JavaProject/guigu-oa
JavaProject
/
guigu-oa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(修改): 🚀 修改springSecurity

This commit is contained in:
bunny 2024-04-27 00:42:06 +08:00
parent cc6212a050
commit 760bb92479
15 changed files with 14 additions and 91 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.idea/misc.xml
View File

@ -9,5 +9,5 @@
</list>
</option>
</component>
<component name="ProjectRootManager" version="2" languageLevel="JDK_18" default="true" project-jdk-name="1.8" project-jdk-type="JavaSDK" />
<component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" default="true" project-jdk-name="1.8" project-jdk-type="JavaSDK" />
</project>

5
common/spring-security/src/main/java/com/atguigu/security/custom/LoginUserInfoHelper.java → common/common-util/src/main/java/com/atguigu/common/utlis/BaseContext.java
View File

@ -1,7 +1,6 @@
package com.atguigu.security.custom;
public class LoginUserInfoHelper {
package com.atguigu.common.utlis;
public class BaseContext {
private static final ThreadLocal<Long> userId = new ThreadLocal<Long>();
private static final ThreadLocal<String> username = new ThreadLocal<String>();

BIN
common/service-util/target/classes/com/atguigu/CodeGet.class
View File

Binary file not shown.

BIN
common/service-util/target/classes/com/atguigu/config/MybatisPlusConfig.class
View File

Binary file not shown.

BIN
common/service-util/target/classes/com/atguigu/constant/MessageConstant.class
View File

Binary file not shown.

BIN
common/service-util/target/classes/com/atguigu/context/BaseContext.class
View File

Binary file not shown.

15
common/spring-security/src/main/java/com/atguigu/security/config/WebSecurityConfig.java
View File

@ -38,20 +38,17 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
// 这是配置的关键决定哪些接口开启防护哪些接口绕过防护
http
// 关闭csrf跨站请求伪造
.csrf().disable()
// 开启跨域以便前端调用接口
.cors().and()
http.csrf().disable() // 关闭csrf跨站请求伪造
.cors().and()// 开启跨域以便前端调用接口
.authorizeRequests()
// 指定某些接口不需要通过验证即可访问登陆接口肯定是不需要认证的
//.antMatchers("/admin/system/index/login").permitAll()
.antMatchers("/admin/system/index/login").permitAll()
// 这里意思是其它所有接口需要认证才能访问
.anyRequest().authenticated()
.and()
// TokenAuthenticationFilter放到UsernamePasswordAuthenticationFilter的前面这样做就是为了除了登录的时候去查询数据库外其他时候都用token进行认证
.addFilterBefore(new TokenAuthenticationFilter(redisTemplate),
UsernamePasswordAuthenticationFilter.class)
// TokenAuthenticationFilter放到UsernamePasswordAuthenticationFilter的前面
// 这样做就是为了除了登录的时候去查询数据库外其他时候都用token进行认证
.addFilterBefore(new TokenAuthenticationFilter(redisTemplate), UsernamePasswordAuthenticationFilter.class)
.addFilter(new TokenLoginFilter(authenticationManager(), redisTemplate));
// 禁用session

2
common/spring-security/src/main/java/com/atguigu/security/custom/CustomUser.java
View File

@ -11,7 +11,6 @@ import java.util.Collection;
@Setter
@Getter
public class CustomUser extends User {
/**
* 我们自己的用户实体对象要调取用户信息时直接获取这个实体对象这里我就不写get/set方法了
*/
@ -21,5 +20,4 @@ public class CustomUser extends User {
super(sysUser.getUsername(), sysUser.getPassword(), authorities);
this.sysUser = sysUser;
}
}

6
common/spring-security/src/main/java/com/atguigu/security/filter/TokenAuthenticationFilter.java
View File

@ -3,9 +3,9 @@ package com.atguigu.security.filter;
import com.alibaba.fastjson.JSON;
import com.atguigu.common.result.Result;
import com.atguigu.common.result.ResultCodeEnum;
import com.atguigu.common.utlis.BaseContext;
import com.atguigu.common.utlis.JwtHelper;
import com.atguigu.common.utlis.ResponseUtil;
import com.atguigu.security.custom.LoginUserInfoHelper;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
@ -56,8 +56,8 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
String username = JwtHelper.getUserName(token);
if (!StringUtils.isEmpty(username)) {
// 当前用户信息放到ThreadLocal里面
LoginUserInfoHelper.setUserId(JwtHelper.getUserId(token));
LoginUserInfoHelper.setUsername(username);
BaseContext.setUserId(JwtHelper.getUserId(token));
BaseContext.setUsername(username);
// 通过username从redis获取权限数据
String authString = (String) redisTemplate.opsForValue().get(username);

2
common/spring-security/src/main/java/com/atguigu/security/custom/UserDetailsService.java → common/spring-security/src/main/java/com/atguigu/security/service/UserDetailsService.java
View File

@ -1,4 +1,4 @@
package com.atguigu.security.custom;
package com.atguigu.security.service;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;

2
service-oa/src/main/java/com/atguigu/auth/service/impl/UserDetailsServiceImpl.java
View File

@ -5,9 +5,9 @@ import com.atguigu.constant.MessageConstant;
import com.atguigu.exception.BunnyException;
import com.atguigu.model.system.SysUser;
import com.atguigu.security.custom.CustomUser;
import com.atguigu.security.service.UserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;

21
service-oa/target/classes/application-dev.yml
View File

@ -1,21 +0,0 @@
server:
port: 8800
bunny:
datasource:
host: 106.15.251.123
port: 3305
sqlData: guigu-oa
username: root
password: "02120212"
# nacos:
# server-addr: z-bunny.cn:8848
# discovery:
# namespace: ssyx
#
# minio:
# endpointUrl: "http://129.211.31.58:9000"
# bucket-name: ssyx
# accessKey: bunny
# secretKey: "02120212"

34
service-oa/target/classes/application.yml
View File

@ -1,34 +0,0 @@
server:
port: 8800
spring:
application:
name: service-oa
profiles:
active: dev
datasource:
type: com.zaxxer.hikari.HikariDataSource
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://${bunny.datasource.host}:${bunny.datasource.port}/${bunny.datasource.sqlData}?serverTimezone=GMT%2B8&useSSL=false&characterEncoding=utf-8&allowPublicKeyRetrieval=true
username: ${bunny.datasource.username}
password: ${bunny.datasource.password}
jackson:
date-format: yyyy-MM-dd HH:mm:ss
time-zone: GMT+8
mybatis-plus:
mapper-locations: classpath:mapper/*.xml
configuration:
log-impl: org.apache.ibatis.logging.stdout.StdOutImpl # 查看日志
logging:
level:
com.atguigu.auth.mapper: debug
com.atguigu.auth.controller: info
com.atguigu.auth.service: info
pattern:
dateformat: HH:mm:ss:SSS
file:
path: "logs/${spring.application.name}"

16
service-oa/target/classes/banner.txt
View File

@ -1,16 +0,0 @@
-----------------▄██-█▄---------
-----------------███▄██▄--------
-----------------███████--------
-----------------▀███████-------
-------------------██████▄▄-----
-------------------█████████▄---
-------------------██████▄████--
-------▄███████████████████████-
-----▄███████████████████████▀--
---▄██████████████████████------
---███████████████████████------
---███████████████████████------
-▄▄██████████████████████▀------
-█████████████████▀█████--------
-▀██████████████▀▀-▀█████▄------
-------▀▀▀▀▀▀▀▀▀------▀▀▀▀------

BIN
service-oa/target/classes/favicon.ico
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB