From 6704db81085a526c783b5ce0c28c03429aaa88a7 Mon Sep 17 00:00:00 2001 From: RuoYi Date: Tue, 1 Sep 2020 13:31:00 +0800 Subject: [PATCH] =?UTF-8?q?=E7=A7=BB=E9=99=A4=20OAuth2=20=E6=94=B9?= =?UTF-8?q?=E4=B8=BA=20Redis?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 2 +- .../ruoyi/system/api/RemoteUserService.java | 4 +- .../factory/RemoteUserFallbackFactory.java | 4 +- .../com/ruoyi/system/api/model/LoginUser.java | 135 ++++++++ .../com/ruoyi/system/api/model/UserInfo.java | 60 ---- ruoyi-auth/pom.xml | 18 +- .../ruoyi/auth/config/AuthServerConfig.java | 131 -------- .../ruoyi/auth/config/WebSecurityConfig.java | 59 ---- .../auth/controller/TokenController.java | 73 ++--- .../ruoyi/auth/controller/UserController.java | 21 -- .../auth/exception/CustomOauthException.java | 20 -- .../CustomOauthExceptionSerializer.java | 48 --- .../CustomWebResponseExceptionTranslator.java | 20 -- .../java/com/ruoyi/auth/form/LoginBody.java | 69 +++++ .../AuthenticationSuccessEventHandler.java | 39 --- .../ruoyi/auth/service/SysLoginService.java | 89 ++++++ .../common/core/constant/CacheConstants.java | 23 +- .../ruoyi/common/core/constant/Constants.java | 7 +- .../core/constant/SecurityConstants.java | 56 ---- .../common/core/constant/UserConstants.java | 15 + .../core/exception/PreAuthorizeException.java | 15 + .../datascope/aspect/DataScopeAspect.java | 8 +- .../datascope/service/AwaitUserService.java | 42 --- .../main/resources/META-INF/spring.factories | 1 - .../ruoyi/common/log/aspect/LogAspect.java | 19 +- .../common/redis/service/RedisService.java | 2 +- ruoyi-common/ruoyi-common-security/pom.xml | 12 +- .../annotation/EnableCustomConfig.java | 4 +- .../security/annotation/PreAuthorize.java | 46 +++ .../security/aspect/PreAuthorizeAspect.java | 195 ++++++++++++ .../security/config/AuthIgnoreConfig.java | 30 -- .../security/config/CommonUserConverter.java | 75 ----- .../security/config/MethodSecurityConfig.java | 27 -- .../security/config/ResourceServerConfig.java | 82 ----- ...SecurityImportBeanDefinitionRegistrar.java | 24 -- .../common/security/domain/LoginUser.java | 37 --- .../security/feign/OAuth2FeignConfig.java | 20 -- .../feign/OAuth2FeignRequestInterceptor.java | 33 -- .../handler/CustomAccessDeniedHandler.java | 33 -- .../handler/GlobalExceptionHandler.java | 45 +-- .../security/service/PermissionService.java | 167 ---------- .../service/RedisClientDetailsService.java | 30 -- .../common/security/service/TokenService.java | 123 ++++++++ .../service/UserDetailsServiceImpl.java | 83 ----- .../common/security/utils/SecurityUtils.java | 52 +--- .../main/resources/META-INF/spring.factories | 8 +- .../config/SwaggerAutoConfiguration.java | 77 +++-- .../com/ruoyi/gateway/filter/AuthFilter.java | 108 +++++++ .../gateway/filter/CacheRequestFilter.java | 100 ++++++ .../gateway/filter/ValidateCodeFilter.java | 48 +-- ruoyi-modules/ruoyi-gen/pom.xml | 4 +- .../ruoyi/gen/controller/GenController.java | 23 +- .../main/resources/vm/java/controller.java.vm | 14 +- ruoyi-modules/ruoyi-job/pom.xml | 4 +- .../job/controller/SysJobController.java | 18 +- .../job/controller/SysJobLogController.java | 12 +- ruoyi-modules/ruoyi-system/pom.xml | 4 +- .../SysClientDetailsController.java | 94 ------ .../controller/SysConfigController.java | 14 +- .../system/controller/SysDeptController.java | 16 +- .../controller/SysDictDataController.java | 14 +- .../controller/SysDictTypeController.java | 16 +- .../controller/SysLogininforController.java | 10 +- .../system/controller/SysMenuController.java | 24 +- .../controller/SysNoticeController.java | 12 +- .../controller/SysOperlogController.java | 10 +- .../system/controller/SysPostController.java | 14 +- .../system/controller/SysRoleController.java | 20 +- .../system/controller/SysUserController.java | 28 +- .../ruoyi/system/domain/SysClientDetails.java | 213 ------------- .../system/mapper/SysClientDetailsMapper.java | 60 ---- .../service/ISysClientDetailsService.java | 52 ---- .../impl/SysClientDetailsServiceImpl.java | 87 ------ .../mapper/system/SysClientDetailsMapper.xml | 99 ------ ruoyi-ui/src/api/login.js | 15 +- ruoyi-ui/src/api/system/client.js | 44 --- ruoyi-ui/src/store/modules/user.js | 29 +- ruoyi-ui/src/utils/auth.js | 14 - ruoyi-ui/src/utils/request.js | 2 +- ruoyi-ui/src/views/index.vue | 2 +- ruoyi-ui/src/views/system/client/index.vue | 292 ------------------ sql/{ry_20200823.sql => ry_20200901.sql} | 90 ++---- ...ig_20200618.sql => ry_config_20200901.sql} | 6 +- 83 files changed, 1249 insertions(+), 2546 deletions(-) create mode 100644 ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/LoginUser.java delete mode 100644 ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/UserInfo.java delete mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java delete mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java delete mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/controller/UserController.java delete mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthException.java delete mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthExceptionSerializer.java delete mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomWebResponseExceptionTranslator.java create mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/form/LoginBody.java delete mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/handler/AuthenticationSuccessEventHandler.java create mode 100644 ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java delete mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java create mode 100644 ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/PreAuthorizeException.java delete mode 100644 ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/MethodSecurityConfig.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java delete mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java create mode 100644 ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java create mode 100644 ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java delete mode 100644 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysClientDetailsController.java delete mode 100644 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysClientDetails.java delete mode 100644 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysClientDetailsMapper.java delete mode 100644 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysClientDetailsService.java delete mode 100644 ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysClientDetailsServiceImpl.java delete mode 100644 ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysClientDetailsMapper.xml delete mode 100644 ruoyi-ui/src/api/system/client.js delete mode 100644 ruoyi-ui/src/views/system/client/index.vue rename sql/{ry_20200823.sql => ry_20200901.sql} (90%) rename sql/{ry_config_20200618.sql => ry_config_20200901.sql} (89%) diff --git a/README.md b/README.md index f1590ea..1793f7b 100644 --- a/README.md +++ b/README.md @@ -2,7 +2,7 @@ * 采用前后端分离的模式,微服务版本前端(基于 [RuoYi-Vue](https://gitee.com/y_project/RuoYi-Vue))。 * 后端采用Spring Boot、Spring Cloud & Alibaba。 -* 注册中心、配置中心选型Nacos,权限认证使用OAuth2。 +* 注册中心、配置中心选型Nacos,权限认证使用Redis。 * 流量控制框架选型Sentinel。 * 如需不分离应用,请移步 [RuoYi](https://gitee.com/y_project/RuoYi),如需分离应用,请移步 [RuoYi-Vue](https://gitee.com/y_project/RuoYi-Vue) * 阿里云优惠券:[点我进入](https://www.aliyun.com/minisite/goods?userCode=brki8iof&share_source=copy_link),腾讯云优惠券:[点我领取](https://cloud.tencent.com/redirect.php?redirect=1025&cps_key=198c8df2ed259157187173bc7f4f32fd&from=console)   diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java index 64bcd53..5140d41 100644 --- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java +++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java @@ -6,7 +6,7 @@ import org.springframework.web.bind.annotation.PathVariable; import com.ruoyi.common.core.constant.ServiceNameConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.system.api.factory.RemoteUserFallbackFactory; -import com.ruoyi.system.api.model.UserInfo; +import com.ruoyi.system.api.model.LoginUser; /** * 用户服务 @@ -23,5 +23,5 @@ public interface RemoteUserService * @return 结果 */ @GetMapping(value = "/user/info/{username}") - public R getUserInfo(@PathVariable("username") String username); + public R getUserInfo(@PathVariable("username") String username); } diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java index 59041e2..1d4a582 100644 --- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java +++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java @@ -5,7 +5,7 @@ import org.slf4j.LoggerFactory; import org.springframework.stereotype.Component; import com.ruoyi.common.core.domain.R; import com.ruoyi.system.api.RemoteUserService; -import com.ruoyi.system.api.model.UserInfo; +import com.ruoyi.system.api.model.LoginUser; import feign.hystrix.FallbackFactory; /** @@ -25,7 +25,7 @@ public class RemoteUserFallbackFactory implements FallbackFactory getUserInfo(String username) + public R getUserInfo(String username) { return null; } diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/LoginUser.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/LoginUser.java new file mode 100644 index 0000000..b1c4257 --- /dev/null +++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/LoginUser.java @@ -0,0 +1,135 @@ +package com.ruoyi.system.api.model; + +import java.io.Serializable; +import java.util.Set; +import com.ruoyi.system.api.domain.SysUser; + +/** + * 用户信息 + * + * @author ruoyi + */ +public class LoginUser implements Serializable +{ + private static final long serialVersionUID = 1L; + + /** + * 用户唯一标识 + */ + private String token; + + /** + * 用户名id + */ + private Long userid; + + /** + * 用户名 + */ + private String username; + + /** + * 登陆时间 + */ + private Long loginTime; + + /** + * 过期时间 + */ + private Long expireTime; + + /** + * 权限列表 + */ + private Set permissions; + + /** + * 角色列表 + */ + private Set roles; + + /** + * 用户信息 + */ + private SysUser sysUser; + + public String getToken() + { + return token; + } + + public void setToken(String token) + { + this.token = token; + } + + public Long getUserid() + { + return userid; + } + + public void setUserid(Long userid) + { + this.userid = userid; + } + + public String getUsername() + { + return username; + } + + public void setUsername(String username) + { + this.username = username; + } + + public Long getLoginTime() + { + return loginTime; + } + + public void setLoginTime(Long loginTime) + { + this.loginTime = loginTime; + } + + public Long getExpireTime() + { + return expireTime; + } + + public void setExpireTime(Long expireTime) + { + this.expireTime = expireTime; + } + + public Set getPermissions() + { + return permissions; + } + + public void setPermissions(Set permissions) + { + this.permissions = permissions; + } + + public Set getRoles() + { + return roles; + } + + public void setRoles(Set roles) + { + this.roles = roles; + } + + public SysUser getSysUser() + { + return sysUser; + } + + public void setSysUser(SysUser sysUser) + { + this.sysUser = sysUser; + } +} diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/UserInfo.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/UserInfo.java deleted file mode 100644 index 3a7225b..0000000 --- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/model/UserInfo.java +++ /dev/null @@ -1,60 +0,0 @@ -package com.ruoyi.system.api.model; - -import java.io.Serializable; -import java.util.Set; -import com.ruoyi.system.api.domain.SysUser; - -/** - * 用户信息 - * - * @author ruoyi - */ -public class UserInfo implements Serializable -{ - private static final long serialVersionUID = 1L; - - /** - * 用户基本信息 - */ - private SysUser sysUser; - - /** - * 权限标识集合 - */ - private Set permissions; - - /** - * 角色集合 - */ - private Set roles; - - public SysUser getSysUser() - { - return sysUser; - } - - public void setSysUser(SysUser sysUser) - { - this.sysUser = sysUser; - } - - public Set getPermissions() - { - return permissions; - } - - public void setPermissions(Set permissions) - { - this.permissions = permissions; - } - - public Set getRoles() - { - return roles; - } - - public void setRoles(Set roles) - { - this.roles = roles; - } -} diff --git a/ruoyi-auth/pom.xml b/ruoyi-auth/pom.xml index e00e672..9af7525 100644 --- a/ruoyi-auth/pom.xml +++ b/ruoyi-auth/pom.xml @@ -28,10 +28,10 @@ spring-cloud-starter-alibaba-nacos-config - + - org.springframework.cloud - spring-cloud-starter-netflix-hystrix + com.alibaba.cloud + spring-cloud-starter-alibaba-sentinel @@ -40,6 +40,12 @@ spring-boot-starter-web + + + org.springframework.boot + spring-boot-starter-actuator + + mysql @@ -52,12 +58,6 @@ ruoyi-common-security - - - com.ruoyi - ruoyi-common-redis - - diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java deleted file mode 100644 index d1ee69e..0000000 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java +++ /dev/null @@ -1,131 +0,0 @@ -package com.ruoyi.auth.config; - -import java.util.LinkedHashMap; -import java.util.Map; -import javax.sql.DataSource; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.data.redis.connection.RedisConnectionFactory; -import org.springframework.http.HttpMethod; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; -import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer; -import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter; -import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; -import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; -import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; -import org.springframework.security.oauth2.provider.token.TokenEnhancer; -import org.springframework.security.oauth2.provider.token.TokenStore; -import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; -import com.ruoyi.auth.exception.CustomWebResponseExceptionTranslator; -import com.ruoyi.common.core.constant.CacheConstants; -import com.ruoyi.common.core.constant.SecurityConstants; -import com.ruoyi.common.security.domain.LoginUser; -import com.ruoyi.common.security.service.RedisClientDetailsService; - -/** - * OAuth2 认证服务配置 - * - * @author ruoyi - */ -@Configuration -@EnableAuthorizationServer -public class AuthServerConfig extends AuthorizationServerConfigurerAdapter -{ - @Autowired - private AuthenticationManager authenticationManager; - - @Autowired - private DataSource dataSource; - - @Autowired - private RedisConnectionFactory redisConnectionFactory; - - @Autowired - private UserDetailsService userDetailsService; - - @Autowired - private TokenEnhancer tokenEnhancer; - - /** - * 定义授权和令牌端点以及令牌服务 - */ - @Override - public void configure(AuthorizationServerEndpointsConfigurer endpoints) - { - endpoints - // 请求方式 - .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST) - // 指定token存储位置 - .tokenStore(tokenStore()) - // 自定义生成令牌 - .tokenEnhancer(tokenEnhancer) - // 用户账号密码认证 - .userDetailsService(userDetailsService) - // 指定认证管理器 - .authenticationManager(authenticationManager) - // 是否重复使用 refresh_token - .reuseRefreshTokens(false) - // 自定义异常处理 - .exceptionTranslator(new CustomWebResponseExceptionTranslator()); - } - - /** - * 配置令牌端点(Token Endpoint)的安全约束 - */ - @Override - public void configure(AuthorizationServerSecurityConfigurer oauthServer) - { - oauthServer.allowFormAuthenticationForClients().checkTokenAccess("permitAll()"); - } - - /** - * 声明 ClientDetails实现 - */ - public RedisClientDetailsService clientDetailsService() - { - RedisClientDetailsService clientDetailsService = new RedisClientDetailsService(dataSource); - return clientDetailsService; - } - - /** - * 配置客户端详情 - */ - @Override - public void configure(ClientDetailsServiceConfigurer clients) throws Exception - { - clients.withClientDetails(clientDetailsService()); - } - - /** - * 基于 Redis 实现,令牌保存到缓存 - */ - @Bean - public TokenStore tokenStore() - { - RedisTokenStore tokenStore = new RedisTokenStore(redisConnectionFactory); - tokenStore.setPrefix(CacheConstants.OAUTH_ACCESS); - return tokenStore; - } - - /** - * 自定义生成令牌 - */ - @Bean - public TokenEnhancer tokenEnhancer() - { - return (accessToken, authentication) -> { - if (authentication.getUserAuthentication() != null) - { - Map additionalInformation = new LinkedHashMap(); - LoginUser user = (LoginUser) authentication.getUserAuthentication().getPrincipal(); - additionalInformation.put(SecurityConstants.DETAILS_USER_ID, user.getUserId()); - additionalInformation.put(SecurityConstants.DETAILS_USERNAME, user.getUsername()); - ((DefaultOAuth2AccessToken) accessToken).setAdditionalInformation(additionalInformation); - } - return accessToken; - }; - } -} diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java deleted file mode 100644 index df0bc04..0000000 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java +++ /dev/null @@ -1,59 +0,0 @@ -package com.ruoyi.auth.config; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.core.annotation.Order; -import org.springframework.security.authentication.AuthenticationManager; -import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import org.springframework.security.crypto.password.PasswordEncoder; - -/** - * Security 安全认证相关配置 - * Oauth2依赖于Security 默认情况下WebSecurityConfig执行比ResourceServerConfig优先 - * - * @author ruoyi - */ -@Order(99) -@Configuration -public class WebSecurityConfig extends WebSecurityConfigurerAdapter -{ - @Autowired - private UserDetailsService userDetailsService; - - @Bean - public PasswordEncoder passwordEncoder() - { - return new BCryptPasswordEncoder(); - } - - @Bean - @Override - public AuthenticationManager authenticationManagerBean() throws Exception - { - return super.authenticationManagerBean(); - } - - @Override - protected void configure(AuthenticationManagerBuilder auth) throws Exception - { - auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); - } - - @Override - protected void configure(HttpSecurity http) throws Exception - { - http - .authorizeRequests() - .antMatchers( - "/actuator/**", - "/oauth/*", - "/token/**").permitAll() - .anyRequest().authenticated() - .and().csrf().disable(); - } -} diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java index 4058f75..1dc2c6e 100644 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java +++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java @@ -1,20 +1,17 @@ package com.ruoyi.auth.controller; -import java.util.Map; +import javax.servlet.http.HttpServletRequest; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpHeaders; -import org.springframework.security.oauth2.common.OAuth2AccessToken; -import org.springframework.security.oauth2.common.OAuth2RefreshToken; -import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.web.bind.annotation.DeleteMapping; -import org.springframework.web.bind.annotation.RequestHeader; -import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RestController; -import com.ruoyi.common.core.constant.Constants; -import com.ruoyi.common.core.constant.SecurityConstants; +import com.ruoyi.auth.form.LoginBody; +import com.ruoyi.auth.service.SysLoginService; import com.ruoyi.common.core.domain.R; import com.ruoyi.common.core.utils.StringUtils; -import com.ruoyi.system.api.RemoteLogService; +import com.ruoyi.common.security.service.TokenService; +import com.ruoyi.system.api.model.LoginUser; /** * token 控制 @@ -22,42 +19,46 @@ import com.ruoyi.system.api.RemoteLogService; * @author ruoyi */ @RestController -@RequestMapping("/token") public class TokenController { @Autowired - private TokenStore tokenStore; + private TokenService tokenService; @Autowired - private RemoteLogService remoteLogService; + private SysLoginService sysLoginService; - @DeleteMapping("/logout") - public R logout(@RequestHeader(value = HttpHeaders.AUTHORIZATION, required = false) String authHeader) + @PostMapping("login") + public R login(@RequestBody LoginBody form) { - if (StringUtils.isEmpty(authHeader)) - { - return R.ok(); - } + // 用户登录 + LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword()); + // 获取登录token + return R.ok(tokenService.createToken(userInfo)); + } - String tokenValue = authHeader.replace(OAuth2AccessToken.BEARER_TYPE, StringUtils.EMPTY).trim(); - OAuth2AccessToken accessToken = tokenStore.readAccessToken(tokenValue); - if (accessToken == null || StringUtils.isEmpty(accessToken.getValue())) + @DeleteMapping("logout") + public R logout(HttpServletRequest request) + { + LoginUser loginUser = tokenService.getLoginUser(request); + if (StringUtils.isNotNull(loginUser)) { - return R.ok(); - } - - // 清空 access token - tokenStore.removeAccessToken(accessToken); - - // 清空 refresh token - OAuth2RefreshToken refreshToken = accessToken.getRefreshToken(); - tokenStore.removeRefreshToken(refreshToken); - Map map = accessToken.getAdditionalInformation(); - if (map.containsKey(SecurityConstants.DETAILS_USERNAME)) - { - String username = (String) map.get(SecurityConstants.DETAILS_USERNAME); + String username = loginUser.getUsername(); + // 删除用户缓存记录 + tokenService.delLoginUser(loginUser.getToken()); // 记录用户退出日志 - remoteLogService.saveLogininfor(username, Constants.LOGOUT, "退出成功"); + sysLoginService.logout(username); + } + return R.ok(); + } + + @PostMapping("refresh") + public R refresh(HttpServletRequest request) + { + LoginUser loginUser = tokenService.getLoginUser(request); + if (StringUtils.isNotNull(loginUser)) + { + // 刷新令牌有效期 + return R.ok(tokenService.refreshToken(loginUser)); } return R.ok(); } diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/UserController.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/UserController.java deleted file mode 100644 index d470584..0000000 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/UserController.java +++ /dev/null @@ -1,21 +0,0 @@ -package com.ruoyi.auth.controller; - -import java.security.Principal; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; - -/** - * 身份信息获取 - * - * @author ruoyi - */ -@RestController -@RequestMapping("/oauth") -public class UserController -{ - @RequestMapping("/user") - public Principal user(Principal user) - { - return user; - } -} diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthException.