🚀 springSecurity新增用户鉴权

common/service-utils/src/main/java/cn/bunny/common/service/config/WebMvcConfiguration.java

@@ -14,5 +14,7 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
         log.info("WebMvcConfiguration===>设置");
 
         registry.addResourceHandler("/favicon.ico").addResourceLocations("classpath:/");
+        registry.addResourceHandler("/doc.html").addResourceLocations("classpath:/META-INF/resources/");
+        registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
     }
 }

common/spring-security/pom.xml

@@ -23,10 +23,5 @@
             <artifactId>service-utils</artifactId>
             <version>0.0.1-SNAPSHOT</version>
         </dependency>
-        <dependency>
-            <groupId>cn.bunny</groupId>
-            <artifactId>service</artifactId>
-            <version>0.0.1-SNAPSHOT</version>
-        </dependency>
     </dependencies>
 </project>

common/spring-security/src/main/java/cn/bunny/security/config/DBUserDetailsManager.java

@@ -1,52 +0,0 @@
-package cn.bunny.security.config;
-
-import cn.bunny.entity.system.SysUser;
-import cn.bunny.service.mapper.SysUserMapper;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.core.userdetails.UserDetailsPasswordService;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.security.provisioning.UserDetailsManager;
-
-@Configuration
-public class DBUserDetailsManager implements UserDetailsManager, UserDetailsPasswordService {
-    @Autowired
-    private SysUserMapper userMapper;
-
-    @Override
-    public org.springframework.security.core.userdetails.UserDetails updatePassword(org.springframework.security.core.userdetails.UserDetails user, String newPassword) {
-        return null;
-    }
-
-    @Override
-    public void createUser(org.springframework.security.core.userdetails.UserDetails userDetails) {
-        SysUser sysUser = new SysUser();
-        sysUser.setName(userDetails.getUsername());
-        sysUser.setPassword(userDetails.getPassword());
-    }
-
-    @Override
-    public void updateUser(org.springframework.security.core.userdetails.UserDetails user) {
-
-    }
-
-    @Override
-    public void deleteUser(String username) {
-
-    }
-
-    @Override
-    public void changePassword(String oldPassword, String newPassword) {
-
-    }
-
-    @Override
-    public boolean userExists(String username) {
-        return false;
-    }
-
-    @Override
-    public org.springframework.security.core.userdetails.UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-        return null;
-    }
-}

common/spring-security/src/main/java/cn/bunny/security/config/WebSecurityConfig.java

@@ -1,13 +1,17 @@
 package cn.bunny.security.config;
 
 import cn.bunny.security.custom.CustomPasswordEncoder;
+import cn.bunny.security.handelr.SecurityAccessDeniedHandler;
+import cn.bunny.security.handelr.SecurityAuthenticationEntryPoint;
+import cn.bunny.security.handelr.SecurityLogoutSuccessHandler;
+import cn.bunny.security.handelr.SecuritySessionInformationExpiredStrategy;
+import cn.bunny.security.service.UserDetailsService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.web.SecurityFilterChain;
 
 @Configuration
@@ -21,6 +25,34 @@ public class WebSecurityConfig {
 
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
+        httpSecurity.authorizeHttpRequests(authorize -> {
+            authorize.requestMatchers("/admin/modeler/**", "/diagram-viewer/**", "/editor-app/**", "/*.html",
+                            "/admin/processImage/**", "/login/**", "/admin/system/index/login",
+                            "/admin/wechat/authorize", "/admin/wechat/userInfo", "/admin/wechat/bindPhone",
+                            "/favicon.ico", "/swagger-resources/**", "/webjars/**", "/v3/**", "/swagger-ui.html/**", "/doc.html").permitAll()
+                    .anyRequest().authenticated();
+        });
+
+        // 注销登录
+        httpSecurity
+                .logout(logout -> {
+                    logout.logoutSuccessHandler(new SecurityLogoutSuccessHandler());
+                })
+                .exceptionHandling(exception -> {
+                    // 请求未授权接口
+                    exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint());
+                    // 没有权限访问
+                    exception.accessDeniedHandler(new SecurityAccessDeniedHandler());
+                })
+                // 后登录的账号会使先登录的账号失效
+                .sessionManagement(session -> {
+                    // 最大登录数为1
+                    session.maximumSessions(1).expiredSessionStrategy(new SecuritySessionInformationExpiredStrategy());
+                    // 禁用session
+                    // session.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+                });
+
+        httpSecurity.userDetailsService(userDetailsService).passwordManagement(customPasswordEncoder);
 
         return httpSecurity.build();
     }

common/spring-security/src/main/java/cn/bunny/security/service/UserDetailsService.java

