登陆成功返回token,并能刷新token,permission控制层待测试

.idea/inspectionProfiles/Project_Default.xml

@@ -0,0 +1,68 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="AliAccessStaticViaInstance" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AliArrayNamingShouldHaveBracket" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AliControlFlowStatementWithoutBraces" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AliDeprecation" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AliEqualsAvoidNull" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AliLongLiteralsEndingWithLowercaseL" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AliMissingOverrideAnnotation" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AliWrapperTypeEquality" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAbstractClassShouldStartWithAbstractNaming" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAbstractMethodOrInterfaceMethodMustUseJavadoc" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidApacheBeanUtilsCopy" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidCallStaticSimpleDateFormat" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidCommentBehindStatement" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidComplexCondition" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidConcurrentCompetitionRandom" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidDoubleOrFloatEqualCompare" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidManuallyCreateThread" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidMissUseOfMathRandom" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidNegationOperator" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidNewDateGetTime" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidPatternCompileInMethod" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidReturnInFinally" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidStartWithDollarAndUnderLineNaming" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaAvoidUseTimer" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaBigDecimalAvoidDoubleConstructor" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaBooleanPropertyShouldNotStartWithIs" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaClassCastExceptionWithSubListToArrayList" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaClassCastExceptionWithToArray" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaClassMustHaveAuthor" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaClassNamingShouldBeCamel" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaCollectionInitShouldAssignCapacity" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaCommentsMustBeJavadocFormat" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaConcurrentExceptionWithModifyOriginSubList" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaConstantFieldShouldBeUpperCase" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaCountDownShouldInFinally" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaDontModifyInForeachCircle" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaEnumConstantsMustHaveComment" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaExceptionClassShouldEndWithException" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaIbatisMethodQueryForList" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaLockShouldWithTryFinally" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaLowerCamelCaseVariableNaming" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaMethodReturnWrapperType" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaMethodTooLong" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaPackageNaming" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaPojoMustOverrideToString" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaPojoMustUsePrimitiveField" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaPojoNoDefaultValue" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaRemoveCommentedCode" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaServiceOrDaoClassShouldEndWithImpl" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaSneakyThrowsWithoutExceptionType" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaStringConcat" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaSwitchExpression" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaSwitchStatement" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaTestClassShouldEndWithTestNaming" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaThreadLocalShouldRemove" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaThreadPoolCreation" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaThreadShouldSetName" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaTransactionMustHaveRollback" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaUndefineMagicConstant" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaUnsupportedExceptionWithModifyAsList" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaUseQuietReferenceNotation" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="AlibabaUseRightCaseForDateFormat" enabled="true" level="WARNING" enabled_by_default="true" />
+    <inspection_tool class="MapOrSetKeyShouldOverrideHashCodeEquals" enabled="true" level="WARNING" enabled_by_default="true" />
+  </profile>
+</component>

.idea/misc.xml

@@ -1,4 +1,3 @@
-<?xml version="1.0" encoding="UTF-8"?>
 <project version="4">
   <component name="ExternalStorageConfigurationManager" enabled="true" />
   <component name="MavenProjectsManager">
@@ -22,5 +21,7 @@
   <component name="PDMPlugin">
     <option name="skipTestSources" value="false" />
   </component>
-  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8" project-jdk-type="JavaSDK" />
+  <component name="ProjectRootManager" version="2" languageLevel="JDK_1_8" project-jdk-name="1.8" project-jdk-type="JavaSDK">
+    <output url="file://$PROJECT_DIR$/etl-auth/etl-auth-server/target" />
+  </component>
 </project>

etl-auth/etl-auth-common/pom.xml

@@ -16,6 +16,10 @@
         <spring-boot.version>2.6.13</spring-boot.version>
     </properties>
     <dependencies>
+        <dependency>
+            <groupId>com.baomidou</groupId>
+            <artifactId>mybatis-plus-boot-starter</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-jdbc</artifactId>
@@ -36,6 +40,12 @@
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <groupId>io.swagger</groupId>
+            <artifactId>swagger-annotations</artifactId>
+            <version>1.6.6</version>
+            <scope>compile</scope>
+        </dependency>
     </dependencies>
     <dependencyManagement>
         <dependencies>

etl-auth/etl-auth-common/src/main/java/com/auth/common/entity/PathPermission.java

