diff --git a/LICENSE b/LICENSE index eab32636553f8a24128ae146944d5c32009f2db0..ee7063040a8e1c2c3dac073faacb558aa601307d 100644 --- a/LICENSE +++ b/LICENSE @@ -176,7 +176,7 @@ recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright 2017 Mr.AG + Copyright 2017 WangHaoBin Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/README.md b/README.md index 7c765e7386400fa09ff6e8558ee8b2b7c1edca3c..ce75576f6edd256819f3c5434049fb1bad5b004f 100644 --- a/README.md +++ b/README.md @@ -14,17 +14,19 @@ http://43.248.136.159:9999/ ## [老A专属优惠链接](https://www.chanmir.com/?u=45433C),优惠卷:2B3158 +![img](http://upload-images.jianshu.io/upload_images/5700335-002735d1727ec11b.jpg?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) -### 阿里云服务器太贵?送你阿里云神卷,优惠最高达20% -https://promotion.aliyun.com/ntms/act/ambassador/sharetouser.html?userCode=ryr8l9eb&utm_source=ryr8l9eb -![img](http://upload-images.jianshu.io/upload_images/5700335-002735d1727ec11b.jpg?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) +--------- +# 更新日志 +### 2017年11月17日 v2.2-SNARSHOT +- ace-admin集成`ace-cache` +- ace-auth集成`rabbitmq` ---------- # 模块说明 ![img](http://upload-images.jianshu.io/upload_images/5700335-5ceb4c68e4080107.jpg?imageMogr2/auto-orient/strip%7CimageView2/2/w/1240) @@ -49,14 +51,14 @@ https://promotion.aliyun.com/ntms/act/ambassador/sharetouser.html?userCode=ryr8l 下载完后端代码后,记得先安装`lombok插件`,否则你的IDE会报代码缺失。 ## 后端工程启动 ### 环境须知 -- mysql数据库一个,redis数据库一个 +- mysql一个,redis一个,rabbitmq一个 - jdk1.8 - IDE插件一个,`lombok插件`,具体百度即可 ### 运行步骤 - 运行数据库脚本:依次运行数据库:ace-admin/db/init.sql、ace-auth-server/db/init.sql - 修改配置数据库配置:ace-admin/src/main/resources/application.yml、ace-gate/src/main/resources/application.yml -- 依次运行main类:CenterBootstrap(ace-center)、ConfigServerBootstrap(ace-config)、GateBootstrap(ace-gate)、AdminBootstrap(ace-admin)、AuthBootstrap(ace-auth-server) +- 按`顺序`运行main类:CenterBootstrap(ace-center)、ConfigServerBootstrap(ace-config)、AdminBootstrap(ace-admin)、AuthBootstrap(ace-auth-server)、GateBootstrap(ace-gate) ### 项目结构 ``` diff --git a/ace-admin/pom.xml b/ace-admin/pom.xml index 9e9f1d1f8ffb316c6d127e54ce068c13d8d7833c..05b5bdda96c810f72e236d7dc13be80b40909c66 100644 --- a/ace-admin/pom.xml +++ b/ace-admin/pom.xml @@ -157,6 +157,11 @@ ace-auth-client 1.0-SNAPSHOT + + com.github.wxiaoqi + ace-cache + 0.0.2 + ace-admin diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/AdminBootstrap.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/AdminBootstrap.java index 70297eb50e5c4033134e9b053a9ed51bf2e59a99..063157281854703d6b1030a0c4434841c4a77399 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/AdminBootstrap.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/AdminBootstrap.java @@ -1,5 +1,6 @@ package com.github.wxiaoqi.security.admin; +import com.ace.cache.EnableAceCache; import com.github.wxiaoqi.security.auth.client.EnableAceAuthClient; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.builder.SpringApplicationBuilder; @@ -8,6 +9,7 @@ import org.springframework.cloud.client.circuitbreaker.EnableCircuitBreaker; import org.springframework.cloud.netflix.eureka.EnableEurekaClient; import org.springframework.cloud.netflix.feign.EnableFeignClients; import org.springframework.scheduling.annotation.EnableScheduling; +import org.springframework.transaction.annotation.EnableTransactionManagement; /** * ${DESCRIPTION} @@ -22,6 +24,8 @@ import org.springframework.scheduling.annotation.EnableScheduling; @EnableScheduling @EnableAceAuthClient @ServletComponentScan("com.github.wxiaoqi.security.admin.config.druid") +@EnableAceCache +@EnableTransactionManagement public class AdminBootstrap { public static void main(String[] args) { new SpringApplicationBuilder(AdminBootstrap.class).web(true).run(args); } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ElementBiz.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ElementBiz.java index 9e98aa53ada3f93961c50d3d3c05a79bdcf3cbfe..85fca33a93d9ac7e89179058a301a034f8f2cf86 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ElementBiz.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ElementBiz.java @@ -1,9 +1,12 @@ package com.github.wxiaoqi.security.admin.biz; +import com.ace.cache.annotation.Cache; +import com.ace.cache.annotation.CacheClear; import com.github.wxiaoqi.security.admin.entity.Element; import com.github.wxiaoqi.security.admin.mapper.ElementMapper; import com.github.wxiaoqi.security.common.biz.BaseBiz; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; import java.util.List; @@ -14,11 +17,31 @@ import java.util.List; * @create 2017-06-23 20:27 */ @Service +@Transactional(rollbackFor = Exception.class) public class ElementBiz extends BaseBiz { + @Cache(key="permission:ele:u{1}") public List getAuthorityElementByUserId(String userId){ return mapper.selectAuthorityElementByUserId(userId); } public List getAuthorityElementByUserId(String userId,String menuId){ return mapper.selectAuthorityMenuElementByUserId(userId,menuId); } + + @Override + @Cache(key="permission:ele") + public List selectListAll() { + return super.selectListAll(); + } + + @Override + @CacheClear(keys={"permission:ele","permission"}) + public void insertSelective(Element entity) { + super.insertSelective(entity); + } + + @Override + @CacheClear(keys={"permission:ele","permission"}) + public void updateSelectiveById(Element entity) { + super.updateSelectiveById(entity); + } } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GateLogBiz.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GateLogBiz.java index 4cf32119a313876654a10947ca6a0852398f073b..ad33f59437f798f2283c5724090612c1e08af201 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GateLogBiz.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GateLogBiz.java @@ -4,6 +4,7 @@ import com.github.wxiaoqi.security.admin.entity.GateLog; import com.github.wxiaoqi.security.admin.mapper.GateLogMapper; import com.github.wxiaoqi.security.common.biz.BaseBiz; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; /** * ${DESCRIPTION} @@ -12,6 +13,7 @@ import org.springframework.stereotype.Service; * @create 2017-07-01 14:36 */ @Service +@Transactional(rollbackFor = Exception.class) public class GateLogBiz extends BaseBiz { @Override diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupBiz.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupBiz.java index 162077b8f7513ddcdfbc0f1289a0494957c74d2e..3bd60736d86d3c6cbc6806a5ea80ac97977fc0aa 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupBiz.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupBiz.java @@ -1,19 +1,21 @@ package com.github.wxiaoqi.security.admin.biz; +import com.ace.cache.annotation.CacheClear; import com.github.wxiaoqi.security.admin.constant.AdminCommonConstant; -import com.github.wxiaoqi.security.admin.entity.*; import com.github.wxiaoqi.security.admin.entity.Group; +import com.github.wxiaoqi.security.admin.entity.Menu; +import com.github.wxiaoqi.security.admin.entity.ResourceAuthority; import com.github.wxiaoqi.security.admin.mapper.GroupMapper; import com.github.wxiaoqi.security.admin.mapper.MenuMapper; import com.github.wxiaoqi.security.admin.mapper.ResourceAuthorityMapper; import com.github.wxiaoqi.security.admin.mapper.UserMapper; import com.github.wxiaoqi.security.admin.vo.AuthorityMenuTree; import com.github.wxiaoqi.security.admin.vo.GroupUsers; +import com.github.wxiaoqi.security.common.biz.BaseBiz; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; - -import com.github.wxiaoqi.security.common.biz.BaseBiz; +import org.springframework.transaction.annotation.Transactional; import org.springframework.util.StringUtils; import java.util.*; @@ -25,110 +27,119 @@ import java.util.*; * @create 2017-06-12 8:48 */ @Service -public class GroupBiz extends BaseBiz{ +@Transactional(rollbackFor = Exception.class) +public class GroupBiz extends BaseBiz { @Autowired private UserMapper userMapper; @Autowired private ResourceAuthorityMapper resourceAuthorityMapper; @Autowired private MenuMapper menuMapper; + @Override public void insertSelective(Group entity) { - if(AdminCommonConstant.ROOT == entity.getParentId()){ - entity.setPath("/"+entity.getCode()); - }else{ + if (AdminCommonConstant.ROOT == entity.getParentId()) { + entity.setPath("/" + entity.getCode()); + } else { Group parent = this.selectById(entity.getParentId()); - entity.setPath(parent.getPath()+"/"+entity.getCode()); + entity.setPath(parent.getPath() + "/" + entity.getCode()); } super.insertSelective(entity); } @Override public void updateById(Group entity) { - if(AdminCommonConstant.ROOT == entity.getParentId()){ - entity.setPath("/"+entity.getCode()); - }else{ + if (AdminCommonConstant.ROOT == entity.getParentId()) { + entity.setPath("/" + entity.getCode()); + } else { Group parent = this.selectById(entity.getParentId()); - entity.setPath(parent.getPath()+"/"+entity.getCode()); + entity.setPath(parent.getPath() + "/" + entity.getCode()); } super.updateById(entity); } /** * 获取群组关联用户 + * * @param groupId * @return */ public GroupUsers getGroupUsers(int groupId) { - return new GroupUsers(userMapper.selectMemberByGroupId(groupId),userMapper.selectLeaderByGroupId(groupId)); + return new GroupUsers(userMapper.selectMemberByGroupId(groupId), userMapper.selectLeaderByGroupId(groupId)); } /** * 变更群主所分配用户 + * * @param groupId * @param members * @param leaders */ - public void modifyGroupUsers(int groupId, String members, String leaders){ + @CacheClear(pre = "permission") + public void modifyGroupUsers(int groupId, String members, String leaders) { mapper.deleteGroupLeadersById(groupId); mapper.deleteGroupMembersById(groupId); - if(!StringUtils.isEmpty(members)){ + if (!StringUtils.isEmpty(members)) { String[] mem = members.split(","); - for(String m:mem){ - mapper.insertGroupMembersById(groupId,Integer.parseInt(m)); + for (String m : mem) { + mapper.insertGroupMembersById(groupId, Integer.parseInt(m)); } } - if(!StringUtils.isEmpty(leaders)){ + if (!StringUtils.isEmpty(leaders)) { String[] mem = leaders.split(","); - for(String m:mem){ - mapper.insertGroupLeadersById(groupId,Integer.parseInt(m)); + for (String m : mem) { + mapper.insertGroupLeadersById(groupId, Integer.parseInt(m)); } } } /** * 变更群组关联的菜单 + * * @param groupId * @param menus */ - public void modifyAuthorityMenu(int groupId, String[] menus){ - resourceAuthorityMapper.deleteByAuthorityIdAndResourceType(groupId+"", AdminCommonConstant.RESOURCE_TYPE_MENU); + @CacheClear(pre = "permission:menu") + public void modifyAuthorityMenu(int groupId, String[] menus) { + resourceAuthorityMapper.deleteByAuthorityIdAndResourceType(groupId + "", AdminCommonConstant.RESOURCE_TYPE_MENU); List menuList = menuMapper.selectAll(); - Map map = new HashMap(); - for(Menu menu:menuList){ - map.put(menu.getId().toString(),menu.getParentId().toString()); + Map map = new HashMap(); + for (Menu menu : menuList) { + map.put(menu.getId().toString(), menu.getParentId().toString()); } Set relationMenus = new HashSet(); relationMenus.addAll(Arrays.asList(menus)); ResourceAuthority authority = null; - for(String menuId:menus){ - findParentID(map,relationMenus,menuId); + for (String menuId : menus) { + findParentID(map, relationMenus, menuId); } - for(String menuId:relationMenus){ + for (String menuId : relationMenus) { authority = new ResourceAuthority(AdminCommonConstant.AUTHORITY_TYPE_GROUP, AdminCommonConstant.RESOURCE_TYPE_MENU); - authority.setAuthorityId(groupId+""); + authority.setAuthorityId(groupId + ""); authority.setResourceId(menuId); authority.setParentId("-1"); resourceAuthorityMapper.insertSelective(authority); } } - private void findParentID(Map map,Set relationMenus,String id){ + private void findParentID(Map map, Set relationMenus, String id) { String parentId = map.get(id); - if(String.valueOf(AdminCommonConstant.ROOT).equals(id)){ - return ; + if (String.valueOf(AdminCommonConstant.ROOT).equals(id)) { + return; } relationMenus.add(parentId); - findParentID(map,relationMenus,parentId); + findParentID(map, relationMenus, parentId); } /** * 分配资源权限 + * * @param groupId * @param menuId * @param elementId */ - public void modifyAuthorityElement(int groupId,int menuId,int elementId){ + @CacheClear(pre = "permission:ele") + public void modifyAuthorityElement(int groupId, int menuId, int elementId) { ResourceAuthority authority = new ResourceAuthority(AdminCommonConstant.AUTHORITY_TYPE_GROUP, AdminCommonConstant.RESOURCE_TYPE_BTN); authority.setAuthorityId(groupId + ""); authority.setResourceId(elementId + ""); @@ -138,13 +149,15 @@ public class GroupBiz extends BaseBiz{ /** * 移除资源权限 + * * @param groupId * @param menuId * @param elementId */ + @CacheClear(pre = "permission:ele") public void removeAuthorityElement(int groupId, int menuId, int elementId) { ResourceAuthority authority = new ResourceAuthority(); - authority.setAuthorityId(groupId+""); + authority.setAuthorityId(groupId + ""); authority.setResourceId(elementId + ""); authority.setParentId("-1"); resourceAuthorityMapper.delete(authority); @@ -153,10 +166,11 @@ public class GroupBiz extends BaseBiz{ /** * 获取群主关联的菜单 + * * @param groupId * @return */ - public List getAuthorityMenu(int groupId){ + public List getAuthorityMenu(int groupId) { List menus = menuMapper.selectMenuByAuthorityId(String.valueOf(groupId), AdminCommonConstant.AUTHORITY_TYPE_GROUP); List trees = new ArrayList(); AuthorityMenuTree node = null; @@ -169,13 +183,18 @@ public class GroupBiz extends BaseBiz{ return trees; } - + /** + * 获取群组关联的资源 + * + * @param groupId + * @return + */ public List getAuthorityElement(int groupId) { ResourceAuthority authority = new ResourceAuthority(AdminCommonConstant.AUTHORITY_TYPE_GROUP, AdminCommonConstant.RESOURCE_TYPE_BTN); - authority.setAuthorityId(groupId+""); + authority.setAuthorityId(groupId + ""); List authorities = resourceAuthorityMapper.select(authority); List ids = new ArrayList(); - for(ResourceAuthority auth:authorities){ + for (ResourceAuthority auth : authorities) { ids.add(Integer.parseInt(auth.getResourceId())); } return ids; diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupTypeBiz.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupTypeBiz.java index 4815d6ef853ae745346493217861f919e31f66b2..7deb207fdab461962b3ef145846f17236040a717 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupTypeBiz.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/GroupTypeBiz.java @@ -5,6 +5,7 @@ import org.springframework.stereotype.Service; import com.github.wxiaoqi.security.admin.entity.GroupType; import com.github.wxiaoqi.security.admin.mapper.GroupTypeMapper; import com.github.wxiaoqi.security.common.biz.BaseBiz; +import org.springframework.transaction.annotation.Transactional; /** * ${DESCRIPTION} @@ -13,5 +14,6 @@ import com.github.wxiaoqi.security.common.biz.BaseBiz; * @create 2017-06-12 8:48 */ @Service +@Transactional(rollbackFor = Exception.class) public class GroupTypeBiz extends BaseBiz { } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/MenuBiz.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/MenuBiz.java index ddb1611249c0f8c56ac2cd9ac59941b1bf083d47..ccc40977ab95a7c6f758153607b4a659b3ce87f0 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/MenuBiz.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/MenuBiz.java @@ -1,10 +1,13 @@ package com.github.wxiaoqi.security.admin.biz; +import com.ace.cache.annotation.Cache; +import com.ace.cache.annotation.CacheClear; +import com.github.wxiaoqi.security.admin.constant.AdminCommonConstant; import com.github.wxiaoqi.security.admin.entity.Menu; +import com.github.wxiaoqi.security.admin.mapper.MenuMapper; import com.github.wxiaoqi.security.common.biz.BaseBiz; -import com.github.wxiaoqi.security.admin.constant.AdminCommonConstant; import org.springframework.stereotype.Service; -import com.github.wxiaoqi.security.admin.mapper.MenuMapper; +import org.springframework.transaction.annotation.Transactional; import java.util.List; @@ -15,43 +18,62 @@ import java.util.List; * @create 2017-06-12 8:48 */ @Service -public class MenuBiz extends BaseBiz { +@Transactional(rollbackFor = Exception.class) +public class MenuBiz extends BaseBiz { @Override + @Cache(key="permission:menu") + public List selectListAll() { + return super.selectListAll(); + } + + @Override + @CacheClear(keys={"permission:menu","permission"}) public void insertSelective(Menu entity) { - if(AdminCommonConstant.ROOT == entity.getParentId()){ - entity.setPath("/"+entity.getCode()); - }else{ + if (AdminCommonConstant.ROOT == entity.getParentId()) { + entity.setPath("/" + entity.getCode()); + } else { Menu parent = this.selectById(entity.getParentId()); - entity.setPath(parent.getPath()+"/"+entity.getCode()); + entity.setPath(parent.getPath() + "/" + entity.getCode()); } super.insertSelective(entity); } @Override + @CacheClear(keys={"permission:menu","permission"}) public void updateById(Menu entity) { - if(AdminCommonConstant.ROOT == entity.getParentId()){ - entity.setPath("/"+entity.getCode()); - }else{ + if (AdminCommonConstant.ROOT == entity.getParentId()) { + entity.setPath("/" + entity.getCode()); + } else { Menu parent = this.selectById(entity.getParentId()); - entity.setPath(parent.getPath()+"/"+entity.getCode()); + entity.setPath(parent.getPath() + "/" + entity.getCode()); } super.updateById(entity); } + + @Override + @CacheClear(keys={"permission:menu","permission"}) + public void updateSelectiveById(Menu entity) { + super.updateSelectiveById(entity); + } + /** * 获取用户可以访问的菜单 + * * @param id * @return */ - public List getUserAuthorityMenuByUserId(int id){ + @Cache(key = "permission:menu:u{1}") + public List getUserAuthorityMenuByUserId(int id) { return mapper.selectAuthorityMenuByUserId(id); } /** * 根据用户获取可以访问的系统 + * * @param id * @return */ - public List getUserAuthoritySystemByUserId(int id){ + public List getUserAuthoritySystemByUserId(int id) { return mapper.selectAuthoritySystemByUserId(id); } } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ResourceAuthorityBiz.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ResourceAuthorityBiz.java index a3fb6e09609da3b2523dcf2fed1dbdf4400a1b51..262adc40d179ac6a55d082e5cf82b5582a044529 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ResourceAuthorityBiz.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/ResourceAuthorityBiz.java @@ -4,10 +4,12 @@ import com.github.wxiaoqi.security.admin.entity.ResourceAuthority; import com.github.wxiaoqi.security.admin.mapper.ResourceAuthorityMapper; import com.github.wxiaoqi.security.common.biz.BaseBiz; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; /** * Created by Ace on 2017/6/19. */ @Service +@Transactional(rollbackFor = Exception.class) public class ResourceAuthorityBiz extends BaseBiz { } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/UserBiz.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/UserBiz.java index 65b4cdad714652a01b56e314bf26b84d09e31e8f..3c5dd2a663f86a121be7dbd90bc5af52d5fcba9a 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/UserBiz.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/biz/UserBiz.java @@ -1,5 +1,7 @@ package com.github.wxiaoqi.security.admin.biz; +import com.ace.cache.annotation.Cache; +import com.ace.cache.annotation.CacheClear; import com.github.wxiaoqi.security.admin.entity.User; import com.github.wxiaoqi.security.admin.mapper.MenuMapper; import com.github.wxiaoqi.security.admin.mapper.UserMapper; @@ -9,6 +11,7 @@ import com.github.wxiaoqi.security.common.constant.UserConstant; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; /** * ${DESCRIPTION} @@ -17,6 +20,7 @@ import org.springframework.stereotype.Service; * @create 2017-06-08 16:23 */ @Service +@Transactional(rollbackFor = Exception.class) public class UserBiz extends BaseBiz { @Autowired @@ -31,10 +35,8 @@ public class UserBiz extends BaseBiz { } @Override + @CacheClear(pre="user{1.username}") public void updateSelectiveById(User entity) { - -// String password = new BCryptPasswordEncoder(UserConstant.PW_ENCORDER_SALT).encode(entity.getPassword()); -// entity.setPassword(password); super.updateSelectiveById(entity); } @@ -43,6 +45,7 @@ public class UserBiz extends BaseBiz { * @param username * @return */ + @Cache(key="user{1}") public User getUserByUsername(String username){ User user = new User(); user.setUsername(username); diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/config/WebConfig.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/config/WebConfig.java index 9fe68744c33c7cf9a8289bfd4483e104f2f12644..6f801192f3aece6b48a4da2c28fb1c603a858339 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/config/WebConfig.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/config/WebConfig.java @@ -5,6 +5,7 @@ import com.github.wxiaoqi.security.auth.client.interceptor.UserAuthRestIntercept import com.github.wxiaoqi.security.common.handler.GlobalExceptionHandler; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Primary; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; @@ -14,10 +15,11 @@ import java.util.Collections; /** * Created by ace on 2017/9/8. */ -@Configuration +@Configuration("admimWebConfig") +@Primary public class WebConfig extends WebMvcConfigurerAdapter { @Bean - GlobalExceptionHandler getGlobalExceptionHandler(){ + GlobalExceptionHandler getGlobalExceptionHandler() { return new GlobalExceptionHandler(); } @@ -25,29 +27,37 @@ public class WebConfig extends WebMvcConfigurerAdapter { public void addInterceptors(InterceptorRegistry registry) { ArrayList commonPathPatterns = getExcludeCommonPathPatterns(); registry.addInterceptor(getServiceAuthRestInterceptor()).addPathPatterns("/**").excludePathPatterns(commonPathPatterns.toArray(new String[]{})); - commonPathPatterns .add("/api/user/username/**"); + commonPathPatterns.add("/api/user/validate"); registry.addInterceptor(getUserAuthRestInterceptor()).addPathPatterns("/**").excludePathPatterns(commonPathPatterns.toArray(new String[]{})); super.addInterceptors(registry); } @Bean - ServiceAuthRestInterceptor getServiceAuthRestInterceptor(){ + ServiceAuthRestInterceptor getServiceAuthRestInterceptor() { return new ServiceAuthRestInterceptor(); } @Bean - UserAuthRestInterceptor getUserAuthRestInterceptor(){ + UserAuthRestInterceptor getUserAuthRestInterceptor() { return new UserAuthRestInterceptor(); } - private ArrayList getExcludeCommonPathPatterns(){ + private ArrayList getExcludeCommonPathPatterns() { ArrayList list = new ArrayList<>(); String[] urls = { "/v2/api-docs", - "/swagger-resources/**" + "/swagger-resources/**", + "/cache/**", + "/api/log/save" }; - Collections.addAll(list,urls); + Collections.addAll(list, urls); return list; - } + +// @Override +// public void addResourceHandlers(ResourceHandlerRegistry registry) { +// registry.addResourceHandler("/static/cache/**").addResourceLocations( +// "classpath:/META-INF/static/"); +// super.addResourceHandlers(registry); +// } } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rest/ElementController.