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthException.java deleted file mode 100644 index 7ead34a..0000000 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthException.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.ruoyi.auth.exception; - -import com.fasterxml.jackson.databind.annotation.JsonSerialize; -import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; - -/** - * oauth2自定义异常 - * - * @author ruoyi - **/ -@JsonSerialize(using = CustomOauthExceptionSerializer.class) -public class CustomOauthException extends OAuth2Exception -{ - private static final long serialVersionUID = 1L; - - public CustomOauthException(String msg) - { - super(msg); - } -} \ No newline at end of file diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthExceptionSerializer.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthExceptionSerializer.java deleted file mode 100644 index 79d4472..0000000 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomOauthExceptionSerializer.java +++ /dev/null @@ -1,48 +0,0 @@ -package com.ruoyi.auth.exception; - -import java.io.IOException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import com.fasterxml.jackson.core.JsonGenerator; -import com.fasterxml.jackson.databind.SerializerProvider; -import com.fasterxml.jackson.databind.ser.std.StdSerializer; -import com.ruoyi.common.core.constant.HttpStatus; -import com.ruoyi.common.core.utils.StringUtils; -import com.ruoyi.common.core.web.domain.AjaxResult; - -/** - * 自定义异常返回 - * - * @author ruoyi - **/ -public class CustomOauthExceptionSerializer extends StdSerializer -{ - private static final long serialVersionUID = 1L; - - private static final Logger log = LoggerFactory.getLogger(CustomOauthExceptionSerializer.class); - - public static final String BAD_CREDENTIALS = "Bad credentials"; - - public CustomOauthExceptionSerializer() - { - super(CustomOauthException.class); - } - - @Override - public void serialize(CustomOauthException e, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) - throws IOException - { - jsonGenerator.writeStartObject(); - jsonGenerator.writeNumberField(AjaxResult.CODE_TAG, HttpStatus.ERROR); - if (StringUtils.equals(e.getMessage(), BAD_CREDENTIALS)) - { - jsonGenerator.writeStringField(AjaxResult.MSG_TAG, "用户名或密码错误"); - } - else - { - log.warn("oauth2 认证异常 {} ", e); - jsonGenerator.writeStringField(AjaxResult.MSG_TAG, e.getMessage()); - } - jsonGenerator.writeEndObject(); - } -} \ No newline at end of file diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomWebResponseExceptionTranslator.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomWebResponseExceptionTranslator.java deleted file mode 100644 index 9b56c08..0000000 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/exception/CustomWebResponseExceptionTranslator.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.ruoyi.auth.exception; - -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; -import org.springframework.security.oauth2.provider.error.WebResponseExceptionTranslator; - -/** - * OAuth2 自定义异常处理 - * - * @author ruoyi - */ -public class CustomWebResponseExceptionTranslator implements WebResponseExceptionTranslator -{ - @Override - public ResponseEntity translate(Exception e) - { - return ResponseEntity.status(HttpStatus.OK).body(new CustomOauthException(e.getMessage())); - } -} diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/form/LoginBody.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/form/LoginBody.java new file mode 100644 index 0000000..5f4ff0c --- /dev/null +++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/form/LoginBody.java @@ -0,0 +1,69 @@ +package com.ruoyi.auth.form; + +/** + * 用户登录对象 + * + * @author ruoyi + */ +public class LoginBody +{ + /** + * 用户名 + */ + private String username; + + /** + * 用户密码 + */ + private String password; + + /** + * 验证码 + */ + private String code; + + /** + * 唯一标识 + */ + private String uuid = ""; + + public String getUsername() + { + return username; + } + + public void setUsername(String username) + { + this.username = username; + } + + public String getPassword() + { + return password; + } + + public void setPassword(String password) + { + this.password = password; + } + + public String getCode() + { + return code; + } + + public void setCode(String code) + { + this.code = code; + } + + public String getUuid() + { + return uuid; + } + + public void setUuid(String uuid) + { + this.uuid = uuid; + } +} diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/handler/AuthenticationSuccessEventHandler.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/handler/AuthenticationSuccessEventHandler.java deleted file mode 100644 index f6fda37..0000000 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/handler/AuthenticationSuccessEventHandler.java +++ /dev/null @@ -1,39 +0,0 @@ -package com.ruoyi.auth.handler; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.ApplicationListener; -import org.springframework.security.authentication.event.AuthenticationSuccessEvent; -import org.springframework.security.core.Authentication; -import org.springframework.stereotype.Component; -import com.ruoyi.common.core.constant.Constants; -import com.ruoyi.common.core.utils.StringUtils; -import com.ruoyi.common.security.domain.LoginUser; -import com.ruoyi.system.api.RemoteLogService; - -/** - * 认证成功处理 - * - * @author ruoyi - */ -@Component -public class AuthenticationSuccessEventHandler implements ApplicationListener -{ - @Autowired - private RemoteLogService remoteLogService; - - @Override - public void onApplicationEvent(AuthenticationSuccessEvent event) - { - Authentication authentication = (Authentication) event.getSource(); - if (StringUtils.isNotEmpty(authentication.getAuthorities()) - && authentication.getPrincipal() instanceof LoginUser) - { - LoginUser user = (LoginUser) authentication.getPrincipal(); - - String username = user.getUsername(); - - // 记录用户登录日志 - remoteLogService.saveLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功"); - } - } -} diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java new file mode 100644 index 0000000..611bee4 --- /dev/null +++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java @@ -0,0 +1,89 @@ +package com.ruoyi.auth.service; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import com.ruoyi.common.core.constant.Constants; +import com.ruoyi.common.core.constant.UserConstants; +import com.ruoyi.common.core.domain.R; +import com.ruoyi.common.core.enums.UserStatus; +import com.ruoyi.common.core.exception.BaseException; +import com.ruoyi.common.core.utils.StringUtils; +import com.ruoyi.common.security.utils.SecurityUtils; +import com.ruoyi.system.api.RemoteLogService; +import com.ruoyi.system.api.RemoteUserService; +import com.ruoyi.system.api.domain.SysUser; +import com.ruoyi.system.api.model.LoginUser; + +/** + * 登录校验方法 + * + * @author ruoyi + */ +@Component +public class SysLoginService +{ + @Autowired + private RemoteLogService remoteLogService; + + @Autowired + private RemoteUserService remoteUserService; + + /** + * 登录 + */ + public LoginUser login(String username, String password) + { + // 用户名或密码为空 错误 + if (StringUtils.isAnyBlank(username, password)) + { + remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写"); + throw new BaseException("用户/密码必须填写"); + } + // 密码如果不在指定范围内 错误 + if (password.length() < UserConstants.PASSWORD_MIN_LENGTH + || password.length() > UserConstants.PASSWORD_MAX_LENGTH) + { + remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围"); + throw new BaseException("用户密码不在指定范围"); + } + // 用户名不在指定范围内 错误 + if (username.length() < UserConstants.USERNAME_MIN_LENGTH + || username.length() > UserConstants.USERNAME_MAX_LENGTH) + { + remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围"); + throw new BaseException("用户名不在指定范围"); + } + // 查询用户信息 + R userResult = remoteUserService.getUserInfo(username); + if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) + { + remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在"); + throw new BaseException("登录用户:" + username + " 不存在"); + } + LoginUser userInfo = userResult.getData(); + SysUser user = userResult.getData().getSysUser(); + if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) + { + remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除"); + + throw new BaseException("对不起,您的账号:" + username + " 已被删除"); + } + if (UserStatus.DISABLE.getCode().equals(user.getStatus())) + { + remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员"); + throw new BaseException("对不起,您的账号:" + username + " 已停用"); + } + if (!SecurityUtils.matchesPassword(password, user.getPassword())) + { + remoteLogService.saveLogininfor(username, Constants.LOGIN_FAIL, "用户密码错误"); + throw new BaseException("用户不存在/密码错误"); + } + remoteLogService.saveLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功"); + return userInfo; + } + + public void logout(String loginName) + { + remoteLogService.saveLogininfor(loginName, Constants.LOGOUT, "退出成功"); + } +} \ No newline at end of file diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/CacheConstants.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/CacheConstants.java index c43465b..c6db347 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/CacheConstants.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/CacheConstants.java @@ -8,12 +8,27 @@ package com.ruoyi.common.core.constant; public class CacheConstants { /** - * oauth 缓存前缀 + * 令牌自定义标识 */ - public static final String OAUTH_ACCESS = "oauth:access:"; + public static final String HEADER = "Authorization"; /** - * oauth 客户端信息 + * 令牌前缀 */ - public static final String CLIENT_DETAILS_KEY = "oauth:client:details"; + public static final String TOKEN_PREFIX = "Bearer "; + + /** + * 权限缓存前缀 + */ + public final static String LOGIN_TOKEN_KEY = "login_tokens:"; + + /** + * 用户ID字段 + */ + public static final String DETAILS_USER_ID = "user_id"; + + /** + * 用户名字段 + */ + public static final String DETAILS_USERNAME = "username"; } diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/Constants.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/Constants.java index 572d329..2cf6915 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/Constants.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/Constants.java @@ -85,7 +85,12 @@ public class Constants /** * 验证码有效期(分钟) */ - public static final Integer CAPTCHA_EXPIRATION = 2; + public static final long CAPTCHA_EXPIRATION = 2; + + /** + * 令牌有效期(分钟) + */ + public final static long TOKEN_EXPIRE = 30; /** * 参数管理 cache key diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java deleted file mode 100644 index 9e0123d..0000000 --- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/SecurityConstants.java +++ /dev/null @@ -1,56 +0,0 @@ -package com.ruoyi.common.core.constant; - -/** - * 权限相关通用常量 - * - * @author ruoyi - */ -public class SecurityConstants -{ - /** - * 令牌类型 - */ - public static final String BEARER_TOKEN_TYPE = "Bearer"; - - /** - * 授权token url - */ - public static final String AUTH_TOKEN = "/oauth/token"; - - /** - * 注销token url - */ - public static final String TOKEN_LOGOUT = "/token/logout"; - - /** - * 用户ID字段 - */ - public static final String DETAILS_USER_ID = "user_id"; - - /** - * 用户名字段 - */ - public static final String DETAILS_USERNAME = "username"; - - /** - * sys_oauth_client_details 表的字段,不包括client_id、client_secret - */ - public static final String CLIENT_FIELDS = "client_id, client_secret, resource_ids, scope, " - + "authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, " - + "refresh_token_validity, additional_information, autoapprove"; - - /** - * JdbcClientDetailsService 查询语句 - */ - public static final String BASE_FIND_STATEMENT = "select " + CLIENT_FIELDS + " from sys_oauth_client_details"; - - /** - * 按条件client_id 查询 - */ - public static final String DEFAULT_SELECT_STATEMENT = BASE_FIND_STATEMENT + " where client_id = ?"; - - /** - * 默认的查询语句 - */ - public static final String DEFAULT_FIND_STATEMENT = BASE_FIND_STATEMENT + " order by client_id"; -} diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/UserConstants.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/UserConstants.java index a71ec39..f1029fb 100644 --- a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/UserConstants.java +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/constant/UserConstants.java @@ -56,5 +56,20 @@ public class UserConstants /** 校验返回结果码 */ public final static String UNIQUE = "0"; + public final static String NOT_UNIQUE = "1"; + + /** + * 用户名长度限制 + */ + public static final int USERNAME_MIN_LENGTH = 2; + + public static final int USERNAME_MAX_LENGTH = 20; + + /** + * 密码长度限制 + */ + public static final int PASSWORD_MIN_LENGTH = 5; + + public static final int PASSWORD_MAX_LENGTH = 20; } diff --git a/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/PreAuthorizeException.java b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/PreAuthorizeException.java new file mode 100644 index 0000000..3d420c4 --- /dev/null +++ b/ruoyi-common/ruoyi-common-core/src/main/java/com/ruoyi/common/core/exception/PreAuthorizeException.java @@ -0,0 +1,15 @@ +package com.ruoyi.common.core.exception; + +/** + * 权限异常 + * + * @author ruoyi + */ +public class PreAuthorizeException extends RuntimeException +{ + private static final long serialVersionUID = 1L; + + public PreAuthorizeException() + { + } +} diff --git a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java index 4c29fa5..0e5847a 100644 --- a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java +++ b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/aspect/DataScopeAspect.java @@ -12,10 +12,10 @@ import org.springframework.stereotype.Component; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.web.domain.BaseEntity; import com.ruoyi.common.datascope.annotation.DataScope; -import com.ruoyi.common.datascope.service.AwaitUserService; +import com.ruoyi.common.security.service.TokenService; import com.ruoyi.system.api.domain.SysRole; import com.ruoyi.system.api.domain.SysUser; -import com.ruoyi.system.api.model.UserInfo; +import com.ruoyi.system.api.model.LoginUser; /** * 数据过滤处理 @@ -57,7 +57,7 @@ public class DataScopeAspect public static final String DATA_SCOPE = "dataScope"; @Autowired - private AwaitUserService awaitUserService; + private TokenService tokenService; // 配置织入点 @Pointcut("@annotation(com.ruoyi.common.datascope.annotation.DataScope)") @@ -80,7 +80,7 @@ public class DataScopeAspect return; } // 获取当前的用户 - UserInfo loginUser = awaitUserService.info(); + LoginUser loginUser = tokenService.getLoginUser(); SysUser currentUser = loginUser.getSysUser(); if (currentUser != null) { diff --git a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java b/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java deleted file mode 100644 index 446b3f2..0000000 --- a/ruoyi-common/ruoyi-common-datascope/src/main/java/com/ruoyi/common/datascope/service/AwaitUserService.java +++ /dev/null @@ -1,42 +0,0 @@ -package com.ruoyi.common.datascope.service; - -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; -import com.ruoyi.common.core.domain.R; -import com.ruoyi.common.core.utils.StringUtils; -import com.ruoyi.common.security.utils.SecurityUtils; -import com.ruoyi.system.api.RemoteUserService; -import com.ruoyi.system.api.model.UserInfo; - -/** - * 同步调用用户服务 - * - * @author ruoyi - */ -@Service -public class AwaitUserService -{ - private static final Logger log = LoggerFactory.getLogger(AwaitUserService.class); - - @Autowired - private RemoteUserService remoteUserService; - - /** - * 查询当前用户信息 - * - * @return 用户基本信息 - */ - public UserInfo info() - { - String username = SecurityUtils.getUsername(); - R userResult = remoteUserService.getUserInfo(username); - if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) - { - log.info("数据权限范围查询用户:{} 不存在.", username); - return null; - } - return userResult.getData(); - } -} diff --git a/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories b/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories index 52508bd..a9bc860 100644 --- a/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories +++ b/ruoyi-common/ruoyi-common-datascope/src/main/resources/META-INF/spring.factories @@ -1,5 +1,4 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ - com.ruoyi.common.datascope.service.AwaitUserService,\ com.ruoyi.common.datascope.aspect.DataScopeAspect diff --git a/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java b/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java index 4fe7580..712546e 100644 --- a/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java +++ b/ruoyi-common/ruoyi-common-log/src/main/java/com/ruoyi/common/log/aspect/LogAspect.java @@ -1,7 +1,6 @@ package com.ruoyi.common.log.aspect; import java.lang.reflect.Method; -import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.aspectj.lang.JoinPoint; @@ -17,16 +16,14 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpMethod; import org.springframework.stereotype.Component; import org.springframework.web.multipart.MultipartFile; -import org.springframework.web.servlet.HandlerMapping; import com.alibaba.fastjson.JSON; +import com.ruoyi.common.core.constant.CacheConstants; import com.ruoyi.common.core.utils.ServletUtils; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.utils.ip.IpUtils; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessStatus; import com.ruoyi.common.log.service.AsyncLogService; -import com.ruoyi.common.security.domain.LoginUser; -import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.api.domain.SysOperLog; /** @@ -83,9 +80,6 @@ public class LogAspect return; } - // 获取当前的用户 - LoginUser loginUser = SecurityUtils.getLoginUser(); - // *========数据库日志=========*// SysOperLog operLog = new SysOperLog(); operLog.setStatus(BusinessStatus.SUCCESS.ordinal()); @@ -96,9 +90,11 @@ public class LogAspect operLog.setJsonResult(JSON.toJSONString(jsonResult)); operLog.setOperUrl(ServletUtils.getRequest().getRequestURI()); - if (loginUser != null) + HttpServletRequest request = ServletUtils.getRequest(); + String username = request.getHeader(CacheConstants.DETAILS_USERNAME); + if (StringUtils.isNotBlank(username)) { - operLog.setOperName(loginUser.getUsername()); + operLog.setOperName(username); } if (e != null) @@ -163,11 +159,6 @@ public class LogAspect String params = argsArrayToString(joinPoint.getArgs()); operLog.setOperParam(StringUtils.substring(params, 0, 2000)); } - else - { - Map paramsMap = (Map) ServletUtils.getRequest().getAttribute(HandlerMapping.URI_TEMPLATE_VARIABLES_ATTRIBUTE); - operLog.setOperParam(StringUtils.substring(paramsMap.toString(), 0, 2000)); - } } /** diff --git a/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java b/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java index 3029fe8..df91877 100644 --- a/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java +++ b/ruoyi-common/ruoyi-common-redis/src/main/java/com/ruoyi/common/redis/service/RedisService.java @@ -42,7 +42,7 @@ public class RedisService * @param timeout 时间 * @param timeUnit 时间颗粒度 */ - public void setCacheObject(final String key, final T value, final Integer timeout, final TimeUnit timeUnit) + public void setCacheObject(final String key, final T value, final Long timeout, final TimeUnit timeUnit) { redisTemplate.opsForValue().set(key, value, timeout, timeUnit); } diff --git a/ruoyi-common/ruoyi-common-security/pom.xml b/ruoyi-common/ruoyi-common-security/pom.xml index 782b378..092ca4f 100644 --- a/ruoyi-common/ruoyi-common-security/pom.xml +++ b/ruoyi-common/ruoyi-common-security/pom.xml @@ -16,18 +16,18 @@ - - - org.springframework.cloud - spring-cloud-starter-oauth2 - - com.ruoyi ruoyi-api-system + + + com.ruoyi + ruoyi-common-redis + + diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java index 15681a4..f1e6199 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/EnableCustomConfig.java @@ -5,9 +5,7 @@ import org.mybatis.spring.annotation.MapperScan; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.context.annotation.Import; import org.springframework.scheduling.annotation.EnableAsync; -import com.ruoyi.common.security.feign.OAuth2FeignConfig; import com.ruoyi.common.security.config.ApplicationConfig; -import com.ruoyi.common.security.config.SecurityImportBeanDefinitionRegistrar; @Target(ElementType.TYPE) @Retention(RetentionPolicy.RUNTIME) @@ -20,7 +18,7 @@ import com.ruoyi.common.security.config.SecurityImportBeanDefinitionRegistrar; // 开启线程异步执行 @EnableAsync // 自动加载类 -@Import({ SecurityImportBeanDefinitionRegistrar.class, OAuth2FeignConfig.class, ApplicationConfig.class }) +@Import({ApplicationConfig.class}) public @interface EnableCustomConfig { diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java new file mode 100644 index 0000000..c9f10b6 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/annotation/PreAuthorize.java @@ -0,0 +1,46 @@ +package com.ruoyi.common.security.annotation; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * 权限注解 + * + * @author ruoyi + */ +@Target({ ElementType.TYPE, ElementType.METHOD }) +@Retention(RetentionPolicy.RUNTIME) +public @interface PreAuthorize +{ + /** + * 验证用户是否具备某权限 + */ + public String hasPermi() default ""; + + /** + * 验证用户是否不具备某权限,与 hasPermi逻辑相反 + */ + public String lacksPermi() default ""; + + /** + * 验证用户是否具有以下任意一个权限 + */ + public String[] hasAnyPermi() default {}; + + /** + * 判断用户是否拥有某个角色 + */ + public String hasRole() default ""; + + /** + * 验证用户是否不具备某角色,与 isRole逻辑相反 + */ + public String lacksRole() default ""; + + /** + * 验证用户是否具有以下任意一个角色 + */ + public String[] hasAnyRoles() default {}; +} \ No newline at end of file diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java new file mode 100644 index 0000000..f38039c --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/aspect/PreAuthorizeAspect.java @@ -0,0 +1,195 @@ +package com.ruoyi.common.security.aspect; + +import java.lang.reflect.Method; +import java.util.Collection; +import org.aspectj.lang.ProceedingJoinPoint; +import