@@ -0,0 +1,33 @@
+package com.auth.common.entity;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@TableName("t_data_source")
+public class PathPermission {
+    @TableId(value = "id",type = IdType.AUTO)
+    private Integer id;
+
+    @ApiModelProperty(value = "权限代号")
+    private String permissionCode;
+
+    @ApiModelProperty(value = "路由层次")
+    private String hierarchy;
+
+    @ApiModelProperty(value = "路由")
+    private String path;
+
+    @ApiModelProperty(value = "功能描述")
+    private String description;
+
+    @ApiModelProperty(value = "状态 0-废弃 1-正在使用")
+    private boolean status;
+}

etl-auth/etl-auth-common/src/main/java/com/auth/common/entity/RolesPermission.java

@@ -0,0 +1,24 @@
+package com.auth.common.entity;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@TableName("t_role_source")
+@AllArgsConstructor
+@NoArgsConstructor
+public class RolesPermission {
+    @TableId(value = "id",type = IdType.AUTO)
+    private Integer id;
+
+    @ApiModelProperty(value = "权限代号")
+    private String permissionCode;
+
+    @ApiModelProperty(value = "角色")
+    private String role;
+}

etl-auth/etl-auth-common/src/main/java/com/auth/common/entity/UserAccount.java

@@ -0,0 +1,23 @@
+package com.auth.common.entity;
+
+import com.baomidou.mybatisplus.annotation.IdType;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableName;
+import io.swagger.annotations.ApiModelProperty;
+import lombok.Data;
+
+@Data
+@TableName("t_user")
+public class UserAccount {
+    @TableId(value = "id",type = IdType.AUTO)
+    private Integer id;
+
+    @ApiModelProperty("角色")
+    private String roles;
+
+    @ApiModelProperty("名称")
+    private String username;
+
+    @ApiModelProperty("密码/")
+    private String password;
+}

etl-auth/etl-auth-common/src/main/java/com/auth/common/enums/PermissionConstants.java

@@ -0,0 +1,8 @@
+package com.auth.common.enums;
+
+public class PermissionConstants {
+    public static final String ROLES = "roles";
+    public static final String CODE_LIST = "codeList";
+    public static final String ROLE = "role";
+    public static final String PERMISSION_CODE = "permission_code";
+}

etl-auth/etl-auth-server/pom.xml

@@ -2,11 +2,12 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-    <groupId>com.auth.server</groupId>
+    <parent>
+        <groupId>com.bwie</groupId>
+        <artifactId>etl-auth</artifactId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
     <artifactId>etl-auth-server</artifactId>
-    <version>0.0.1-SNAPSHOT</version>
-    <name>etl-auth-server</name>
-    <description>etl-auth-server</description>
     <properties>
         <java.version>1.8</java.version>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -15,10 +16,32 @@
         <spring-cloud-alibaba.version>2021.0.5.0</spring-cloud-alibaba.version>
     </properties>
     <dependencies>
+        <!--shiro-->
+        <dependency>
+            <groupId>org.apache.shiro</groupId>
+            <artifactId>shiro-spring</artifactId>
+            <version>1.4.0</version>
+        </dependency>
+        <dependency>
+            <groupId>io.springfox</groupId>
+            <artifactId>springfox-swagger2</artifactId>
+            <version>3.0.0</version>
+        </dependency>
         <dependency>
             <groupId>com.bwie</groupId>
             <artifactId>etl-jwt-manage</artifactId>
             <version>1.0-SNAPSHOT</version>
+            <exclusions>
+                <exclusion>
+                    <artifactId>servlet-api</artifactId>
+                    <groupId>javax.servlet</groupId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>com.bwie</groupId>
+            <artifactId>etl-auth-common</artifactId>
+            <version>1.0-SNAPSHOT</version>
         </dependency>
         <dependency>
             <groupId>com.bwie</groupId>

etl-auth/etl-auth-server/src/main/java/com/auth/server/EtlAuthServerApplication.java

@@ -3,9 +3,12 @@ package com.auth.server;
 import org.mybatis.spring.annotation.MapperScan;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.ComponentScan;
 
 @SpringBootApplication
 @MapperScan("com.auth.server.mapper")
+@ComponentScan(basePackages = {"com.etl.jwt.util", "com.etl.jwt.config",
+        "com.auth.server.controller","com.auth.server.service","com.auth.server.service.impl"})
 public class EtlAuthServerApplication {
 
     public static void main(String[] args) {

etl-auth/etl-auth-server/src/main/java/com/auth/server/config/ShiroConfig.java

@@ -3,6 +3,8 @@ package com.auth.server.config;
 
 import com.auth.server.util.UserRealm;
 import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
+import org.apache.shiro.mgt.DefaultSecurityManager;
+import org.apache.shiro.realm.Realm;
 import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
 import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
 
