From c894c3d934288aa78ee120dcd341fd074f517cef Mon Sep 17 00:00:00 2001
From: lixiaodong <188029906@qq.com>
Date: Wed, 12 Jul 2023 20:13:22 +0800
Subject: [PATCH] add sa-token
---
smart-admin-api/pom.xml | 18 ++
.../sa/admin/config/JweAspectConfig.java | 4 +-
.../sa/admin/config/SecurityConfig.java | 40 ----
.../sa/admin/config/SecurityMethodConfig.java | 50 ----
.../goods/controller/GoodsController.java | 12 +-
.../business/oa/bank/BankController.java | 2 +-
.../oa/enterprise/EnterpriseController.java | 2 +-
.../oa/invoice/InvoiceController.java | 2 +-
.../notice/controller/NoticeController.java | 6 +-
.../service/DataScopeSqlConfigService.java | 4 +-
.../controller/DepartmentController.java | 8 +-
.../controller/EmployeeController.java | 16 +-
.../service/EmployeePermissionService.java | 41 ----
.../employee/service/EmployeeService.java | 8 +-
.../login/controller/LoginController.java | 34 ++-
.../login/domain/LoginEmployeeDetail.java | 80 +------
.../module/system/login/domain/LoginForm.java | 9 +-
.../system/login/service/LoginService.java | 63 ++---
.../menu/controller/MenuController.java | 14 +-
.../role/controller/RoleController.java | 8 +-
.../controller/RoleDataScopeController.java | 4 +-
.../controller/RoleEmployeeController.java | 8 +-
.../role/controller/RoleMenuController.java | 4 +-
.../system/support/AdminCacheController.java | 6 +-
.../support/AdminChangeLogController.java | 10 +-
.../system/support/AdminConfigController.java | 8 +-
.../system/support/AdminFileController.java | 4 +-
.../support/AdminHelpDocController.java | 14 +-
.../support/AdminLoginLogController.java | 4 +-
.../support/AdminOperateLogController.java | 6 +-
.../system/support/AdminReloadController.java | 6 +-
.../support/AdminSerialNumberController.java | 6 +-
smart-admin-api/sa-common/pom.xml | 11 +-
.../interceptor/AbstractInterceptor.java | 2 +-
.../security/AbstractSecurityConfig.java | 93 --------
.../SecurityAuthenticationFailHandler.java | 43 ----
.../common/security/SecurityMethodSource.java | 66 ------
.../SecurityPermissionCheckService.java | 74 ------
.../common/security/SecurityTokenFilter.java | 64 ------
.../common/common/util/SmartRequestUtil.java | 18 +-
.../sa/common/config/RepeatSubmitConfig.java | 2 +-
.../handler/GlobalExceptionHandler.java | 10 -
.../datatracer/service/DataTracerService.java | 4 +-
.../controller/FeedbackController.java | 3 +-
.../file/controller/FileController.java | 10 +-
.../helpdoc/controller/HelpDocController.java | 2 +-
.../operatelog/core/OperateLogAspect.java | 2 +-
.../support/table/TableColumnController.java | 6 +-
.../module/support/token/LoginDeviceEnum.java | 24 +-
.../module/support/token/TokenService.java | 215 +++---------------
.../src/main/resources/dev/sa-common.yaml | 36 ++-
51 files changed, 227 insertions(+), 959 deletions(-)
delete mode 100644 smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityConfig.java
delete mode 100644 smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityMethodConfig.java
delete mode 100644 smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/AbstractSecurityConfig.java
delete mode 100644 smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityAuthenticationFailHandler.java
delete mode 100644 smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityMethodSource.java
delete mode 100644 smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityPermissionCheckService.java
delete mode 100644 smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityTokenFilter.java
diff --git a/smart-admin-api/pom.xml b/smart-admin-api/pom.xml
index 7211de26..37e2f4ae 100644
--- a/smart-admin-api/pom.xml
+++ b/smart-admin-api/pom.xml
@@ -46,6 +46,7 @@
0.9.1
0.9.0
3.1
+ 1.35.0.RC
@@ -109,6 +110,23 @@
${swagger.version}
+
+
+
+ cn.dev33
+ sa-token-spring-boot-starter
+ ${sa-token-version}
+
+
+
+
+ cn.dev33
+ sa-token-redis-jackson
+ ${sa-token-version}
+
+
+
+
com.alibaba
fastjson
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/JweAspectConfig.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/JweAspectConfig.java
index c4e74ff9..3c6147c1 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/JweAspectConfig.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/JweAspectConfig.java