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rest/ElementController.java index b2e7fa76aff813170663c77e9fb59b32f2020597..1dfb742dc09c190fed37eeec03f2e1b806eef627 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rest/ElementController.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rest/ElementController.java @@ -1,11 +1,8 @@ package com.github.wxiaoqi.security.admin.rest; -import com.github.pagehelper.PageHelper; import com.github.wxiaoqi.security.admin.biz.ElementBiz; import com.github.wxiaoqi.security.admin.biz.UserBiz; import com.github.wxiaoqi.security.admin.entity.Element; -import com.github.wxiaoqi.security.admin.entity.User; -import com.github.wxiaoqi.security.common.biz.BaseBiz; import com.github.wxiaoqi.security.common.msg.ObjectRestResponse; import com.github.wxiaoqi.security.common.msg.TableResultResponse; import com.github.wxiaoqi.security.common.rest.BaseController; @@ -51,7 +48,7 @@ public class ElementController extends BaseController { public ObjectRestResponse getAuthorityElement(String menuId) { int userId = userBiz.getUserByUsername(getCurrentUserName()).getId(); List elements = baseBiz.getAuthorityElementByUserId(userId + "",menuId); - return new ObjectRestResponse>().rel(true).data(elements); + return new ObjectRestResponse>().data(elements); } @RequestMapping(value = "/user/menu", method = RequestMethod.GET) @@ -59,6 +56,6 @@ public class ElementController extends BaseController { public ObjectRestResponse getAuthorityElement() { int userId = userBiz.getUserByUsername(getCurrentUserName()).getId(); List elements = baseBiz.getAuthorityElementByUserId(userId + ""); - return new ObjectRestResponse>().rel(true).data(elements); + return new ObjectRestResponse>().data(elements); } } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/UserRest.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/UserRest.java index 0e29d0d857aac8bfbb7e6c8356243b7e0167c27c..19ecf0aee5ba26ed80656f83985ce6750194cd76 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/UserRest.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/UserRest.java @@ -1,5 +1,6 @@ package com.github.wxiaoqi.security.admin.rpc; +import com.ace.cache.annotation.Cache; import com.github.wxiaoqi.security.admin.rpc.service.PermissionService; import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo; import com.github.wxiaoqi.security.api.vo.user.UserInfo; @@ -20,19 +21,23 @@ public class UserRest { @Autowired private PermissionService permissionService; - @RequestMapping(value = "/user/username/{username}",method = RequestMethod.GET, produces="application/json") - public @ResponseBody UserInfo getUserByUsername(@PathVariable("username")String username) { - return permissionService.getUserByUsername(username); - } - + @Cache(key="permission") @RequestMapping(value = "/permissions", method = RequestMethod.GET) - public @ResponseBody List getAllPermission(){ + public @ResponseBody + List getAllPermission(){ return permissionService.getAllPermission(); } - + @Cache(key="permission:u{1}") @RequestMapping(value = "/user/un/{username}/permissions", method = RequestMethod.GET) public @ResponseBody List getPermissionByUsername(@PathVariable("username") String username){ return permissionService.getPermissionByUsername(username); } + + @RequestMapping(value = "/user/validate", method = RequestMethod.POST) + public @ResponseBody UserInfo validate(String username,String password){ + return permissionService.validate(username,password); + } + + } diff --git a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/service/PermissionService.java b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/service/PermissionService.java index 61c1d7113c254a8f3393e7a2c45faaf9497d9adf..1ad58340bbc68da9bf624716272ce0dc9a356fd7 100644 --- a/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/service/PermissionService.java +++ b/ace-admin/src/main/java/com/github/wxiaoqi/security/admin/rpc/service/PermissionService.java @@ -17,6 +17,7 @@ import com.github.wxiaoqi.security.common.util.TreeUtil; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.BeanUtils; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; import java.util.ArrayList; @@ -37,6 +38,8 @@ public class PermissionService { private ElementBiz elementBiz; @Autowired private UserAuthUtil userAuthUtil; + private BCryptPasswordEncoder encoder = new BCryptPasswordEncoder(12); + public UserInfo getUserByUsername(String username) { UserInfo info = new UserInfo(); @@ -46,6 +49,16 @@ public class PermissionService { return info; } + public UserInfo validate(String username,String password){ + UserInfo info = new UserInfo(); + User user = userBiz.getUserByUsername(username); + if (encoder.matches(password, user.getPassword())) { + BeanUtils.copyProperties(user, info); + info.setId(user.getId().toString()); + } + return info; + } + public List getAllPermission() { List menus = menuBiz.selectListAll(); List result = new ArrayList(); diff --git a/ace-admin/src/main/resources/application.yml b/ace-admin/src/main/resources/application.yml index e193c36753a9baadfa220d7530409fc76ac202ff..e3a331b8a559bb413416d437d39eaa09b8779a4b 100644 --- a/ace-admin/src/main/resources/application.yml +++ b/ace-admin/src/main/resources/application.yml @@ -1,6 +1,6 @@ logging: level: - tk.mybatis: DEBUG +# tk.mybatis: DEBUG com.github.wxiaoqi.security.admin: DEBUG spring: application: @@ -30,6 +30,11 @@ spring: testOnReturn: false poolPreparedStatements: true maxOpenPreparedStatements: 20 + rabbitmq: + host: localhost + port: 5672 + username: guest + password: guest mybatis: basepackage: com.github.wxiaoqi.security.admin.mapper xmlLocation: classpath:mapper/**/*.xml @@ -70,3 +75,18 @@ auth: token-header: client-token pub-key: path: client/pub.key + +#redis-cache 相关 +redis: + pool: + maxActive: 300 + maxIdle: 100 + maxWait: 1000 + host: 127.0.0.1 + port: 6379 + password: + timeout: 2000 + # 服务或应用名 + sysName: ace-admin + enable: true + database: 0 \ No newline at end of file diff --git a/ace-api/src/main/java/com/github/wxiaoqi/security/api/vo/gate/ClientInfo.java b/ace-api/src/main/java/com/github/wxiaoqi/security/api/vo/gate/ClientInfo.java deleted file mode 100644 index 1f292735282aa9c5454789fd4a1745755975c96d..0000000000000000000000000000000000000000 --- a/ace-api/src/main/java/com/github/wxiaoqi/security/api/vo/gate/ClientInfo.java +++ /dev/null @@ -1,152 +0,0 @@ -package com.github.wxiaoqi.security.api.vo.gate; - -import java.io.Serializable; -import java.util.Date; - -/** - * ${DESCRIPTION} - * - * @author wanghaobin - * @create 2017-07-02 19:11 - */ -public class ClientInfo implements Serializable{ - private Integer id; - - private String code; - - private String secret; - - private String name; - - private boolean isLocked; - - private String description; - - private Date crtTime; - - private String crtUser; - - private String crtName; - - private String crtHost; - - private Date updTime; - - private String updUser; - - private String updName; - - private String updHost; - - public Integer getId() { - return id; - } - - public void setId(Integer id) { - this.id = id; - } - - public String getCode() { - return code; - } - - public void setCode(String code) { - this.code = code; - } - - public String getSecret() { - return secret; - } - - public void setSecret(String secret) { - this.secret = secret; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public boolean isLocked() { - return isLocked; - } - - public void setLocked(boolean isLocked) { - this.isLocked = isLocked; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - - public Date getCrtTime() { - return crtTime; - } - - public void setCrtTime(Date crtTime) { - this.crtTime = crtTime; - } - - public String getCrtUser() { - return crtUser; - } - - public void setCrtUser(String crtUser) { - this.crtUser = crtUser; - } - - public String getCrtName() { - return crtName; - } - - public void setCrtName(String crtName) { - this.crtName = crtName; - } - - public String getCrtHost() { - return crtHost; - } - - public void setCrtHost(String crtHost) { - this.crtHost = crtHost; - } - - public Date getUpdTime() { - return updTime; - } - - public void setUpdTime(Date updTime) { - this.updTime = updTime; - } - - public String getUpdUser() { - return updUser; - } - - public void setUpdUser(String updUser) { - this.updUser = updUser; - } - - public String getUpdName() { - return updName; - } - - public void setUpdName(String updName) { - this.updName = updName; - } - - public String getUpdHost() { - return updHost; - } - - public void setUpdHost(String updHost) { - this.updHost = updHost; - } -} diff --git a/ace-auth/ace-auth-client/pom.xml b/ace-auth/ace-auth-client/pom.xml index 8ed3fc6f6c26efb42029f272082e17a2d848ada7..3cd532799d0f4f581f31cfb5b20a142b5eb01d6b 100644 --- a/ace-auth/ace-auth-client/pom.xml +++ b/ace-auth/ace-auth-client/pom.xml @@ -35,6 +35,13 @@ 9.5.0 provided + + com.github.wxiaoqi + ace-auth-common + 1.0-SNAPSHOT + + + diff --git a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/configuration/AutoConfiguration.java b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/configuration/AutoConfiguration.java index 24fa090a82950255b6a4cd42e36af9fb0314e8cf..b2e9f50450196f9714072ff1bfe477546f5254ea 100644 --- a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/configuration/AutoConfiguration.java +++ b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/configuration/AutoConfiguration.java @@ -2,6 +2,7 @@ package com.github.wxiaoqi.security.auth.client.configuration; import com.github.wxiaoqi.security.auth.client.config.ServiceAuthConfig; import com.github.wxiaoqi.security.auth.client.config.UserAuthConfig; +import org.springframework.cloud.bus.jackson.RemoteApplicationEventScan; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.Configuration; @@ -10,7 +11,8 @@ import org.springframework.context.annotation.Configuration; * Created by ace on 2017/9/15. */ @Configuration -@ComponentScan("com.github.wxiaoqi.security.auth.client") +@ComponentScan({"com.github.wxiaoqi.security.auth.client","com.github.wxiaoqi.security.auth.common.event"}) +@RemoteApplicationEventScan(basePackages = "com.github.wxiaoqi.security.auth.common.event") public class AutoConfiguration { @Bean ServiceAuthConfig getServiceAuthConfig(){ diff --git a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceAuthRestInterceptor.java b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceAuthRestInterceptor.java index 0f417f7f50de7b5af3d5ebd21e969b7c3c90e3d5..aab22d5c9aa243112470d567ab4365ee79fe2845 100644 --- a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceAuthRestInterceptor.java +++ b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceAuthRestInterceptor.java @@ -3,8 +3,8 @@ package com.github.wxiaoqi.security.auth.client.interceptor; import com.github.wxiaoqi.security.auth.client.annotation.IgnoreClientToken; import com.github.wxiaoqi.security.auth.client.config.ServiceAuthConfig; import com.github.wxiaoqi.security.auth.client.jwt.ServiceAuthUtil; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; import com.github.wxiaoqi.security.common.exception.auth.ClientForbiddenException; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -44,7 +44,7 @@ public class ServiceAuthRestInterceptor extends HandlerInterceptorAdapter { String token = request.getHeader(serviceAuthConfig.getTokenHeader()); IJWTInfo infoFromToken = serviceAuthUtil.getInfoFromToken(token); - String uniqueName = infoFromToken.getUniqueName(); // clientName(code) + String uniqueName = infoFromToken.getUniqueName(); for(String client:serviceAuthUtil.getAllowedClient()){ if(client.equals(uniqueName)){ return super.preHandle(request, response, handler); diff --git a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceFeignInterceptor.java b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceFeignInterceptor.java index ff395749933f7c66b47ff5dd6a7b2d355fa262c7..12b0a2dd0916832e232085ed7710d79109c75f6e 100644 --- a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceFeignInterceptor.java +++ b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/ServiceFeignInterceptor.java @@ -11,7 +11,9 @@ import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; /** - * Created by ace on 2017/9/15. + * + * @author ace + * @date 2017/9/15 */ public class ServiceFeignInterceptor implements RequestInterceptor { private Logger logger = LoggerFactory.getLogger(ServiceFeignInterceptor.class); @@ -22,10 +24,25 @@ public class ServiceFeignInterceptor implements RequestInterceptor { @Autowired private ServiceAuthUtil serviceAuthUtil; + public ServiceFeignInterceptor() { + } + @Override public void apply(RequestTemplate requestTemplate) { requestTemplate.header(serviceAuthConfig.getTokenHeader(), serviceAuthUtil.getClientToken()); requestTemplate.header(userAuthConfig.getTokenHeader(), BaseContextHandler.getToken()); } + + public void setServiceAuthConfig(ServiceAuthConfig serviceAuthConfig) { + this.serviceAuthConfig = serviceAuthConfig; + } + + public void setUserAuthConfig(UserAuthConfig userAuthConfig) { + this.userAuthConfig = userAuthConfig; + } + + public void setServiceAuthUtil(ServiceAuthUtil serviceAuthUtil) { + this.serviceAuthUtil = serviceAuthUtil; + } } \ No newline at end of file diff --git a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/UserAuthRestInterceptor.java b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/UserAuthRestInterceptor.java index f55d812e14248cc3760b89363a6e42d5e3dbb67c..d9f06b683b25b43984922aaeb4005ee23929ceab 100644 --- a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/UserAuthRestInterceptor.java +++ b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/interceptor/UserAuthRestInterceptor.java @@ -3,8 +3,8 @@ package com.github.wxiaoqi.security.auth.client.interceptor; import com.github.wxiaoqi.security.auth.client.annotation.IgnoreUserToken; import com.github.wxiaoqi.security.auth.client.config.UserAuthConfig; import com.github.wxiaoqi.security.auth.client.jwt.UserAuthUtil; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; import com.github.wxiaoqi.security.common.context.BaseContextHandler; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; diff --git a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/ServiceAuthUtil.java b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/ServiceAuthUtil.java index 3096584adabc29782a9fe337bad2ef8791165f4b..e2992b732c7feecdbeab63f9a91d9135b5af8407 100644 --- a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/ServiceAuthUtil.java +++ b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/ServiceAuthUtil.java @@ -6,14 +6,16 @@ import com.github.wxiaoqi.security.auth.client.exception.JwtIllegalArgumentExcep import com.github.wxiaoqi.security.auth.client.exception.JwtSignatureException; import com.github.wxiaoqi.security.auth.client.exception.JwtTokenExpiredException; import com.github.wxiaoqi.security.auth.client.feign.ServiceAuthFeign; +import com.github.wxiaoqi.security.auth.common.event.AuthRemoteEvent; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; +import com.github.wxiaoqi.security.auth.common.util.jwt.JWTHelper; import com.github.wxiaoqi.security.common.msg.BaseResponse; import com.github.wxiaoqi.security.common.msg.ObjectRestResponse; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; -import com.github.wxiaoqi.security.common.util.jwt.JWTHelper; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.SignatureException; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.ApplicationListener; import org.springframework.context.annotation.Configuration; import org.springframework.scheduling.annotation.EnableScheduling; import org.springframework.scheduling.annotation.Scheduled; @@ -26,7 +28,7 @@ import java.util.List; @Configuration @Slf4j @EnableScheduling -public class ServiceAuthUtil { +public class ServiceAuthUtil implements ApplicationListener { @Autowired private ServiceAuthConfig serviceAuthConfig; @Autowired @@ -47,7 +49,6 @@ public class ServiceAuthUtil { } } - @Scheduled(cron = "0 0/5 * * * ?") public void refreshAllowedClient() { log.info("refresh allowedClient....."); BaseResponse resp = serviceAuthFeign.getAllowedClient(serviceAuthConfig.getClientId(), serviceAuthConfig.getClientSecret()); @@ -83,4 +84,8 @@ public class ServiceAuthUtil { return allowedClient; } + @Override + public void onApplicationEvent(AuthRemoteEvent authRemoteEvent) { + this.allowedClient = authRemoteEvent.getAllowedClient(); + } } \ No newline at end of file diff --git a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/UserAuthUtil.java b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/UserAuthUtil.java index 2c665298f10d16869286714054f713d1a7d8dd4c..ac1ec3ba3801be414fb3475dedeb538529ec2030 100644 --- a/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/UserAuthUtil.java +++ b/ace-auth/ace-auth-client/src/main/java/com/github/wxiaoqi/security/auth/client/jwt/UserAuthUtil.java @@ -4,8 +4,8 @@ import com.github.wxiaoqi.security.auth.client.config.UserAuthConfig; import com.github.wxiaoqi.security.auth.client.exception.JwtIllegalArgumentException; import com.github.wxiaoqi.security.auth.client.exception.JwtSignatureException; import com.github.wxiaoqi.security.auth.client.exception.JwtTokenExpiredException; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; -import com.github.wxiaoqi.security.common.util.jwt.JWTHelper; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; +import com.github.wxiaoqi.security.auth.common.util.jwt.JWTHelper; import io.jsonwebtoken.ExpiredJwtException; import io.jsonwebtoken.SignatureException; import org.springframework.beans.factory.annotation.Autowired; diff --git a/ace-auth/ace-auth-common/pom.xml b/ace-auth/ace-auth-common/pom.xml new file mode 100644 index 0000000000000000000000000000000000000000..b694a2e17fbcceb92a78ce9b6244c95857012c8d --- /dev/null +++ b/ace-auth/ace-auth-common/pom.xml @@ -0,0 +1,31 @@ + + + + ace-auth + com.github.wxiaoqi + 1.0-SNAPSHOT + + 4.0.0 + + ace-auth-common + + + io.jsonwebtoken + jjwt + 0.7.0 + + + joda-time + joda-time + 2.9.5 + + + org.springframework.cloud + spring-cloud-starter-bus-amqp + + + + + \ No newline at end of file diff --git a/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/constatns/CommonConstants.java b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/constatns/CommonConstants.java new file mode 100644 index 0000000000000000000000000000000000000000..2550a71f12911fff2bff892b3b1ccd506c5a35ab --- /dev/null +++ b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/constatns/CommonConstants.java @@ -0,0 +1,22 @@ +package com.github.wxiaoqi.security.auth.common.constatns; + +/** + * Created by ace on 2017/8/29. + */ +public class CommonConstants { + public final static String RESOURCE_TYPE_MENU = "menu"; + public final static String RESOURCE_TYPE_BTN = "button"; + public static final Integer EX_TOKEN_ERROR_CODE = 40101; + // 用户token异常 + public static final Integer EX_USER_INVALID_CODE = 40102; + // 客户端token异常 + public static final Integer EX_CLIENT_INVALID_CODE = 40131; + public static final Integer EX_CLIENT_FORBIDDEN_CODE = 40331; + public static final Integer EX_OTHER_CODE = 500; + public static final String CONTEXT_KEY_USER_ID = "currentUserId"; + public static final String CONTEXT_KEY_USERNAME = "currentUserName"; + public static final String CONTEXT_KEY_USER_NAME = "currentUser"; + public static final String CONTEXT_KEY_USER_TOKEN = "currentUserToken"; + public static final String JWT_KEY_USER_ID = "userId"; + public static final String JWT_KEY_NAME = "name"; +} diff --git a/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/event/AuthRemoteEvent.java b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/event/AuthRemoteEvent.java new file mode 100644 index 0000000000000000000000000000000000000000..7160e19b9422244788f48559ae0e83ecbcb9bf80 --- /dev/null +++ b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/event/AuthRemoteEvent.java @@ -0,0 +1,28 @@ +package com.github.wxiaoqi.security.auth.common.event; + +import lombok.Data; +import org.springframework.cloud.bus.event.RemoteApplicationEvent; + +import java.util.List; + +/** + * @author ace + * @create 2017/11/4. + */ +@Data +public class AuthRemoteEvent extends RemoteApplicationEvent { + private List allowedClient; + + //jackson序列化反序列化必须有无参构造函数 + public AuthRemoteEvent() { + } + + public AuthRemoteEvent(Object source, String originService, String destinationService, List allowedClient) { + // source is the object that is publishing the event + // originService is the unique context ID of the publisher + super(source, originService, destinationService); + this.allowedClient = allowedClient; + } + + +} diff --git