feat(修改): 🚀 修改springSecurity

.idea/misc.xml

@@ -9,5 +9,5 @@
       </list>
     </option>
   </component>
-  <component name="ProjectRootManager" version="2" languageLevel="JDK_18" default="true" project-jdk-name="1.8" project-jdk-type="JavaSDK" />
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" default="true" project-jdk-name="1.8" project-jdk-type="JavaSDK" />
 </project>

common/common-util/src/main/java/com/atguigu/common/utlis/BaseContext.java

@@ -1,7 +1,6 @@
-package com.atguigu.security.custom;
+package com.atguigu.common.utlis;
-
-public class LoginUserInfoHelper {
 
+public class BaseContext {
     private static final ThreadLocal<Long> userId = new ThreadLocal<Long>();
     private static final ThreadLocal<String> username = new ThreadLocal<String>();
 

common/spring-security/src/main/java/com/atguigu/security/config/WebSecurityConfig.java

@@ -38,20 +38,17 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         // 这是配置的关键，决定哪些接口开启防护，哪些接口绕过防护
-        http
+        http.csrf().disable() // 关闭csrf跨站请求伪造
-                // 关闭csrf跨站请求伪造
+                .cors().and()// 开启跨域以便前端调用接口
-                .csrf().disable()
-                // 开启跨域以便前端调用接口
-                .cors().and()
                 .authorizeRequests()
                 // 指定某些接口不需要通过验证即可访问。登陆接口肯定是不需要认证的
-                //.antMatchers("/admin/system/index/login").permitAll()
+                .antMatchers("/admin/system/index/login").permitAll()
                 // 这里意思是其它所有接口需要认证才能访问
                 .anyRequest().authenticated()
                 .and()
-                // TokenAuthenticationFilter放到UsernamePasswordAuthenticationFilter的前面，这样做就是为了除了登录的时候去查询数据库外，其他时候都用token进行认证。
+                // TokenAuthenticationFilter放到UsernamePasswordAuthenticationFilter的前面
-                .addFilterBefore(new TokenAuthenticationFilter(redisTemplate),
+                // 这样做就是为了除了登录的时候去查询数据库外，其他时候都用token进行认证。
-                        UsernamePasswordAuthenticationFilter.class)
+                .addFilterBefore(new TokenAuthenticationFilter(redisTemplate), UsernamePasswordAuthenticationFilter.class)
                 .addFilter(new TokenLoginFilter(authenticationManager(), redisTemplate));
 
         // 禁用session

common/spring-security/src/main/java/com/atguigu/security/custom/CustomUser.java

@@ -11,7 +11,6 @@ import java.util.Collection;
 @Setter
 @Getter
 public class CustomUser extends User {
-
     /**
      * 我们自己的用户实体对象，要调取用户信息时直接获取这个实体对象。（这里我就不写get/set方法了）
      */
@@ -21,5 +20,4 @@ public class CustomUser extends User {
         super(sysUser.getUsername(), sysUser.getPassword(), authorities);
         this.sysUser = sysUser;
     }
-
 }

common/spring-security/src/main/java/com/atguigu/security/filter/TokenAuthenticationFilter.java

@@ -3,9 +3,9 @@ package com.atguigu.security.filter;
 import com.alibaba.fastjson.JSON;
 import com.atguigu.common.result.Result;
 import com.atguigu.common.result.ResultCodeEnum;
+import com.atguigu.common.utlis.BaseContext;
 import com.atguigu.common.utlis.JwtHelper;
 import com.atguigu.common.utlis.ResponseUtil;
-import com.atguigu.security.custom.LoginUserInfoHelper;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -56,8 +56,8 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
             String username = JwtHelper.getUserName(token);
             if (!StringUtils.isEmpty(username)) {
                 // 当前用户信息放到ThreadLocal里面
-                LoginUserInfoHelper.setUserId(JwtHelper.getUserId(token));
+                BaseContext.setUserId(JwtHelper.getUserId(token));
-                LoginUserInfoHelper.setUsername(username);
+                BaseContext.setUsername(username);
 
                 // 通过username从redis获取权限数据
                 String authString = (String) redisTemplate.opsForValue().get(username);

common/spring-security/src/main/java/com/atguigu/security/service/UserDetailsService.java

@@ -1,4 +1,4 @@
-package com.atguigu.security.custom;
+package com.atguigu.security.service;
 
 import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;

service-oa/src/main/java/com/atguigu/auth/service/impl/UserDetailsServiceImpl.java

@@ -5,9 +5,9 @@ import com.atguigu.constant.MessageConstant;
 import com.atguigu.exception.BunnyException;
 import com.atguigu.model.system.SysUser;
 import com.atguigu.security.custom.CustomUser;
+import com.atguigu.security.service.UserDetailsService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Component;
 

service-oa/target/classes/application-dev.yml

@@ -1,21 +0,0 @@
-server:
-  port: 8800
-
-bunny:
-  datasource:
-    host: 106.15.251.123
-    port: 3305
-    sqlData: guigu-oa
-    username: root
-    password: "02120212"
-
-#  nacos:
-#    server-addr: z-bunny.cn:8848
-#    discovery:
-#      namespace: ssyx
-#
-#  minio:
-#    endpointUrl: "http://129.211.31.58:9000"
-#    bucket-name: ssyx
-#    accessKey: bunny
-#    secretKey: "02120212"

service-oa/target/classes/application.yml

@@ -1,34 +0,0 @@
-server:
-  port: 8800
-
-spring:
-  application:
-    name: service-oa
-  profiles:
-    active: dev
-
-  datasource:
-    type: com.zaxxer.hikari.HikariDataSource
-    driver-class-name: com.mysql.cj.jdbc.Driver
-    url: jdbc:mysql://${bunny.datasource.host}:${bunny.datasource.port}/${bunny.datasource.sqlData}?serverTimezone=GMT%2B8&useSSL=false&characterEncoding=utf-8&allowPublicKeyRetrieval=true
-    username: ${bunny.datasource.username}
-    password: ${bunny.datasource.password}
-
-  jackson:
-    date-format: yyyy-MM-dd HH:mm:ss
-    time-zone: GMT+8
-    
-mybatis-plus:
-  mapper-locations: classpath:mapper/*.xml
-  configuration:
-    log-impl: org.apache.ibatis.logging.stdout.StdOutImpl # 查看日志
-
-logging:
-  level:
-    com.atguigu.auth.mapper: debug
-    com.atguigu.auth.controller: info
-    com.atguigu.auth.service: info
-  pattern:
-    dateformat: HH:mm:ss:SSS
-  file:
-    path: "logs/${spring.application.name}"

service-oa/target/classes/banner.txt

@@ -1,16 +0,0 @@
------------------▄██-█▄---------
------------------███▄██▄--------
------------------███████--------
------------------▀███████-------
--------------------██████▄▄-----
--------------------█████████▄---
--------------------██████▄████--
--------▄███████████████████████-
------▄███████████████████████▀--
----▄██████████████████████------
----███████████████████████------
----███████████████████████------
--▄▄██████████████████████▀------
--█████████████████▀█████--------
--▀██████████████▀▀-▀█████▄------
--------▀▀▀▀▀▀▀▀▀------▀▀▀▀------