dev #1
|
|
@ -14,5 +14,7 @@ public class WebMvcConfiguration implements WebMvcConfigurer {
|
|||
log.info("WebMvcConfiguration===>设置");
|
||||
|
||||
registry.addResourceHandler("/favicon.ico").addResourceLocations("classpath:/");
|
||||
registry.addResourceHandler("/doc.html").addResourceLocations("classpath:/META-INF/resources/");
|
||||
registry.addResourceHandler("/webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,10 +23,5 @@
|
|||
<artifactId>service-utils</artifactId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.bunny</groupId>
|
||||
<artifactId>service</artifactId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
|
|
|||
|
|
@ -1,52 +0,0 @@
|
|||
package cn.bunny.security.config;
|
||||
|
||||
import cn.bunny.entity.system.SysUser;
|
||||
import cn.bunny.service.mapper.SysUserMapper;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.core.userdetails.UserDetailsPasswordService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.security.provisioning.UserDetailsManager;
|
||||
|
||||
@Configuration
|
||||
public class DBUserDetailsManager implements UserDetailsManager, UserDetailsPasswordService {
|
||||
@Autowired
|
||||
private SysUserMapper userMapper;
|
||||
|
||||
@Override
|
||||
public org.springframework.security.core.userdetails.UserDetails updatePassword(org.springframework.security.core.userdetails.UserDetails user, String newPassword) {
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void createUser(org.springframework.security.core.userdetails.UserDetails userDetails) {
|
||||
SysUser sysUser = new SysUser();
|
||||
sysUser.setName(userDetails.getUsername());
|
||||
sysUser.setPassword(userDetails.getPassword());
|
||||
}
|
||||
|
||||
@Override
|
||||
public void updateUser(org.springframework.security.core.userdetails.UserDetails user) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void deleteUser(String username) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void changePassword(String oldPassword, String newPassword) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean userExists(String username) {
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public org.springframework.security.core.userdetails.UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
|
@ -1,13 +1,17 @@
|
|||
package cn.bunny.security.config;
|
||||
|
||||
import cn.bunny.security.custom.CustomPasswordEncoder;
|
||||
import cn.bunny.security.handelr.SecurityAccessDeniedHandler;
|
||||
import cn.bunny.security.handelr.SecurityAuthenticationEntryPoint;
|
||||
import cn.bunny.security.handelr.SecurityLogoutSuccessHandler;
|
||||
import cn.bunny.security.handelr.SecuritySessionInformationExpiredStrategy;
|
||||
import cn.bunny.security.service.UserDetailsService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
|
||||
@Configuration
|
||||
|
|
@ -21,6 +25,34 @@ public class WebSecurityConfig {
|
|||
|
||||
@Bean
|
||||
public SecurityFilterChain filterChain(HttpSecurity httpSecurity) throws Exception {
|
||||
httpSecurity.authorizeHttpRequests(authorize -> {
|
||||
authorize.requestMatchers("/admin/modeler/**", "/diagram-viewer/**", "/editor-app/**", "/*.html",
|
||||
"/admin/processImage/**", "/login/**", "/admin/system/index/login",
|
||||
"/admin/wechat/authorize", "/admin/wechat/userInfo", "/admin/wechat/bindPhone",
|
||||
"/favicon.ico", "/swagger-resources/**", "/webjars/**", "/v3/**", "/swagger-ui.html/**", "/doc.html").permitAll()
|
||||
.anyRequest().authenticated();
|
||||
});
|
||||
|
||||
// 注销登录
|
||||
httpSecurity
|
||||
.logout(logout -> {
|
||||
logout.logoutSuccessHandler(new SecurityLogoutSuccessHandler());
|
||||
})
|
||||
.exceptionHandling(exception -> {
|
||||
// 请求未授权接口
|
||||
exception.authenticationEntryPoint(new SecurityAuthenticationEntryPoint());
|
||||
// 没有权限访问
|
||||
exception.accessDeniedHandler(new SecurityAccessDeniedHandler());
|
||||
})
|
||||
// 后登录的账号会使先登录的账号失效
|
||||