a/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/StringHelper.java b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/StringHelper.java new file mode 100644 index 0000000000000000000000000000000000000000..db7e9a7657e26d5beec0d2f6a7f57c43ab85a326 --- /dev/null +++ b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/StringHelper.java @@ -0,0 +1,10 @@ +package com.github.wxiaoqi.security.auth.common.util; + +/** + * Created by ace on 2017/9/10. + */ +public class StringHelper { + public static String getObjectValue(Object obj){ + return obj==null?"":obj.toString(); + } +} diff --git a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/IJWTInfo.java b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/IJWTInfo.java similarity index 83% rename from ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/IJWTInfo.java rename to ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/IJWTInfo.java index 589415a1fb98fd4938e75359011fa287b6149adc..8ff2ab9d20d7bd3898a1025ab8242b8659c7c070 100644 --- a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/IJWTInfo.java +++ b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/IJWTInfo.java @@ -1,4 +1,4 @@ -package com.github.wxiaoqi.security.common.util.jwt; +package com.github.wxiaoqi.security.auth.common.util.jwt; /** * Created by ace on 2017/9/10. diff --git a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/JWTHelper.java b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/JWTHelper.java similarity index 88% rename from ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/JWTHelper.java rename to ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/JWTHelper.java index 74d3d9f97dfbdf8f353071edc7eae472cd2e1346..e51f23800b7e6668d51dfd9e67193caae00ea7d5 100644 --- a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/JWTHelper.java +++ b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/JWTHelper.java @@ -1,8 +1,7 @@ -package com.github.wxiaoqi.security.common.util.jwt; +package com.github.wxiaoqi.security.auth.common.util.jwt; -import com.github.wxiaoqi.security.common.constant.CommonConstants; -import com.github.wxiaoqi.security.common.util.RsaKeyHelper; -import com.github.wxiaoqi.security.common.util.StringHelper; +import com.github.wxiaoqi.security.auth.common.constatns.CommonConstants; +import com.github.wxiaoqi.security.auth.common.util.StringHelper; import io.jsonwebtoken.Claims; import io.jsonwebtoken.Jws; import io.jsonwebtoken.Jwts; diff --git a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/JWTInfo.java b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/JWTInfo.java similarity index 96% rename from ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/JWTInfo.java rename to ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/JWTInfo.java index 1833cefebc65f5a1de447f7422a261da97aecafc..ad55f8e65a2e5e01f2d92e70ec0125d9ed3967ac 100644 --- a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/jwt/JWTInfo.java +++ b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/JWTInfo.java @@ -1,4 +1,4 @@ -package com.github.wxiaoqi.security.common.util.jwt; +package com.github.wxiaoqi.security.auth.common.util.jwt; import java.io.Serializable; diff --git a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/RsaKeyHelper.java b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/RsaKeyHelper.java similarity index 70% rename from ace-common/src/main/java/com/github/wxiaoqi/security/common/util/RsaKeyHelper.java rename to ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/RsaKeyHelper.java index 1a0b32f6f3e04cac5ccf544fa30f19e250aef0f2..b30b6c9d7a339576339db8b816222e851bbaa821 100644 --- a/ace-common/src/main/java/com/github/wxiaoqi/security/common/util/RsaKeyHelper.java +++ b/ace-auth/ace-auth-common/src/main/java/com/github/wxiaoqi/security/auth/common/util/jwt/RsaKeyHelper.java @@ -1,9 +1,14 @@ -package com.github.wxiaoqi.security.common.util; +package com.github.wxiaoqi.security.auth.common.util.jwt; -import java.io.*; +import java.io.DataInputStream; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.InputStream; import java.security.*; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; +import java.util.HashMap; +import java.util.Map; /** * Created by ace on 2017/9/10. @@ -66,5 +71,24 @@ public class RsaKeyHelper { fos.close(); } + /** + * 生存rsa公钥和密钥 + * @param password + * @throws IOException + * @throws NoSuchAlgorithmException + */ + public static Map generateKey(String password) throws IOException, NoSuchAlgorithmException { + KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); + SecureRandom secureRandom = new SecureRandom(password.getBytes()); + keyPairGenerator.initialize(1024, secureRandom); + KeyPair keyPair = keyPairGenerator.genKeyPair(); + byte[] publicKeyBytes = keyPair.getPublic().getEncoded(); + byte[] privateKeyBytes = keyPair.getPrivate().getEncoded(); + Map map = new HashMap(); + map.put("pub",publicKeyBytes); + map.put("pri",privateKeyBytes); + return map; + } + } diff --git a/ace-auth/ace-auth-server/pom.xml b/ace-auth/ace-auth-server/pom.xml index f46e2c2d41ff00db937a6b07ff1956519f2bd49a..c80052941cbda94291db6d1fbf628081ab4f93aa 100644 --- a/ace-auth/ace-auth-server/pom.xml +++ b/ace-auth/ace-auth-server/pom.xml @@ -89,6 +89,21 @@ ace-common 1.0-SNAPSHOT + + com.github.wxiaoqi + ace-auth-common + 1.0-SNAPSHOT + + + com.github.wxiaoqi + ace-auth-common + 1.0-SNAPSHOT + + + + org.springframework.cloud + spring-cloud-starter-bus-amqp + diff --git a/ace-auth/ace-auth-server/src/db/init.sql b/ace-auth/ace-auth-server/src/db/init.sql index eb97048ea54aa35a94bb3c17f56185588ef681df..64a199c7fa280d5277085ccd7e8bb7bcc5ee05fe 100644 --- a/ace-auth/ace-auth-server/src/db/init.sql +++ b/ace-auth/ace-auth-server/src/db/init.sql @@ -1,43 +1,6 @@ -CREATE DATABASE ag_gate DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; -Use ag_gate; - --- ---------------------------- --- Table structure for `base_element` --- ---------------------------- -DROP TABLE IF EXISTS `base_element`; -CREATE TABLE `base_element` ( - `id` int(11) NOT NULL AUTO_INCREMENT, - `code` varchar(255) DEFAULT NULL, - `type` varchar(255) DEFAULT NULL, - `name` varchar(255) DEFAULT NULL, - `uri` varchar(255) DEFAULT NULL, - `menu_id` varchar(255) DEFAULT NULL, - `parent_id` varchar(255) DEFAULT NULL, - `path` varchar(2000) DEFAULT NULL, - `method` varchar(10) DEFAULT NULL, - `description` varchar(255) DEFAULT NULL, - `crt_time` datetime DEFAULT NULL, - `crt_user` varchar(255) DEFAULT NULL, - `crt_name` varchar(255) DEFAULT NULL, - `crt_host` varchar(255) DEFAULT NULL, - `attr1` varchar(255) DEFAULT NULL, - `attr2` varchar(255) DEFAULT NULL, - `attr3` varchar(255) DEFAULT NULL, - `attr4` varchar(255) DEFAULT NULL, - `attr5` varchar(255) DEFAULT NULL, - `attr6` varchar(255) DEFAULT NULL, - `attr7` varchar(255) DEFAULT NULL, - `attr8` varchar(255) DEFAULT NULL, - PRIMARY KEY (`id`) -) ENGINE=InnoDB AUTO_INCREMENT=45 DEFAULT CHARSET=utf8mb4; - --- ---------------------------- --- Records of `base_element` --- ---------------------------- -BEGIN; -INSERT INTO `base_element` VALUES ('44', 'user:system', 'uri', '获取用户系统', '/api/user/un/{*}/system', '-1', null, null, 'GET', '', null, null, null, null, null, null, null, null, null, null, null, null); -COMMIT; +CREATE DATABASE ag_auth DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci; +Use ag_auth; -- ---------------------------- -- Table structure for `gate_client` diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/AuthBootstrap.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/AuthBootstrap.java index aa73e8b0b4bde7c0d42ff7177cb4f937f104bbf8..210c76bcd4eadc4a44187b5a9a64a689fd5ef1a0 100644 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/AuthBootstrap.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/AuthBootstrap.java @@ -4,6 +4,7 @@ package com.github.wxiaoqi.security.auth; import org.mybatis.spring.annotation.MapperScan; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.cloud.bus.jackson.RemoteApplicationEventScan; import org.springframework.cloud.netflix.eureka.EnableEurekaClient; import org.springframework.cloud.netflix.feign.EnableFeignClients; @@ -14,6 +15,7 @@ import org.springframework.cloud.netflix.feign.EnableFeignClients; @EnableEurekaClient @EnableFeignClients @MapperScan("com.github.wxiaoqi.security.auth.mapper") +@RemoteApplicationEventScan(basePackages = "com.github.wxiaoqi.security.auth.common.event") public class AuthBootstrap { public static void main(String[] args) { SpringApplication.run(AuthBootstrap.class, args); diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/bean/ClientInfo.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/bean/ClientInfo.java index 80b3a38f281acdfd9d6b80c4e1d1e355f4ce9305..70a95b7636384d66e728415034870f1747f4751b 100644 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/bean/ClientInfo.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/bean/ClientInfo.java @@ -1,7 +1,7 @@ package com.github.wxiaoqi.security.auth.bean; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; /** * Created by ace on 2017/9/10. diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/configuration/AuthConfiguration.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/configuration/AuthConfiguration.java index 894e3d8d21c9eb6c7b9679ec2c116df2da6a4687..b6ad265a8d58442cbc4a0694ed9b2eeb8f622932 100644 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/configuration/AuthConfiguration.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/configuration/AuthConfiguration.java @@ -1,16 +1,22 @@ package com.github.wxiaoqi.security.auth.configuration; -import com.github.wxiaoqi.security.auth.interceptor.ClientTokenInterceptor; +import com.github.wxiaoqi.security.auth.common.util.jwt.RsaKeyHelper; import com.github.wxiaoqi.security.common.handler.GlobalExceptionHandler; +import org.springframework.beans.factory.annotation.Value; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter; + +import java.io.IOException; +import java.security.NoSuchAlgorithmException; +import java.util.Map; /** * Created by ace on 2017/9/10. */ @Configuration public class AuthConfiguration { + + @Bean public GlobalExceptionHandler getGlobalExceptionHandler(){ return new GlobalExceptionHandler(); diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/AuthController.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/AuthController.java index 9d503a9ab5c3ecbad4158f54ae344e819efdeff7..377a492c44d2776a23973c59064cb08225b086d2 100755 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/AuthController.