDetailsService); - return provider; - } - - @Bean - public AuthenticationManager authenticationManager(@NotNull AuthenticationConfiguration config) throws Exception { - return config.getAuthenticationManager(); - } - @Bean public SessionRegistry sessionRegistry() { return new SessionRegistryImpl(); diff --git a/common/spring-security/src/main/java/cn/bunny/security/custom/CustomAuthorizationManager.java b/common/spring-security/src/main/java/cn/bunny/security/custom/CustomAuthorizationManager.java deleted file mode 100644 index 7e09fb9..0000000 --- a/common/spring-security/src/main/java/cn/bunny/security/custom/CustomAuthorizationManager.java +++ /dev/null @@ -1,20 +0,0 @@ -package cn.bunny.security.custom; - -import lombok.extern.slf4j.Slf4j; -import org.springframework.security.authorization.AuthorizationDecision; -import org.springframework.security.authorization.AuthorizationManager; -import org.springframework.security.core.Authentication; -import org.springframework.security.web.access.intercept.RequestAuthorizationContext; -import org.springframework.stereotype.Component; - -import java.util.function.Supplier; - -@Component -@Slf4j -public class CustomAuthorizationManager implements AuthorizationManager { - @Override - public AuthorizationDecision check(Supplier authentication, RequestAuthorizationContext object) { - String token = object.getRequest().getHeader("token"); - return null; - } -} diff --git a/common/spring-security/src/main/java/cn/bunny/security/custom/CustomUser.java b/common/spring-security/src/main/java/cn/bunny/security/custom/CustomUser.java index 35654c9..1ec748f 100644 --- a/common/spring-security/src/main/java/cn/bunny/security/custom/CustomUser.java +++ b/common/spring-security/src/main/java/cn/bunny/security/custom/CustomUser.java @@ -8,6 +8,9 @@ import org.springframework.security.core.userdetails.User; import java.util.Collection; +/** + * 重写自带的User + */ @Getter @Setter public class CustomUser extends User { diff --git a/common/spring-security/src/main/java/cn/bunny/security/filter/TokenLoginFilter.java b/common/spring-security/src/main/java/cn/bunny/security/filter/TokenLoginFilter.java index b992753..6416bb0 100644 --- a/common/spring-security/src/main/java/cn/bunny/security/filter/TokenLoginFilter.java +++ b/common/spring-security/src/main/java/cn/bunny/security/filter/TokenLoginFilter.java @@ -3,8 +3,11 @@ package cn.bunny.security.filter; import cn.bunny.common.result.Result; import cn.bunny.common.utils.JwtHelper; import cn.bunny.common.utils.ResponseUtil; +import cn.bunny.entity.system.Login; import cn.bunny.enums.ResultCodeEnum; import cn.bunny.security.custom.CustomUser; +import cn.bunny.security.handelr.SecurityAuthenticationFailureHandler; +import cn.bunny.security.handelr.SecurityAuthenticationSuccessHandler; import cn.bunny.vo.system.LoginVo; import com.alibaba.fastjson2.JSON; import com.fasterxml.jackson.databind.ObjectMapper; @@ -13,30 +16,36 @@ import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import java.io.IOException; -import java.util.HashMap; -import java.util.Map; +/** + * 由于SpringSecurity的登录只能是表单形式 并且用户名密码需要时username、password,可以通过继承 UsernamePasswordAuthenticationFilter 获取登录请求的参数 + * 再去设置到 UsernamePasswordAuthenticationToken 中 来改变请求传参方式、参数名等 或者也可以在登录的时候加入其他参数等等 + * 也可以在这里添加验证码、短信等的验证 + */ public class TokenLoginFilter extends UsernamePasswordAuthenticationFilter { private final RedisTemplate redisTemplate; // 构造方法 - public TokenLoginFilter(RedisTemplate redisTemplate) { + public TokenLoginFilter(AuthenticationConfiguration authenticationConfiguration, RedisTemplate redisTemplate) throws Exception { + this.setAuthenticationSuccessHandler(new SecurityAuthenticationSuccessHandler()); + this.setAuthenticationFailureHandler(new SecurityAuthenticationFailureHandler()); this.setPostOnly(false); // 指定登录接口及提交方式,可以指定任意路径 this.setRequiresAuthenticationRequestMatcher(new AntPathRequestMatcher("/admin/system/index/login", "POST")); + this.setAuthenticationManager(authenticationConfiguration.getAuthenticationManager()); this.redisTemplate = redisTemplate; } // 登录认证 // 获取输入的用户名和密码,调用方法认证 - public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) - throws AuthenticationException { + public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { try { // 获取用户信息 LoginVo loginVo = new ObjectMapper().readValue(request.getInputStream(), LoginVo.class); @@ -60,9 +69,8 @@ public class TokenLoginFilter extends UsernamePasswordAuthenticationFilter { redisTemplate.opsForValue().set(customUser.getUsername(), JSON.toJSONString(customUser.getAuthorities())); // 返回 - Map map = new HashMap<>(); - map.put("token", token); - ResponseUtil.out(response, Result.success(map)); + Login login = Login.builder().token(token).build(); + ResponseUtil.out(response, Result.success(login)); } // 认证失败调用方法 diff --git a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAccessDeniedHandler.java b/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAccessDeniedHandler.java index 118a00a..9e99251 100644 --- a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAccessDeniedHandler.java +++ b/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAccessDeniedHandler.java @@ -3,16 +3,15 @@ package cn.bunny.security.handelr; import cn.bunny.common.result.Result; import cn.bunny.enums.ResultCodeEnum; import com.alibaba.fastjson2.JSON; -import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; +import lombok.SneakyThrows; import org.springframework.security.access.AccessDeniedException; -import java.io.IOException; - public class SecurityAccessDeniedHandler implements org.springframework.security.web.access.AccessDeniedHandler { + @SneakyThrows @Override - public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException { + public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) { Result result = Result.error(ResultCodeEnum.FAIL_NO_ACCESS_DENIED); Object json = JSON.toJSON(result); diff --git a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAuthenticationEntryPoint.java b/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAuthenticationEntryPoint.java index 7e3d8ff..046cd3d 100644 --- a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAuthenticationEntryPoint.java +++ b/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityAuthenticationEntryPoint.java @@ -3,7 +3,6 @@ package cn.bunny.security.handelr; import cn.bunny.common.result.Result; import cn.bunny.enums.ResultCodeEnum; import com.alibaba.fastjson2.JSON; -import jakarta.servlet.ServletException; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import lombok.extern.slf4j.Slf4j; @@ -18,14 +17,20 @@ import java.io.IOException; @Slf4j public class SecurityAuthenticationEntryPoint implements AuthenticationEntryPoint { @Override - public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { String token = response.getHeader("token"); - String message = authException.getLocalizedMessage(); - - log.info("请求未认证接口:{},用户id:{}", message, token); - + String message = authException.getMessage(); // 创建结果对象 - Result result = Result.error(ResultCodeEnum.FAIL_REQUEST_NOT_AUTH); + Result result; + + if (token == null) { + result = Result.error(new Object(), ResultCodeEnum.LOGIN_AUTH); + log.info("请求未登录接口:{},用户id:{}", message, null); + } else { + result = Result.error(new Object(), ResultCodeEnum.LOGGED_IN_FROM_ANOTHER_DEVICE); + log.info("请求未授权接口:{},用户id:{}", message, token); + } + // 返回响应 response.setContentType("application/json;charset=UTF-8"); diff --git a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityInvalidSessionStrategy.java b/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityInvalidSessionStrategy.java deleted file mode 100644 index cfb55f7..0000000 --- a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityInvalidSessionStrategy.java +++ /dev/null @@ -1,26 +0,0 @@ -package cn.bunny.security.handelr; - -import cn.bunny.common.result.Result; -import cn.bunny.enums.ResultCodeEnum; -import com.alibaba.fastjson2.JSON; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import org.springframework.security.web.session.InvalidSessionStrategy; - -import java.io.IOException; - -public class SecurityInvalidSessionStrategy implements InvalidSessionStrategy { - @Override - public void onInvalidSessionDetected(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { - // 错误消息 - Result result = Result.error(ResultCodeEnum.SESSION_EXPIRATION); - - // 转成JSON - Object json = JSON.toJSON(result); - - // 返回响应 - response.setContentType("application/json;charset=UTF-8"); - response.getWriter().println(json); - } -} diff --git a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityLogoutSuccessHandler.java b/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityLogoutSuccessHandler.java deleted file mode 100644 index 2fda7d0..0000000 --- a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecurityLogoutSuccessHandler.java +++ /dev/null @@ -1,26 +0,0 @@ -package cn.bunny.security.handelr; - -import cn.bunny.common.result.Result; -import cn.bunny.enums.ResultCodeEnum; -import com.alibaba.fastjson2.JSON; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import org.springframework.security.core.Authentication; -import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; - -import java.io.IOException; - -/** - * 成功退出登录 - */ -public class SecurityLogoutSuccessHandler implements LogoutSuccessHandler { - @Override - public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { - Result success = Result.success(ResultCodeEnum.SUCCESS_LOGOUT); - Object json = JSON.toJSON(success); - - response.setContentType("application/json"); - response.getWriter().println(json); - } -} diff --git a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecuritySessionInformationExpiredStrategy.java b/common/spring-security/src/main/java/cn/bunny/security/handelr/SecuritySessionInformationExpiredStrategy.java deleted file mode 100644 index 1e6e336..0000000 --- a/common/spring-security/src/main/java/cn/bunny/security/handelr/SecuritySessionInformationExpiredStrategy.java +++ /dev/null @@ -1,26 +0,0 @@ -package cn.bunny.security.handelr; - -import cn.bunny.common.result.Result; -import cn.bunny.enums.ResultCodeEnum; -import com.alibaba.fastjson2.JSON; -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServletResponse; -import org.springframework.security.web.session.SessionInformationExpiredEvent; - -import java.io.IOException; - -public class SecuritySessionInformationExpiredStrategy implements org.springframework.security.web.session.SessionInformationExpiredStrategy { - @Override - public void onExpiredSessionDetected(SessionInformationExpiredEvent event) throws IOException, ServletException { - // 创建结果对象 - Result result = Result.error(ResultCodeEnum.THE_SAME_USER_HAS_LOGGED_IN); - - // 转为JSON - Object json = JSON.toJSON(result); - - // 返回响应 - HttpServletResponse response = event.getResponse(); - response.setContentType("application/json;charset=UTF-8"); - response.getWriter().println(json); - } -} diff --git a/common/spring-security/src/main/java/cn/bunny/security/service/CustomAuthorizationManagerService.java b/common/spring-security/src/main/java/cn/bunny/security/service/CustomAuthorizationManagerService.java new file mode 100644 index 0000000..3c1f939 --- /dev/null +++ b/common/spring-security/src/main/java/cn/bunny/security/service/CustomAuthorizationManagerService.java @@ -0,0 +1,7 @@ +package cn.bunny.security.service; + +import org.springframework.security.authorization.AuthorizationManager; +import org.springframework.security.web.access.intercept.RequestAuthorizationContext; + +public interface CustomAuthorizationManagerService extends AuthorizationManager { +} diff --git a/common/spring-security/src/main/java/cn/bunny/security/service/MyUserDetailsService.java b/common/spring-security/src/main/java/cn/bunny/security/service/CustomUserDetailsService.java similarity index 76% rename from common/spring-security/src/main/java/cn/bunny/security/service/MyUserDetailsService.java rename to common/spring-security/src/main/java/cn/bunny/security/service/CustomUserDetailsService.java index 192d926..7786e8c 100644 --- a/common/spring-security/src/main/java/cn/bunny/security/service/MyUserDetailsService.java +++ b/common/spring-security/src/main/java/cn/bunny/security/service/CustomUserDetailsService.java @@ -3,7 +3,7 @@ package cn.bunny.security.service; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UsernameNotFoundException; -public interface MyUserDetailsService extends org.springframework.security.core.userdetails.UserDetailsService { +public interface CustomUserDetailsService extends org.springframework.security.core.userdetails.UserDetailsService { /** * 根据用户名获取用户对象(获取不到直接抛异常) */ diff --git a/service/src/main/java/cn/bunny/service/security/CustomAuthorizationManagerServiceImpl.java