@@ -66,4 +68,5 @@ public class ShiroConfig {
 
         return hashedCredentialsMatcher;
     }
+
 }

etl-auth/etl-auth-server/src/main/java/com/auth/server/controller/LoginControler.java

@@ -1,29 +1,33 @@
 package com.auth.server.controller;
 
 import com.alibaba.nacos.api.model.v2.Result;
-import com.auth.server.entity.UserAccount;
+import com.auth.common.entity.UserAccount;
 import com.auth.server.service.UserManageService;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.etl.common.enums.ResponseCodeEnum;
+import com.etl.common.result.CommonResult;
 import com.etl.jwt.util.JwtTokenUtil;
 import io.swagger.annotations.Api;
 import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.SecurityUtils;
-import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.*;
-import org.apache.shiro.authc.IncorrectCredentialsException;
+import org.apache.shiro.mgt.DefaultSecurityManager;
-import org.apache.shiro.authc.UnknownAccountException;
+import org.apache.shiro.realm.SimpleAccountRealm;
-import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.subject.Subject;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.*;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
 
 import javax.annotation.Resource;
 import java.util.Map;
 
+/**
+ * 登录 controller层
+ */
 @RestController
 @Slf4j
 @Api(tags = "登录-API")
+@RequestMapping("/user")
 public class LoginControler {
     @Autowired
     private UserManageService userManageService;
@@ -35,15 +39,27 @@ public class LoginControler {
     {
         String username=user.getUsername();
         String password=user.getPassword();
+
+        // 创建SimpleAccountRealm并添加账户信息
+        SimpleAccountRealm simpleAccountRealm = new SimpleAccountRealm();
+        // 确保这里添加的用户名和密码与用户提供的匹配
+        simpleAccountRealm.addAccount(username, password, user.getRoles());
+
+        // 配置SecurityManager并设置Realm
+        DefaultSecurityManager securityManager = new DefaultSecurityManager(simpleAccountRealm);
+        SecurityUtils.setSecurityManager(securityManager);
+
         //shiro验证
         Subject subject= SecurityUtils.getSubject();
+        log.info("!11"+subject);
         //根据用户名密码生成一个令牌
-        UsernamePasswordToken token=new UsernamePasswordToken(username,password);
+        AuthenticationToken token=new UsernamePasswordToken(username,password);
+
         try {
             //执行登录操作
             subject.login(token);
         } catch (UnknownAccountException e) {
-            log.info("登录用户不存在");
+            log.info("登录用户不存在:{}",e);
             return new Result<>(416,"用户不存在",username);
         } catch (IncorrectCredentialsException e) {
             log.info("登录密码错误");
@@ -61,4 +77,59 @@ public class LoginControler {
         userManageService.getOne(new QueryWrapper<UserAccount>().eq("username",username)).getRoles();
         return Result.success(tokenMap);
     }
+
+    /**
+     * 刷新JWT令牌,用旧的令牌换新的令牌
+     * 参数为需要刷新的令牌
+     * header中携带刷新令牌
+     */
+
+    /**
+     * 当认证服务返回给客户端的 JWT 也就是 access_token 过期后，客户端如果需要再次通过发送登录请求重新拿到 access_token会使得用户体验很不友好。
+     * 而JWT 生成后是不能篡改里面的内容，即使是 JWT 的有效期也不行。所以延长 access_token 有效期的做法并不适合，而且如果长期保持一个 access_token 有效，
+     * 也是不安全的。所以我们时常使用refresh token来进行token的刷新。
+     *
+     * 我们一般会把 refresh_token 设置的过期时间稍微长一点，比如两倍于 access_token，当 access_token 过期后，refresh_token 如果还没有过期，
+     * 就可以利用两者的过期时间差进行重新生成令牌的操作，也就是刷新令牌，同时删除掉redis中缓存的旧令牌。
+     * @param token
+     * @return
+     */
+    @GetMapping("/token/refresh")
+    public CommonResult<Object> refreshToken(@RequestHeader(value = "${auth.jwt.header}") String token){
+        token = com.auth.server.util.SecurityUtils.replaceTokenPrefix(token);
+
+        if (StringUtils.isEmpty(token)) {
+            return new CommonResult<>(ResponseCodeEnum.TOKEN_MISSION.getCode(),
+                    ResponseCodeEnum.TOKEN_MISSION.getMessage());
+        }
+
+        // 对Token解签名，并验证Token是否过期
+        boolean isJwtNotValid = jwtTokenUtil.isTokenExpired(token);
+        if(isJwtNotValid){
+            return new CommonResult<>(ResponseCodeEnum.TOKEN_INVALID.getCode(),
+                    ResponseCodeEnum.TOKEN_INVALID.getMessage());
+        }
+
+        // 验证 token 里面的 userId 是否为空
+        String userId = jwtTokenUtil.getUserIdFromToken(token);
+        String username = jwtTokenUtil.getUserNameFromToken(token);
+        if (StringUtils.isEmpty(userId)) {
+            return new CommonResult<>(ResponseCodeEnum.TOKEN_INVALID.getCode(),
+                    ResponseCodeEnum.TOKEN_INVALID.getMessage());
+        }
+
+        // 这里为了保证 refreshToken 只能用一次，刷新后，会从 redis 中删除。
+        // 如果用的不是 redis 中的 refreshToken 进行刷新令牌，则不能刷新。
+        // 如果使用 redis 中已过期的 refreshToken 也不能刷新令牌。
+        boolean isRefreshTokenNotExisted = jwtTokenUtil.isRefreshTokenNotExistCache(token);
+        if(isRefreshTokenNotExisted){
+            return new CommonResult<>(ResponseCodeEnum.REFRESH_TOKEN_INVALID.getCode(),
+                    ResponseCodeEnum.REFRESH_TOKEN_INVALID.getMessage());
+        }
+
+        //String us = jwtTokenUtil.getUserIdFromToken(token);
+        Map<String, Object> tokenMap = jwtTokenUtil.refreshTokenAndGenerateToken(userId, username);
+
+        return new CommonResult<>(200, ResponseCodeEnum.SUCCESS.getMessage(),tokenMap);
+    }
 }