@@ -4,8 +4,6 @@ import net.lab1024.sa.common.common.domain.RequestUser;
import net.lab1024.sa.common.common.util.SmartRequestUtil;
import net.lab1024.sa.common.module.support.jwe.JweAspect;
import net.lab1024.sa.common.module.support.jwe.JweUserKey;
-import net.lab1024.sa.common.module.support.operatelog.core.OperateLogAspect;
-import net.lab1024.sa.common.module.support.operatelog.core.OperateLogConfig;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
@@ -27,7 +25,7 @@ public class JweAspectConfig {
@Bean
public JweAspect jweConfig() {
return new JweAspect((request -> {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
JweUserKey userKey = new JweUserKey();
userKey.setUserId(requestUser.getUserId());
userKey.setUserName(requestUser.getUserName());
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityConfig.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityConfig.java
deleted file mode 100644
index 8f12ba27..00000000
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityConfig.java
+++ /dev/null
@@ -1,40 +0,0 @@
-package net.lab1024.sa.admin.config;
-
-import net.lab1024.sa.admin.module.system.login.service.LoginService;
-import net.lab1024.sa.common.common.security.AbstractSecurityConfig;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.security.core.userdetails.UserDetails;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.function.BiFunction;
-
-/**
- * 权限配置
- *
- * @Author 1024创新实验室: 罗伊
- * @Date 2022-05-30 21:22:12
- * @Wechat zhuoda1024
- * @Email lab1024@163.com
- * @Copyright 1024创新实验室 ( https://1024lab.net )
- */
-@Configuration
-public class SecurityConfig extends AbstractSecurityConfig {
- /**
- * 获取TOKEN 解析类
- */
- @Autowired
- private LoginService loginService;
-
- @Override
- protected BiFunction userFunction() {
- return (token, request) -> loginService.getLoginUserDetail(token, request);
- }
-
- @Override
- protected String[] getAuthenticatedUrlPatterns() {
- return new String[]{"/**"};
- }
-
-
-}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityMethodConfig.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityMethodConfig.java
deleted file mode 100644
index 772b2d5d..00000000
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/config/SecurityMethodConfig.java
+++ /dev/null
@@ -1,50 +0,0 @@
-package net.lab1024.sa.admin.config;
-
-import net.lab1024.sa.admin.module.system.login.domain.LoginEmployeeDetail;
-import net.lab1024.sa.common.common.annoation.SaAuth;
-import net.lab1024.sa.common.common.security.SecurityMethodSource;
-import net.lab1024.sa.common.common.security.SecurityPermissionCheckService;
-import org.springframework.context.annotation.Bean;
-import org.springframework.security.access.expression.method.ExpressionBasedAnnotationAttributeFactory;
-import org.springframework.security.access.method.MethodSecurityMetadataSource;
-import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
-import org.springframework.security.config.annotation.method.configuration.GlobalMethodSecurityConfiguration;
-import org.springframework.security.core.Authentication;
-
-/**
- * 1、以类名加方法名为权限字符串的校验模式
- * 2、重写MethodSecurityMetadataSource将优化security配置,只需在方法上加上@saAuth注解,方法上就会存在权限(权限字符串为类名加方法名),而无需另外手动设置,减轻后端开发成本
- * 3、security将不再依据权限字符串进行权限控制,
- * 4、security将依据对应权限字符串下的接口权限进行控制
- * 5、采用此配置原@PreAuthorize依然有效
- * 6、如若无需此配置,需将@EnableGlobalMethodSecurity注解添加至SecurityConfig类上
- *
- * @Author 1024创新实验室: 罗伊
- * @Date 2021-08-31 0:01
- * @Wechat zhuoda1024
- * @Email lab1024@163.com
- * @Copyright 1024创新实验室 ( https://1024lab.net )
- */
-@EnableGlobalMethodSecurity(prePostEnabled = true)
-public class SecurityMethodConfig extends GlobalMethodSecurityConfiguration {
-
- @Bean(SaAuth.saAuth)
- public SecurityPermissionCheckService securityPermissionCheckService() {
- return new SecurityPermissionCheckService() {
- @Override
- public boolean checkPermission(Authentication authentication, String permission) {
- LoginEmployeeDetail loginEmployeeDetail = (LoginEmployeeDetail) authentication.getPrincipal();
- if (loginEmployeeDetail.getAdministratorFlag()) {
- return true;
- }
- return super.permissionJudge(loginEmployeeDetail, permission);
- }
- };
- }
-
- @Override
- public MethodSecurityMetadataSource customMethodSecurityMetadataSource() {