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/controller/AuthController.java @@ -1,9 +1,8 @@ package com.github.wxiaoqi.security.auth.controller; +import com.github.wxiaoqi.security.auth.service.AuthService; import com.github.wxiaoqi.security.auth.util.user.JwtAuthenticationRequest; import com.github.wxiaoqi.security.auth.util.user.JwtAuthenticationResponse; -import com.github.wxiaoqi.security.auth.service.AuthService; -import com.github.wxiaoqi.security.auth.vo.FrontUser; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.ResponseEntity; @@ -50,14 +49,4 @@ public class AuthController { authService.invalid(token); return ResponseEntity.ok(true); } - - @RequestMapping(value = "user", method = RequestMethod.GET) - public ResponseEntity getUserInfo(String token) throws Exception { - FrontUser userInfo = authService.getUserInfo(token); - if(userInfo==null) { - return ResponseEntity.status(401).body(false); - } else { - return ResponseEntity.ok(userInfo); - } - } } diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java index a2cc182628cbdc5037fc8b39a3cfc8ab74032022..cb6f62ed8a8a2be886dc6d030588e5bbcc8c424a 100644 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/feign/IUserService.java @@ -1,14 +1,11 @@ package com.github.wxiaoqi.security.auth.feign; -import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo; import com.github.wxiaoqi.security.api.vo.user.UserInfo; import com.github.wxiaoqi.security.auth.configuration.FeignConfiguration; import org.springframework.cloud.netflix.feign.FeignClient; -import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; - -import java.util.List; +import org.springframework.web.bind.annotation.RequestParam; /** @@ -19,10 +16,6 @@ import java.util.List; */ @FeignClient(value = "ace-admin",configuration = FeignConfiguration.class) public interface IUserService { - @RequestMapping(value = "/api/user/username/{username}", method = RequestMethod.GET) - public UserInfo getUserByUsername(@PathVariable("username") String username); - @RequestMapping(value = "/api/user/un/{username}/permissions", method = RequestMethod.GET) - public List getPermissionByUsername(@PathVariable("username") String username); - @RequestMapping(value = "/api/permissions", method = RequestMethod.GET) - List getAllPermissionInfo(); + @RequestMapping(value = "/api/user/validate", method = RequestMethod.POST) + public UserInfo validate(@RequestParam("username") String username, @RequestParam("password") String password); } diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/AuthService.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/AuthService.java index 5454fa9a34590da13c6b725900c632ae7ecffd0c..b850ff931e2d681532fdeb8e3c2e2b2a4f254079 100755 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/AuthService.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/AuthService.java @@ -1,12 +1,9 @@ package com.github.wxiaoqi.security.auth.service; -import com.github.wxiaoqi.security.auth.vo.FrontUser; - public interface AuthService { String login(String username, String password) throws Exception; String refresh(String oldToken); void validate(String token) throws Exception; - FrontUser getUserInfo(String token) throws Exception; Boolean invalid(String token); } diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/AuthServiceImpl.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/AuthServiceImpl.java index d67421c3d1eb4e8040a4e220096cc95fb178c854..c904ae8ce9c4d3616a11551f10bd5add6fa39e01 100755 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/AuthServiceImpl.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/AuthServiceImpl.java @@ -1,21 +1,14 @@ package com.github.wxiaoqi.security.auth.service.impl; -import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo; import com.github.wxiaoqi.security.api.vo.user.UserInfo; -import com.github.wxiaoqi.security.auth.util.user.JwtTokenUtil; +import com.github.wxiaoqi.security.auth.common.util.jwt.JWTInfo; import com.github.wxiaoqi.security.auth.feign.IUserService; import com.github.wxiaoqi.security.auth.service.AuthService; -import com.github.wxiaoqi.security.auth.vo.FrontUser; -import com.github.wxiaoqi.security.common.constant.CommonConstants; -import com.github.wxiaoqi.security.common.util.jwt.JWTInfo; -import org.springframework.beans.BeanUtils; +import com.github.wxiaoqi.security.auth.util.user.JwtTokenUtil; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; - -import java.util.List; -import java.util.stream.Collectors; -import java.util.stream.Stream; +import org.springframework.util.StringUtils; @Service public class AuthServiceImpl implements AuthService { @@ -34,9 +27,9 @@ public class AuthServiceImpl implements AuthService { @Override public String login(String username, String password) throws Exception { - UserInfo info = userService.getUserByUsername(username); + UserInfo info = userService.validate(username,password); String token = ""; - if (encoder.matches(password, info.getPassword())) { + if (!StringUtils.isEmpty(info.getId())) { token = jwtTokenUtil.generateToken(new JWTInfo(info.getUsername(), info.getId() + "", info.getName())); } return token; @@ -47,27 +40,6 @@ public class AuthServiceImpl implements AuthService { jwtTokenUtil.getInfoFromToken(token); } - @Override - public FrontUser getUserInfo(String token) throws Exception { - String username = jwtTokenUtil.getInfoFromToken(token).getUniqueName(); - if (username == null) { - return null; - } - UserInfo user = userService.getUserByUsername(username); - FrontUser frontUser = new FrontUser(); - BeanUtils.copyProperties(user, frontUser); - List permissionInfos = userService.getPermissionByUsername(username); - Stream menus = permissionInfos.parallelStream().filter((permission) -> { - return permission.getType().equals(CommonConstants.RESOURCE_TYPE_MENU); - }); - frontUser.setMenus(menus.collect(Collectors.toList())); - Stream elements = permissionInfos.parallelStream().filter((permission) -> { - return !permission.getType().equals(CommonConstants.RESOURCE_TYPE_MENU); - }); - frontUser.setElements(elements.collect(Collectors.toList())); - return frontUser; - } - @Override public Boolean invalid(String token) { // TODO: 2017/9/11 注销token diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/DBClientService.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/DBClientService.java index c9a749c196ce391218758468f3b5e05464ebfeac..9b2cb1b1531379e1a91b567adf46020a7ce70114 100644 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/DBClientService.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/service/impl/DBClientService.java @@ -1,6 +1,7 @@ package com.github.wxiaoqi.security.auth.service.impl; import com.github.wxiaoqi.security.auth.bean.ClientInfo; +import com.github.wxiaoqi.security.auth.common.event.AuthRemoteEvent; import com.github.wxiaoqi.security.auth.entity.Client; import com.github.wxiaoqi.security.auth.mapper.ClientMapper; import com.github.wxiaoqi.security.auth.service.ClientService; @@ -9,6 +10,7 @@ import com.github.wxiaoqi.security.common.exception.auth.ClientInvalidException; import com.github.wxiaoqi.security.common.util.UUIDUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.cloud.client.discovery.DiscoveryClient; +import org.springframework.context.ApplicationContext; import org.springframework.scheduling.annotation.Scheduled; import org.springframework.stereotype.Service; @@ -26,6 +28,13 @@ public class DBClientService implements ClientService { private ClientTokenUtil clientTokenUtil; @Autowired private DiscoveryClient discovery; + private ApplicationContext context; + + @Autowired + public DBClientService(ApplicationContext context) { + this.context = context; + } + @Override public String apply(String clientId, String secret) throws Exception { Client client = getClient(clientId, secret); @@ -52,6 +61,13 @@ public class DBClientService implements ClientService { return clients; } + private Client getClient(String clientId) { + Client client = new Client(); + client.setCode(clientId); + client = clientMapper.selectOne(client); + return client; + } + @Override @Scheduled(cron = "0 0/1 * * * ?") public void registryClient() { @@ -60,9 +76,17 @@ public class DBClientService implements ClientService { Client client = new Client(); client.setName(name); client.setCode(name); - if(clientMapper.selectCount(client)== 0) { + Client dbClient = clientMapper.selectOne(client); + if(dbClient==null) { client.setSecret(UUIDUtils.generateShortUuid()); clientMapper.insert(client); + }else{ + // 主动推送 + final List clients = clientMapper.selectAllowedClient(dbClient.getId() + ""); + final String myUniqueId = context.getId(); + final AuthRemoteEvent event = + new AuthRemoteEvent(this, myUniqueId, name, clients); + context.publishEvent(event); } }); } diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/client/ClientTokenUtil.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/client/ClientTokenUtil.java index 6b3cd736e199d74a50b72056a5c09b1457f4b895..30e4e35ae7fb09803867914ded8ee5719c5ae36e 100644 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/client/ClientTokenUtil.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/client/ClientTokenUtil.java @@ -1,7 +1,7 @@ package com.github.wxiaoqi.security.auth.util.client; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; -import com.github.wxiaoqi.security.common.util.jwt.JWTHelper; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; +import com.github.wxiaoqi.security.auth.common.util.jwt.JWTHelper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Value; diff --git a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/user/JwtTokenUtil.java b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/user/JwtTokenUtil.java index 870e1c73455b0be541b7a4724dc0b802bf171a10..64dab5a57d07fb7f91197a86c4d12038130d91a0 100644 --- a/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/user/JwtTokenUtil.java +++ b/ace-auth/ace-auth-server/src/main/java/com/github/wxiaoqi/security/auth/util/user/JwtTokenUtil.java @@ -1,7 +1,7 @@ package com.github.wxiaoqi.security.auth.util.user; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; -import com.github.wxiaoqi.security.common.util.jwt.JWTHelper; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; +import com.github.wxiaoqi.security.auth.common.util.jwt.JWTHelper; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.data.redis.core.RedisTemplate; diff --git a/ace-auth/ace-auth-server/src/main/resources/application.yml b/ace-auth/ace-auth-server/src/main/resources/application.yml index 3d678da9bc81ee3d33d0a4c65574a55760de0bb2..21fc1a3aa0b9f28bb95f25f15475ec6af903c57b 100644 --- a/ace-auth/ace-auth-server/src/main/resources/application.yml +++ b/ace-auth/ace-auth-server/src/main/resources/application.yml @@ -12,7 +12,7 @@ spring: max-active: 20 datasource: name: test - url: jdbc:mysql://localhost:3306/ag_gate?useUnicode=true&characterEncoding=UTF8 + url: jdbc:mysql://localhost:3306/ag_auth?useUnicode=true&characterEncoding=UTF8 username: root password: 123456 # 使用druid数据源 @@ -31,13 +31,17 @@ spring: testOnReturn: false poolPreparedStatements: true maxOpenPreparedStatements: 20 - + rabbitmq: + host: localhost + port: 5672 + username: guest + password: guest mybatis: basepackage: com.github.wxiaoqi.security.auth.mapper