etl-auth/etl-auth-server/src/main/java/com/auth/server/controller/PermissionController.java

@@ -0,0 +1,54 @@
+package com.auth.server.controller;
+
+import com.auth.common.entity.PathPermission;
+import com.auth.common.entity.RolesPermission;
+import com.auth.common.enums.PermissionConstants;
+import com.auth.server.service.PathService;
+import com.auth.server.service.PermissionService;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import io.swagger.annotations.Api;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+import javax.annotation.Resource;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * 角色 controller层
+ */
+@RestController
+@Api(tags ="权限-API")
+@RequestMapping("/permission")
+public class PermissionController {
+    @Autowired
+    private PermissionService permissionService;
+
+    @Resource
+    private PathService pathService;
+
+
+
+    @PostMapping("/permission/add")
+    public boolean permissionAdd(@RequestBody Map<String,Object> map) {
+        String roles = (String) map.get(PermissionConstants.ROLES);
+        List<String> codeList = (List<String>) map.get(PermissionConstants.CODE_LIST);
+        return permissionService.permissionAdd(roles, codeList);
+    }
+
+    @GetMapping("/get")
+    public List<String> pathGet(@RequestParam("roles") String roles) {
+        RolesPermission permission = permissionService.getOne(new QueryWrapper<RolesPermission>().eq(PermissionConstants.ROLE,roles));
+        String codes =  StringUtils.strip(permission.getPermissionCode(), "[]");
+        List<String> list = Arrays.asList(codes.split(","));
+        List<String> pathList = new ArrayList<>();
+        for(String code:list){
+            String api = pathService.getOne(new QueryWrapper<PathPermission>().eq(PermissionConstants.PERMISSION_CODE,code.trim())).getPath();
+            pathList.add(api);
+        }
+        return pathList;
+    }
+}

etl-auth/etl-auth-server/src/main/java/com/auth/server/entity/RolesPermission.java

@@ -1,10 +0,0 @@
-package com.auth.server.entity;
-
-import lombok.Data;
-
-@Data
-public class RolesPermission {
-    private Integer id;
-    private String permissionCode;
-    private String role;
-}

etl-auth/etl-auth-server/src/main/java/com/auth/server/entity/UserAccount.java

@@ -1,11 +0,0 @@
-package com.auth.server.entity;
-
-import lombok.Data;
-
-@Data
-public class UserAccount {
-    private Integer id;
-    private String roles;
-    private String username;
-    private String password;
-}

etl-auth/etl-auth-server/src/main/java/com/auth/server/mapper/PathMapper.java

@@ -0,0 +1,8 @@
+package com.auth.server.mapper;
+
+import com.auth.common.entity.PathPermission;
+import com.auth.common.entity.RolesPermission;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+
+public interface PathMapper extends BaseMapper<PathPermission> {
+}

etl-auth/etl-auth-server/src/main/java/com/auth/server/mapper/PermissionMapper.java

@@ -1,8 +1,8 @@
 package com.auth.server.mapper;
 