b/service/src/main/java/cn/bunny/service/security/CustomAuthorizationManagerServiceImpl.java new file mode 100644 index 0000000..6c3fccb --- /dev/null +++ b/service/src/main/java/cn/bunny/service/security/CustomAuthorizationManagerServiceImpl.java @@ -0,0 +1,36 @@ +package cn.bunny.service.security; + +import cn.bunny.security.service.CustomAuthorizationManagerService; +import lombok.extern.slf4j.Slf4j; +import org.springframework.security.access.AccessDeniedException; +import org.springframework.security.authorization.AuthorizationDecision; +import org.springframework.security.core.Authentication; +import org.springframework.security.web.access.intercept.RequestAuthorizationContext; +import org.springframework.stereotype.Service; + +import java.util.function.Supplier; + + +/** + * 自定义权限判断 + * 判断用户有哪些权限 + */ +@Service +@Slf4j +public class CustomAuthorizationManagerServiceImpl implements CustomAuthorizationManagerService { + @Override + public void verify(Supplier authentication, RequestAuthorizationContext requestAuthorizationContext) { + CustomAuthorizationManagerService.super.verify(authentication, requestAuthorizationContext); + } + + @Override + public AuthorizationDecision check(Supplier authentication, RequestAuthorizationContext object) { + String token = object.getRequest().getHeader("token"); + + if (token == null) { + throw new AccessDeniedException(""); + } + + return new AuthorizationDecision(true); + } +} diff --git a/service/src/main/java/cn/bunny/service/security/MyUserDetailsService.java b/service/src/main/java/cn/bunny/service/security/CustomUserDetailsService.java similarity index 94% rename from service/src/main/java/cn/bunny/service/security/MyUserDetailsService.java rename to service/src/main/java/cn/bunny/service/security/CustomUserDetailsService.java index 18ca414..e425f44 100644 --- a/service/src/main/java/cn/bunny/service/security/MyUserDetailsService.java +++ b/service/src/main/java/cn/bunny/service/security/CustomUserDetailsService.java @@ -17,7 +17,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import java.util.List; @Configuration -public class MyUserDetailsService implements cn.bunny.security.service.MyUserDetailsService { +public class CustomUserDetailsService implements cn.bunny.security.service.CustomUserDetailsService { @Autowired private SysUserMapper sysUserMapper; @Autowired diff --git a/service/src/main/java/cn/bunny/service/service/impl/SysUserServiceImpl.java b/service/src/main/java/cn/bunny/service/service/impl/SysUserServiceImpl.java index c20c89f..f0c4055 100644 --- a/service/src/main/java/cn/bunny/service/service/impl/SysUserServiceImpl.java +++ b/service/src/main/java/cn/bunny/service/service/impl/SysUserServiceImpl.java @@ -3,7 +3,6 @@ package cn.bunny.service.service.impl; import cn.bunny.common.constant.MessageConstant; import cn.bunny.common.service.exception.BunnyException; import cn.bunny.common.utils.JwtHelper; -import cn.bunny.common.utils.SnowflakeIdGenerator; import cn.bunny.entity.system.Login; import cn.bunny.entity.system.SysUser; import cn.bunny.entity.system.SysUserinfo; @@ -16,7 +15,6 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import jakarta.servlet.http.HttpServletRequest; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.RedisTemplate; -import org.springframework.security.authentication.AuthenticationManager; import org.springframework.stereotype.Service; import org.springframework.util.DigestUtils; @@ -32,10 +30,6 @@ import org.springframework.util.DigestUtils; public class SysUserServiceImpl extends ServiceImpl implements SysUserService { @Autowired private RedisTemplate redisTemplate; - @Autowired - private SnowflakeIdGenerator snowflakeIdGenerator; - @Autowired - private AuthenticationManager authenticationManager; /** * 登录 @@ -69,10 +63,6 @@ public class SysUserServiceImpl extends ServiceImpl impl } // 添加token String token = JwtHelper.createToken(sysUser.getId(), sysUser.getUsername()); - // UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(vo.getUsername(), vo.getPassword()); - // Authentication authenticate = authenticationManager.authenticate(authentication); - // long snowId = snowflakeIdGenerator.nextId(); - // redisTemplate.opsForValue().set(String.valueOf(snowId), authenticate); return Login.builder().token(token).build(); }