.sessionManagement(session -> {
|
||||
// 最大登录数为1
|
||||
session.maximumSessions(1).expiredSessionStrategy(new SecuritySessionInformationExpiredStrategy());
|
||||
// 禁用session
|
||||
// session.sessionCreationPolicy(SessionCreationPolicy.STATELESS);
|
||||
});
|
||||
|
||||
httpSecurity.userDetailsService(userDetailsService).passwordManagement(customPasswordEncoder);
|
||||
|
||||
return httpSecurity.build();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,24 +1,15 @@
|
|||
package cn.bunny.security.service;
|
||||
|
||||
import cn.bunny.entity.system.SysUser;
|
||||
import cn.bunny.service.mapper.SysUserMapper;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService {
|
||||
@Autowired
|
||||
private SysUserMapper userMapper;
|
||||
public interface UserDetailsService extends org.springframework.security.core.userdetails.UserDetailsService {
|
||||
|
||||
/**
|
||||
* 根据用户名获取用户对象(获取不到直接抛异常)
|
||||
*/
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
||||
SysUser sysUser = userMapper.selectOne(Wrappers.<SysUser>lambdaQuery().eq(SysUser::getUsername, username));
|
||||
User.withUsername(sysUser.getUsername());
|
||||
|
||||
return null;
|
||||
}
|
||||
UserDetails loadUserByUsername(String username) throws UsernameNotFoundException;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,6 +20,11 @@
|
|||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>cn.bunny</groupId>
|
||||
<artifactId>spring-security</artifactId>
|
||||
<version>0.0.1-SNAPSHOT</version>
|
||||
</dependency>
|
||||
<!-- service-utils -->
|
||||
<dependency>
|
||||
<groupId>cn.bunny</groupId>
|
||||
|
|
|
|||
|
|
@ -0,0 +1,34 @@
|
|||
package cn.bunny.service.security;
|
||||
|
||||
import cn.bunny.common.constant.MessageConstant;
|
||||
import cn.bunny.common.service.exception.BunnyException;
|
||||
import cn.bunny.entity.system.SysUser;
|
||||
import cn.bunny.security.custom.CustomUser;
|
||||
import cn.bunny.security.service.UserDetailsService;
|
||||
import cn.bunny.service.service.SysUserService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
|
||||
import java.util.Collections;
|
||||
|
||||
@Configuration
|
||||
public class MyUserDetailsService implements UserDetailsService {
|
||||
@Autowired
|
||||
private SysUserService sysUserService;
|
||||
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
||||
SysUser sysUser = sysUserService.getByUsername(username);
|
||||
if (null == sysUser) {
|
||||
throw new UsernameNotFoundException(MessageConstant.USER_DOES_NOT_EXIST);
|
||||
}
|
||||
|
||||
if (sysUser.getStatus() == 0) {
|
||||
throw new BunnyException(MessageConstant.ACCOUNT_LOCKED);
|
||||
}
|
||||
|
||||
return new CustomUser(sysUser, Collections.emptyList());
|
||||
}
|
||||
}
|
||||
|
|
@ -32,4 +32,12 @@ public interface SysUserService extends IService<SysUser> {
|
|||
* @return 用户信息
|
||||
*/
|
||||
SysUserinfo getUserinfo(HttpServletRequest request);
|
||||
|
||||
/**
|
||||
* 根据用户名查询用户信息
|
||||
*
|
||||
* @param username 用户名
|
||||
* @return 用户信息
|
||||
*/
|
||||
SysUser getByUsername(String username);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ import cn.bunny.service.mapper.SysUserMapper;
|
|||
import cn.bunny.service.service.SysUserService;
|
||||
import cn.bunny.vo.system.LoginVo;
|
||||
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
|
||||
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
||||
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -75,4 +76,15 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
|
|||
redisTemplate.opsForValue().set("test", "测试");
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* 根据用户名查询用户信息
|
||||
*
|
||||
* @param username 用户名
|
||||
* @return 用户信息
|
||||
*/
|
||||
@Override
|
||||
public SysUser getByUsername(String username) {
|
||||
return getOne(Wrappers.<SysUser>lambdaQuery().eq(SysUser::getUsername, username));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue