feat(): 新增鉴权Saas标识校验

2024-09-22 10:08:22 +08:00 · 2024-09-22 10:08:22 +08:00 · b5757fdead
parent 7c49fee992
commit b5757fdead
4 changed files with 19 additions and 1 deletions
--- a/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/constant/SecurityConstants.java
+++ b/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/constant/SecurityConstants.java
@ -45,4 +45,9 @@ public class SecurityConstants {
     * 角色权限
     */
    public static final String ROLE_PERMISSION = "role_permission";
+
+    /**
+     * SaaS标识
+     */
+    public static final String SAAS_KEY = "ent-code";
 }
--- a/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/utils/JwtUtils.java
+++ b/cloud-common/cloud-common-core/src/main/java/com/muyu/common/core/utils/JwtUtils.java
@ -162,4 +162,13 @@ public class JwtUtils {
    public static String getValue (Claims claims, String key) {
        return Convert.toStr(claims.get(key), "");
    }
+
+    /**
+     * 根据身份信息获取SaaS标识
+     * @param claims 身份信息
+     * @return Saas标识
+     */
+    public static String getSaaSKey (Claims claims) {
+        return getValue(claims, SecurityConstants.SAAS_KEY);
+    }
 }
--- a/cloud-common/cloud-common-security/src/main/java/com/muyu/common/security/service/TokenService.java
+++ b/cloud-common/cloud-common-security/src/main/java/com/muyu/common/security/service/TokenService.java
@ -55,6 +55,7 @@ public class TokenService {
        claimsMap.put(SecurityConstants.USER_KEY, token);
        claimsMap.put(SecurityConstants.DETAILS_USER_ID, userId);
        claimsMap.put(SecurityConstants.DETAILS_USERNAME, userName);
+        claimsMap.put(SecurityConstants.SAAS_KEY, loginUser.getSysUser().getDatabaseName());

        // 接口返回信息
        Map<String, Object> rspMap = new HashMap<String, Object>();
--- a/cloud-gateway/src/main/java/com/muyu/gateway/filter/AuthFilter.java
+++ b/cloud-gateway/src/main/java/com/muyu/gateway/filter/AuthFilter.java
@ -63,7 +63,8 @@ public class AuthFilter implements GlobalFilter, Ordered {
        }
        String userid = JwtUtils.getUserId(claims);
        String username = JwtUtils.getUserName(claims);
-        if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username)) {
+        String saaSKey = JwtUtils.getSaaSKey(claims);
+        if (StringUtils.isEmpty(userid) || StringUtils.isEmpty(username) || StringUtils.isEmpty(saaSKey)) {
            return unauthorizedResponse(exchange, "令牌验证失败");
        }

@ -71,6 +72,8 @@ public class AuthFilter implements GlobalFilter, Ordered {
        addHeader(mutate, SecurityConstants.USER_KEY, userkey);
        addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
        addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
+        addHeader(mutate, SecurityConstants.SAAS_KEY, saaSKey);
+
        // 内部请求来源参数清除
        removeHeader(mutate, SecurityConstants.FROM_SOURCE);
        return chain.filter(exchange.mutate().request(mutate.build()).build());