xmlLocation: classpath:mapper/**/*.xml server: - port: 8777 #启动端口 + port: 9777 #启动端口 ribbon: eureka: diff --git a/ace-auth/pom.xml b/ace-auth/pom.xml index b34a959339a1283afdaf01da3e44d2faa7d8cd53..59e7fe5c211e8bde7239fbff8c240161799d3e8f 100644 --- a/ace-auth/pom.xml +++ b/ace-auth/pom.xml @@ -15,6 +15,7 @@ ace-auth-client ace-auth-server + ace-auth-common \ No newline at end of file diff --git a/ace-common/src/main/java/com/github/wxiaoqi/security/common/context/BaseContextHandler.java b/ace-common/src/main/java/com/github/wxiaoqi/security/common/context/BaseContextHandler.java index 8d8c817f0f09108285c4a451c77a96e34213ab4a..59efa476dfbe34bb6c0d930edbafc8977524732b 100644 --- a/ace-common/src/main/java/com/github/wxiaoqi/security/common/context/BaseContextHandler.java +++ b/ace-common/src/main/java/com/github/wxiaoqi/security/common/context/BaseContextHandler.java @@ -88,7 +88,7 @@ public class BaseContextHandler { BaseContextHandler.set("test", "moo"); try { - Thread.currentThread().sleep(3000); + Thread.sleep(3000); } catch (InterruptedException e) { e.printStackTrace(); } @@ -101,7 +101,7 @@ public class BaseContextHandler { logger.info("thread two done!"); }).start(); - Thread.currentThread().sleep(5000); + Thread.sleep(5000); assertEquals(BaseContextHandler.get("test"), "main"); logger.info("main one done!"); } diff --git a/ace-common/src/main/java/com/github/wxiaoqi/security/common/msg/ListRestResponse.java b/ace-common/src/main/java/com/github/wxiaoqi/security/common/msg/ListRestResponse.java index d8f542598942dd165b02b719d477b46600c67490..07fc3c4cff4bf41e05bfa0ec4d4c09d151783a2c 100644 --- a/ace-common/src/main/java/com/github/wxiaoqi/security/common/msg/ListRestResponse.java +++ b/ace-common/src/main/java/com/github/wxiaoqi/security/common/msg/ListRestResponse.java @@ -7,27 +7,11 @@ package com.github.wxiaoqi.security.common.msg; * @create 2017-06-09 7:32 */ public class ListRestResponse { - boolean rel; String msg; T result; int count; - String callback; - public String getCallback() { - return callback; - } - public void setCallback(String callback) { - this.callback = callback; - } - - public boolean isRel() { - return rel; - } - - public void setRel(boolean rel) { - this.rel = rel; - } public String getMsg() { return msg; @@ -63,11 +47,6 @@ public class ListRestResponse { return this; } - public ListRestResponse rel(boolean rel) { - this.setRel(rel); - return this; - } - public ListRestResponse msg(String msg) { this.setMsg(msg); return this; diff --git a/ace-common/src/main/java/com/github/wxiaoqi/security/common/rest/BaseController.java b/ace-common/src/main/java/com/github/wxiaoqi/security/common/rest/BaseController.java index a2dae2a9c9dafad42e4b7942f8542f06dff1ed9d..b60455ffc6cdaca06f9068bf14b11ee0a49b8128 100644 --- a/ace-common/src/main/java/com/github/wxiaoqi/security/common/rest/BaseController.java +++ b/ace-common/src/main/java/com/github/wxiaoqi/security/common/rest/BaseController.java @@ -1,17 +1,14 @@ package com.github.wxiaoqi.security.common.rest; import com.github.wxiaoqi.security.common.biz.BaseBiz; +import com.github.wxiaoqi.security.common.context.BaseContextHandler; import com.github.wxiaoqi.security.common.msg.ObjectRestResponse; import com.github.wxiaoqi.security.common.msg.TableResultResponse; import com.github.wxiaoqi.security.common.util.Query; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.autoconfigure.security.SecurityProperties; -import org.springframework.util.Base64Utils; import org.springframework.web.bind.annotation.*; -import tk.mybatis.mapper.entity.Example; import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; import java.util.List; import java.util.Map; @@ -31,26 +28,29 @@ public class BaseController { @ResponseBody public ObjectRestResponse add(@RequestBody Entity entity){ baseBiz.insertSelective(entity); - return new ObjectRestResponse().rel(true); + return new ObjectRestResponse(); } @RequestMapping(value = "/{id}",method = RequestMethod.GET) @ResponseBody public ObjectRestResponse get(@PathVariable int id){ - return new ObjectRestResponse().rel(true).data(baseBiz.selectById(id)); + ObjectRestResponse entityObjectRestResponse = new ObjectRestResponse<>(); + Object o = baseBiz.selectById(id); + entityObjectRestResponse.data((Entity)o); + return entityObjectRestResponse; } @RequestMapping(value = "/{id}",method = RequestMethod.PUT) @ResponseBody public ObjectRestResponse update(@RequestBody Entity entity){ baseBiz.updateSelectiveById(entity); - return new ObjectRestResponse().rel(true); + return new ObjectRestResponse(); } @RequestMapping(value = "/{id}",method = RequestMethod.DELETE) @ResponseBody public ObjectRestResponse remove(@PathVariable int id){ baseBiz.deleteById(id); - return new ObjectRestResponse().rel(true); + return new ObjectRestResponse(); } @RequestMapping(value = "/all",method = RequestMethod.GET) @@ -66,7 +66,6 @@ public class BaseController { return baseBiz.selectByQuery(query); } public String getCurrentUserName(){ - String authorization = request.getHeader("Authorization"); - return new String(Base64Utils.decodeFromString(authorization)); + return BaseContextHandler.getUsername(); } } diff --git a/ace-gate/ace-gate-server/pom.xml b/ace-gate/ace-gate-server/pom.xml index a8cf3b868e32f0581dca7421bdb53d1307209295..67e8748371be245b211b49008927a6e322e59c56 100644 --- a/ace-gate/ace-gate-server/pom.xml +++ b/ace-gate/ace-gate-server/pom.xml @@ -66,6 +66,11 @@ ace-gate-ratelimit 1.0-SNAPSHOT + + com.netflix.feign + feign-jackson + 8.18.0 + ace-gate diff --git a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/config/UserPrincipal.java b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/config/UserPrincipal.java index c11df48356ac39082b8e94dd0c7a4abbd9b278f5..e9b160a2e0913a9ae78db16398e60ef67f563d81 100644 --- a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/config/UserPrincipal.java +++ b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/config/UserPrincipal.java @@ -3,7 +3,7 @@ package com.github.wxiaoqi.security.gate.config; import com.github.wxiaoqi.gate.ratelimit.config.IUserPrincipal; import com.github.wxiaoqi.security.auth.client.config.UserAuthConfig; import com.github.wxiaoqi.security.auth.client.jwt.UserAuthUtil; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.util.StringUtils; diff --git a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/config/ZuulConfig.java b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/config/ZuulConfig.java deleted file mode 100644 index de80468c55c2bdfae684b0c4245276daf83adea3..0000000000000000000000000000000000000000 --- a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/config/ZuulConfig.java +++ /dev/null @@ -1,15 +0,0 @@ -package com.github.wxiaoqi.security.gate.config; - -import com.github.wxiaoqi.security.auth.client.interceptor.ServiceFeignInterceptor; -import org.springframework.context.annotation.Bean; - -/** - * Created by ace on 2017/9/12. - */ -//@Configuration -public class ZuulConfig { - @Bean - ServiceFeignInterceptor getClientTokenInterceptor(){ - return new ServiceFeignInterceptor(); - } -} diff --git a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/feign/IUserService.java b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/feign/IUserService.java index 4d45ccc156b3f621a3b723d7f208d6af740360c2..ead97e5280704101107b308f35c97d2da695b332 100644 --- a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/feign/IUserService.java +++ b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/feign/IUserService.java @@ -1,12 +1,8 @@ package com.github.wxiaoqi.security.gate.feign; import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo; -import com.github.wxiaoqi.security.api.vo.user.UserInfo; -import com.github.wxiaoqi.security.gate.config.ZuulConfig; -import org.springframework.cloud.netflix.feign.FeignClient; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; +import feign.Param; +import feign.RequestLine; import java.util.List; @@ -17,13 +13,9 @@ import java.util.List; * @author wanghaobin * @create 2017-06-21 8:11 */ -@FeignClient(value = "ace-admin",configuration = {ZuulConfig.class}) -@RequestMapping("api") public interface IUserService { - @RequestMapping(value = "/user/username/{username}", method = RequestMethod.GET) - public UserInfo getUserByUsername(@PathVariable("username") String username); - @RequestMapping(value = "/user/un/{username}/permissions", method = RequestMethod.GET) - public List getPermissionByUsername(@PathVariable("username") String username); - @RequestMapping(value = "/permissions", method = RequestMethod.GET) + @RequestLine(value = "GET /api/user/un/{username}/permissions") + public List getPermissionByUsername(@Param("username") String username); + @RequestLine(value = "GET /api/permissions") List getAllPermissionInfo(); } diff --git a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/filter/AdminAccessFilter.java b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/filter/AdminAccessFilter.java index 799aec1512ebb60ad072be563d776a3f1c0322e6..38ebaefb517849230bd100953b9be36eacc0ecf3 100644 --- a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/filter/AdminAccessFilter.java +++ b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/filter/AdminAccessFilter.java @@ -3,35 +3,42 @@ package com.github.wxiaoqi.security.gate.filter; import com.alibaba.fastjson.JSON; import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo; import com.github.wxiaoqi.security.api.vo.log.LogInfo; -import com.github.wxiaoqi.security.api.vo.user.UserInfo; import com.github.wxiaoqi.security.auth.client.config.ServiceAuthConfig; import com.github.wxiaoqi.security.auth.client.config.UserAuthConfig; +import com.github.wxiaoqi.security.auth.client.interceptor.ServiceFeignInterceptor; import com.github.wxiaoqi.security.auth.client.jwt.ServiceAuthUtil; import com.github.wxiaoqi.security.auth.client.jwt.UserAuthUtil; +import com.github.wxiaoqi.security.auth.common.util.jwt.IJWTInfo; import com.github.wxiaoqi.security.common.context.BaseContextHandler; import com.github.wxiaoqi.security.common.msg.auth.TokenErrorResponse; import com.github.wxiaoqi.security.common.msg.auth.TokenForbiddenResponse; import com.github.wxiaoqi.security.common.util.ClientUtil; -import com.github.wxiaoqi.security.common.util.jwt.IJWTInfo; import com.github.wxiaoqi.security.gate.feign.ILogService; import com.github.wxiaoqi.security.gate.feign.IUserService; import com.github.wxiaoqi.security.gate.utils.DBLog; -import com.google.common.base.Predicate; -import com.google.common.collect.Collections2; +import com.netflix.appinfo.InstanceInfo; +import com.netflix.discovery.EurekaClient; import com.netflix.zuul.ZuulFilter; import com.netflix.zuul.context.RequestContext; +import feign.Feign; +import feign.jackson.JacksonDecoder; +import feign.jackson.JacksonEncoder; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; +import