-import com.auth.server.entity.RolesPermission;
-import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 
+import com.auth.common.entity.RolesPermission;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 
 public interface PermissionMapper extends BaseMapper<RolesPermission> {
 }

etl-auth/etl-auth-server/src/main/java/com/auth/server/mapper/UserMangeMapper.java

@@ -1,7 +1,9 @@
 package com.auth.server.mapper;
 
-import com.auth.server.entity.UserAccount;
+
+import com.auth.common.entity.UserAccount;
 import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 
 public interface UserMangeMapper extends BaseMapper<UserAccount> {
+
 }

etl-auth/etl-auth-server/src/main/java/com/auth/server/service/PathService.java

@@ -0,0 +1,9 @@
+package com.auth.server.service;
+
+import com.auth.common.entity.PathPermission;
+import com.auth.common.entity.RolesPermission;
+import com.auth.common.entity.UserAccount;
+import com.baomidou.mybatisplus.extension.service.IService;
+
+public interface PathService extends IService<PathPermission> {
+}

etl-auth/etl-auth-server/src/main/java/com/auth/server/service/PermissionService.java

@@ -1,7 +1,11 @@
 package com.auth.server.service;
 
+import com.auth.common.entity.RolesPermission;
+import com.auth.common.entity.UserAccount;
+import com.baomidou.mybatisplus.extension.service.IService;
+
 import java.util.List;
 
-public interface PermissionService {
+public interface PermissionService extends IService<RolesPermission> {
     boolean permissionAdd(String roles, List<String> codeList);
 }

etl-auth/etl-auth-server/src/main/java/com/auth/server/service/UserManageService.java

@@ -1,9 +1,10 @@
 package com.auth.server.service;
 
-import com.auth.server.entity.UserAccount;
+import com.auth.common.entity.UserAccount;
-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+
 import com.baomidou.mybatisplus.extension.service.IService;
 
 public interface UserManageService extends IService<UserAccount> {
 
+
 }

etl-auth/etl-auth-server/src/main/java/com/auth/server/service/impl/PathServiceImpl.java

@@ -0,0 +1,16 @@
+package com.auth.server.service.impl;
+
+import com.auth.common.entity.PathPermission;
+import com.auth.common.entity.RolesPermission;
+import com.auth.server.mapper.PathMapper;
+import com.auth.server.mapper.PermissionMapper;
+import com.auth.server.service.PathService;
+import com.auth.server.service.PermissionService;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.stereotype.Service;
+
+@Service
+@Slf4j
+public class PathServiceImpl extends ServiceImpl<PathMapper, PathPermission> implements PathService {
+}

etl-auth/etl-auth-server/src/main/java/com/auth/server/service/impl/PermissionServiceImpl.java

@@ -1,10 +1,10 @@
 package com.auth.server.service.impl;
 
-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.auth.common.entity.RolesPermission;
-import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
-import com.auth.server.entity.RolesPermission;
 import com.auth.server.mapper.PermissionMapper;
 import com.auth.server.service.PermissionService;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -36,7 +36,9 @@ public class PermissionServiceImpl extends ServiceImpl<PermissionMapper, RolesPe
             rolesPermission.setId(role.getId());
             result = permissionMapper.updateById(rolesPermission);
         }else {
-            rolesPermission.setPermissionCode(codeList.toString());
+            if (codeList!=null){
+                rolesPermission.setPermissionCode(codeList.toString());
+            }
             result = permissionMapper.insert(rolesPermission);
         }
         return result > 0;

etl-auth/etl-auth-server/src/main/java/com/auth/server/service/impl/UserManageServiceImpl.java

@@ -1,14 +1,15 @@
 package com.auth.server.service.impl;
 
-import com.auth.server.entity.UserAccount;
+
+import com.auth.common.entity.UserAccount;
 import com.auth.server.mapper.UserMangeMapper;
 import com.auth.server.service.UserManageService;
-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
-import com.baomidou.mybatisplus.core.mapper.BaseMapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 
 @Service
+@Slf4j
 public class UserManageServiceImpl extends ServiceImpl<UserMangeMapper, UserAccount> implements UserManageService {
 
 }

etl-auth/etl-auth-server/src/main/java/com/auth/server/util/UserRealm.java

@@ -1,6 +1,7 @@
 package com.auth.server.util;
 
-import com.auth.server.entity.UserAccount;
+
+import com.auth.common.entity.UserAccount;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.auth.server.service.UserManageService;
 import lombok.extern.slf4j.Slf4j;

etl-auth/etl-auth-server/src/main/resources/bootstrap.yml

@@ -1,5 +1,5 @@
 server:
-  port: 9098
+  port: 9092
 spring:
   application:
     name: engine-jwt-manage
@@ -35,3 +35,15 @@ logging:
   level:
     com.bwie: DEBUG
 