@@ -1,24 +1,15 @@
 package cn.bunny.security.service;
 
-import cn.bunny.entity.system.SysUser;
-import cn.bunny.service.mapper.SysUserMapper;
-import com.baomidou.mybatisplus.core.toolkit.Wrappers;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.userdetails.User;
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Component;
 
 @Component
-public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {
+public interface UserDetailsService extends org.springframework.security.core.userdetails.UserDetailsService {
-    @Autowired
-    private SysUserMapper userMapper;
 
+    /**
+     * 根据用户名获取用户对象（获取不到直接抛异常）
+     */
     @Override
-    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+    UserDetails loadUserByUsername(String username) throws UsernameNotFoundException;
-        SysUser sysUser = userMapper.selectOne(Wrappers.<SysUser>lambdaQuery().eq(SysUser::getUsername, username));
-        User.withUsername(sysUser.getUsername());
-
-        return null;
-    }
 }

service/pom.xml

@@ -20,6 +20,11 @@
     </properties>
 
     <dependencies>
+        <dependency>
+            <groupId>cn.bunny</groupId>
+            <artifactId>spring-security</artifactId>
+            <version>0.0.1-SNAPSHOT</version>
+        </dependency>
         <!-- service-utils -->
         <dependency>
             <groupId>cn.bunny</groupId>

service/src/main/java/cn/bunny/service/security/MyUserDetailsService.java

@@ -0,0 +1,34 @@
+package cn.bunny.service.security;
+
+import cn.bunny.common.constant.MessageConstant;
+import cn.bunny.common.service.exception.BunnyException;
+import cn.bunny.entity.system.SysUser;
+import cn.bunny.security.custom.CustomUser;
+import cn.bunny.security.service.UserDetailsService;
+import cn.bunny.service.service.SysUserService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+import java.util.Collections;
+
+@Configuration
+public class MyUserDetailsService implements UserDetailsService {
+    @Autowired
+    private SysUserService sysUserService;
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        SysUser sysUser = sysUserService.getByUsername(username);
+        if (null == sysUser) {
+            throw new UsernameNotFoundException(MessageConstant.USER_DOES_NOT_EXIST);
+        }
+
+        if (sysUser.getStatus() == 0) {
+            throw new BunnyException(MessageConstant.ACCOUNT_LOCKED);
+        }
+
+        return new CustomUser(sysUser, Collections.emptyList());
+    }
+}

service/src/main/java/cn/bunny/service/service/SysUserService.java

@@ -32,4 +32,12 @@ public interface SysUserService extends IService<SysUser> {
      * @return 用户信息
      */
     SysUserinfo getUserinfo(HttpServletRequest request);
+
+    /**
+     * 根据用户名查询用户信息
+     *
+     * @param username 用户名
+     * @return 用户信息
+     */
+    SysUser getByUsername(String username);
 }

service/src/main/java/cn/bunny/service/service/impl/SysUserServiceImpl.java

@@ -10,6 +10,7 @@ import cn.bunny.service.mapper.SysUserMapper;
 import cn.bunny.service.service.SysUserService;
 import cn.bunny.vo.system.LoginVo;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -75,4 +76,15 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         redisTemplate.opsForValue().set("test", "测试");
         return null;
     }
+
+    /**
+     * 根据用户名查询用户信息
+     *
+     * @param username 用户名
+     * @return 用户信息
+     */
+    @Override
+    public SysUser getByUsername(String username) {
+        return getOne(Wrappers.<SysUser>lambdaQuery().eq(SysUser::getUsername, username));
+    }
 }