org.aspectj.lang.Signature; +import org.aspectj.lang.annotation.Around; +import org.aspectj.lang.annotation.Aspect; +import org.aspectj.lang.reflect.MethodSignature; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.util.CollectionUtils; +import org.springframework.util.PatternMatchUtils; +import org.springframework.util.StringUtils; +import com.ruoyi.common.core.exception.PreAuthorizeException; +import com.ruoyi.common.security.annotation.PreAuthorize; +import com.ruoyi.common.security.service.TokenService; +import com.ruoyi.system.api.model.LoginUser; + +@Aspect +@Component +public class PreAuthorizeAspect +{ + @Autowired + private TokenService tokenService; + + /** 所有权限标识 */ + private static final String ALL_PERMISSION = "*:*:*"; + + /** 管理员角色权限标识 */ + private static final String SUPER_ADMIN = "admin"; + + @Around("@annotation(com.ruoyi.common.security.annotation.PreAuthorize)") + public Object around(ProceedingJoinPoint point) throws Throwable + { + Signature signature = point.getSignature(); + MethodSignature methodSignature = (MethodSignature) signature; + Method method = methodSignature.getMethod(); + PreAuthorize annotation = method.getAnnotation(PreAuthorize.class); + if (annotation == null) + { + return point.proceed(); + } + + if (StringUtils.isEmpty(annotation.hasPermi()) && hasPermi(annotation.hasPermi())) + { + return point.proceed(); + } + else if (StringUtils.isEmpty(annotation.lacksPermi()) && hasPermi(annotation.lacksPermi())) + { + return point.proceed(); + } + else if (StringUtils.isEmpty(annotation.hasAnyPermi()) && hasAnyPermi(annotation.hasAnyPermi())) + { + return point.proceed(); + } + else if (StringUtils.isEmpty(annotation.hasRole()) && hasRole(annotation.hasRole())) + { + return point.proceed(); + } + else if (StringUtils.isEmpty(annotation.lacksRole()) && lacksRole(annotation.lacksRole())) + { + return point.proceed(); + } + else if (StringUtils.isEmpty(annotation.hasAnyRoles()) && hasAnyRoles(annotation.hasAnyRoles())) + { + return point.proceed(); + } + else + { + throw new PreAuthorizeException(); + } + } + + /** + * 验证用户是否具备某权限 + * + * @param permission 权限字符串 + * @return 用户是否具备某权限 + */ + public boolean hasPermi(String permission) + { + LoginUser userInfo = tokenService.getLoginUser(); + if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions())) + { + return false; + } + return hasPermissions(userInfo.getPermissions(), permission); + } + + /** + * 验证用户是否不具备某权限,与 hasPermi逻辑相反 + * + * @param permission 权限字符串 + * @return 用户是否不具备某权限 + */ + public boolean lacksPermi(String permission) + { + return hasPermi(permission) != true; + } + + /** + * 验证用户是否具有以下任意一个权限 + * + * @param permissions 权限列表 + * @return 用户是否具有以下任意一个权限 + */ + public boolean hasAnyPermi(String[] permissions) + { + LoginUser userInfo = tokenService.getLoginUser(); + if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getPermissions())) + { + return false; + } + Collection authorities = userInfo.getPermissions(); + for (String permission : permissions) + { + if (permission != null && hasPermissions(authorities, permission)) + { + return true; + } + } + return false; + } + + /** + * 判断用户是否拥有某个角色 + * + * @param role 角色字符串 + * @return 用户是否具备某角色 + */ + public boolean hasRole(String role) + { + LoginUser userInfo = tokenService.getLoginUser(); + if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles())) + { + return false; + } + for (String roleKey : userInfo.getRoles()) + { + if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(role)) + { + return true; + } + } + return false; + } + + /** + * 验证用户是否不具备某角色,与 isRole逻辑相反。 + * + * @param role 角色名称 + * @return 用户是否不具备某角色 + */ + public boolean lacksRole(String role) + { + return hasRole(role) != true; + } + + /** + * 验证用户是否具有以下任意一个角色 + * + * @param roles 角色列表 + * @return 用户是否具有以下任意一个角色 + */ + public boolean hasAnyRoles(String[] roles) + { + LoginUser userInfo = tokenService.getLoginUser(); + if (StringUtils.isEmpty(userInfo) || CollectionUtils.isEmpty(userInfo.getRoles())) + { + return false; + } + for (String role : roles) + { + if (hasRole(role)) + { + return true; + } + } + return false; + } + + /** + * 判断是否包含权限 + * + * @param authorities 权限列表 + * @param permission 权限字符串 + * @return 用户是否具备某权限 + */ + private boolean hasPermissions(Collection authorities, String permission) + { + return authorities.stream().filter(StringUtils::hasText) + .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(permission, x)); + } +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java deleted file mode 100644 index d2d5ae0..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/AuthIgnoreConfig.java +++ /dev/null @@ -1,30 +0,0 @@ -package com.ruoyi.common.security.config; - -import java.util.ArrayList; -import java.util.List; -import org.springframework.beans.factory.annotation.Configurable; -import org.springframework.boot.context.properties.ConfigurationProperties; -import org.springframework.stereotype.Component; - -/** - * 忽略服务间的认证 - * - * @author ruoyi - **/ -@Component -@Configurable -@ConfigurationProperties(prefix = "security.oauth2.ignore") -public class AuthIgnoreConfig -{ - private List urls = new ArrayList<>(); - - public List getUrls() - { - return urls; - } - - public void setUrls(List urls) - { - this.urls = urls; - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java deleted file mode 100644 index 29f2afb..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/CommonUserConverter.java +++ /dev/null @@ -1,75 +0,0 @@ -package com.ruoyi.common.security.config; - -import java.util.Collection; -import java.util.LinkedHashMap; -import java.util.Map; -import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter; -import org.springframework.util.StringUtils; -import com.ruoyi.common.core.constant.SecurityConstants; -import com.ruoyi.common.core.text.Convert; -import com.ruoyi.common.security.domain.LoginUser; - -/** - * https://my.oschina.net/giegie/blog/3023768 根据checktoken 的结果转化用户信息 - * - * @author lengleng - */ -public class CommonUserConverter implements UserAuthenticationConverter -{ - private static final String N_A = "N/A"; - - /** - * 将授权信息返回到资源服务 - */ - @Override - public Map convertUserAuthentication(Authentication userAuthentication) - { - Map authMap = new LinkedHashMap<>(); - authMap.put(USERNAME, userAuthentication.getName()); - if (userAuthentication.getAuthorities() != null && !userAuthentication.getAuthorities().isEmpty()) - { - authMap.put(AUTHORITIES, AuthorityUtils.authorityListToSet(userAuthentication.getAuthorities())); - } - return authMap; - } - - /** - * 获取用户认证信息 - */ - @Override - public Authentication extractAuthentication(Map map) - { - if (map.containsKey(USERNAME)) - { - Collection authorities = getAuthorities(map); - - Long userId = Convert.toLong(map.get(SecurityConstants.DETAILS_USER_ID)); - String username = (String) map.get(SecurityConstants.DETAILS_USERNAME); - LoginUser user = new LoginUser(userId, username, N_A, true, true, true, true, authorities); - return new UsernamePasswordAuthenticationToken(user, N_A, authorities); - } - return null; - } - - /** - * 获取权限资源信息 - */ - private Collection getAuthorities(Map map) - { - Object authorities = map.get(AUTHORITIES); - if (authorities instanceof String) - { - return AuthorityUtils.commaSeparatedStringToAuthorityList((String) authorities); - } - if (authorities instanceof Collection) - { - return AuthorityUtils.commaSeparatedStringToAuthorityList( - StringUtils.collectionToCommaDelimitedString((Collection) authorities)); - } - throw new IllegalArgumentException("Authorities must be either a String or a Collection"); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/MethodSecurityConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/MethodSecurityConfig.java deleted file mode 100644 index 07fabf3..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/MethodSecurityConfig.java +++ /dev/null @@ -1,27 +0,0 @@ -package com.ruoyi.common.security.config; - -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; - -/** - * - * @EnableGlobalMethodSecurity(securedEnabled=true) - * 开启@Secured 注解过滤权限 - * - * @EnableGlobalMethodSecurity(jsr250Enabled=true) - * 开启@RolesAllowed 注解过滤权限 - * - * @EnableGlobalMethodSecurity(prePostEnabled=true) - * 使用表达式时间方法级别的安全性 4个注解可用 - * -@PreAuthorize 在方法调用之前,基于表达式的计算结果来限制对方法的访问 - * -@PostAuthorize 允许方法调用,但是如果表达式计算结果为false,将抛出一个安全性异常 - * -@PostFilter 允许方法调用,但必须按照表达式来过滤方法的结果 - * -@PreFilter 允许方法调用,但必须在进入方法之前过滤输入值 - * - */ -@Configuration -@EnableGlobalMethodSecurity(prePostEnabled = true) -public class MethodSecurityConfig -{ - -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java deleted file mode 100644 index 6aa3ba8..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java +++ /dev/null @@ -1,82 +0,0 @@ -package com.ruoyi.common.security.config; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties; -import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties; -import org.springframework.cloud.client.loadbalancer.LoadBalanced; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; -import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer; -import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter; -import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer; -import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter; -import org.springframework.security.oauth2.provider.token.RemoteTokenServices; -import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices; -import org.springframework.security.oauth2.provider.token.UserAuthenticationConverter; -import org.springframework.web.client.DefaultResponseErrorHandler; -import org.springframework.web.client.RestTemplate; - -/** - * oauth2 服务配置 - * - * @author ruoyi - */ -@Configuration -@EnableResourceServer -public class ResourceServerConfig extends ResourceServerConfigurerAdapter -{ - @Autowired - private ResourceServerProperties resourceServerProperties; - - @Autowired - private OAuth2ClientProperties oAuth2ClientProperties; - - @Bean - public AuthIgnoreConfig authIgnoreConfig() - { - return new AuthIgnoreConfig(); - } - - @Bean - @LoadBalanced - public RestTemplate restTemplate() - { - RestTemplate restTemplate = new RestTemplate(); - restTemplate.setErrorHandler(new DefaultResponseErrorHandler()); - return restTemplate; - } - - @Bean - public ResourceServerTokenServices tokenServices() - { - RemoteTokenServices remoteTokenServices = new RemoteTokenServices(); - DefaultAccessTokenConverter accessTokenConverter = new DefaultAccessTokenConverter(); - UserAuthenticationConverter userTokenConverter = new CommonUserConverter(); - accessTokenConverter.setUserTokenConverter(userTokenConverter); - remoteTokenServices.setCheckTokenEndpointUrl(resourceServerProperties.getTokenInfoUri()); - remoteTokenServices.setClientId(oAuth2ClientProperties.getClientId()); - remoteTokenServices.setClientSecret(oAuth2ClientProperties.getClientSecret()); - remoteTokenServices.setRestTemplate(restTemplate()); - remoteTokenServices.setAccessTokenConverter(accessTokenConverter); - return remoteTokenServices; - } - - @Override - public void configure(HttpSecurity http) throws Exception - { - http.csrf().disable(); - ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry = http - .authorizeRequests(); - // 不登录可以访问 - authIgnoreConfig().getUrls().forEach(url -> registry.antMatchers(url).permitAll()); - registry.anyRequest().authenticated(); - } - - @Override - public void configure(ResourceServerSecurityConfigurer resources) - { - resources.tokenServices(tokenServices()); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java deleted file mode 100644 index 386bce0..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java +++ /dev/null @@ -1,24 +0,0 @@ -package com.ruoyi.common.security.config; - -import org.springframework.beans.factory.support.BeanDefinitionBuilder; -import org.springframework.beans.factory.support.BeanDefinitionRegistry; -import org.springframework.context.annotation.ImportBeanDefinitionRegistrar; -import org.springframework.core.type.AnnotationMetadata; -import com.ruoyi.common.core.utils.StringUtils; - -/** - * 导入 SecurityImportBeanDefinitionRegistrar 自动加载类 - * - * @author ruoyi - */ -public class SecurityImportBeanDefinitionRegistrar implements ImportBeanDefinitionRegistrar -{ - @Override - public void registerBeanDefinitions(AnnotationMetadata metadata, BeanDefinitionRegistry registry) - { - Class aClass = ResourceServerConfig.class; - String beanName = StringUtils.uncapitalize(aClass.getSimpleName()); - BeanDefinitionBuilder beanDefinitionBuilder = BeanDefinitionBuilder.genericBeanDefinition(ResourceServerConfig.class); - registry.registerBeanDefinition(beanName, beanDefinitionBuilder.getBeanDefinition()); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java deleted file mode 100644 index 1056fec..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/domain/LoginUser.java +++ /dev/null @@ -1,37 +0,0 @@ -package com.ruoyi.common.security.domain; - -import java.util.Collection; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.userdetails.User; - -/** - * 登录用户身份权限 - * - * @author ruoyi - */ -public class LoginUser extends User -{ - private static final long serialVersionUID = 1L; - - /** - * 用户ID - */ - private Long userId; - - public LoginUser(Long userId, String username, String password, boolean enabled, boolean accountNonExpired, - boolean credentialsNonExpired, boolean accountNonLocked, Collection authorities) - { - super(username, password, enabled, accountNonExpired, credentialsNonExpired, accountNonLocked, authorities); - this.userId = userId; - } - - public Long getUserId() - { - return userId; - } - - public void setUserId(Long userId) - { - this.userId = userId; - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java deleted file mode 100644 index e5c598b..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignConfig.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.ruoyi.common.security.feign; - -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import feign.RequestInterceptor; - -/** - * Feign配置注册 - * - * @author ruoyi - **/ -@Configuration -public class OAuth2FeignConfig -{ - @Bean - public RequestInterceptor requestInterceptor() - { - return new OAuth2FeignRequestInterceptor(); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java deleted file mode 100644 index baf6083..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/feign/OAuth2FeignRequestInterceptor.java +++ /dev/null @@ -1,33 +0,0 @@ -package com.ruoyi.common.security.feign; - -import org.springframework.http.HttpHeaders; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContext; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; -import org.springframework.stereotype.Component; -import com.ruoyi.common.core.constant.SecurityConstants; -import feign.RequestInterceptor; -import feign.RequestTemplate; - -/** - * feign 请求拦截器 - * - * @author ruoyi - */ -@Component -public class OAuth2FeignRequestInterceptor implements RequestInterceptor -{ - @Override - public void apply(RequestTemplate requestTemplate) - { - SecurityContext securityContext = SecurityContextHolder.getContext(); - Authentication authentication = securityContext.getAuthentication(); - if (authentication != null && authentication.getDetails() instanceof OAuth2AuthenticationDetails) - { - OAuth2AuthenticationDetails dateils = (OAuth2AuthenticationDetails) authentication.getDetails(); - requestTemplate.header(HttpHeaders.AUTHORIZATION, - String.format("%s %s", SecurityConstants.BEARER_TOKEN_TYPE, dateils.getTokenValue())); - } - } -} \ No newline at end of file diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java deleted file mode 100644 index 0ba69ae..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomAccessDeniedHandler.java +++ /dev/null @@ -1,33 +0,0 @@ -package com.ruoyi.common.security.handler; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler; -import org.springframework.stereotype.Component; -import com.alibaba.fastjson.JSON; -import com.ruoyi.common.core.constant.HttpStatus; -import com.ruoyi.common.core.domain.R; -import com.ruoyi.common.core.utils.ServletUtils; - -/** - * 自定义访问无权限资源时的异常 - * - * @author ruoyi - */ -@Component -public class CustomAccessDeniedHandler extends OAuth2AccessDeniedHandler -{ - private final Logger logger = LoggerFactory.getLogger(CustomAccessDeniedHandler.class); - - @Override - public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException authException) - { - logger.info("权限不足,请联系管理员 {}", request.getRequestURI()); - - String msg = authException.getMessage(); - ServletUtils.renderString(response, JSON.toJSONString(R.fail(HttpStatus.FORBIDDEN, msg))); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java index ac1ae39..7e569d6 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/GlobalExceptionHandler.java @@ -2,18 +2,14 @@ package com.ruoyi.common.security.handler; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.security.access.AccessDeniedException; -import org.springframework.security.authentication.AccountExpiredException; -import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.validation.BindException; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; -import org.springframework.web.servlet.NoHandlerFoundException; -import com.ruoyi.common.core.constant.HttpStatus; import com.ruoyi.common.core.exception.BaseException; import com.ruoyi.common.core.exception.CustomException; import com.ruoyi.common.core.exception.DemoModeException; +import com.ruoyi.common.core.exception.PreAuthorizeException; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.web.domain.AjaxResult; @@ -49,34 +45,6 @@ public class GlobalExceptionHandler return AjaxResult.error(e.getCode(), e.getMessage()); } - @ExceptionHandler(NoHandlerFoundException.class) - public AjaxResult handlerNoFoundException(Exception e) - { - log.error(e.getMessage(), e); - return AjaxResult.error(HttpStatus.NOT_FOUND, "路径不存在,请检查路径是否正确"); - } - - @ExceptionHandler(AccessDeniedException.class) - public AjaxResult handleAuthorizationException(AccessDeniedException e) - { - log.error(e.getMessage()); - return AjaxResult.error(HttpStatus.FORBIDDEN, "没有权限,请联系管理员授权"); - } - - @ExceptionHandler(AccountExpiredException.class) - public AjaxResult handleAccountExpiredException(AccountExpiredException e) - { - log.error(e.getMessage(), e); - return AjaxResult.error(e.getMessage()); - } - - @ExceptionHandler(UsernameNotFoundException.class) - public AjaxResult handleUsernameNotFoundException(UsernameNotFoundException e) - { - log.error(e.getMessage(), e); - return AjaxResult.error(e.getMessage()); - } - @ExceptionHandler(Exception.class) public AjaxResult handleException(Exception e) { @@ -105,7 +73,16 @@ public class GlobalExceptionHandler String message = e.getBindingResult().getFieldError().getDefaultMessage(); return AjaxResult.error(message); } - + + /** + * 权限异常 + */ + @ExceptionHandler(PreAuthorizeException.class) + public AjaxResult preAuthorizeException(PreAuthorizeException e) + { + return AjaxResult.error("没有权限,请联系管理员授权"); + } + /** * 演示模式异常 */ diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java deleted file mode 100644 index cbfc9bb..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/PermissionService.java +++ /dev/null @@ -1,167 +0,0 @@ -package com.ruoyi.common.security.service; - -import java.util.Collection; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.stereotype.Service; -import org.springframework.util.CollectionUtils; -import org.springframework.util.PatternMatchUtils; -import org.springframework.util.StringUtils; -import com.ruoyi.common.security.domain.LoginUser; -import com.ruoyi.common.security.utils.SecurityUtils; - -/** - * 自定义权限实现 - * - * @author ruoyi - */ -@Service("ss") -public class PermissionService -{ - /** 所有权限标识 */ - private static final String ALL_PERMISSION = "*:*:*"; - - /** 管理员角色权限标识 */ - private static final String SUPER_ADMIN = "admin"; - - private static final String ROLE_DELIMETER = ","; - - private static final String PERMISSION_DELIMETER = ","; - - /** - * 验证用户是否具备某权限 - * - * @param permission 权限字符串 - * @return 用户是否具备某权限 - */ - public boolean hasPermi(String permission) - { - if (StringUtils.isEmpty(permission)) - { - return false; - } - LoginUser loginUser = SecurityUtils.getLoginUser(); - if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities())) - { - return false; - } - return hasPermissions(loginUser.getAuthorities(), permission); - } - - /** - * 验证用户是否不具备某权限,与 hasPermi逻辑相反 - * - * @param permission 权限字符串 - * @return 用户是否不具备某权限 - */ - public boolean lacksPermi(String permission) - { - return hasPermi(permission) != true; - } - - /** - * 验证用户是否具有以下任意一个权限 - * - * @param permissions 以 PERMISSION_NAMES_DELIMETER 为分隔符的权限列表 - * @return 用户是否具有以下任意一个权限 - */ - public boolean hasAnyPermi(String permissions) - { - if (StringUtils.isEmpty(permissions)) - { - return false; - } - LoginUser loginUser = SecurityUtils.getLoginUser(); - if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities())) - { - return false; - } - Collection authorities = loginUser.getAuthorities(); - for (String permission : permissions.split(PERMISSION_DELIMETER)) - { - if (permission != null && hasPermissions(authorities, permission)) - { - return true; - } - } - return false; - } - - /** - * 判断用户是否拥有某个角色 - * - * @param role 角色字符串 - * @return 用户是否具备某角色 - */ - public boolean hasRole(String role) - { - if (StringUtils.isEmpty(role)) - { - return false; - } - LoginUser loginUser = SecurityUtils.getLoginUser(); - if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities())) - { - return false; - } - for (GrantedAuthority authorities : loginUser.getAuthorities()) - { - String roleKey = authorities.getAuthority(); - if (SUPER_ADMIN.contains(roleKey) || roleKey.contains(role)) - { - return true; - } - } - return false; - } - - /** - * 验证用户是否不具备某角色,与 isRole逻辑相反。 - * - * @param role 角色名称 - * @return 用户是否不具备某角色 - */ - public boolean lacksRole(String role) - { - return hasRole(role) != true; - } - - /** - * 验证用户是否具有以下任意一个角色 - * - * @param roles 以 ROLE_NAMES_DELIMETER 为分隔符的角色列表 - * @return 用户是否具有以下任意一个角色 - */ - public boolean hasAnyRoles(String roles) - { - if (StringUtils.isEmpty(roles)) - { - return false; - } - LoginUser loginUser = SecurityUtils.getLoginUser(); - if (StringUtils.isEmpty(loginUser) || CollectionUtils.isEmpty(loginUser.getAuthorities())) - { - return false; - } - for (String role : roles.split(ROLE_DELIMETER)) - { - if (hasRole(role)) - { - return true; - } - } - return false; - } - - /** - * 判断是否包含权限 - * - * @param authorities 权限列表 - * @param permission 权限字符串 - * @return 用户是否具备某权限 - */ - private boolean hasPermissions(Collection authorities, String permission) - { - return authorities.stream().map(GrantedAuthority::getAuthority).filter(StringUtils::hasText) - .anyMatch(x -> ALL_PERMISSION.contains(x) || PatternMatchUtils.simpleMatch(permission, x)); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java deleted file mode 100644 index 5f0700f..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/RedisClientDetailsService.java +++ /dev/null @@ -1,30 +0,0 @@ -package com.ruoyi.common.security.service; - -import javax.sql.DataSource; -import org.springframework.cache.annotation.Cacheable; -import org.springframework.security.oauth2.provider.ClientDetails; -import org.springframework.security.oauth2.provider.client.JdbcClientDetailsService; -import com.ruoyi.common.core.constant.CacheConstants; -import com.ruoyi.common.core.constant.SecurityConstants; - -/** - * 重写原生方法支持redis缓存 - * - * @author ruoyi - */ -public class RedisClientDetailsService extends JdbcClientDetailsService -{ - public RedisClientDetailsService(DataSource dataSource) - { - super(dataSource); - super.setSelectClientDetailsSql(SecurityConstants.DEFAULT_SELECT_STATEMENT); - super.setFindClientDetailsSql(SecurityConstants.DEFAULT_FIND_STATEMENT); - } - - @Override - @Cacheable(value = CacheConstants.CLIENT_DETAILS_KEY, key = "#clientId", unless = "#result == null") - public ClientDetails loadClientByClientId(String clientId) - { - return super.loadClientByClientId(clientId); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java new file mode 100644 index 0000000..7c805c8 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/TokenService.java @@ -0,0 +1,123 @@ +package com.ruoyi.common.security.service; + +import java.util.HashMap; +import java.util.Map; +import java.util.concurrent.TimeUnit; +import javax.servlet.http.HttpServletRequest; +import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import com.ruoyi.common.core.constant.CacheConstants; +import com.ruoyi.common.core.constant.Constants; +import com.ruoyi.common.core.utils.IdUtils; +import com.ruoyi.common.core.utils.ServletUtils; +import com.ruoyi.common.redis.service.RedisService; +import com.ruoyi.system.api.model.LoginUser; + +/** + * token验证处理 + * + * @author ruoyi + */ +@Component +public class TokenService +{ + @Autowired + private RedisService redisService; + + private final static long EXPIRE_TIME = Constants.TOKEN_EXPIRE * 60; + + private final static String ACCESS_TOKEN = CacheConstants.LOGIN_TOKEN_KEY; + + protected static final long MILLIS_SECOND = 1000; + + /** + * 创建令牌 + */ + public Map createToken(LoginUser loginUser) + { + // 生成token + String token = IdUtils.fastUUID(); + loginUser.setToken(token); + loginUser.setUserid(loginUser.getSysUser().getUserId()); + loginUser.setUsername(loginUser.getSysUser().getUserName()); + refreshToken(loginUser); + + // 保存或更新用户token + Map map = new HashMap(); + map.put("access_token", token); + map.put("expires_in", EXPIRE_TIME); + redisService.setCacheObject(ACCESS_TOKEN + token, loginUser, EXPIRE_TIME, TimeUnit.SECONDS); + return map; + } + + /** + * 获取用户身份信息 + * + * @return 用户信息 + */ + public LoginUser getLoginUser() + { + return getLoginUser(ServletUtils.getRequest()); + } + + /** + * 获取用户身份信息 + * + * @return 用户信息 + */ + public LoginUser getLoginUser(HttpServletRequest request) + { + // 获取请求携带的令牌 + String token = getToken(request); + if (StringUtils.isNotEmpty(token)) + { + String userKey = getTokenKey(token); + LoginUser user = redisService.getCacheObject(userKey); + return user; + } + return null; + } + + public void delLoginUser(String token) + { + if (StringUtils.isNotEmpty(token)) + { + String userKey = getTokenKey(token); + redisService.deleteObject(userKey); + } + } + + /** + * 刷新令牌有效期 + * + * @param loginUser 登录信息 + */ + public Long refreshToken(LoginUser loginUser) + { + loginUser.setLoginTime(System.currentTimeMillis()); + loginUser.setExpireTime(loginUser.getLoginTime() + EXPIRE_TIME * MILLIS_SECOND); + // 根据uuid将loginUser缓存 + String userKey = getTokenKey(loginUser.getToken()); + redisService.setCacheObject(userKey, loginUser, EXPIRE_TIME, TimeUnit.SECONDS); + return EXPIRE_TIME; + } + + private String getTokenKey(String token) + { + return ACCESS_TOKEN + token; + } + + /** + * 获取请求token + */ + private String getToken(HttpServletRequest request) + { + String token = request.getHeader(CacheConstants.HEADER); + if (StringUtils.isNotEmpty(token) && token.startsWith(CacheConstants.TOKEN_PREFIX)) + { + token = token.replace(CacheConstants.TOKEN_PREFIX, ""); + } + return token; + } +} \ No newline at end of file diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java deleted file mode 100644 index 28abc4b..0000000 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/UserDetailsServiceImpl.java +++ /dev/null @@ -1,83 +0,0 @@ -package com.ruoyi.common.security.service; - -import java.util.Collection; -import java.util.HashSet; -import java.util.Set; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.core.GrantedAuthority; -import org.springframework.security.core.authority.AuthorityUtils; -import org.springframework.security.core.userdetails.UserDetails; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.security.core.userdetails.UsernameNotFoundException; -import org.springframework.stereotype.Service; -import com.ruoyi.common.core.domain.R; -import com.ruoyi.common.core.enums.UserStatus; -import com.ruoyi.common.core.exception.BaseException; -import com.ruoyi.common.core.utils.StringUtils; -import com.ruoyi.common.security.domain.LoginUser; -import com.ruoyi.system.api.RemoteUserService; -import com.ruoyi.system.api.domain.SysUser; -import com.ruoyi.system.api.model.UserInfo; - -/** - * 用户信息处理 - * - * @author ruoyi - */ -@Service -public class UserDetailsServiceImpl implements UserDetailsService -{ - private static final Logger log = LoggerFactory.getLogger(UserDetailsServiceImpl.class); - - @Autowired - private RemoteUserService remoteUserService; - - @Override - public UserDetails loadUserByUsername(String username) - { - R userResult = remoteUserService.getUserInfo(username); - checkUser(userResult, username); - return getUserDetails(userResult); - } - - public void checkUser(R userResult, String username) - { - if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) - { - log.info("登录用户:{} 不存在.", username); - throw new UsernameNotFoundException("登录用户:" + username + " 不存在"); - } - else if (UserStatus.DELETED.getCode().equals(userResult.getData().getSysUser().getDelFlag())) - { - log.info("登录用户:{} 已被删除.", username); - throw new BaseException("对不起,您的账号:" + username + " 已被删除"); - } - else if (UserStatus.DISABLE.getCode().equals(userResult.getData().getSysUser().getStatus())) - { - log.info("登录用户:{} 已被停用.", username); - throw new BaseException("对不起,您的账号:" + username + " 已停用"); - } - } - - private UserDetails getUserDetails(R result) - { - UserInfo info = result.getData(); - Set dbAuthsSet = new HashSet(); - if (StringUtils.isNotEmpty(info.getRoles())) - { - // 获取角色 - dbAuthsSet.addAll(info.getRoles()); - // 获取权限 - dbAuthsSet.addAll(info.getPermissions()); - } - - Collection authorities = AuthorityUtils - .createAuthorityList(dbAuthsSet.toArray(new String[0])); - SysUser user = info.getSysUser(); - - return new LoginUser(user.getUserId(), user.getUserName(), user.getPassword(), true, true, true, true, - authorities); - } -} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java index b0c1e8d..025ddaf 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/utils/SecurityUtils.java @@ -1,9 +1,9 @@ package com.ruoyi.common.security.utils; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; -import com.ruoyi.common.security.domain.LoginUser; +import com.ruoyi.common.core.constant.CacheConstants; +import com.ruoyi.common.core.text.Convert; +import com.ruoyi.common.core.utils.ServletUtils; /** * 权限获取工具类 @@ -12,46 +12,31 @@ import com.ruoyi.common.security.domain.LoginUser; */ public class SecurityUtils { - /** - * 获取Authentication - */ - public static Authentication getAuthentication() - { - return SecurityContextHolder.getContext().getAuthentication(); - } - /** * 获取用户 */ public static String getUsername() { - return getLoginUser().getUsername(); + return ServletUtils.getRequest().getHeader(CacheConstants.DETAILS_USERNAME); } /** - * 获取用户 + * 获取用户ID */ - public static LoginUser getLoginUser(Authentication authentication) + public static Long getUserId() { - Object principal = authentication.getPrincipal(); - if (principal instanceof LoginUser) - { - return (LoginUser) principal; - } - return null; + return Convert.toLong(ServletUtils.getRequest().getHeader(CacheConstants.DETAILS_USER_ID)); } /** - * 获取用户 + * 是否为管理员 + * + * @param userId 用户ID + * @return 结果 */ - public static LoginUser getLoginUser() + public static boolean isAdmin(Long userId) { - Authentication authentication = getAuthentication(); - if (authentication == null) - { - return null; - } - return getLoginUser(authentication); + return userId != null && 1L == userId; } /** @@ -78,15 +63,4 @@ public class SecurityUtils BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); return passwordEncoder.matches(rawPassword, encodedPassword); } - - /** - * 是否为管理员 - * - * @param userId 用户ID - * @return 结果 - */ - public static boolean isAdmin(Long userId) - { - return userId != null && 1L == userId; - } } diff --git a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories index e569c12..1f6338d 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories +++ b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories @@ -1,8 +1,4 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ - com.ruoyi.common.security.service.UserDetailsServiceImpl,\ - com.ruoyi.common.security.service.PermissionService,\ - com.ruoyi.common.security.config.MethodSecurityConfig,\ - com.ruoyi.common.security.handler.CustomAccessDeniedHandler,\ + com.ruoyi.common.security.service.TokenService,\ + com.ruoyi.common.security.aspect.PreAuthorizeAspect,\ com.ruoyi.common.security.handler.GlobalExceptionHandler - - diff --git a/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java b/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java index 204c2c8..1a9597d 100644 --- a/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java +++ b/ruoyi-common/ruoyi-common-swagger/src/main/java/com/ruoyi/common/swagger/config/SwaggerAutoConfiguration.java @@ -2,7 +2,6 @@ package com.ruoyi.common.swagger.config; import java.util.ArrayList; import java.util.Arrays; -import java.util.Collections; import java.util.List; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; @@ -15,11 +14,9 @@ import springfox.documentation.builders.ApiInfoBuilder; import springfox.documentation.builders.PathSelectors; import springfox.documentation.builders.RequestHandlerSelectors; import springfox.documentation.service.ApiInfo; +import springfox.documentation.service.ApiKey; import springfox.documentation.service.AuthorizationScope; import springfox.documentation.service.Contact; -import springfox.documentation.service.GrantType; -import springfox.documentation.service.OAuth; -import springfox.documentation.service.ResourceOwnerPasswordCredentialsGrant; import springfox.documentation.service.SecurityReference; import springfox.documentation.spi.DocumentationType; import springfox.documentation.spi.service.contexts.SecurityContext; @@ -66,54 +63,55 @@ public class SwaggerAutoConfiguration List> excludePath = new ArrayList<>(); swaggerProperties.getExcludePath().forEach(path -> excludePath.add(PathSelectors.ant(path))); - //noinspection Guava + //noinspection Guava return new Docket(DocumentationType.SWAGGER_2) .host(swaggerProperties.getHost()) .apiInfo(apiInfo(swaggerProperties)).select() .apis(RequestHandlerSelectors.basePackage(swaggerProperties.getBasePackage())) .paths(Predicates.and(Predicates.not(Predicates.or(excludePath)), Predicates.or(basePath))) .build() - .securitySchemes(Collections.singletonList(securitySchema())) - .securityContexts(Collections.singletonList(securityContext())) + .securitySchemes(securitySchemes()) + .securityContexts(securityContexts()) .pathMapping("/"); } - /** - * 配置默认的全局鉴权策略的开关,通过正则表达式进行匹配;默认匹配所有URL - * - * @return - */ - private SecurityContext securityContext() + /** + * 安全模式,这里指定token通过Authorization头请求头传递 + */ + private List securitySchemes() { - return SecurityContext.builder() - .securityReferences(defaultAuth()) - .forPaths(PathSelectors.regex(swaggerProperties().getAuthorization().getAuthRegex())) - .build(); + List apiKeyList = new ArrayList(); + apiKeyList.add(new ApiKey("Authorization", "Authorization", "header")); + return apiKeyList; } - /** - * 默认的全局鉴权策略 - * - * @return - */ + /** + * 安全上下文 + */ + private List securityContexts() + { + List securityContexts = new ArrayList<>(); + securityContexts.add( + SecurityContext.builder() + .securityReferences(defaultAuth()) + .forPaths(PathSelectors.regex("^(?!auth).*$")) + .build()); + return securityContexts; + } + + /** + * 默认的全局鉴权策略 + * + * @return + */ private List defaultAuth() { - ArrayList authorizationScopeList = new ArrayList<>(); - swaggerProperties().getAuthorization().getAuthorizationScopeList().forEach(authorizationScope -> authorizationScopeList.add(new AuthorizationScope(authorizationScope.getScope(), authorizationScope.getDescription()))); - AuthorizationScope[] authorizationScopes = new AuthorizationScope[authorizationScopeList.size()]; - return Collections.singletonList(SecurityReference.builder() - .reference(swaggerProperties().getAuthorization().getName()) - .scopes(authorizationScopeList.toArray(authorizationScopes)) - .build()); - } - - private OAuth securitySchema() - { - ArrayList authorizationScopeList = new ArrayList<>(); - swaggerProperties().getAuthorization().getAuthorizationScopeList().forEach(authorizationScope -> authorizationScopeList.add(new AuthorizationScope(authorizationScope.getScope(), authorizationScope.getDescription()))); - ArrayList grantTypes = new ArrayList<>(); - swaggerProperties().getAuthorization().getTokenUrlList().forEach(tokenUrl -> grantTypes.add(new ResourceOwnerPasswordCredentialsGrant(tokenUrl))); - return new OAuth(swaggerProperties().getAuthorization().getName(), authorizationScopeList, grantTypes); + AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything"); + AuthorizationScope[] authorizationScopes = new AuthorizationScope[1]; + authorizationScopes[0] = authorizationScope; + List securityReferences = new ArrayList<>(); + securityReferences.add(new SecurityReference("Authorization", authorizationScopes)); + return securityReferences; } private ApiInfo apiInfo(SwaggerProperties swaggerProperties) @@ -128,5 +126,4 @@ public class SwaggerAutoConfiguration .version(swaggerProperties.getVersion()) .build(); } - } - +} diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java new file mode 100644 index 0000000..d1c26b6 --- /dev/null +++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/AuthFilter.java @@ -0,0 +1,108 @@ +package com.ruoyi.gateway.filter; + +import java.util.Arrays; +import javax.annotation.Resource; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.cloud.gateway.filter.GatewayFilterChain; +import org.springframework.cloud.gateway.filter.GlobalFilter; +import org.springframework.core.Ordered; +import org.springframework.core.io.buffer.DataBufferFactory; +import org.springframework.data.redis.core.ValueOperations; +import org.springframework.http.HttpStatus; +import org.springframework.http.MediaType; +import org.springframework.http.server.reactive.ServerHttpRequest; +import org.springframework.http.server.reactive.ServerHttpResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; +import com.ruoyi.common.core.constant.CacheConstants; +import com.ruoyi.common.core.domain.R; +import com.ruoyi.common.core.utils.StringUtils; +import reactor.core.publisher.Mono; + +/** + * 网关鉴权 + * + * @author ruoyi + */ +@Component +public class AuthFilter implements GlobalFilter, Ordered +{ + private static final Logger log = LoggerFactory.getLogger(AuthFilter.class); + + // 排除过滤的 uri 地址,swagger排除自行添加 + private static final String[] whiteList = { "/auth/login", "/code/v2/api-docs", "/schedule/v2/api-docs", + "/system/v2/api-docs", "/csrf" }; + + @Resource(name = "stringRedisTemplate") + private ValueOperations sops; + + @Override + public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) + { + String url = exchange.getRequest().getURI().getPath(); + // 跳过不需要验证的路径 + if (Arrays.asList(whiteList).contains(url)) + { + return chain.filter(exchange); + } + String token = getToken(exchange.getRequest()); + if (StringUtils.isBlank(token)) + { + return setUnauthorizedResponse(exchange, "令牌不能为空"); + } + String userStr = sops.get(CacheConstants.LOGIN_TOKEN_KEY + token); + if (StringUtils.isNull(userStr)) + { + return setUnauthorizedResponse(exchange, "令牌验证失败"); + } + JSONObject obj = JSONObject.parseObject(userStr); + String userid = obj.getString("userid"); + String username = obj.getString("username"); + if (StringUtils.isBlank(userid) || StringUtils.isBlank(username)) + { + return setUnauthorizedResponse(exchange, "令牌验证失败"); + } + // 设置用户信息到请求 + ServerHttpRequest mutableReq = exchange.getRequest().mutate().header(CacheConstants.DETAILS_USER_ID, userid) + .header(CacheConstants.DETAILS_USERNAME, username).build(); + ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build(); + + return chain.filter(mutableExchange); + } + + private Mono setUnauthorizedResponse(ServerWebExchange exchange, String msg) + { + ServerHttpResponse response = exchange.getResponse(); + response.getHeaders().setContentType(MediaType.APPLICATION_JSON); + response.setStatusCode(HttpStatus.OK); + + log.error("[鉴权异常处理]请求路径:{}", exchange.getRequest().getPath()); + + return response.writeWith(Mono.fromSupplier(() -> { + DataBufferFactory bufferFactory = response.bufferFactory(); + return bufferFactory.wrap(JSON.toJSONBytes(R.fail(msg))); + })); + } + + /** + * 获取请求token + */ + private String getToken(ServerHttpRequest request) + { + String token = request.getHeaders().getFirst(CacheConstants.HEADER); + if (StringUtils.isNotEmpty(token) && token.startsWith(CacheConstants.TOKEN_PREFIX)) + { + token = token.replace(CacheConstants.TOKEN_PREFIX, ""); + } + return token; + } + + @Override + public int getOrder() + { + return -200; + } +} \ No newline at end of file diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java new file mode 100644 index 0000000..2045d3e --- /dev/null +++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/CacheRequestFilter.java @@ -0,0 +1,100 @@ +package com.ruoyi.gateway.filter; + +import java.util.Collections; +import java.util.List; +import org.springframework.cloud.gateway.filter.GatewayFilter; +import org.springframework.cloud.gateway.filter.GatewayFilterChain; +import org.springframework.cloud.gateway.filter.OrderedGatewayFilter; +import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; +import org.springframework.core.io.buffer.DataBuffer; +import org.springframework.core.io.buffer.DataBufferFactory; +import org.springframework.core.io.buffer.DataBufferUtils; +import org.springframework.http.HttpMethod; +import org.springframework.http.server.reactive.ServerHttpRequestDecorator; +import org.springframework.stereotype.Component; +import org.springframework.web.server.ServerWebExchange; +import reactor.core.publisher.Flux; +import reactor.core.publisher.Mono; + +@Component +public class CacheRequestFilter extends AbstractGatewayFilterFactory +{ + public CacheRequestFilter() + { + super(Config.class); + } + + @Override + public String name() + { + return "CacheRequestFilter"; + } + + @Override + public GatewayFilter apply(Config config) + { + CacheRequestGatewayFilter cacheRequestGatewayFilter = new CacheRequestGatewayFilter(); + Integer order = config.getOrder(); + if (order == null) + { + return cacheRequestGatewayFilter; + } + return new OrderedGatewayFilter(cacheRequestGatewayFilter, order); + } + + public static class CacheRequestGatewayFilter implements GatewayFilter + { + @Override + public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) + { + // GET DELETE 不过滤 + HttpMethod method = exchange.getRequest().getMethod(); + if (method == null || method.matches("GET") || method.matches("DELETE")) + { + return chain.filter(exchange); + } + return DataBufferUtils.join(exchange.getRequest().getBody()).map(dataBuffer -> { + byte[] bytes = new byte[dataBuffer.readableByteCount()]; + dataBuffer.read(bytes); + DataBufferUtils.release(dataBuffer); + return bytes; + }).defaultIfEmpty(new byte[0]).flatMap(bytes -> { + DataBufferFactory dataBufferFactory = exchange.getResponse().bufferFactory(); + ServerHttpRequestDecorator decorator = new ServerHttpRequestDecorator(exchange.getRequest()) + { + @Override + public Flux getBody() + { + if (bytes.length > 0) + { + return Flux.just(dataBufferFactory.wrap(bytes)); + } + return Flux.empty(); + } + }; + return chain.filter(exchange.mutate().request(decorator).build()); + }); + } + } + + @Override + public List shortcutFieldOrder() + { + return Collections.singletonList("order"); + } + + static class Config + { + private Integer order; + + public Integer getOrder() + { + return order; + } + + public void setOrder(Integer order) + { + this.order = order; + } + } +} \ No newline at end of file diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java index 6172c8d..561111b 100644 --- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java +++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java @@ -1,16 +1,22 @@ package com.ruoyi.gateway.filter; +import java.nio.CharBuffer; +import java.nio.charset.StandardCharsets; +import java.util.concurrent.atomic.AtomicReference; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.cloud.gateway.filter.GatewayFilter; import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; -import org.springframework.http.HttpHeaders; +import org.springframework.core.io.buffer.DataBuffer; +import org.springframework.core.io.buffer.DataBufferUtils; import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.http.server.reactive.ServerHttpResponse; import org.springframework.stereotype.Component; import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.gateway.service.ValidateCodeService; +import reactor.core.publisher.Flux; import reactor.core.publisher.Mono; /** @@ -21,20 +27,14 @@ import reactor.core.publisher.Mono; @Component public class ValidateCodeFilter extends AbstractGatewayFilterFactory { - private final static String AUTH_URL = "/oauth/token"; + private final static String AUTH_URL = "/auth/login"; @Autowired private ValidateCodeService validateCodeService; - private static final String BASIC_ = "Basic "; - private static final String CODE = "code"; private static final String UUID = "uuid"; - - private static final String GRANT_TYPE = "grant_type"; - - private static final String REFRESH_TOKEN = "refresh_token"; @Override public GatewayFilter apply(Object config) @@ -47,25 +47,12 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory { return chain.filter(exchange); } - - // 刷新token请求,不处理 - String grantType = request.getQueryParams().getFirst(GRANT_TYPE); - if (StringUtils.containsIgnoreCase(request.getURI().getPath(), AUTH_URL) && StringUtils.containsIgnoreCase(grantType, REFRESH_TOKEN)) - { - return chain.filter(exchange); - } - // 消息头存在内容,且不存在验证码参数,不处理 - String header = request.getHeaders().getFirst(HttpHeaders.AUTHORIZATION); - if (StringUtils.isNotEmpty(header) && StringUtils.startsWith(header, BASIC_) - && !request.getQueryParams().containsKey(CODE) && !request.getQueryParams().containsKey(UUID)) - { - return chain.filter(exchange); - } try { - validateCodeService.checkCapcha(request.getQueryParams().getFirst(CODE), - request.getQueryParams().getFirst(UUID)); + String rspStr = resolveBodyFromRequest(request); + JSONObject obj = JSONObject.parseObject(rspStr); + validateCodeService.checkCapcha(obj.getString(CODE), obj.getString(UUID)); } catch (Exception e) { @@ -77,4 +64,17 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory return chain.filter(exchange); }; } + + private String resolveBodyFromRequest(ServerHttpRequest serverHttpRequest) + { + // 获取请求体 + Flux body = serverHttpRequest.getBody(); + AtomicReference bodyRef = new AtomicReference<>(); + body.subscribe(buffer -> { + CharBuffer charBuffer = StandardCharsets.UTF_8.decode(buffer.asByteBuffer()); + DataBufferUtils.release(buffer); + bodyRef.set(charBuffer.toString()); + }); + return bodyRef.get(); + } } diff --git a/ruoyi-modules/ruoyi-gen/pom.xml b/ruoyi-modules/ruoyi-gen/pom.xml index a07d6b9..b5bd0db 100644 --- a/ruoyi-modules/ruoyi-gen/pom.xml +++ b/ruoyi-modules/ruoyi-gen/pom.xml @@ -35,10 +35,10 @@ spring-cloud-starter-alibaba-sentinel - + org.springframework.boot - spring-boot-starter-web + spring-boot-starter-actuator diff --git a/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java b/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java index da2fbbb..b23ff55 100644 --- a/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java +++ b/ruoyi-modules/ruoyi-gen/src/main/java/com/ruoyi/gen/controller/GenController.java @@ -7,7 +7,6 @@ import java.util.Map; import javax.servlet.http.HttpServletResponse; import org.apache.commons.io.IOUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -23,6 +22,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.gen.domain.GenTable; import com.ruoyi.gen.domain.GenTableColumn; import com.ruoyi.gen.service.IGenTableColumnService; @@ -46,7 +46,7 @@ public class GenController extends BaseController /** * 查询代码生成列表 */ - @PreAuthorize("@ss.hasPermi('tool:gen:list')") + @PreAuthorize(hasPermi = "tool:gen:list") @GetMapping("/list") public TableDataInfo genList(GenTable genTable) { @@ -58,7 +58,7 @@ public class GenController extends BaseController /** * 修改代码生成业务 */ - @PreAuthorize("@ss.hasPermi('tool:gen:query')") + @PreAuthorize(hasPermi = "tool:gen:query") @GetMapping(value = "/{talbleId}") public AjaxResult getInfo(@PathVariable Long talbleId) { @@ -73,7 +73,7 @@ public class GenController extends BaseController /** * 查询数据库列表 */ - @PreAuthorize("@ss.hasPermi('tool:gen:list')") + @PreAuthorize(hasPermi = "tool:gen:list") @GetMapping("/db/list") public TableDataInfo dataList(GenTable genTable) { @@ -85,7 +85,6 @@ public class GenController extends BaseController /** * 查询数据表字段列表 */ - @PreAuthorize("@ss.hasPermi('tool:gen:list')") @GetMapping(value = "/column/{talbleId}") public TableDataInfo columnList(Long tableId) { @@ -99,7 +98,7 @@ public class GenController extends BaseController /** * 导入表结构(保存) */ - @PreAuthorize("@ss.hasPermi('tool:gen:list')") + @PreAuthorize(hasPermi = "tool:gen:list") @Log(title = "代码生成", businessType = BusinessType.IMPORT) @PostMapping("/importTable") public AjaxResult importTableSave(String tables) @@ -114,7 +113,7 @@ public class GenController extends BaseController /** * 修改保存代码生成业务 */ - @PreAuthorize("@ss.hasPermi('tool:gen:edit')") + @PreAuthorize(hasPermi = "tool:gen:edit") @Log(title = "代码生成", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult editSave(@Validated @RequestBody GenTable genTable) @@ -127,7 +126,7 @@ public class GenController extends BaseController /** * 删除代码生成 */ - @PreAuthorize("@ss.hasPermi('tool:gen:remove')") + @PreAuthorize(hasPermi = "tool:gen:remove") @Log(title = "代码生成", businessType = BusinessType.DELETE) @DeleteMapping("/{tableIds}") public AjaxResult remove(@PathVariable Long[] tableIds) @@ -139,7 +138,7 @@ public class GenController extends BaseController /** * 预览代码 */ - @PreAuthorize("@ss.hasPermi('tool:gen:preview')") + @PreAuthorize(hasPermi = "tool:gen:preview") @GetMapping("/preview/{tableId}") public AjaxResult preview(@PathVariable("tableId") Long tableId) throws IOException { @@ -150,7 +149,7 @@ public class GenController extends BaseController /** * 生成代码(下载方式) */ - @PreAuthorize("@ss.hasPermi('tool:gen:code')") + @PreAuthorize(hasPermi = "tool:gen:code") @Log(title = "代码生成", businessType = BusinessType.GENCODE) @GetMapping("/download/{tableName}") public void download(HttpServletResponse response, @PathVariable("tableName") String tableName) throws IOException @@ -162,7 +161,7 @@ public class GenController extends BaseController /** * 生成代码(自定义路径) */ - @PreAuthorize("@ss.hasPermi('tool:gen:code')") + @PreAuthorize(hasPermi = "tool:gen:code") @Log(title = "代码生成", businessType = BusinessType.GENCODE) @GetMapping("/genCode/{tableName}") public AjaxResult genCode(HttpServletResponse response, @PathVariable("tableName") String tableName) @@ -174,7 +173,7 @@ public class GenController extends BaseController /** * 批量生成代码 */ - @PreAuthorize("@ss.hasPermi('tool:gen:code')") + @PreAuthorize(hasPermi = "tool:gen:code") @Log(title = "代码生成", businessType = BusinessType.GENCODE) @GetMapping("/batchGenCode") public void batchGenCode(HttpServletResponse response, String tables) throws IOException diff --git a/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm b/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm index 93df940..67d8e6c 100644 --- a/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm +++ b/ruoyi-modules/ruoyi-gen/src/main/resources/vm/java/controller.java.vm @@ -3,7 +3,6 @@ package ${packageName}.controller; import java.util.List; import java.io.IOException; import javax.servlet.http.HttpServletResponse; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; @@ -15,6 +14,7 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import ${packageName}.domain.${ClassName}; import ${packageName}.service.I${ClassName}Service; import com.ruoyi.common.core.web.controller.BaseController; @@ -41,7 +41,7 @@ public class ${ClassName}Controller extends BaseController /** * 查询${functionName}列表 */ - @PreAuthorize("@ss.hasPermi('${permissionPrefix}:list')") + @PreAuthorize(hasPermi = "${permissionPrefix}:list") @GetMapping("/list") #if($table.crud) public TableDataInfo list(${ClassName} ${className}) @@ -61,7 +61,7 @@ public class ${ClassName}Controller extends BaseController /** * 导出${functionName}列表 */ - @PreAuthorize("@ss.hasPermi('${permissionPrefix}:export')") + @PreAuthorize(hasPermi = "${permissionPrefix}:export") @Log(title = "${functionName}", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, ${ClassName} ${className}) throws IOException @@ -74,7 +74,7 @@ public class ${ClassName}Controller extends BaseController /** * 获取${functionName}详细信息 */ - @PreAuthorize("@ss.hasPermi('${permissionPrefix}:query')") + @PreAuthorize(hasPermi = "${permissionPrefix}:query") @GetMapping(value = "/{${pkColumn.javaField}}") public AjaxResult getInfo(@PathVariable("${pkColumn.javaField}") ${pkColumn.javaType} ${pkColumn.javaField}) { @@ -84,7 +84,7 @@ public class ${ClassName}Controller extends BaseController /** * 新增${functionName} */ - @PreAuthorize("@ss.hasPermi('${permissionPrefix}:add')") + @PreAuthorize(hasPermi = "${permissionPrefix}:add") @Log(title = "${functionName}", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody ${ClassName} ${className}) @@ -95,7 +95,7 @@ public class ${ClassName}Controller extends BaseController /** * 修改${functionName} */ - @PreAuthorize("@ss.hasPermi('${permissionPrefix}:edit')") + @PreAuthorize(hasPermi = "${permissionPrefix}:edit") @Log(title = "${functionName}", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody ${ClassName} ${className}) @@ -106,7 +106,7 @@ public class ${ClassName}Controller extends BaseController /** * 删除${functionName} */ - @PreAuthorize("@ss.hasPermi('${permissionPrefix}:remove')") + @PreAuthorize(hasPermi = "${permissionPrefix}:remove") @Log(title = "${functionName}", businessType = BusinessType.DELETE) @DeleteMapping("/{${pkColumn.javaField}s}") public AjaxResult remove(@PathVariable ${pkColumn.javaType}[] ${pkColumn.javaField}s) diff --git a/ruoyi-modules/ruoyi-job/pom.xml b/ruoyi-modules/ruoyi-job/pom.xml index 08d2137..cdee36f 100644 --- a/ruoyi-modules/ruoyi-job/pom.xml +++ b/ruoyi-modules/ruoyi-job/pom.xml @@ -35,10 +35,10 @@ spring-cloud-starter-alibaba-sentinel - + org.springframework.boot - spring-boot-starter-web + spring-boot-starter-actuator diff --git a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java index feae666..a356c17 100644 --- a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java +++ b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobController.java @@ -5,7 +5,6 @@ import java.util.List; import javax.servlet.http.HttpServletResponse; import org.quartz.SchedulerException; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -21,6 +20,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.job.domain.SysJob; import com.ruoyi.job.service.ISysJobService; @@ -41,7 +41,7 @@ public class SysJobController extends BaseController /** * 查询定时任务列表 */ - @PreAuthorize("@ss.hasPermi('monitor:job:list')") + @PreAuthorize(hasPermi = "monitor:job:list") @GetMapping("/list") public TableDataInfo list(SysJob sysJob) { @@ -53,7 +53,7 @@ public class SysJobController extends BaseController /** * 导出定时任务列表 */ - @PreAuthorize("@ss.hasPermi('monitor:job:export')") + @PreAuthorize(hasPermi = "monitor:job:export") @Log(title = "定时任务", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, SysJob sysJob) throws IOException @@ -66,7 +66,7 @@ public class SysJobController extends BaseController /** * 获取定时任务详细信息 */ - @PreAuthorize("@ss.hasPermi('monitor:job:query')") + @PreAuthorize(hasPermi = "monitor:job:query") @GetMapping(value = "/{jobId}") public AjaxResult getInfo(@PathVariable("jobId") Long jobId) { @@ -76,7 +76,7 @@ public class SysJobController extends BaseController /** * 新增定时任务 */ - @PreAuthorize("@ss.hasPermi('monitor:job:add')") + @PreAuthorize(hasPermi = "monitor:job:add") @Log(title = "定时任务", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@RequestBody SysJob sysJob) throws SchedulerException, TaskException @@ -92,7 +92,7 @@ public class SysJobController extends BaseController /** * 修改定时任务 */ - @PreAuthorize("@ss.hasPermi('monitor:job:edit')") + @PreAuthorize(hasPermi = "monitor:job:edit") @Log(title = "定时任务", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@RequestBody SysJob sysJob) throws SchedulerException, TaskException @@ -108,7 +108,7 @@ public class SysJobController extends BaseController /** * 定时任务状态修改 */ - @PreAuthorize("@ss.hasPermi('monitor:job:changeStatus')") + @PreAuthorize(hasPermi = "monitor:job:changeStatus") @Log(title = "定时任务", businessType = BusinessType.UPDATE) @PutMapping("/changeStatus") public AjaxResult changeStatus(@RequestBody SysJob job) throws SchedulerException @@ -121,7 +121,7 @@ public class SysJobController extends BaseController /** * 定时任务立即执行一次 */ - @PreAuthorize("@ss.hasPermi('monitor:job:changeStatus')") + @PreAuthorize(hasPermi = "monitor:job:changeStatus") @Log(title = "定时任务", businessType = BusinessType.UPDATE) @PutMapping("/run") public AjaxResult run(@RequestBody SysJob job) throws SchedulerException @@ -133,7 +133,7 @@ public class SysJobController extends BaseController /** * 删除定时任务 */ - @PreAuthorize("@ss.hasPermi('monitor:job:remove')") + @PreAuthorize(hasPermi = "monitor:job:remove") @Log(title = "定时任务", businessType = BusinessType.DELETE) @DeleteMapping("/{jobIds}") public AjaxResult remove(@PathVariable Long[] jobIds) throws SchedulerException, TaskException diff --git a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java index 5d5dd35..2908cf9 100644 --- a/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java +++ b/ruoyi-modules/ruoyi-job/src/main/java/com/ruoyi/job/controller/SysJobLogController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -17,6 +16,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.job.domain.SysJobLog; import com.ruoyi.job.service.ISysJobLogService; @@ -35,7 +35,7 @@ public class SysJobLogController extends BaseController /** * 查询定时任务调度日志列表 */ - @PreAuthorize("@ss.hasPermi('monitor:job:list')") + @PreAuthorize(hasPermi = "monitor:job:list") @GetMapping("/list") public TableDataInfo list(SysJobLog sysJobLog) { @@ -47,7 +47,7 @@ public class SysJobLogController extends BaseController /** * 导出定时任务调度日志列表 */ - @PreAuthorize("@ss.hasPermi('monitor:job:export')") + @PreAuthorize(hasPermi = "monitor:job:export") @Log(title = "任务调度日志", businessType = BusinessType.EXPORT) @PostMapping("/export") public void export(HttpServletResponse response, SysJobLog sysJobLog) throws IOException @@ -60,7 +60,7 @@ public class SysJobLogController extends BaseController /** * 根据调度编号获取详细信息 */ - @PreAuthorize("@ss.hasPermi('monitor:job:query')") + @PreAuthorize(hasPermi = "monitor:job:query") @GetMapping(value = "/{configId}") public AjaxResult getInfo(@PathVariable Long jobLogId) { @@ -70,7 +70,7 @@ public class SysJobLogController extends BaseController /** * 删除定时任务调度日志 */ - @PreAuthorize("@ss.hasPermi('monitor:job:remove')") + @PreAuthorize(hasPermi = "monitor:job:remove") @Log(title = "定时任务调度日志", businessType = BusinessType.DELETE) @DeleteMapping("/{jobLogIds}") public AjaxResult remove(@PathVariable Long[] jobLogIds) @@ -81,7 +81,7 @@ public class SysJobLogController extends BaseController /** * 清空定时任务调度日志 */ - @PreAuthorize("@ss.hasPermi('monitor:job:remove')") + @PreAuthorize(hasPermi = "monitor:job:remove") @Log(title = "调度日志", businessType = BusinessType.CLEAN) @DeleteMapping("/clean") public AjaxResult clean() diff --git a/ruoyi-modules/ruoyi-system/pom.xml b/ruoyi-modules/ruoyi-system/pom.xml index b0cd606..9b11d45 100644 --- a/ruoyi-modules/ruoyi-system/pom.xml +++ b/ruoyi-modules/ruoyi-system/pom.xml @@ -35,10 +35,10 @@ spring-cloud-starter-alibaba-sentinel - + org.springframework.boot - spring-boot-starter-web + spring-boot-starter-actuator diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysClientDetailsController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysClientDetailsController.java deleted file mode 100644 index b6f21a9..0000000 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysClientDetailsController.java +++ /dev/null @@ -1,94 +0,0 @@ -package com.ruoyi.system.controller; - -import java.util.List; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; -import org.springframework.web.bind.annotation.DeleteMapping; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.PutMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; -import com.ruoyi.common.core.utils.StringUtils; -import com.ruoyi.common.core.web.controller.BaseController; -import com.ruoyi.common.core.web.domain.AjaxResult; -import com.ruoyi.common.core.web.page.TableDataInfo; -import com.ruoyi.common.log.annotation.Log; -import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.system.domain.SysClientDetails; -import com.ruoyi.system.service.ISysClientDetailsService; - -/** - * 终端配置 信息操作处理 - * - * @author ruoyi - */ -@RestController -@RequestMapping("/client") -public class SysClientDetailsController extends BaseController -{ - @Autowired - private ISysClientDetailsService sysClientDetailsService; - - /** - * 查询终端配置列表 - */ - @PreAuthorize("@ss.hasPermi('system:client:list')") - @GetMapping("/list") - public TableDataInfo list(SysClientDetails sysClientDetails) - { - startPage(); - List list = sysClientDetailsService.selectSysClientDetailsList(sysClientDetails); - return getDataTable(list); - } - - /** - * 获取终端配置详细信息 - */ - @PreAuthorize("@ss.hasPermi('system:client:query')") - @GetMapping(value = "/{clientId}") - public AjaxResult getInfo(@PathVariable("clientId") String clientId) - { - return AjaxResult.success(sysClientDetailsService.selectSysClientDetailsById(clientId)); - } - - /** - * 新增终端配置 - */ - @PreAuthorize("@ss.hasPermi('system:client:add')") - @Log(title = "终端配置", businessType = BusinessType.INSERT) - @PostMapping - public AjaxResult add(@RequestBody SysClientDetails sysClientDetails) - { - String clientId = sysClientDetails.getClientId(); - if (StringUtils.isNotNull(sysClientDetailsService.selectSysClientDetailsById(clientId))) - { - return AjaxResult.error("新增终端'" + clientId + "'失败,编号已存在"); - } - return toAjax(sysClientDetailsService.insertSysClientDetails(sysClientDetails)); - } - - /** - * 修改终端配置 - */ - @PreAuthorize("@ss.hasPermi('system:client:edit')") - @Log(title = "终端配置", businessType = BusinessType.UPDATE) - @PutMapping - public AjaxResult edit(@RequestBody SysClientDetails sysClientDetails) - { - return toAjax(sysClientDetailsService.updateSysClientDetails(sysClientDetails)); - } - - /** - * 删除终端配置 - */ - @PreAuthorize("@ss.hasPermi('system:client:remove')") - @Log(title = "终端配置", businessType = BusinessType.DELETE) - @DeleteMapping("/{clientIds}") - public AjaxResult remove(@PathVariable String[] clientIds) - { - return toAjax(sysClientDetailsService.deleteSysClientDetailsByIds(clientIds)); - } -} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java index 35bb1cc..31c9880 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysConfigController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -21,6 +20,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.domain.SysConfig; import com.ruoyi.system.service.ISysConfigService; @@ -40,7 +40,7 @@ public class SysConfigController extends BaseController /** * 获取参数配置列表 */ - @PreAuthorize("@ss.hasPermi('system:config:list')") + @PreAuthorize(hasPermi = "system:config:list") @GetMapping("/list") public TableDataInfo list(SysConfig config) { @@ -50,7 +50,7 @@ public class SysConfigController extends BaseController } @Log(title = "参数管理", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:config:export')") + @PreAuthorize(hasPermi = "system:config:export") @PostMapping("/export") public void export(HttpServletResponse response, SysConfig config) throws IOException { @@ -80,7 +80,7 @@ public class SysConfigController extends BaseController /** * 新增参数配置 */ - @PreAuthorize("@ss.hasPermi('system:config:add')") + @PreAuthorize(hasPermi = "system:config:add") @Log(title = "参数管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysConfig config) @@ -96,7 +96,7 @@ public class SysConfigController extends BaseController /** * 修改参数配置 */ - @PreAuthorize("@ss.hasPermi('system:config:edit')") + @PreAuthorize(hasPermi = "system:config:edit") @Log(title = "参数管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysConfig config) @@ -112,7 +112,7 @@ public class SysConfigController extends BaseController /** * 删除参数配置 */ - @PreAuthorize("@ss.hasPermi('system:config:remove')") + @PreAuthorize(hasPermi = "system:config:remove") @Log(title = "参数管理", businessType = BusinessType.DELETE) @DeleteMapping("/{configIds}") public AjaxResult remove(@PathVariable Long[] configIds) @@ -123,7 +123,7 @@ public class SysConfigController extends BaseController /** * 清空缓存 */ - @PreAuthorize("@ss.hasPermi('system:config:remove')") + @PreAuthorize(hasPermi = "system:config:remove") @Log(title = "参数管理", businessType = BusinessType.CLEAN) @DeleteMapping("/clearCache") public AjaxResult clearCache() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java index d6a49d4..c6111bb 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDeptController.java @@ -2,10 +2,8 @@ package com.ruoyi.system.controller; import java.util.Iterator; import java.util.List; - import org.apache.commons.lang3.ArrayUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -15,13 +13,13 @@ import org.springframework.web.bind.annotation.PutMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; - import com.ruoyi.common.core.constant.UserConstants; import com.ruoyi.common.core.utils.StringUtils; import com.ruoyi.common.core.web.controller.BaseController; import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.api.domain.SysDept; import