+auth:
+  jwt:
+    enabled: true   # 是否开启JWT登录认证功能
+    secret: passjava  # JWT 私钥，用于校验JWT令牌的合法性
+    expiration: 1800000 # JWT 令牌的有效期，用于校验JWT令牌的合法性，半个小时
+    header: Authorization # HTTP 请求的 Header 名称，该 Header作为参数传递 JWT 令牌
+    userParamName: userId  # 用户登录认证用户名参数名称
+    pwdParamName: password  # 用户登录认证密码参数名称
+    useDefaultController: true # 是否使用默认的JwtAuthController
+    skipValidUrl:
+      - /auth/login
+      - /auth/logout

etl-auth/etl-auth-server/src/main/resources/mapper/PathMapper.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.auth.server.mapper.PathMapper">
+
+
+</mapper>

etl-auth/etl-auth-server/target/classes/bootstrap.yml

@@ -1,5 +1,5 @@
 server:
-  port: 9098
+  port: 9092
 spring:
   application:
     name: engine-jwt-manage
@@ -35,3 +35,15 @@ logging:
   level:
     com.bwie: DEBUG
 
+auth:
+  jwt:
+    enabled: true   # 是否开启JWT登录认证功能
+    secret: passjava  # JWT 私钥，用于校验JWT令牌的合法性
+    expiration: 1800000 # JWT 令牌的有效期，用于校验JWT令牌的合法性，半个小时
+    header: Authorization # HTTP 请求的 Header 名称，该 Header作为参数传递 JWT 令牌
+    userParamName: userId  # 用户登录认证用户名参数名称
+    pwdParamName: password  # 用户登录认证密码参数名称
+    useDefaultController: true # 是否使用默认的JwtAuthController
+    skipValidUrl:
+      - /auth/login
+      - /auth/logout

etl-auth/etl-auth-server/target/classes/mapper/PathMapper.xml

@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="com.auth.server.mapper.PathMapper">
+
+
+</mapper>

etl-auth/etl-auth-server/target/maven-archiver/pom.properties

@@ -1,5 +1,5 @@
 #Generated by Maven
-#Sat Jun 22 09:25:17 CST 2024
+#Sat Jun 22 14:21:34 CST 2024
-version=0.0.1-SNAPSHOT
+version=1.0-SNAPSHOT
-groupId=com.auth.server
+groupId=com.bwie
 artifactId=etl-auth-server

etl-common/src/main/java/com/etl/common/enums/ResponseCodeEnum.java

@@ -0,0 +1,29 @@
+package com.etl.common.enums;
+
+public enum ResponseCodeEnum {
+
+    SUCCESS(200, "成功"),
+    FAIL(412, "失败"),
+    LOGIN_ERROR(202, "用户名或密码错误"),
+
+    UNKNOWN_ERROR(500, "未知错误"),
+    PARAMETER_ILLEGAL(400, "参数不合法"),
+
+    TOKEN_INVALID(412, "token 已过期或验证不正确！"),
+    TOKEN_SIGNATURE_INVALID(403, "无效的签名"),
+    TOKEN_MISSION(403, "token 缺失"),
+    REFRESH_TOKEN_INVALID(412, "refreshToken 无效"),
+    LOGOUT_ERROR(444, "用户登出失败");
+    private final int code;
+    private final String message;
+    ResponseCodeEnum(int code, String message) {
+    this.code = code;
+    this.message = message;
+    }
+    public int getCode() {
+    return code;
+    }
+    public String getMessage() {
+    return message;
+    }
+}

etl-common/src/main/java/com/etl/common/result/CommonResult.java

@@ -0,0 +1,22 @@
+package com.etl.common.result;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class CommonResult<T>{
+    private Integer code;
+    private String message;
+    private T      data;
+    private int dataSize;
+
+    public CommonResult(Integer code,String message){
+        this(code,message,null,0);
+    }
+    public CommonResult(Integer code,String message,T data){
+        this(code,message,data,0);
+    }
+}

etl-common/target/maven-archiver/pom.properties

@@ -1,5 +1,5 @@
 #Generated by Maven
-#Sat Jun 22 09:25:13 CST 2024
+#Sat Jun 22 14:21:30 CST 2024
 version=1.0-SNAPSHOT
 groupId=com.bwie
 artifactId=etl-common

etl-gateway/pom.xml

@@ -17,6 +17,20 @@
         <spring-cloud.version>2021.0.5</spring-cloud.version>
     </properties>
     <dependencies>
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
+            <version>2.0.15</version>
+        </dependency>
+        <dependency>
+            <groupId>com.bwie</groupId>
+            <artifactId>etl-jwt-manage</artifactId>
+            <version>1.0-SNAPSHOT</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-webflux</artifactId>
+        </dependency>
         <!--自定义包-->
         <dependency>
             <groupId>com.bwie</groupId>

etl-gateway/src/main/java/com/etl/gateway/EtlGatewayApplication.java

@@ -2,8 +2,10 @@ package com.etl.gateway;
 