org.springframework.web.bind.annotation.RequestMethod; +import javax.annotation.PostConstruct; import javax.servlet.http.HttpServletRequest; import java.net.URLEncoder; -import java.util.Collection; import java.util.Date; import java.util.List; +import java.util.function.Predicate; import java.util.regex.Pattern; +import java.util.stream.Collectors; +import java.util.stream.Stream; /** * ${DESCRIPTION} @@ -43,7 +50,6 @@ import java.util.regex.Pattern; @Slf4j public class AdminAccessFilter extends ZuulFilter { - @Autowired private IUserService userService; @Autowired private ILogService logService; @@ -65,6 +71,22 @@ public class AdminAccessFilter extends ZuulFilter { @Autowired private ServiceAuthUtil serviceAuthUtil; + @Autowired + private EurekaClient discoveryClient; + + @PostConstruct + public void init() { + InstanceInfo prodSvcInfo = discoveryClient.getNextServerFromEureka("ACE-ADMIN", false); + ServiceFeignInterceptor serviceFeignInterceptor = new ServiceFeignInterceptor(); + serviceFeignInterceptor.setServiceAuthConfig(serviceAuthConfig); + serviceFeignInterceptor.setServiceAuthUtil(serviceAuthUtil); + serviceFeignInterceptor.setUserAuthConfig(userAuthConfig); + this.userService = Feign.builder().encoder(new JacksonEncoder()) + .decoder(new JacksonDecoder()) + .requestInterceptor(serviceFeignInterceptor) + .target(IUserService.class, prodSvcInfo.getHomePageUrl()); + } + @Override public String filterType() { return "pre"; @@ -93,102 +115,93 @@ public class AdminAccessFilter extends ZuulFilter { } IJWTInfo user = null; try { - user = getJWTUser(request,ctx); + user = getJWTUser(request, ctx); } catch (Exception e) { - setFailedRequest(JSON.toJSONString(new TokenErrorResponse(e.getMessage())),200); + setFailedRequest(JSON.toJSONString(new TokenErrorResponse(e.getMessage())), 200); return null; } - List permissionInfos = userService.getAllPermissionInfo(); + List permissionIfs = userService.getAllPermissionInfo(); // 判断资源是否启用权限约束 - Collection result = getPermissionInfos(requestUri, method, permissionInfos); - if(result.size()>0){ - checkAllow(requestUri, method, ctx, user.getUniqueName()); + Stream stream = getPermissionIfs(requestUri, method, permissionIfs); + List result = stream.collect(Collectors.toList()); + PermissionInfo[] permissions = result.toArray(new PermissionInfo[]{}); + if (permissions.length > 0) { + checkUserPermission(permissions, ctx, user); } // 申请客户端密钥头 - ctx.addZuulRequestHeader(serviceAuthConfig.getTokenHeader(),serviceAuthUtil.getClientToken()); + ctx.addZuulRequestHeader(serviceAuthConfig.getTokenHeader(), serviceAuthUtil.getClientToken()); BaseContextHandler.remove(); return null; } /** * 获取目标权限资源 + * * @param requestUri * @param method * @param serviceInfo * @return */ - private Collection getPermissionInfos(final String requestUri, final String method, List serviceInfo) { - return Collections2.filter(serviceInfo, new Predicate() { - @Override - public boolean apply(PermissionInfo permissionInfo) { - String url = permissionInfo.getUri(); - String uri = url.replaceAll("\\{\\*\\}", "[a-zA-Z\\\\d]+"); - String regEx = "^" + uri + "$"; - return (Pattern.compile(regEx).matcher(requestUri).find() || requestUri.startsWith(url + "/")) - && method.equals(permissionInfo.getMethod()); - } - }); + private Stream getPermissionIfs(final String requestUri, final String method, List serviceInfo) { + return serviceInfo.parallelStream().filter(new Predicate() { + @Override + public boolean test(PermissionInfo permissionInfo) { + String url = permissionInfo.getUri(); + String uri = url.replaceAll("\\{\\*\\}", "[a-zA-Z\\\\d]+"); + String regEx = "^" + uri + "$"; + return (Pattern.compile(regEx).matcher(requestUri).find() || requestUri.startsWith(url + "/")) + && method.equals(permissionInfo.getMethod()); + } + }); } - private void setCurrentUserInfoAndLog(RequestContext ctx, String username, PermissionInfo pm) { - UserInfo info = userService.getUserByUsername(username); - String host = ClientUtil.getClientIp(ctx.getRequest()); - ctx.addZuulRequestHeader("userId", info.getId()); - ctx.addZuulRequestHeader("userName", URLEncoder.encode(info.getName())); + private void setCurrentUserInfoAndLog(RequestContext ctx, IJWTInfo user, PermissionInfo pm) { + String host = ClientUtil.getClientIp(ctx.getRequest()); + ctx.addZuulRequestHeader("userId", user.getId()); + ctx.addZuulRequestHeader("userName", URLEncoder.encode(user.getName())); ctx.addZuulRequestHeader("userHost", ClientUtil.getClientIp(ctx.getRequest())); - LogInfo logInfo = new LogInfo(pm.getMenu(),pm.getName(),pm.getUri(),new Date(),info.getId(),info.getName(),host); + LogInfo logInfo = new LogInfo(pm.getMenu(), pm.getName(), pm.getUri(), new Date(), user.getId(), user.getName(), host); DBLog.getInstance().setLogService(logService).offerQueue(logInfo); } /** * 返回session中的用户信息 + * * @param request * @param ctx * @return */ - private IJWTInfo getJWTUser(HttpServletRequest request,RequestContext ctx) throws Exception { + private IJWTInfo getJWTUser(HttpServletRequest request, RequestContext ctx) throws Exception { String authToken = request.getHeader(userAuthConfig.getTokenHeader()); - if(StringUtils.isBlank(authToken)){ + if (StringUtils.isBlank(authToken)) { authToken = request.getParameter("token"); } - ctx.addZuulRequestHeader(userAuthConfig.getTokenHeader(),authToken); + ctx.addZuulRequestHeader(userAuthConfig.getTokenHeader(), authToken); BaseContextHandler.setToken(authToken); return userAuthUtil.getInfoFromToken(authToken); } - /** - * 读取权限 - * @param request - * @param username - * @return - */ - private List getPermissionInfos(HttpServletRequest request, String username) { - List permissionInfos; - if (request.getSession().getAttribute("permission") == null) { - permissionInfos = userService.getPermissionByUsername(username); - request.getSession().setAttribute("permission", permissionInfos); - } else { - permissionInfos = (List) request.getSession().getAttribute("permission"); - } - return permissionInfos; - } - /** - * 权限校验 - * @param requestUri - * @param method - */ - private void checkAllow(final String requestUri, final String method ,RequestContext ctx,String username) { - log.debug("uri:" + requestUri + "----method:" + method); - List permissionInfos = getPermissionInfos(ctx.getRequest(), username) ; - Collection result = getPermissionInfos(requestUri, method, permissionInfos); - if (result.size() <= 0) { + private void checkUserPermission(PermissionInfo[] permissions, RequestContext ctx, IJWTInfo user) { + List permissionInfos = userService.getPermissionByUsername(user.getUniqueName()); + PermissionInfo current = null; + for (PermissionInfo info : permissions) { + boolean anyMatch = permissionInfos.parallelStream().anyMatch(new Predicate() { + @Override + public boolean test(PermissionInfo permissionInfo) { + return permissionInfo.getCode().equals(info.getCode()); + } + }); + if (anyMatch) { + current = info; + break; + } + } + if (current == null) { setFailedRequest(JSON.toJSONString(new TokenForbiddenResponse("Token Forbidden!")), 200); - } else{ - PermissionInfo[] pms = result.toArray(new PermissionInfo[]{}); - PermissionInfo pm = pms[0]; - if(!"GET".equals(method)){ - setCurrentUserInfoAndLog(ctx, username, pm); + } else { + if (!RequestMethod.GET.toString().equals(current.getMethod())) { + setCurrentUserInfoAndLog(ctx, user, current); } } } @@ -196,6 +209,7 @@ public class AdminAccessFilter extends ZuulFilter { /** * URI是否以什么打头 + * * @param requestUri * @return */ @@ -210,7 +224,7 @@ public class AdminAccessFilter extends ZuulFilter { } /** - * Reports an error message given a response body and code. + * 网关抛异常 * * @param body * @param code @@ -222,7 +236,7 @@ public class AdminAccessFilter extends ZuulFilter { if (ctx.getResponseBody() == null) { ctx.setResponseBody(body); ctx.setSendZuulResponse(false); -// throw new RuntimeException("Code: " + code + ", " + body); //optional } } + } diff --git a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/vo/FrontUser.java b/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/vo/FrontUser.java deleted file mode 100644 index 3386c2ea2435d56638b5090f9868a602083a8fb0..0000000000000000000000000000000000000000 --- a/ace-gate/ace-gate-server/src/main/java/com/github/wxiaoqi/security/gate/vo/FrontUser.java +++ /dev/null @@ -1,74 +0,0 @@ -package com.github.wxiaoqi.security.gate.vo; - -import com.github.wxiaoqi.security.api.vo.authority.PermissionInfo; - -import java.util.List; - -/** - * Created by ace on 2017/8/22. - */ -public class FrontUser { - public String id; - public String username; - public String name; - private String description; - private String image; - private List menus; - private List elements; - public String getImage() { - return image; - } - - public void setImage(String image) { - this.image = image; - } - - - - public String getId() { - return id; - } - - public void setId(String id) { - this.id = id; - } - - public String getUsername() { - return username; - } - - public void setUsername(String username) { - this.username = username; - } - - public String getName() { - return name; - } - - public void setName(String name) { - this.name = name; - } - - public String getDescription() { - return description; - } - - public void setDescription(String description) { - this.description = description; - } - public List getMenus() { - return menus; - } - - public void setMenus(List menus) { - this.menus = menus; - } - - public List getElements() { - return elements; - } - - public void setElements(List elements) { - this.elements = elements; - } -} diff --git a/ace-gate/ace-gate-server/src/main/resources/application.yml b/ace-gate/ace-gate-server/src/main/resources/application.yml index 6dfdb4f0fb365b2c1648d42cbc6f6e81ec8f68bc..770701d1b2cf62ac6de75b230b12b0d99cd349aa 100644 --- a/ace-gate/ace-gate-server/src/main/resources/application.yml +++ b/ace-gate/ace-gate-server/src/main/resources/application.yml @@ -82,3 +82,4 @@ auth: secret: 123456 pub-key: path: client/pub.key + diff --git a/ace-generator/src/main/resources/generator.properties b/ace-generator/src/main/resources/generator.properties index f45501b232bd143c10cd11a790146d050a895b89..9d2b848eff0e995f37bd27700630a91a8e6e08d9 100644 --- a/ace-generator/src/main/resources/generator.properties +++ b/ace-generator/src/main/resources/generator.properties @@ -8,7 +8,7 @@ author=Mr.AG email=463540703@qq.com #表前错误的Unicode字符串! tablePrefix=base_ -#模块前缀 +#前端模块前缀 mainModule=admin #类型转换,配置信息 diff --git a/dump.rdb b/dump.rdb new file mode 100644 index 0000000000000000000000000000000000000000..1ead2f088bd4578aa182594d833895a10bd1ec4b Binary files /dev/null and b/dump.rdb differ diff --git a/pom.xml b/pom.xml index 2e1d5ec149183abed88ea71463eff976fba2bc7d..6e543915c230c096dd118182542bb52af606fd9e 100644 --- a/pom.xml +++ b/pom.xml @@ -54,6 +54,13 @@ provided + + + oss + oss + https://oss.sonatype.org/content/groups/public + +