- ExpressionBasedAnnotationAttributeFactory attributeFactory = new ExpressionBasedAnnotationAttributeFactory(this.getExpressionHandler());
- return new SecurityMethodSource(attributeFactory, SaAuth.saAuth);
- }
-}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/goods/controller/GoodsController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/goods/controller/GoodsController.java
index 7fa863c2..9652c258 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/goods/controller/GoodsController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/goods/controller/GoodsController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.business.goods.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -14,7 +15,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.common.domain.ValidateList;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -38,35 +38,35 @@ public class GoodsController extends AdminBaseController {
@ApiOperation("分页查询 @author 胡克")
@PostMapping("/goods/query")
- @PreAuthorize("@saAuth.checkPermission('goods:query')")
+ @SaCheckPermission("@saAuth.checkPermission('goods:query')")
public ResponseDTO> query(@RequestBody @Valid GoodsQueryForm queryForm) {
return goodsService.query(queryForm);
}
@ApiOperation("添加商品 @author 胡克")
@PostMapping("/goods/add")
- @PreAuthorize("@saAuth.checkPermission('goods:add')")
+ @SaCheckPermission("@saAuth.checkPermission('goods:add')")
public ResponseDTO add(@RequestBody @Valid GoodsAddForm addForm) {
return goodsService.add(addForm);
}
@ApiOperation("更新商品 @author 胡克")
@PostMapping("/goods/update")
- @PreAuthorize("@saAuth.checkPermission('goods:update')")
+ @SaCheckPermission("@saAuth.checkPermission('goods:update')")
public ResponseDTO update(@RequestBody @Valid GoodsUpdateForm updateForm) {
return goodsService.update(updateForm);
}
@ApiOperation("删除 @author 卓大")
@GetMapping("/goods/delete/{goodsId}")
- @PreAuthorize("@saAuth.checkPermission('goods:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('goods:delete')")
public ResponseDTO delete(@PathVariable Long goodsId) {
return goodsService.delete(goodsId);
}
@ApiOperation("批量 @author 卓大")
@PostMapping("/goods/batchDelete")
- @PreAuthorize("@saAuth.checkPermission('goods:batchDelete')")
+ @SaCheckPermission("@saAuth.checkPermission('goods:batchDelete')")
public ResponseDTO batchDelete(@RequestBody @Valid ValidateList idList) {
return goodsService.batchDelete(idList);
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/bank/BankController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/bank/BankController.java
index 96fbea31..bc99f346 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/bank/BankController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/bank/BankController.java
@@ -54,7 +54,7 @@ public class BankController {
@ApiOperation(value = "新建银行信息 @author 善逸")
@PostMapping("/oa/bank/create")
public ResponseDTO createBank(@RequestBody @Valid BankCreateForm createVO) {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
createVO.setCreateUserId(requestUser.getUserId());
createVO.setCreateUserName(requestUser.getUserName());
return bankService.createBank(createVO);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/enterprise/EnterpriseController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/enterprise/EnterpriseController.java
index efc0143b..6f36b68b 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/enterprise/EnterpriseController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/enterprise/EnterpriseController.java
@@ -56,7 +56,7 @@ public class EnterpriseController {
@PostMapping("/oa/enterprise/create")
@SaAuth
public ResponseDTO createEnterprise(@RequestBody @Valid EnterpriseCreateForm createVO) {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
createVO.setCreateUserId(requestUser.getUserId());
createVO.setCreateUserName(requestUser.getUserName());
return enterpriseService.createEnterprise(createVO);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/invoice/InvoiceController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/invoice/InvoiceController.java
index 40909dc9..fb9d1bcd 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/invoice/InvoiceController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/invoice/InvoiceController.java