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.context.annotation.ComponentScan;
 
 @SpringBootApplication
+@ComponentScan(basePackages = {"com.etl.jwt.util", "com.etl.jwt.config"})
 public class EtlGatewayApplication {
 
     public static void main(String[] args) {

etl-gateway/src/main/java/com/etl/gateway/filters/JwtAuthCheckFilter.java

@@ -0,0 +1,136 @@
+package com.etl.gateway.filters;
+
+
+
+import com.alibaba.fastjson.JSON;
+import com.etl.common.constants.TokenConstants;
+import com.etl.common.result.CommonResult;
+import com.etl.common.enums.ResponseCodeEnum;
+import com.etl.jwt.config.AuthJwtProperties;
+import com.etl.jwt.util.JwtTokenUtil;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.cloud.gateway.filter.GlobalFilter;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.core.annotation.Order;
+import org.springframework.core.io.buffer.DataBuffer;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.server.reactive.ServerHttpRequest;
+import org.springframework.http.server.reactive.ServerHttpResponse;
+import org.springframework.web.server.ServerWebExchange;
+import reactor.core.publisher.Flux;
+import reactor.core.publisher.Mono;
+import javax.annotation.Resource;
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+
+@Slf4j
+@Configuration
+public class JwtAuthCheckFilter {
+    private static final String AUTH_TOKEN_URL = "/auth/login";
+    private static final String REFRESH_TOKEN_URL = "/auth/token/refresh";
+    public static final String USER_ID = "userId";
+    public static final String USER_NAME = "username";
+    public static final String FROM_SOURCE = "from-source";
+
+    @Resource
+    private AuthJwtProperties authJwtProperties;
+    @Resource
+    private JwtTokenUtil jwtTokenUtil;
+
+
+    @Bean
+    @Order(-101)
+    public GlobalFilter jwtAuthGlobalFilter() {
+
+        return (exchange, chain) -> {
+
+            ServerHttpRequest serverHttpRequest = exchange.getRequest();
+            ServerHttpResponse serverHttpResponse = exchange.getResponse();
+            ServerHttpRequest.Builder mutate = serverHttpRequest.mutate();
+            String requestUrl = serverHttpRequest.getURI().getPath();
+
+            // 跳过对登录请求的 token 检查。因为登录请求是没有 token 的，是来申请 token 的。
+            if(AUTH_TOKEN_URL.equals(requestUrl)) {
+                log.info("登录url，放行");
+                return chain.filter(exchange);
+            }
+
+            // 从 HTTP 请求头中获取 JWT 令牌
+            String token = getToken(serverHttpRequest);
+            if (StringUtils.isEmpty(token)) {
+                return unauthorizedResponse(exchange, serverHttpResponse, ResponseCodeEnum.TOKEN_MISSION);
+            }
+
+            // 对Token解签名，并验证Token是否过期
+            boolean isJwtNotValid = jwtTokenUtil.isTokenExpired(token);
+            if(isJwtNotValid){
+                return unauthorizedResponse(exchange, serverHttpResponse, ResponseCodeEnum.TOKEN_INVALID);
+            }
+            // 验证 token 里面的 userId 是否为空
+            String userId = jwtTokenUtil.getUserIdFromToken(token);
+            String username = jwtTokenUtil.getUserNameFromToken(token);
+            if (StringUtils.isEmpty(userId)) {
+                return unauthorizedResponse(exchange, serverHttpResponse, ResponseCodeEnum.TOKEN_INVALID);
+            }
+
+            // 设置用户信息到请求
+            addHeader(mutate, USER_ID, userId);
+            addHeader(mutate, USER_NAME, username);
+            // 内部请求来源参数清除
+            removeHeader(mutate, FROM_SOURCE);
+            return chain.filter(exchange.mutate().request(mutate.build()).build());
+        };
+    }
+
+    //添加头部信息
+    private void addHeader(ServerHttpRequest.Builder mutate, String name, Object value) {
+        if (value == null) {
+            return;
+        }
+        String valueStr = value.toString();
+        String valueEncode = urlEncode(valueStr);
+        mutate.header(name, valueEncode);
+    }
+    //移除头部信息
+    private void removeHeader(ServerHttpRequest.Builder mutate, String name) {
+        mutate.headers(httpHeaders -> httpHeaders.remove(name)).build();
+    }
+
+     //内容编码，配置为UTF-8
+     static String urlEncode(String str) {
+        try {
+            return URLEncoder.encode(str, "UTF-8");
+        }
+        catch (UnsupportedEncodingException e)
+        {
+            return StringUtils.EMPTY;
+        }
+    }
+
+    //请求token
+    private String getToken(ServerHttpRequest request) {
+        String token = request.getHeaders().getFirst(authJwtProperties.getHeader());
+        // 如果前端设置了令牌前缀，则裁剪掉前缀
+        if (StringUtils.isNotEmpty(token) && token.startsWith(TokenConstants.PREFIX))
+        {
+            token = token.replaceFirst(TokenConstants.PREFIX, StringUtils.EMPTY);
+        }
+        return token;
+    }
+
+    //jwt鉴权失败处理类
+    private Mono<Void> unauthorizedResponse(ServerWebExchange exchange, ServerHttpResponse serverHttpResponse, ResponseCodeEnum responseCodeEnum) {
+        log.warn("token异常处理,请求路径:{}", exchange.getRequest().getPath());
+        serverHttpResponse.setStatusCode(HttpStatus.UNAUTHORIZED);
+        serverHttpResponse.getHeaders().add("Content-Type", "application/json;charset=UTF-8");
+        CommonResult<Object> responseResult = new CommonResult<>(responseCodeEnum.getCode(),responseCodeEnum.getMessage());
+        DataBuffer dataBuffer = serverHttpResponse.bufferFactory()
+                .wrap(JSON.toJSONStringWithDateFormat(responseResult, JSON.DEFFAULT_DATE_FORMAT)
+                        .getBytes(StandardCharsets.UTF_8));
+        return serverHttpResponse.writeWith(Flux.just(dataBuffer));
+    }
+
+}

