wxy
/
server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

更新

master
wxy 2024-05-24 13:58:30 +08:00
parent 7ccfc19587
commit 2f45c35230
3 changed files with 462 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

373
jing-common/jing-common-security/src/main/java/com/jing/common/security/auth/AuthLogic.java 100644
View File

@ -0,0 +1,373 @@
package com.jing.common.security.auth;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import org.springframework.util.PatternMatchUtils;
import com.jing.common.core.context.SecurityContextHolder;
import com.jing.common.core.exception.auth.NotLoginException;
import com.jing.common.core.exception.auth.NotPermissionException;
import com.jing.common.core.exception.auth.NotRoleException;
import com.jing.common.core.utils.SpringUtils;
import com.jing.common.core.utils.StringUtils;
import com.jing.common.security.annotation.Logical;
import com.jing.common.security.annotation.RequiresLogin;
import com.jing.common.security.annotation.RequiresPermissions;
import com.jing.common.security.annotation.RequiresRoles;
import com.jing.common.security.service.TokenService;
import com.jing.common.security.utils.SecurityUtils;
import com.jing.system.api.model.LoginUser;
/**
* Token
*
* @author ruoyi
*/
public class AuthLogic
{
/** 所有权限标识 */
private static final String ALL_PERMISSION = "*:*:*";
/** 管理员角色权限标识 */
private static final String SUPER_ADMIN = "admin";
public TokenService tokenService = SpringUtils.getBean(TokenService.class);
/**
*
*/
public void logout()
{
String token = SecurityUtils.getToken();
if (token == null)
{
return;
}
logoutByToken(token);
}
/**
* Token
*/
public void logoutByToken(String token)
{
tokenService.delLoginUser(token);
}
/**
*
*/
public void checkLogin()
{
getLoginUser();
}
/**
* ,
*
* @return
*/
public LoginUser getLoginUser()
{
String token = SecurityUtils.getToken();
if (token == null)
{
throw new NotLoginException("未提供token");
}
LoginUser loginUser = SecurityUtils.getLoginUser();
if (loginUser == null)
{
throw new NotLoginException("无效的token");
}
return loginUser;
}
/**
* ,
*
* @param token
* @return
*/
public LoginUser getLoginUser(String token)
{
return tokenService.getLoginUser(token);
}
/**
* , 120
*
* @param loginUser
*/
public void verifyLoginUserExpire(LoginUser loginUser)
{
tokenService.verifyToken(loginUser);
}
/**
*
*
* @param permission
* @return
*/
public boolean hasPermi(String permission)
{
return hasPermi(getPermiList(), permission);
}
/**
* , : NotPermissionException
*
* @param permission
* @return
*/
public void checkPermi(String permission)
{
if (!hasPermi(getPermiList(), permission))
{
throw new NotPermissionException(permission);
}
}
/**
* (@RequiresPermissions), : NotPermissionException
*
* @param requiresPermissions
*/
public void checkPermi(RequiresPermissions requiresPermissions)
{
SecurityContextHolder.setPermission(StringUtils.join(requiresPermissions.value(), ","));
if (requiresPermissions.logical() == Logical.AND)
{
checkPermiAnd(requiresPermissions.value());
}
else
{
checkPermiOr(requiresPermissions.value());
}
}
/**
*
*
* @param permissions
*/
public void checkPermiAnd(String... permissions)
{
Set<String> permissionList = getPermiList();
for (String permission : permissions)
{
if (!hasPermi(permissionList, permission))
{
throw new NotPermissionException(permission);
}
}
}
/**
*
*
* @param permissions
*/
public void checkPermiOr(String... permissions)
{
Set<String> permissionList = getPermiList();
for (String permission : permissions)
{
if (hasPermi(permissionList, permission))
{
return;
}
}
if (permissions.length > 0)
{
throw new NotPermissionException(permissions);
}
}
/**
*
*
* @param role
* @return
*/
public boolean hasRole(String role)
{
return hasRole(getRoleList(), role);
}
/**
* , : NotRoleException
*
* @param role
*/
public void checkRole(String role)
{
if (!hasRole(role))
{
throw new NotRoleException(role);
}
}
/**
* (@RequiresRoles)
*
* @param requiresRoles
*/
public void checkRole(RequiresRoles requiresRoles)
{
if (requiresRoles.logical() == Logical.AND)
{
checkRoleAnd(requiresRoles.value());
}
else
{
checkRoleOr(requiresRoles.value());
}
}
/**
*
*
* @param roles
*/
public void checkRoleAnd(String... roles)
{
Set<String> roleList = getRoleList();
for (String role : roles)
{
if (!hasRole(roleList, role))
{
throw new NotRoleException(role);
}
}
}
/**
*
*
* @param roles
*/
public void checkRoleOr(String... roles)
{
Set<String> roleList = getRoleList();
for (String role : roles)
{
if (hasRole(roleList, role))
{
return;
}
}
if (roles.length > 0)
{
throw new NotRoleException(roles);
}
}
/**
* (@RequiresLogin)
*
* @param at
*/
public void checkByAnnotation(RequiresLogin at)
{
this.checkLogin();
}
/**
* (@RequiresRoles)
*
* @param at
*/
public void checkByAnnotation(RequiresRoles at)
{
String[] roleArray = at.value();
if (at.logical() == Logical.AND)
{
this.checkRoleAnd(roleArray);
}
else
{
this.checkRoleOr(roleArray);
}
}
/**
* (@RequiresPermissions)
*
* @param at
*/
public void checkByAnnotation(RequiresPermissions at)
{
String[] permissionArray = at.value();
if (at.logical() == Logical.AND)
{
this.checkPermiAnd(permissionArray);
}
else
{
this.checkPermiOr(permissionArray);
}
}
/**
*
*
* @return
*/
public Set<String> getRoleList()
{
try
{
LoginUser loginUser = getLoginUser();
return loginUser.getRoles();
}
catch (Exception e)
{
return new HashSet<>();
}
}
/**
*
*
* @return
*/
public Set<String> getPermiList()
{
try
{
LoginUser loginUser = getLoginUser();
return loginUser.getPermissions();
}
catch (Exception e)
{
return new HashSet<>();
}
}
/**
*
*
* @param authorities
* @param permission
* @return
*/
public boolean hasPermi(Collection<String> authorities, String permission)
{
return authorities.stream().filter(StringUtils::hasText)
.anyMatch(x -> ALL_PERMISSION.equals(x) || PatternMatchUtils.simpleMatch(x, permission));
}
/**
*
*
* @param roles
* @param role
* @return
*/
public boolean hasRole(Collection<String> roles, String role)
{
return roles.stream().filter(StringUtils::hasText)
.anyMatch(x -> SUPER_ADMIN.equals(x) || PatternMatchUtils.simpleMatch(x, role));
}
}