com.ruoyi.system.service.ISysDeptService; @@ -41,7 +39,7 @@ public class SysDeptController extends BaseController /** * 获取部门列表 */ - @PreAuthorize("@ss.hasPermi('system:dept:list')") + @PreAuthorize(hasPermi = "system:dept:list") @GetMapping("/list") public AjaxResult list(SysDept dept) { @@ -52,7 +50,7 @@ public class SysDeptController extends BaseController /** * 查询部门列表(排除节点) */ - @PreAuthorize("@ss.hasPermi('system:dept:list')") + @PreAuthorize(hasPermi = "system:dept:list") @GetMapping("/list/exclude/{deptId}") public AjaxResult excludeChild(@PathVariable(value = "deptId", required = false) Long deptId) { @@ -73,7 +71,7 @@ public class SysDeptController extends BaseController /** * 根据部门编号获取详细信息 */ - @PreAuthorize("@ss.hasPermi('system:dept:query')") + @PreAuthorize(hasPermi = "system:dept:query") @GetMapping(value = "/{deptId}") public AjaxResult getInfo(@PathVariable Long deptId) { @@ -106,7 +104,7 @@ public class SysDeptController extends BaseController /** * 新增部门 */ - @PreAuthorize("@ss.hasPermi('system:dept:add')") + @PreAuthorize(hasPermi = "system:dept:add") @Log(title = "部门管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysDept dept) @@ -122,7 +120,7 @@ public class SysDeptController extends BaseController /** * 修改部门 */ - @PreAuthorize("@ss.hasPermi('system:dept:edit')") + @PreAuthorize(hasPermi = "system:dept:edit") @Log(title = "部门管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysDept dept) @@ -147,7 +145,7 @@ public class SysDeptController extends BaseController /** * 删除部门 */ - @PreAuthorize("@ss.hasPermi('system:dept:remove')") + @PreAuthorize(hasPermi = "system:dept:remove") @Log(title = "部门管理", businessType = BusinessType.DELETE) @DeleteMapping("/{deptId}") public AjaxResult remove(@PathVariable Long deptId) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java index 5a908f6..fb2288a 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictDataController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -20,6 +19,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.domain.SysDictData; import com.ruoyi.system.service.ISysDictDataService; @@ -40,7 +40,7 @@ public class SysDictDataController extends BaseController @Autowired private ISysDictTypeService dictTypeService; - @PreAuthorize("@ss.hasPermi('system:dict:list')") + @PreAuthorize(hasPermi = "system:dict:list") @GetMapping("/list") public TableDataInfo list(SysDictData dictData) { @@ -50,7 +50,7 @@ public class SysDictDataController extends BaseController } @Log(title = "字典数据", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:dict:export')") + @PreAuthorize(hasPermi = "system:dict:export") @PostMapping("/export") public void export(HttpServletResponse response, SysDictData dictData) throws IOException { @@ -62,7 +62,7 @@ public class SysDictDataController extends BaseController /** * 查询字典数据详细 */ - @PreAuthorize("@ss.hasPermi('system:dict:query')") + @PreAuthorize(hasPermi = "system:dict:query") @GetMapping(value = "/{dictCode}") public AjaxResult getInfo(@PathVariable Long dictCode) { @@ -81,7 +81,7 @@ public class SysDictDataController extends BaseController /** * 新增字典类型 */ - @PreAuthorize("@ss.hasPermi('system:dict:add')") + @PreAuthorize(hasPermi = "system:dict:add") @Log(title = "字典数据", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysDictData dict) @@ -93,7 +93,7 @@ public class SysDictDataController extends BaseController /** * 修改保存字典类型 */ - @PreAuthorize("@ss.hasPermi('system:dict:edit')") + @PreAuthorize(hasPermi = "system:dict:edit") @Log(title = "字典数据", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysDictData dict) @@ -105,7 +105,7 @@ public class SysDictDataController extends BaseController /** * 删除字典类型 */ - @PreAuthorize("@ss.hasPermi('system:dict:remove')") + @PreAuthorize(hasPermi = "system:dict:remove") @Log(title = "字典类型", businessType = BusinessType.DELETE) @DeleteMapping("/{dictCodes}") public AjaxResult remove(@PathVariable Long[] dictCodes) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java index 41a7eed..fffe6b3 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysDictTypeController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -21,6 +20,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.domain.SysDictType; import com.ruoyi.system.service.ISysDictTypeService; @@ -37,7 +37,7 @@ public class SysDictTypeController extends BaseController @Autowired private ISysDictTypeService dictTypeService; - @PreAuthorize("@ss.hasPermi('system:dict:list')") + @PreAuthorize(hasPermi = "system:dict:list") @GetMapping("/list") public TableDataInfo list(SysDictType dictType) { @@ -47,7 +47,7 @@ public class SysDictTypeController extends BaseController } @Log(title = "字典类型", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:dict:export')") + @PreAuthorize(hasPermi = "system:dict:export") @PostMapping("/export") public void export(HttpServletResponse response, SysDictType dictType) throws IOException { @@ -59,7 +59,7 @@ public class SysDictTypeController extends BaseController /** * 查询字典类型详细 */ - @PreAuthorize("@ss.hasPermi('system:dict:query')") + @PreAuthorize(hasPermi = "system:dict:query") @GetMapping(value = "/{dictId}") public AjaxResult getInfo(@PathVariable Long dictId) { @@ -69,7 +69,7 @@ public class SysDictTypeController extends BaseController /** * 新增字典类型 */ - @PreAuthorize("@ss.hasPermi('system:dict:add')") + @PreAuthorize(hasPermi = "system:dict:add") @Log(title = "字典类型", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysDictType dict) @@ -85,7 +85,7 @@ public class SysDictTypeController extends BaseController /** * 修改字典类型 */ - @PreAuthorize("@ss.hasPermi('system:dict:edit')") + @PreAuthorize(hasPermi = "system:dict:edit") @Log(title = "字典类型", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysDictType dict) @@ -101,7 +101,7 @@ public class SysDictTypeController extends BaseController /** * 删除字典类型 */ - @PreAuthorize("@ss.hasPermi('system:dict:remove')") + @PreAuthorize(hasPermi = "system:dict:remove") @Log(title = "字典类型", businessType = BusinessType.DELETE) @DeleteMapping("/{dictIds}") public AjaxResult remove(@PathVariable Long[] dictIds) @@ -112,7 +112,7 @@ public class SysDictTypeController extends BaseController /** * 清空缓存 */ - @PreAuthorize("@ss.hasPermi('system:dict:remove')") + @PreAuthorize(hasPermi = "system:dict:remove") @Log(title = "字典类型", businessType = BusinessType.CLEAN) @DeleteMapping("/clearCache") public AjaxResult clearCache() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java index 183932b..c7b3760 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysLogininforController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -21,6 +20,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.system.domain.SysLogininfor; import com.ruoyi.system.service.ISysLogininforService; @@ -36,7 +36,7 @@ public class SysLogininforController extends BaseController @Autowired private ISysLogininforService logininforService; - @PreAuthorize("@ss.hasPermi('system:logininfor:list')") + @PreAuthorize(hasPermi = "system:logininfor:list") @GetMapping("/list") public TableDataInfo list(SysLogininfor logininfor) { @@ -46,7 +46,7 @@ public class SysLogininforController extends BaseController } @Log(title = "登陆日志", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:logininfor:export')") + @PreAuthorize(hasPermi = "system:logininfor:export") @PostMapping("/export") public void export(HttpServletResponse response, SysLogininfor logininfor) throws IOException { @@ -55,7 +55,7 @@ public class SysLogininforController extends BaseController util.exportExcel(response, list, "登陆日志"); } - @PreAuthorize("@ss.hasPermi('system:logininfor:remove')") + @PreAuthorize(hasPermi = "system:logininfor:remove") @Log(title = "登陆日志", businessType = BusinessType.DELETE) @DeleteMapping("/{infoIds}") public AjaxResult remove(@PathVariable Long[] infoIds) @@ -63,7 +63,7 @@ public class SysLogininforController extends BaseController return toAjax(logininforService.deleteLogininforByIds(infoIds)); } - @PreAuthorize("@ss.hasPermi('system:logininfor:remove')") + @PreAuthorize(hasPermi = "system:logininfor:remove") @Log(title = "登陆日志", businessType = BusinessType.DELETE) @DeleteMapping("/clean") public AjaxResult clean() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java index b3ba334..500b2ed 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysMenuController.java @@ -2,7 +2,6 @@ package com.ruoyi.system.controller; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -19,7 +18,7 @@ import com.ruoyi.common.core.web.controller.BaseController; import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; -import com.ruoyi.common.security.domain.LoginUser; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.domain.SysMenu; import com.ruoyi.system.service.ISysMenuService; @@ -39,12 +38,11 @@ public class SysMenuController extends BaseController /** * 获取菜单列表 */ - @PreAuthorize("@ss.hasPermi('system:menu:list')") + @PreAuthorize(hasPermi = "system:menu:list") @GetMapping("/list") public AjaxResult list(SysMenu menu) { - LoginUser loginUser = SecurityUtils.getLoginUser(); - Long userId = loginUser.getUserId(); + Long userId = SecurityUtils.getUserId(); List menus = menuService.selectMenuList(menu, userId); return AjaxResult.success(menus); } @@ -52,7 +50,7 @@ public class SysMenuController extends BaseController /** * 根据菜单编号获取详细信息 */ - @PreAuthorize("@ss.hasPermi('system:menu:query')") + @PreAuthorize(hasPermi = "system:menu:query") @GetMapping(value = "/{menuId}") public AjaxResult getInfo(@PathVariable Long menuId) { @@ -65,8 +63,7 @@ public class SysMenuController extends BaseController @GetMapping("/treeselect") public AjaxResult treeselect(SysMenu menu) { - LoginUser loginUser = SecurityUtils.getLoginUser(); - Long userId = loginUser.getUserId(); + Long userId = SecurityUtils.getUserId(); List menus = menuService.selectMenuList(menu, userId); return AjaxResult.success(menuService.buildMenuTreeSelect(menus)); } @@ -77,8 +74,7 @@ public class SysMenuController extends BaseController @GetMapping(value = "/roleMenuTreeselect/{roleId}") public AjaxResult roleMenuTreeselect(@PathVariable("roleId") Long roleId) { - LoginUser loginUser = SecurityUtils.getLoginUser(); - Long userId = loginUser.getUserId(); + Long userId = SecurityUtils.getUserId(); List menus = menuService.selectMenuList(userId); AjaxResult ajax = AjaxResult.success(); ajax.put("checkedKeys", menuService.selectMenuListByRoleId(roleId)); @@ -89,7 +85,7 @@ public class SysMenuController extends BaseController /** * 新增菜单 */ - @PreAuthorize("@ss.hasPermi('system:menu:add')") + @PreAuthorize(hasPermi = "system:menu:add") @Log(title = "菜单管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysMenu menu) @@ -110,7 +106,7 @@ public class SysMenuController extends BaseController /** * 修改菜单 */ - @PreAuthorize("@ss.hasPermi('system:menu:edit')") + @PreAuthorize(hasPermi = "system:menu:edit") @Log(title = "菜单管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysMenu menu) @@ -135,7 +131,7 @@ public class SysMenuController extends BaseController /** * 删除菜单 */ - @PreAuthorize("@ss.hasPermi('system:menu:remove')") + @PreAuthorize(hasPermi = "system:menu:remove") @Log(title = "菜单管理", businessType = BusinessType.DELETE) @DeleteMapping("/{menuId}") public AjaxResult remove(@PathVariable("menuId") Long menuId) @@ -159,7 +155,7 @@ public class SysMenuController extends BaseController @GetMapping("getRouters") public AjaxResult getRouters() { - Long userId = SecurityUtils.getLoginUser().getUserId(); + Long userId = SecurityUtils.getUserId(); List menus = menuService.selectMenuTreeByUserId(userId); return AjaxResult.success(menuService.buildMenus(menus)); } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java index 519fadf..e74b80f 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysNoticeController.java @@ -2,7 +2,6 @@ package com.ruoyi.system.controller; import java.util.List; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -17,6 +16,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.domain.SysNotice; import com.ruoyi.system.service.ISysNoticeService; @@ -36,7 +36,7 @@ public class SysNoticeController extends BaseController /** * 获取通知公告列表 */ - @PreAuthorize("@ss.hasPermi('system:notice:list')") + @PreAuthorize(hasPermi = "system:notice:list") @GetMapping("/list") public TableDataInfo list(SysNotice notice) { @@ -48,7 +48,7 @@ public class SysNoticeController extends BaseController /** * 根据通知公告编号获取详细信息 */ - @PreAuthorize("@ss.hasPermi('system:notice:query')") + @PreAuthorize(hasPermi = "system:notice:query") @GetMapping(value = "/{noticeId}") public AjaxResult getInfo(@PathVariable Long noticeId) { @@ -58,7 +58,7 @@ public class SysNoticeController extends BaseController /** * 新增通知公告 */ - @PreAuthorize("@ss.hasPermi('system:notice:add')") + @PreAuthorize(hasPermi = "system:notice:add") @Log(title = "通知公告", businessType = BusinessType.UPDATE) @PostMapping public AjaxResult add(@Validated @RequestBody SysNotice notice) @@ -70,7 +70,7 @@ public class SysNoticeController extends BaseController /** * 修改通知公告 */ - @PreAuthorize("@ss.hasPermi('system:notice:edit')") + @PreAuthorize(hasPermi = "system:notice:edit") @Log(title = "通知公告", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysNotice notice) @@ -82,7 +82,7 @@ public class SysNoticeController extends BaseController /** * 删除通知公告 */ - @PreAuthorize("@ss.hasPermi('system:notice:remove')") + @PreAuthorize(hasPermi = "system:notice:remove") @Log(title = "通知公告", businessType = BusinessType.DELETE) @DeleteMapping("/{noticeIds}") public AjaxResult remove(@PathVariable Long[] noticeIds) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java index 98d3491..9bae412 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysOperlogController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; @@ -18,6 +17,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.system.api.domain.SysOperLog; import com.ruoyi.system.service.ISysOperLogService; @@ -33,7 +33,7 @@ public class SysOperlogController extends BaseController @Autowired private ISysOperLogService operLogService; - @PreAuthorize("@ss.hasPermi('system:operlog:list')") + @PreAuthorize(hasPermi = "system:operlog:list") @GetMapping("/list") public TableDataInfo list(SysOperLog operLog) { @@ -43,7 +43,7 @@ public class SysOperlogController extends BaseController } @Log(title = "操作日志", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:operlog:export')") + @PreAuthorize(hasPermi = "system:operlog:export") @PostMapping("/export") public void export(HttpServletResponse response, SysOperLog operLog) throws IOException { @@ -52,14 +52,14 @@ public class SysOperlogController extends BaseController util.exportExcel(response, list, "操作日志"); } - @PreAuthorize("@ss.hasPermi('system:operlog:remove')") + @PreAuthorize(hasPermi = "system:operlog:remove") @DeleteMapping("/{operIds}") public AjaxResult remove(@PathVariable Long[] operIds) { return toAjax(operLogService.deleteOperLogByIds(operIds)); } - @PreAuthorize("@ss.hasPermi('system:operlog:remove')") + @PreAuthorize(hasPermi = "system:operlog:remove") @Log(title = "操作日志", businessType = BusinessType.CLEAN) @DeleteMapping("/clean") public AjaxResult clean() diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java index d3c5412..15ca5b6 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysPostController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -21,6 +20,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.domain.SysPost; import com.ruoyi.system.service.ISysPostService; @@ -40,7 +40,7 @@ public class SysPostController extends BaseController /** * 获取岗位列表 */ - @PreAuthorize("@ss.hasPermi('system:post:list')") + @PreAuthorize(hasPermi = "system:post:list") @GetMapping("/list") public TableDataInfo list(SysPost post) { @@ -50,7 +50,7 @@ public class SysPostController extends BaseController } @Log(title = "岗位管理", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:post:export')") + @PreAuthorize(hasPermi = "system:post:export") @PostMapping("/export") public void export(HttpServletResponse response, SysPost post) throws IOException { @@ -62,7 +62,7 @@ public class SysPostController extends BaseController /** * 根据岗位编号获取详细信息 */ - @PreAuthorize("@ss.hasPermi('system:post:query')") + @PreAuthorize(hasPermi = "system:post:query") @GetMapping(value = "/{postId}") public AjaxResult getInfo(@PathVariable Long postId) { @@ -72,7 +72,7 @@ public class SysPostController extends BaseController /** * 新增岗位 */ - @PreAuthorize("@ss.hasPermi('system:post:add')") + @PreAuthorize(hasPermi = "system:post:add") @Log(title = "岗位管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysPost post) @@ -92,7 +92,7 @@ public class SysPostController extends BaseController /** * 修改岗位 */ - @PreAuthorize("@ss.hasPermi('system:post:edit')") + @PreAuthorize(hasPermi = "system:post:edit") @Log(title = "岗位管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysPost post) @@ -112,7 +112,7 @@ public class SysPostController extends BaseController /** * 删除岗位 */ - @PreAuthorize("@ss.hasPermi('system:post:remove')") + @PreAuthorize(hasPermi = "system:post:remove") @Log(title = "岗位管理", businessType = BusinessType.DELETE) @DeleteMapping("/{postIds}") public AjaxResult remove(@PathVariable Long[] postIds) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java index 857721e..ac58c18 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysRoleController.java @@ -4,7 +4,6 @@ import java.io.IOException; import java.util.List; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -21,6 +20,7 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.api.domain.SysRole; import com.ruoyi.system.service.ISysRoleService; @@ -37,7 +37,7 @@ public class SysRoleController extends BaseController @Autowired private ISysRoleService roleService; - @PreAuthorize("@ss.hasPermi('system:role:list')") + @PreAuthorize(hasPermi = "system:role:list") @GetMapping("/list") public TableDataInfo list(SysRole role) { @@ -47,7 +47,7 @@ public class SysRoleController extends BaseController } @Log(title = "角色管理", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:role:export')") + @PreAuthorize(hasPermi = "system:role:export") @PostMapping("/export") public void export(HttpServletResponse response, SysRole role) throws IOException { @@ -59,7 +59,7 @@ public class SysRoleController extends BaseController /** * 根据角色编号获取详细信息 */ - @PreAuthorize("@ss.hasPermi('system:role:query')") + @PreAuthorize(hasPermi = "system:role:query") @GetMapping(value = "/{roleId}") public AjaxResult getInfo(@PathVariable Long roleId) { @@ -69,7 +69,7 @@ public class SysRoleController extends BaseController /** * 新增角色 */ - @PreAuthorize("@ss.hasPermi('system:role:add')") + @PreAuthorize(hasPermi = "system:role:add") @Log(title = "角色管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysRole role) @@ -90,7 +90,7 @@ public class SysRoleController extends BaseController /** * 修改保存角色 */ - @PreAuthorize("@ss.hasPermi('system:role:edit')") + @PreAuthorize(hasPermi = "system:role:edit") @Log(title = "角色管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysRole role) @@ -111,7 +111,7 @@ public class SysRoleController extends BaseController /** * 修改保存数据权限 */ - @PreAuthorize("@ss.hasPermi('system:role:edit')") + @PreAuthorize(hasPermi = "system:role:edit") @Log(title = "角色管理", businessType = BusinessType.UPDATE) @PutMapping("/dataScope") public AjaxResult dataScope(@RequestBody SysRole role) @@ -123,7 +123,7 @@ public class SysRoleController extends BaseController /** * 状态修改 */ - @PreAuthorize("@ss.hasPermi('system:role:edit')") + @PreAuthorize(hasPermi = "system:role:edit") @Log(title = "角色管理", businessType = BusinessType.UPDATE) @PutMapping("/changeStatus") public AjaxResult changeStatus(@RequestBody SysRole role) @@ -136,7 +136,7 @@ public class SysRoleController extends BaseController /** * 删除角色 */ - @PreAuthorize("@ss.hasPermi('system:role:remove')") + @PreAuthorize(hasPermi = "system:role:remove") @Log(title = "角色管理", businessType = BusinessType.DELETE) @DeleteMapping("/{roleIds}") public AjaxResult remove(@PathVariable Long[] roleIds) @@ -147,7 +147,7 @@ public class SysRoleController extends BaseController /** * 获取角色选择框列表 */ - @PreAuthorize("@ss.hasPermi('system:role:query')") + @PreAuthorize(hasPermi = "system:role:query") @GetMapping("/optionselect") public AjaxResult optionselect() { diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java index 932ac71..8c10a53 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java @@ -6,7 +6,6 @@ import java.util.Set; import java.util.stream.Collectors; import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.GetMapping; @@ -26,10 +25,11 @@ import com.ruoyi.common.core.web.domain.AjaxResult; import com.ruoyi.common.core.web.page.TableDataInfo; import com.ruoyi.common.log.annotation.Log; import com.ruoyi.common.log.enums.BusinessType; +import com.ruoyi.common.security.annotation.PreAuthorize; import com.ruoyi.common.security.utils.SecurityUtils; import com.ruoyi.system.api.domain.SysRole; import com.ruoyi.system.api.domain.SysUser; -import com.ruoyi.system.api.model.UserInfo; +import com.ruoyi.system.api.model.LoginUser; import com.ruoyi.system.service.ISysPermissionService; import com.ruoyi.system.service.ISysPostService; import com.ruoyi.system.service.ISysRoleService; @@ -59,7 +59,7 @@ public class SysUserController extends BaseController /** * 获取用户列表 */ - @PreAuthorize("@ss.hasPermi('system:user:list')") + @PreAuthorize(hasPermi = "system:user:list") @GetMapping("/list") public TableDataInfo list(SysUser user) { @@ -69,7 +69,7 @@ public class SysUserController extends BaseController } @Log(title = "用户管理", businessType = BusinessType.EXPORT) - @PreAuthorize("@ss.hasPermi('system:user:export')") + @PreAuthorize(hasPermi = "system:user:export") @PostMapping("/export") public void export(HttpServletResponse response, SysUser user) throws IOException { @@ -79,7 +79,7 @@ public class SysUserController extends BaseController } @Log(title = "用户管理", businessType = BusinessType.IMPORT) - @PreAuthorize("@ss.hasPermi('system:user:import')") + @PreAuthorize(hasPermi = "system:user:import") @PostMapping("/importData") public AjaxResult importData(MultipartFile file, boolean updateSupport) throws Exception { @@ -101,7 +101,7 @@ public class SysUserController extends BaseController * 获取当前用户信息 */ @GetMapping("/info/{username}") - public R info(@PathVariable("username") String username) + public R info(@PathVariable("username") String username) { SysUser sysUser = userService.selectUserByUserName(username); if (StringUtils.isNull(sysUser)) @@ -112,7 +112,7 @@ public class SysUserController extends BaseController Set roles = permissionService.getRolePermission(sysUser.getUserId()); // 权限集合 Set permissions = permissionService.getMenuPermission(sysUser.getUserId()); - UserInfo sysUserVo = new UserInfo(); + LoginUser sysUserVo = new LoginUser(); sysUserVo.setSysUser(sysUser); sysUserVo.setRoles(roles); sysUserVo.setPermissions(permissions); @@ -127,7 +127,7 @@ public class SysUserController extends BaseController @GetMapping("getInfo") public AjaxResult getInfo() { - Long userId = SecurityUtils.getLoginUser().getUserId(); + Long userId = SecurityUtils.getUserId(); // 角色集合 Set roles = permissionService.getRolePermission(userId); // 权限集合 @@ -142,7 +142,7 @@ public class SysUserController extends BaseController /** * 根据用户编号获取详细信息 */ - @PreAuthorize("@ss.hasPermi('system:user:query')") + @PreAuthorize(hasPermi = "system:user:query") @GetMapping(value = { "/", "/{userId}" }) public AjaxResult getInfo(@PathVariable(value = "userId", required = false) Long userId) { @@ -162,7 +162,7 @@ public class SysUserController extends BaseController /** * 新增用户 */ - @PreAuthorize("@ss.hasPermi('system:user:add')") + @PreAuthorize(hasPermi = "system:user:add") @Log(title = "用户管理", businessType = BusinessType.INSERT) @PostMapping public AjaxResult add(@Validated @RequestBody SysUser user) @@ -187,7 +187,7 @@ public class SysUserController extends BaseController /** * 修改用户 */ - @PreAuthorize("@ss.hasPermi('system:user:edit')") + @PreAuthorize(hasPermi = "system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping public AjaxResult edit(@Validated @RequestBody SysUser user) @@ -208,7 +208,7 @@ public class SysUserController extends BaseController /** * 删除用户 */ - @PreAuthorize("@ss.hasPermi('system:user:remove')") + @PreAuthorize(hasPermi = "system:user:remove") @Log(title = "用户管理", businessType = BusinessType.DELETE) @DeleteMapping("/{userIds}") public AjaxResult remove(@PathVariable Long[] userIds) @@ -219,7 +219,7 @@ public class SysUserController extends BaseController /** * 重置密码 */ - @PreAuthorize("@ss.hasPermi('system:user:edit')") + @PreAuthorize(hasPermi = "system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping("/resetPwd") public AjaxResult resetPwd(@RequestBody SysUser user) @@ -233,7 +233,7 @@ public class SysUserController extends BaseController /** * 状态修改 */ - @PreAuthorize("@ss.hasPermi('system:user:edit')") + @PreAuthorize(hasPermi = "system:user:edit") @Log(title = "用户管理", businessType = BusinessType.UPDATE) @PutMapping("/changeStatus") public AjaxResult changeStatus(@RequestBody SysUser user) diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysClientDetails.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysClientDetails.java deleted file mode 100644 index b16c652..0000000 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/domain/SysClientDetails.java +++ /dev/null @@ -1,213 +0,0 @@ -package com.ruoyi.system.domain; - -import org.apache.commons.lang3.builder.ToStringBuilder; -import org.apache.commons.lang3.builder.ToStringStyle; -import com.ruoyi.common.core.web.domain.BaseEntity; - -/** - * 终端配置表 sys_oauth_client_details - * - * @author ruoyi - */ -public class SysClientDetails extends BaseEntity -{ - private static final long serialVersionUID = 1L; - - /** - * 终端编号 - */ - private String clientId; - - /** - * 资源ID标识 - */ - private String resourceIds; - - /** - * 终端安全码 - */ - private String clientSecret; - - /** - * 终端授权范围 - */ - private String scope; - - /** - * 终端授权类型 - */ - private String authorizedGrantTypes; - - /** - * 服务器回调地址 - */ - private String webServerRedirectUri; - - /** - * 访问资源所需权限 - */ - private String authorities; - - /** - * 设定终端的access_token的有效时间值(秒) - */ - private Integer accessTokenValidity; - - /** - * 设定终端的refresh_token的有效时间值(秒) - */ - private Integer refreshTokenValidity; - - /** - * 附加信息 - */ - private String additionalInformation; - - /** - * 是否登录时跳过授权 - */ - private String autoapprove; - - /** - * 终端明文安全码 - */ - private String originSecret; - - public String getClientId() - { - return clientId; - } - - public void setClientId(String clientId) - { - this.clientId = clientId; - } - - public String getResourceIds() - { - return resourceIds; - } - - public void setResourceIds(String resourceIds) - { - this.resourceIds = resourceIds; - } - - public String getClientSecret() - { - return clientSecret; - } - - public void setClientSecret(String clientSecret) - { - this.clientSecret = clientSecret; - } - - public String getScope() - { - return scope; - } - - public void setScope(String scope) - { - this.scope = scope; - } - - public String getAuthorizedGrantTypes() - { - return authorizedGrantTypes; - } - - public void setAuthorizedGrantTypes(String authorizedGrantTypes) - { - this.authorizedGrantTypes = authorizedGrantTypes; - } - - public String getWebServerRedirectUri() - { - return webServerRedirectUri; - } - - public void setWebServerRedirectUri(String webServerRedirectUri) - { - this.webServerRedirectUri = webServerRedirectUri; - } - - public String getAuthorities() - { - return authorities; - } - - public void setAuthorities(String authorities) - { - this.authorities = authorities; - } - - public Integer getAccessTokenValidity() - { - return accessTokenValidity; - } - - public void setAccessTokenValidity(Integer accessTokenValidity) - { - this.accessTokenValidity = accessTokenValidity; - } - - public Integer getRefreshTokenValidity() - { - return refreshTokenValidity; - } - - public void setRefreshTokenValidity(Integer refreshTokenValidity) - { - this.refreshTokenValidity = refreshTokenValidity; - } - - public String getAdditionalInformation() - { - return additionalInformation; - } - - public void setAdditionalInformation(String additionalInformation) - { - this.additionalInformation = additionalInformation; - } - - public String getAutoapprove() - { - return autoapprove; - } - - public void setAutoapprove(String autoapprove) - { - this.autoapprove = autoapprove; - } - - public String getOriginSecret() - { - return originSecret; - } - - public void setOriginSecret(String originSecret) - { - this.originSecret = originSecret; - } - - @Override - public String toString() { - return new ToStringBuilder(this,ToStringStyle.MULTI_LINE_STYLE) - .append("clientId", getClientId()) - .append("resourceIds", getResourceIds()) - .append("clientSecret", getClientSecret()) - .append("scope", getScope()) - .append("authorizedGrantTypes", getAuthorizedGrantTypes()) - .append("webServerRedirectUri", getWebServerRedirectUri()) - .append("authorities", getAuthorities()) - .append("accessTokenValidity", getAccessTokenValidity()) - .append("refreshTokenValidity", getRefreshTokenValidity()) - .append("additionalInformation", getAdditionalInformation()) - .append("autoapprove", getAutoapprove()) - .append("originSecret", getOriginSecret()) - .toString(); - } -} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysClientDetailsMapper.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysClientDetailsMapper.java deleted file mode 100644 index bab577e..0000000 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysClientDetailsMapper.java +++ /dev/null @@ -1,60 +0,0 @@ -package com.ruoyi.system.mapper; - -import java.util.List; -import com.ruoyi.system.domain.SysClientDetails; - -/** - * 终端配置Mapper接口 - * - * @author ruoyi - */ -public interface SysClientDetailsMapper -{ - /** - * 查询终端配置 - * - * @param clientId 终端配置ID - * @return 终端配置 - */ - public SysClientDetails selectSysClientDetailsById(String clientId); - - /** - * 查询终端配置列表 - * - * @param sysClientDetails 终端配置 - * @return 终端配置集合 - */ - public List selectSysClientDetailsList(SysClientDetails sysClientDetails); - - /** - * 新增终端配置 - * - * @param sysClientDetails 终端配置 - * @return 结果 - */ - public int insertSysClientDetails(SysClientDetails sysClientDetails); - - /** - * 修改终端配置 - * - * @param sysClientDetails 终端配置 - * @return 结果 - */ - public int updateSysClientDetails(SysClientDetails sysClientDetails); - - /** - * 删除终端配置 - * - * @param clientId 终端配置ID - * @return 结果 - */ - public int deleteSysClientDetailsById(String clientId); - - /** - * 批量删除终端配置 - * - * @param clientIds 需要删除的数据ID - * @return 结果 - */ - public int deleteSysClientDetailsByIds(String[] clientIds); -} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysClientDetailsService.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysClientDetailsService.java deleted file mode 100644 index 3ef835e..0000000 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/ISysClientDetailsService.java +++ /dev/null @@ -1,52 +0,0 @@ -package com.ruoyi.system.service; - -import java.util.List; -import com.ruoyi.system.domain.SysClientDetails; - -/** - * 终端配置Service接口 - * - * @author ruoyi - */ -public interface ISysClientDetailsService -{ - /** - * 查询终端配置 - * - * @param clientId 终端配置ID - * @return 终端配置 - */ - public SysClientDetails selectSysClientDetailsById(String clientId); - - /** - * 查询终端配置列表 - * - * @param sysClientDetails 终端配置 - * @return 终端配置集合 - */ - public List selectSysClientDetailsList(SysClientDetails sysClientDetails); - - /** - * 新增终端配置 - * - * @param sysClientDetails 终端配置 - * @return 结果 - */ - public int insertSysClientDetails(SysClientDetails sysClientDetails); - - /** - * 修改终端配置 - * - * @param sysClientDetails 终端配置 - * @return 结果 - */ - public int updateSysClientDetails(SysClientDetails sysClientDetails); - - /** - * 批量删除终端配置 - * - * @param clientIds 需要删除的终端配置ID - * @return 结果 - */ - public int deleteSysClientDetailsByIds(String[] clientIds); -} diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysClientDetailsServiceImpl.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysClientDetailsServiceImpl.java deleted file mode 100644 index 4449dfd..0000000 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/SysClientDetailsServiceImpl.java +++ /dev/null @@ -1,87 +0,0 @@ -package com.ruoyi.system.service.impl; - -import java.util.List; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.cache.annotation.CacheEvict; -import org.springframework.stereotype.Service; -import com.ruoyi.common.core.constant.CacheConstants; -import com.ruoyi.common.security.utils.SecurityUtils; -import com.ruoyi.system.domain.SysClientDetails; -import com.ruoyi.system.mapper.SysClientDetailsMapper; -import com.ruoyi.system.service.ISysClientDetailsService; - -/** - * 终端配置Service业务层处理 - * - * @author ruoyi - */ -@Service -public class SysClientDetailsServiceImpl implements ISysClientDetailsService -{ - @Autowired - private SysClientDetailsMapper sysClientDetailsMapper; - - /** - * 查询终端配置 - * - * @param clientId 终端配置ID - * @return 终端配置 - */ - @Override - public SysClientDetails selectSysClientDetailsById(String clientId) - { - return sysClientDetailsMapper.selectSysClientDetailsById(clientId); - } - - /** - * 查询终端配置列表 - * - * @param sysClientDetails 终端配置 - * @return 终端配置 - */ - @Override - public List selectSysClientDetailsList(SysClientDetails sysClientDetails) - { - return sysClientDetailsMapper.selectSysClientDetailsList(sysClientDetails); - } - - /** - * 新增终端配置 - * - * @param sysClientDetails 终端配置 - * @return 结果 - */ - @Override - public int insertSysClientDetails(SysClientDetails sysClientDetails) - { - sysClientDetails.setClientSecret(SecurityUtils.encryptPassword(sysClientDetails.getOriginSecret())); - return sysClientDetailsMapper.insertSysClientDetails(sysClientDetails); - } - - /** - * 修改终端配置 - * - * @param sysClientDetails 终端配置 - * @return 结果 - */ - @Override - @CacheEvict(value = CacheConstants.CLIENT_DETAILS_KEY, key = "#sysClientDetails.clientId") - public int updateSysClientDetails(SysClientDetails sysClientDetails) - { - sysClientDetails.setClientSecret(SecurityUtils.encryptPassword(sysClientDetails.getOriginSecret())); - return sysClientDetailsMapper.updateSysClientDetails(sysClientDetails); - } - - /** - * 批量删除终端配置 - * - * @param clientIds 需要删除的终端配置ID - * @return 结果 - */ - @Override - @CacheEvict(value = CacheConstants.CLIENT_DETAILS_KEY, allEntries = true) - public int deleteSysClientDetailsByIds(String[] clientIds) - { - return sysClientDetailsMapper.deleteSysClientDetailsByIds(clientIds); - } -} diff --git a/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysClientDetailsMapper.xml b/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysClientDetailsMapper.xml deleted file mode 100644 index dfe0061..0000000 --- a/ruoyi-modules/ruoyi-system/src/main/resources/mapper/system/SysClientDetailsMapper.xml +++ /dev/null @@ -1,99 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - select client_id, resource_ids, client_secret, scope, authorized_grant_types, web_server_redirect_uri, authorities, access_token_validity, refresh_token_validity, additional_information, autoapprove, origin_secret from sys_oauth_client_details - - - - - - - - insert into sys_oauth_client_details - - client_id, - resource_ids, - client_secret, - scope, - authorized_grant_types, - web_server_redirect_uri, - authorities, - access_token_validity, - refresh_token_validity, - additional_information, - autoapprove, - origin_secret, - - - #{clientId}, - #{resourceIds}, - #{clientSecret}, - #{scope}, - #{authorizedGrantTypes}, - #{webServerRedirectUri}, - #{authorities}, - #{accessTokenValidity}, - #{refreshTokenValidity}, - #{additionalInformation}, - #{autoapprove}, - #{originSecret}, - - - - - update sys_oauth_client_details - - resource_ids = #{resourceIds}, - client_secret = #{clientSecret}, - scope = #{scope}, - authorized_grant_types = #{authorizedGrantTypes}, - web_server_redirect_uri = #{webServerRedirectUri}, - authorities = #{authorities}, - access_token_validity = #{accessTokenValidity}, - refresh_token_validity = #{refreshTokenValidity}, - additional_information = #{additionalInformation}, - autoapprove = #{autoapprove}, - origin_secret = #{originSecret}, - - where client_id = #{clientId} - - - - delete from sys_oauth_client_details where client_id = #{clientId} - - - - delete from sys_oauth_client_details where client_id in - - #{clientId} - - - - \ No newline at end of file diff --git a/ruoyi-ui/src/api/login.js b/ruoyi-ui/src/api/login.js index f72fe46..8b39686 100644 --- a/ruoyi-ui/src/api/login.js +++ b/ruoyi-ui/src/api/login.js @@ -6,21 +6,18 @@ const scope = 'server' // 登录方法 export function login(username, password, code, uuid) { - const grant_type = 'password' return request({ - url: '/auth/oauth/token', + url: '/auth/login', method: 'post', - params: { username, password, code, uuid, client_id, client_secret, grant_type, scope } + data: { username, password, code, uuid } }) } // 刷新方法 -export function refreshToken(refresh_token) { - const grant_type = 'refresh_token' +export function refreshToken() { return request({ - url: '/auth/oauth/token', - method: 'post', - params: { client_id, client_secret, grant_type, scope, refresh_token } + url: '/auth/refresh', + method: 'post' }) } @@ -35,7 +32,7 @@ export function getInfo() { // 退出方法 export function logout() { return request({ - url: '/auth/token/logout', + url: '/auth/logout', method: 'delete' }) } diff --git a/ruoyi-ui/src/api/system/client.js b/ruoyi-ui/src/api/system/client.js deleted file mode 100644 index 8712d3a..0000000 --- a/ruoyi-ui/src/api/system/client.js +++ /dev/null @@ -1,44 +0,0 @@ -import request from '@/utils/request' - -// 查询终端配置列表 -export function listClient(query) { - return request({ - url: '/system/client/list', - method: 'get', - params: query - }) -} - -// 查询终端配置详细 -export function getClient(clientId) { - return request({ - url: '/system/client/' + clientId, - method: 'get' - }) -} - -// 新增终端配置 -export function addClient(data) { - return request({ - url: '/system/client', - method: 'post', - data: data - }) -} - -// 修改终端配置 -export function updateClient(data) { - return request({ - url: '/system/client', - method: 'put', - data: data - }) -} - -// 删除终端配置 -export function delClient(clientId) { - return request({ - url: '/system/client/' + clientId, - method: 'delete' - }) -} \ No newline at end of file diff --git a/ruoyi-ui/src/store/modules/user.js b/ruoyi-ui/src/store/modules/user.js index c097710..7b5ceaf 100644 --- a/ruoyi-ui/src/store/modules/user.js +++ b/ruoyi-ui/src/store/modules/user.js @@ -1,10 +1,9 @@ import { login, logout, getInfo, refreshToken } from '@/api/login' -import { getToken, getRefreshToken, setToken, setRefreshToken, setExpiresIn, removeToken } from '@/utils/auth' +import { getToken, setToken, setExpiresIn, removeToken } from '@/utils/auth' const user = { state: { token: getToken(), - refresh_token: getRefreshToken(), name: '', avatar: '', roles: [], @@ -18,9 +17,6 @@ const user = { SET_EXPIRES_IN: (state, time) => { state.expires_in = time }, - SET_REFRESH_TOKEN: (state, token) => { - state.refresh_token = token - }, SET_NAME: (state, name) => { state.name = name }, @@ -44,12 +40,11 @@ const user = { const uuid = userInfo.uuid return new Promise((resolve, reject) => { login(username, password, code, uuid).then(res => { - setToken(res.access_token) - commit('SET_TOKEN', res.access_token) - setRefreshToken(res.refresh_token) - commit('SET_REFRESH_TOKEN', res.refresh_token) - setExpiresIn(res.expires_in) - commit('SET_EXPIRES_IN', res.expires_in) + let data = res.data + setToken(data.access_token) + commit('SET_TOKEN', data.access_token) + setExpiresIn(data.expires_in) + commit('SET_EXPIRES_IN', data.expires_in) resolve() }).catch(error => { reject(error) @@ -77,17 +72,13 @@ const user = { }) }) }, - + // 刷新token RefreshToken({commit, state}) { return new Promise((resolve, reject) => { - refreshToken(state.refresh_token).then(res => { - setToken(res.access_token) - commit('SET_TOKEN', res.access_token) - setRefreshToken(res.refresh_token) - commit('SET_REFRESH_TOKEN', res.refresh_token) - setExpiresIn(res.expires_in) - commit('SET_EXPIRES_IN', res.expires_in) + refreshToken(state.token).then(res => { + setExpiresIn(res.data) + commit('SET_EXPIRES_IN', res.data) resolve() }).catch(error => { reject(error) diff --git a/ruoyi-ui/src/utils/auth.js b/ruoyi-ui/src/utils/auth.js index 59b55cd..7fa7559 100644 --- a/ruoyi-ui/src/utils/auth.js +++ b/ruoyi-ui/src/utils/auth.js @@ -2,8 +2,6 @@ import Cookies from 'js-cookie' const TokenKey = 'Admin-Token' -const RefreshTokenKey = 'Admin-Refresh-Token' - const ExpiresInKey = 'Admin-Expires-In' export function getToken() { @@ -18,18 +16,6 @@ export function removeToken() { return Cookies.remove(TokenKey) } -export function getRefreshToken() { - return Cookies.get(RefreshTokenKey) || `` -} - -export function setRefreshToken(token) { - return Cookies.set(RefreshTokenKey, token) -} - -export function removeRefreshToken() { - return Cookies.remove(RefreshTokenKey) -} - export function getExpiresIn() { return Cookies.get(ExpiresInKey) || -1 } diff --git a/ruoyi-ui/src/utils/request.js b/ruoyi-ui/src/utils/request.js index 87c02ab..ab58b2c 100644 --- a/ruoyi-ui/src/utils/request.js +++ b/ruoyi-ui/src/utils/request.js @@ -19,7 +19,7 @@ service.interceptors.request.use(config => { // 是否需要设置 token const isToken = (config.headers || {}).isToken === false if (getToken() && !isToken) { - config.headers['Authorization'] = 'Bearer ' + getToken() // 让每个请求携带自定义token 请根据实际情况自行修改 + config.headers['Authorization'] = 'Bearer ' + getToken() // 让每个请求携带自定义token 请根据实际 } return config }, error => { diff --git a/ruoyi-ui/src/views/index.vue b/ruoyi-ui/src/views/index.vue index 2fda0b8..57a4739 100644 --- a/ruoyi-ui/src/views/index.vue +++ b/ruoyi-ui/src/views/index.vue @@ -88,7 +88,7 @@ export default { return; } const expires_in = getExpiresIn(); - if (expires_in <= 1000 && !this.refreshLock) { + if (expires_in <= 1200 && !this.refreshLock) { this.refreshLock = true this.