etl-gateway/src/main/java/com/etl/gateway/filters/LogFilter.java

@@ -3,6 +3,7 @@ package com.etl.gateway.filters;
 import org.springframework.cloud.gateway.filter.GatewayFilterChain;
 import org.springframework.cloud.gateway.filter.GlobalFilter;
 import org.springframework.core.Ordered;
+import org.springframework.stereotype.Component;
 import org.springframework.web.server.ServerWebExchange;
 import reactor.core.publisher.Mono;
 
@@ -12,14 +13,15 @@ import reactor.core.publisher.Mono;
  * @Author: dongyan Ma
  * @Date: 2024/2/28
  */
+@Component
 public class LogFilter implements GlobalFilter, Ordered {
     @Override
     public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
-        return null;
+        return chain.filter(exchange);
     }
 
     @Override
     public int getOrder() {
-        return 1;
+        return 0;
     }
 }

etl-gateway/src/main/resources/bootstrap.yml

@@ -1,5 +1,5 @@
 server:
-  port: 18080
+  port: 8080
 spring:
   application:
     name: engine-gateway

etl-jwt-manage/src/main/java/com/etl/jwt/config/AuthJwtProperties.java

@@ -1,7 +1,9 @@
 package com.etl.jwt.config;
 
+import com.etl.jwt.util.JwtTokenUtil;
 import lombok.Data;
 import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Bean;
 import org.springframework.stereotype.Component;
 
 @Data

etl-jwt-manage/src/main/java/com/etl/jwt/util/JwtTokenUtil.java

@@ -5,6 +5,7 @@ import com.etl.jwt.config.AuthJwtProperties;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
+import org.springframework.context.annotation.Bean;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.stereotype.Component;
 
@@ -32,12 +33,12 @@ public class JwtTokenUtil {
     @Resource
     private AuthJwtProperties jwtProperties;
 
+
     /**
      * 生成 token 令牌主方法
      * @param userId 用户Id或用户名
      * @return 令token牌
      */
-
     public Map<String, Object> generateTokenAndRefreshToken(String userId, String username) {
         //生成令牌及刷新令牌
         Map<String, Object> tokenMap = buildToken(userId, username);

etl-jwt-manage/target/maven-archiver/pom.properties

@@ -1,5 +1,5 @@
 #Generated by Maven
-#Sat Jun 22 09:25:14 CST 2024
+#Sat Jun 22 14:21:31 CST 2024
 version=1.0-SNAPSHOT
 groupId=com.bwie
 artifactId=etl-jwt-manage