60
jing-ui/src/plugins/auth.js 100644
View File

@ -0,0 +1,60 @@
import store from '@/store'
function authPermission(permission) {
const all_permission = "*:*:*";
const permissions = store.getters && store.getters.permissions
if (permission && permission.length > 0) {
return permissions.some(v => {
return all_permission === v || v === permission
})
} else {
return false
}
}
function authRole(role) {
const super_admin = "admin";
const roles = store.getters && store.getters.roles
if (role && role.length > 0) {
return roles.some(v => {
return super_admin === v || v === role
})
} else {
return false
}
}
export default {
// 验证用户是否具备某权限
hasPermi(permission) {
return authPermission(permission);
},
// 验证用户是否含有指定权限,只需包含其中一个
hasPermiOr(permissions) {
return permissions.some(item => {
return authPermission(item)
})
},
// 验证用户是否含有指定权限,必须全部拥有
hasPermiAnd(permissions) {
return permissions.every(item => {
return authPermission(item)
})
},
// 验证用户是否具备某角色
hasRole(role) {
return authRole(role);
},
// 验证用户是否含有指定角色,只需包含其中一个
hasRoleOr(roles) {
return roles.some(item => {
return authRole(item)
})
},
// 验证用户是否含有指定角色,必须全部拥有
hasRoleAnd(roles) {
return roles.every(item => {
return authRole(item)
})
}
}

29
jing-ui/src/utils/auth.js 100644
View File

@ -0,0 +1,29 @@
import Cookies from 'js-cookie'
const TokenKey = 'Admin-Token'
const ExpiresInKey = 'Admin-Expires-In'
export function getToken() {
return Cookies.get(TokenKey)
}
export function setToken(token) {
return Cookies.set(TokenKey, token)
}
export function removeToken() {
return Cookies.remove(TokenKey)
}
export function getExpiresIn() {
return Cookies.get(ExpiresInKey) || -1
}
export function setExpiresIn(time) {
return Cookies.set(ExpiresInKey, time)
}
export function removeExpiresIn() {
return Cookies.remove(ExpiresInKey)
}