$store .dispatch('RefreshToken') diff --git a/ruoyi-ui/src/views/system/client/index.vue b/ruoyi-ui/src/views/system/client/index.vue deleted file mode 100644 index fea107f..0000000 --- a/ruoyi-ui/src/views/system/client/index.vue +++ /dev/null @@ -1,292 +0,0 @@ - - - \ No newline at end of file diff --git a/sql/ry_20200823.sql b/sql/ry_20200901.sql similarity index 90% rename from sql/ry_20200823.sql rename to sql/ry_20200901.sql index 2e7acd7..4e0f0bd 100644 --- a/sql/ry_20200823.sql +++ b/sql/ry_20200901.sql @@ -165,19 +165,18 @@ insert into sys_menu values('103', '部门管理', '1', '4', 'dept', insert into sys_menu values('104', '岗位管理', '1', '5', 'post', 'system/post/index', 1, 'C', '0', '0', 'system:post:list', 'post', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '岗位管理菜单'); insert into sys_menu values('105', '字典管理', '1', '6', 'dict', 'system/dict/index', 1, 'C', '0', '0', 'system:dict:list', 'dict', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '字典管理菜单'); insert into sys_menu values('106', '参数设置', '1', '7', 'config', 'system/config/index', 1, 'C', '0', '0', 'system:config:list', 'edit', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '参数设置菜单'); -insert into sys_menu values('107', '终端设置', '1', '8', 'client', 'system/client/index', 1, 'C', '0', '0', 'system:client:list', 'client', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '终端设置菜单'); -insert into sys_menu values('108', '通知公告', '1', '9', 'notice', 'system/notice/index', 1, 'C', '0', '0', 'system:notice:list', 'message', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '通知公告菜单'); -insert into sys_menu values('109', '日志管理', '1', '10', 'log', 'system/log/index', 1, 'M', '0', '0', '', 'log', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '日志管理菜单'); -insert into sys_menu values('110', '定时任务', '2', '1', 'job', 'monitor/job/index', 1, 'C', '0', '0', 'monitor:job:list', 'job', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '定时任务菜单'); -insert into sys_menu values('111', 'Sentinel控制台', '2', '2', 'http://localhost:8718', '', 1, 'C', '0', '0', 'monitor:sentinel:list', 'sentinel', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '流量控制菜单'); -insert into sys_menu values('112', 'Nacos控制台', '2', '3', 'http://localhost:8848/nacos', '', 1, 'C', '0', '0', 'monitor:nacos:list', 'nacos', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '服务治理菜单'); -insert into sys_menu values('113', 'Admin控制台', '2', '4', 'http://localhost:9100/login', '', 1, 'C', '0', '0', 'monitor:server:list', 'server', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '服务监控菜单'); -insert into sys_menu values('114', '表单构建', '3', '1', 'build', 'tool/build/index', 1 ,'C', '0', '0', 'tool:build:list', 'build', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '表单构建菜单'); -insert into sys_menu values('115', '代码生成', '3', '2', 'gen', 'tool/gen/index', 1, 'C', '0', '0', 'tool:gen:list', 'code', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '代码生成菜单'); -insert into sys_menu values('116', '系统接口', '3', '3', 'http://localhost:8080/swagger-ui.html', '', 1, 'C', '0', '0', 'tool:swagger:list', 'swagger', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '系统接口菜单'); +insert into sys_menu values('107', '通知公告', '1', '9', 'notice', 'system/notice/index', 1, 'C', '0', '0', 'system:notice:list', 'message', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '通知公告菜单'); +insert into sys_menu values('108', '日志管理', '1', '10', 'log', 'system/log/index', 1, 'M', '0', '0', '', 'log', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '日志管理菜单'); +insert into sys_menu values('109', '定时任务', '2', '1', 'job', 'monitor/job/index', 1, 'C', '0', '0', 'monitor:job:list', 'job', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '定时任务菜单'); +insert into sys_menu values('110', 'Sentinel控制台', '2', '2', 'http://localhost:8718', '', 1, 'C', '0', '0', 'monitor:sentinel:list', 'sentinel', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '流量控制菜单'); +insert into sys_menu values('111', 'Nacos控制台', '2', '3', 'http://localhost:8848/nacos', '', 1, 'C', '0', '0', 'monitor:nacos:list', 'nacos', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '服务治理菜单'); +insert into sys_menu values('112', 'Admin控制台', '2', '4', 'http://localhost:9100/login', '', 1, 'C', '0', '0', 'monitor:server:list', 'server', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '服务监控菜单'); +insert into sys_menu values('113', '表单构建', '3', '1', 'build', 'tool/build/index', 1 ,'C', '0', '0', 'tool:build:list', 'build', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '表单构建菜单'); +insert into sys_menu values('114', '代码生成', '3', '2', 'gen', 'tool/gen/index', 1, 'C', '0', '0', 'tool:gen:list', 'code', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '代码生成菜单'); +insert into sys_menu values('115', '系统接口', '3', '3', 'http://localhost:8080/swagger-ui.html', '', 1, 'C', '0', '0', 'tool:swagger:list', 'swagger', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '系统接口菜单'); -- 三级菜单 -insert into sys_menu values('500', '操作日志', '109', '1', 'operlog', 'system/operlog/index', 1, 'C', '0', '0', 'system:operlog:list', 'form', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '操作日志菜单'); -insert into sys_menu values('501', '登录日志', '109', '2', 'logininfor', 'system/logininfor/index', 1, 'C', '0', '0', 'system:logininfor:list', 'logininfor', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '登录日志菜单'); +insert into sys_menu values('500', '操作日志', '108', '1', 'operlog', 'system/operlog/index', 1, 'C', '0', '0', 'system:operlog:list', 'form', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '操作日志菜单'); +insert into sys_menu values('501', '登录日志', '108', '2', 'logininfor', 'system/logininfor/index', 1, 'C', '0', '0', 'system:logininfor:list', 'logininfor', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', '登录日志菜单'); -- 用户管理按钮 insert into sys_menu values('1001', '用户查询', '100', '1', '', '', 1, 'F', '0', '0', 'system:user:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); insert into sys_menu values('1002', '用户新增', '100', '2', '', '', 1, 'F', '0', '0', 'system:user:add', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); @@ -220,17 +219,11 @@ insert into sys_menu values('1032', '参数新增', '106', '2', '#', '', 1, 'F', insert into sys_menu values('1033', '参数修改', '106', '3', '#', '', 1, 'F', '0', '0', 'system:config:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); insert into sys_menu values('1034', '参数删除', '106', '4', '#', '', 1, 'F', '0', '0', 'system:config:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); insert into sys_menu values('1035', '参数导出', '106', '5', '#', '', 1, 'F', '0', '0', 'system:config:export', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); --- 终端设置按钮 -insert into sys_menu values('1036', '终端查询', '107', '1', '#', '', 1, 'F', '0', '0', 'system:client:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1037', '终端新增', '107', '2', '#', '', 1, 'F', '0', '0', 'system:client:add', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1038', '终端修改', '107', '3', '#', '', 1, 'F', '0', '0', 'system:client:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1039', '终端删除', '107', '4', '#', '', 1, 'F', '0', '0', 'system:client:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1040', '终端导出', '107', '5', '#', '', 1, 'F', '0', '0', 'system:client:export', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); --- 通知公告按钮 -insert into sys_menu values('1041', '公告查询', '108', '1', '#', '', 1, 'F', '0', '0', 'system:notice:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1042', '公告新增', '108', '2', '#', '', 1, 'F', '0', '0', 'system:notice:add', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1043', '公告修改', '108', '3', '#', '', 1, 'F', '0', '0', 'system:notice:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1044', '公告删除', '108', '4', '#', '', 1, 'F', '0', '0', 'system:notice:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +\-- 通知公告按钮 +insert into sys_menu values('1041', '公告查询', '107', '1', '#', '', 1, 'F', '0', '0', 'system:notice:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1042', '公告新增', '107', '2', '#', '', 1, 'F', '0', '0', 'system:notice:add', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1043', '公告修改', '107', '3', '#', '', 1, 'F', '0', '0', 'system:notice:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1044', '公告删除', '107', '4', '#', '', 1, 'F', '0', '0', 'system:notice:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -- 操作日志按钮 insert into sys_menu values('1045', '操作查询', '500', '1', '#', '', 1, 'F', '0', '0', 'system:operlog:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); insert into sys_menu values('1046', '操作删除', '500', '2', '#', '', 1, 'F', '0', '0', 'system:operlog:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); @@ -240,19 +233,19 @@ insert into sys_menu values('1048', '登录查询', '501', '1', '#', '', 1, 'F', insert into sys_menu values('1049', '登录删除', '501', '2', '#', '', 1, 'F', '0', '0', 'system:logininfor:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); insert into sys_menu values('1050', '日志导出', '501', '3', '#', '', 1, 'F', '0', '0', 'system:logininfor:export', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -- 定时任务按钮 -insert into sys_menu values('1051', '任务查询', '110', '1', '#', '', 1, 'F', '0', '0', 'monitor:job:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1052', '任务新增', '110', '2', '#', '', 1, 'F', '0', '0', 'monitor:job:add', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1053', '任务修改', '110', '3', '#', '', 1, 'F', '0', '0', 'monitor:job:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1054', '任务删除', '110', '4', '#', '', 1, 'F', '0', '0', 'monitor:job:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1055', '状态修改', '110', '5', '#', '', 1, 'F', '0', '0', 'monitor:job:changeStatus', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1056', '任务导出', '110', '7', '#', '', 1, 'F', '0', '0', 'monitor:job:export', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1051', '任务查询', '109', '1', '#', '', 1, 'F', '0', '0', 'monitor:job:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1052', '任务新增', '109', '2', '#', '', 1, 'F', '0', '0', 'monitor:job:add', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1053', '任务修改', '109', '3', '#', '', 1, 'F', '0', '0', 'monitor:job:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1054', '任务删除', '109', '4', '#', '', 1, 'F', '0', '0', 'monitor:job:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1055', '状态修改', '109', '5', '#', '', 1, 'F', '0', '0', 'monitor:job:changeStatus', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1056', '任务导出', '109', '7', '#', '', 1, 'F', '0', '0', 'monitor:job:export', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -- 代码生成按钮 -insert into sys_menu values('1057', '生成查询', '115', '1', '#', '', 1, 'F', '0', '0', 'tool:gen:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1058', '生成修改', '115', '2', '#', '', 1, 'F', '0', '0', 'tool:gen:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1059', '生成删除', '115', '3', '#', '', 1, 'F', '0', '0', 'tool:gen:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1060', '导入代码', '115', '2', '#', '', 1, 'F', '0', '0', 'tool:gen:import', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1061', '预览代码', '115', '4', '#', '', 1, 'F', '0', '0', 'tool:gen:preview', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -insert into sys_menu values('1062', '生成代码', '115', '5', '#', '', 1, 'F', '0', '0', 'tool:gen:code', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1057', '生成查询', '114', '1', '#', '', 1, 'F', '0', '0', 'tool:gen:query', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1058', '生成修改', '114', '2', '#', '', 1, 'F', '0', '0', 'tool:gen:edit', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1059', '生成删除', '114', '3', '#', '', 1, 'F', '0', '0', 'tool:gen:remove', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1060', '导入代码', '114', '2', '#', '', 1, 'F', '0', '0', 'tool:gen:import', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1061', '预览代码', '114', '4', '#', '', 1, 'F', '0', '0', 'tool:gen:preview', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); +insert into sys_menu values('1062', '生成代码', '114', '5', '#', '', 1, 'F', '0', '0', 'tool:gen:code', '#', 'admin', '2018-03-16 11-33-00', 'ry', '2018-03-16 11-33-00', ''); -- ---------------------------- @@ -684,30 +677,3 @@ create table gen_table_column ( update_time datetime comment '更新时间', primary key (column_id) ) engine=innodb auto_increment=1 comment = '代码生成业务表字段'; - - --- ---------------------------- --- 20、终端配置表 --- ---------------------------- -drop table if exists sys_oauth_client_details; -create table sys_oauth_client_details ( - client_id varchar(255) not null comment '终端编号', - resource_ids varchar(255) default null comment '资源ID标识', - client_secret varchar(255) not null comment '终端安全码', - scope varchar(255) not null comment '终端授权范围', - authorized_grant_types varchar(255) not null comment '终端授权类型', - web_server_redirect_uri varchar(255) default null comment '服务器回调地址', - authorities varchar(255) default null comment '访问资源所需权限', - access_token_validity int(11) default null comment '设定终端的access_token的有效时间值(秒)', - refresh_token_validity int(11) default null comment '设定终端的refresh_token的有效时间值(秒)', - additional_information varchar(4096) default null comment '附加信息', - autoapprove tinyint(4) default null comment '是否登录时跳过授权', - origin_secret varchar(255) not null comment '终端明文安全码', - primary key (client_id) -) engine=innodb auto_increment=1 comment = '终端配置表'; - --- ---------------------------- --- 初始化-终端配置表数据 --- ---------------------------- -insert into sys_oauth_client_details values ('web', '', '$2a$10$y2hKeELx.z3Sbz.kjQ4wmuiIsv5ZSbUQ1ov4BwFH6ccirP8Knp1uq', 'server', 'password,refresh_token', '', NULL, 3600, 7200, NULL, NULL, '123456'); -insert into sys_oauth_client_details values ('ruoyi', '', '$2a$10$y2hKeELx.z3Sbz.kjQ4wmuiIsv5ZSbUQ1ov4BwFH6ccirP8Knp1uq', 'server', 'password,client_credentials,refresh_token', '', NULL, 3600, 7200, NULL, NULL, '123456'); \ No newline at end of file diff --git a/sql/ry_config_20200618.sql b/sql/ry_config_20200901.sql similarity index 89% rename from sql/ry_config_20200618.sql rename to sql/ry_config_20200901.sql index 71955b2..1752359 100644 --- a/sql/ry_config_20200618.sql +++ b/sql/ry_config_20200901.sql @@ -32,11 +32,11 @@ CREATE TABLE `config_info` ( ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='config_info'; insert into config_info(id, data_id, group_id, content, md5, gmt_create, gmt_modified, src_user, src_ip, app_name, tenant_id, c_desc, c_use, effect, type, c_schema) values -(1,'application-dev.yml','DEFAULT_GROUP','#请求处理的超时时间\nribbon:\n ReadTimeout: 10000\n ConnectTimeout: 10000\n\n# feign 配置\nfeign:\n sentinel:\n enabled: true\n okhttp:\n enabled: true\n httpclient:\n enabled: false\n client:\n config:\n default:\n connectTimeout: 10000\n readTimeout: 10000\n compression:\n request:\n enabled: true\n response:\n enabled: true\n\n# 暴露监控端点\nmanagement:\n endpoints:\n web:\n exposure:\n include: \'*\'\n\n# 认证配置\nsecurity:\n oauth2:\n client:\n client-id: ruoyi\n client-secret: 123456\n scope: server\n resource:\n loadBalanced: true\n token-info-uri: http://ruoyi-auth/oauth/check_token\n ignore:\n urls:\n - /v2/api-docs\n - /actuator/**\n - /user/info/*\n - /operlog\n - /logininfor\n','bf6cdf98474bf18c7ff697afbdf18e50','2019-11-29 16:31:20','2020-06-09 18:22:21',NULL,'0:0:0:0:0:0:0:1','','','通用配置','null','null','yaml','null'), -(2,'ruoyi-gateway-dev.yml','DEFAULT_GROUP','spring:\r\n redis:\r\n host: localhost\r\n port: 6379\r\n password: \r\n cloud:\r\n gateway:\r\n discovery:\r\n locator:\r\n lowerCaseServiceId: true\r\n enabled: true\r\n routes:\r\n # 认证中心\r\n - id: ruoyi-auth\r\n uri: lb://ruoyi-auth\r\n predicates:\r\n - Path=/auth/**\r\n filters:\r\n # 验证码处理\r\n - ValidateCodeFilter\r\n - StripPrefix=1\r\n # 代码生成\r\n - id: ruoyi-gen\r\n uri: lb://ruoyi-gen\r\n predicates:\r\n - Path=/code/**\r\n filters:\r\n - StripPrefix=1\r\n # 定时任务\r\n - id: ruoyi-job\r\n uri: lb://ruoyi-job\r\n predicates:\r\n - Path=/schedule/**\r\n filters:\r\n - StripPrefix=1\r\n # 系统模块\r\n # 系统模块\r\n - id: ruoyi-system\r\n uri: lb://ruoyi-system\r\n predicates:\r\n - Path=/system/**\r\n filters:\r\n - name: BlackListUrlFilter\r\n args:\r\n blacklistUrl:\r\n - /user/info/*\r\n - StripPrefix=1\r\n','ce9cfad3603fe40fb14a37da1dd56516','2020-05-14 14:17:55','2020-06-18 17:32:07',NULL,'0:0:0:0:0:0:0:1','','','网关模块','null','null','yaml','null'), +(1,'application-dev.yml','DEFAULT_GROUP','spring:\n main:\n allow-bean-definition-overriding: true\n\n#请求处理的超时时间\nribbon:\n ReadTimeout: 10000\n ConnectTimeout: 10000\n\n# feign 配置\nfeign:\n sentinel:\n enabled: true\n okhttp:\n enabled: true\n httpclient:\n enabled: false\n client:\n config:\n default:\n connectTimeout: 10000\n readTimeout: 10000\n compression:\n request:\n enabled: true\n response:\n enabled: true\n\n# 暴露监控端点\nmanagement:\n endpoints:\n web:\n exposure:\n include: \'*\'\n','57470c6d167154919418fa150863b7fb','2019-11-29 16:31:20','2020-09-01 09:14:30',NULL,'0:0:0:0:0:0:0:1','','','通用配置','null','null','yaml','null'), +(2,'ruoyi-gateway-dev.yml','DEFAULT_GROUP','spring:\r\n redis:\r\n host: localhost\r\n port: 6379\r\n password: \r\n cloud:\r\n gateway:\r\n discovery:\r\n locator:\r\n lowerCaseServiceId: true\r\n enabled: true\r\n routes:\r\n # 认证中心\r\n - id: ruoyi-auth\r\n uri: lb://ruoyi-auth\r\n predicates:\r\n - Path=/auth/**\r\n filters:\r\n # 验证码处理\r\n - CacheRequestFilter\r\n - ValidateCodeFilter\r\n - StripPrefix=1\r\n # 代码生成\r\n - id: ruoyi-gen\r\n uri: lb://ruoyi-gen\r\n predicates:\r\n - Path=/code/**\r\n filters:\r\n - StripPrefix=1\r\n # 定时任务\r\n - id: ruoyi-job\r\n uri: lb://ruoyi-job\r\n predicates:\r\n - Path=/schedule/**\r\n filters:\r\n - StripPrefix=1\r\n # 系统模块\r\n # 系统模块\r\n - id: ruoyi-system\r\n uri: lb://ruoyi-system\r\n predicates:\r\n - Path=/system/**\r\n filters:\r\n - name: BlackListUrlFilter\r\n args:\r\n blacklistUrl:\r\n - /user/info/*\r\n - StripPrefix=1\r\n','1c11e0d5e5e4f983f378088740102540','2020-05-14 14:17:55','2020-08-31 20:30:38',NULL,'0:0:0:0:0:0:0:1','','','网关模块','null','null','yaml','null'), (3,'ruoyi-auth-dev.yml','DEFAULT_GROUP','spring: \r\n datasource:\r\n driver-class-name: com.mysql.cj.jdbc.Driver\r\n url: jdbc:mysql://localhost:3306/ry-cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8\r\n username: root\r\n password: password\r\n redis:\r\n host: localhost\r\n port: 6379\r\n password: \r\n','868c15010a7a15c027d4c90a48aabb3e','2020-05-14 13:20:49','2020-06-09 16:30:50',NULL,'0:0:0:0:0:0:0:1','','','认证中心','null','null','yaml','null'), (4,'ruoyi-monitor-dev.yml','DEFAULT_GROUP','# Spring\r\nspring: \r\n security:\r\n user:\r\n name: ruoyi\r\n password: 123456\r\n boot:\r\n admin:\r\n ui:\r\n title: 若依服务状态监控\r\n','8e49d78998a7780d780305aeefe4fb1b','2020-05-19 15:14:01','2020-05-19 18:50:44',NULL,'0:0:0:0:0:0:0:1','','','监控中心','null','null','yaml','null'), -(5,'ruoyi-system-dev.yml','DEFAULT_GROUP','# Spring\r\nspring: \r\n redis:\r\n host: localhost\r\n port: 6379\r\n password: \r\n datasource:\r\n driver-class-name: com.mysql.cj.jdbc.Driver\r\n url: jdbc:mysql://localhost:3306/ry-cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8\r\n username: root\r\n password: password\r\n\r\n# Mybatis配置\r\nmybatis:\r\n # 搜索指定包别名\r\n typeAliasesPackage: com.ruoyi.system\r\n # 配置mapper的扫描,找到所有的mapper.xml映射文件\r\n mapperLocations: classpath:mapper/**/*.xml\r\n\r\n# swagger 配置\r\nswagger:\r\n title: 系统模块接口文档\r\n license: Powered By ruoyi\r\n licenseUrl: https://ruoyi.vip\r\n authorization:\r\n name: RuoYi OAuth\r\n auth-regex: ^.*$\r\n authorization-scope-list:\r\n - scope: server\r\n description: 客户端授权范围\r\n token-url-list:\r\n - http://localhost:8080/auth/oauth/token\r\n','06f95c879d284ec8031cc44805e62b50','2020-05-14 13:37:04','2020-06-04 17:14:14',NULL,'0:0:0:0:0:0:0:1','','','系统模块','null','null','yaml','null'), +(5,'ruoyi-system-dev.yml','DEFAULT_GROUP','# Spring\r\nspring: \r\n redis:\r\n host: localhost\r\n port: 6379\r\n password: \r\n datasource:\r\n driver-class-name: com.mysql.cj.jdbc.Driver\r\n url: jdbc:mysql://localhost:3306/ry-cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8\r\n username: root\r\n password: password\r\n\r\n# Mybatis配置\r\nmybatis:\r\n # 搜索指定包别名\r\n typeAliasesPackage: com.ruoyi.system\r\n # 配置mapper的扫描,找到所有的mapper.xml映射文件\r\n mapperLocations: classpath:mapper/**/*.xml\r\n\r\n# swagger 配置\r\nswagger:\r\n title: 系统模块接口文档\r\n license: Powered By ruoyi\r\n licenseUrl: https://ruoyi.vip\r\n authorization:\r\n name: RuoYi OAuth\r\n auth-regex: ^.*$\r\n authorization-scope-list:\r\n - scope: server\r\n description: 客户端授权范围\r\n token-url-list:\r\n - http://localhost:8080/auth/oauth/token\r\n','06f95c879d284ec8031cc44805e62b50','2020-05-14 13:37:04','2020-07-02 20:03:46',NULL,'0:0:0:0:0:0:0:1','','','系统模块','null','null','yaml','null'), (6,'ruoyi-gen-dev.yml','DEFAULT_GROUP','# Spring\r\nspring: \r\n datasource:\r\n driver-class-name: com.mysql.cj.jdbc.Driver\r\n url: jdbc:mysql://localhost:3306/ry-cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8\r\n username: root\r\n password: password\r\n\r\n# Mybatis配置\r\nmybatis:\r\n # 搜索指定包别名\r\n typeAliasesPackage: com.ruoyi.gen.domain\r\n # 配置mapper的扫描,找到所有的mapper.xml映射文件\r\n mapperLocations: classpath:mapper/**/*.xml\r\n\r\n# swagger 配置\r\nswagger:\r\n title: 代码生成接口文档\r\n license: Powered By ruoyi\r\n licenseUrl: https://ruoyi.vip\r\n authorization:\r\n name: RuoYi OAuth\r\n auth-regex: ^.*$\r\n authorization-scope-list:\r\n - scope: server\r\n description: 客户端授权范围\r\n token-url-list:\r\n - http://localhost:8080/auth/oauth/token\r\n\r\n# 代码生成\r\ngen: \r\n # 作者\r\n author: ruoyi\r\n # 默认生成包路径 system 需改成自己的模块名称 如 system monitor tool\r\n packageName: com.ruoyi.system\r\n # 自动去除表前缀,默认是false\r\n autoRemovePre: false\r\n # 表前缀(生成类名不会包含表前缀,多个用逗号分隔)\r\n tablePrefix: sys_\r\n','aa7e94e2abbdeb408bd8981391ab82f8','2020-05-14 13:54:50','2020-05-19 18:51:11',NULL,'0:0:0:0:0:0:0:1','','','代码生成','null','null','yaml','null'), (7,'ruoyi-job-dev.yml','DEFAULT_GROUP','# Spring\r\nspring: \r\n datasource:\r\n driver-class-name: com.mysql.cj.jdbc.Driver\r\n url: jdbc:mysql://localhost:3306/ry-cloud?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8\r\n username: root\r\n password: password\r\n\r\n# Mybatis配置\r\nmybatis:\r\n # 搜索指定包别名\r\n typeAliasesPackage: com.ruoyi.job.domain\r\n # 配置mapper的扫描,找到所有的mapper.xml映射文件\r\n mapperLocations: classpath:mapper/**/*.xml\r\n\r\n# swagger 配置\r\nswagger:\r\n title: 定时任务接口文档\r\n license: Powered By ruoyi\r\n licenseUrl: https://ruoyi.vip\r\n authorization:\r\n name: RuoYi OAuth\r\n auth-regex: ^.*$\r\n authorization-scope-list:\r\n - scope: server\r\n description: 客户端授权范围\r\n token-url-list:\r\n - http://localhost:8080/auth/oauth/token\r\n','2904b375372b13f52baed5be2e497b21','2020-05-14 13:58:46','2020-05-19 18:49:56',NULL,'0:0:0:0:0:0:0:1','','','定时任务','null','null','yaml','null'), (8,'sentinel-ruoyi-gateway','DEFAULT_GROUP','[\r\n {\r\n \"resource\": \"ruoyi-auth\",\r\n \"count\": 500,\r\n \"grade\": 1,\r\n \"limitApp\": \"default\",\r\n \"strategy\": 0,\r\n \"controlBehavior\": 0\r\n },\r\n {\r\n \"resource\": \"ruoyi-system\",\r\n \"count\": 1000,\r\n \"grade\": 1,\r\n \"limitApp\": \"default\",\r\n \"strategy\": 0,\r\n \"controlBehavior\": 0\r\n },\r\n {\r\n \"resource\": \"ruoyi-gen\",\r\n \"count\": 200,\r\n \"grade\": 1,\r\n \"limitApp\": \"default\",\r\n \"strategy\": 0,\r\n \"controlBehavior\": 0\r\n },\r\n {\r\n \"resource\": \"ruoyi-job\",\r\n \"count\": 300,\r\n \"grade\": 1,\r\n \"limitApp\": \"default\",\r\n \"strategy\": 0,\r\n \"controlBehavior\": 0\r\n }\r\n]','9f3a3069261598f74220bc47958ec252','2020-06-09 12:14:01','2020-06-10 11:44:19',NULL,'0:0:0:0:0:0:0:1','','','null','null','null','json','null');