@@ -52,7 +52,7 @@ public class InvoiceController {
@ApiOperation(value = "新建发票信息 @author 善逸")
@PostMapping("/oa/invoice/create")
public ResponseDTO createInvoice(@RequestBody @Valid InvoiceAddForm createVO) {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
createVO.setCreateUserId(requestUser.getUserId());
createVO.setCreateUserName(requestUser.getUserName());
return invoiceService.createInvoice(createVO);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/notice/controller/NoticeController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/notice/controller/NoticeController.java
index 8ac0f311..42eff483 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/notice/controller/NoticeController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/business/oa/notice/controller/NoticeController.java
@@ -83,7 +83,7 @@ public class NoticeController {
@RepeatSubmit
@SaAuth
public ResponseDTO add(@RequestBody @Valid NoticeAddForm addForm) {
- addForm.setCreateUserId(SmartRequestUtil.getRequestUserId());
+ addForm.setCreateUserId(SmartRequestUtil.getUserId());
return noticeService.add(addForm);
}
@@ -114,7 +114,7 @@ public class NoticeController {
@GetMapping("/oa/notice/employee/view/{noticeId}")
public ResponseDTO view(@PathVariable Long noticeId, HttpServletRequest request) {
return noticeEmployeeService.view(
- SmartRequestUtil.getRequestUserId(),
+ SmartRequestUtil.getUserId(),
noticeId,
ServletUtil.getClientIP(request),
request.getHeader("User-Agent")
@@ -124,7 +124,7 @@ public class NoticeController {
@ApiOperation("【员工】通知公告-查询全部 @author 卓大")
@PostMapping("/oa/notice/employee/query")
public ResponseDTO> queryEmployeeNotice(@RequestBody @Valid NoticeEmployeeQueryForm noticeEmployeeQueryForm) {
- return noticeEmployeeService.queryList(SmartRequestUtil.getRequestUserId(), noticeEmployeeQueryForm);
+ return noticeEmployeeService.queryList(SmartRequestUtil.getUserId(), noticeEmployeeQueryForm);
}
@ApiOperation("【员工】通知公告-查询 查看记录 @author 卓大")
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java
index fc98e24b..1148d030 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/datascope/service/DataScopeSqlConfigService.java
@@ -1,11 +1,11 @@
package net.lab1024.sa.admin.module.system.datascope.service;
import lombok.extern.slf4j.Slf4j;
+import net.lab1024.sa.admin.module.system.datascope.DataScope;
import net.lab1024.sa.admin.module.system.datascope.constant.DataScopeTypeEnum;
import net.lab1024.sa.admin.module.system.datascope.constant.DataScopeViewTypeEnum;
import net.lab1024.sa.admin.module.system.datascope.constant.DataScopeWhereInTypeEnum;
import net.lab1024.sa.admin.module.system.datascope.domain.DataScopeSqlConfig;
-import net.lab1024.sa.admin.module.system.datascope.DataScope;
import net.lab1024.sa.admin.module.system.datascope.strategy.DataScopePowerStrategy;
import net.lab1024.sa.common.common.util.SmartRequestUtil;
import org.apache.commons.collections4.CollectionUtils;
@@ -108,7 +108,7 @@ public class DataScopeSqlConfigService {
public String getJoinSql(Map paramMap, DataScopeSqlConfig sqlConfigDTO) {
DataScopeTypeEnum dataScopeTypeEnum = sqlConfigDTO.getDataScopeType();
String joinSql = sqlConfigDTO.getJoinSql();
- Long employeeId = SmartRequestUtil.getRequestUserId();
+ Long employeeId = SmartRequestUtil.getUserId();
if (employeeId == null) {
return "";
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/department/controller/DepartmentController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/department/controller/DepartmentController.java
index 62e2fe33..fba5bcfa 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/department/controller/DepartmentController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/department/controller/DepartmentController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.department.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -12,7 +13,6 @@ import net.lab1024.sa.admin.module.system.department.service.DepartmentService;
import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -43,21 +43,21 @@ public class DepartmentController extends AdminBaseController {
@ApiOperation(value = "添加部门 @author 卓大")
@PostMapping("/department/add")
- @PreAuthorize("@saAuth.checkPermission('system:department:add')")
+ @SaCheckPermission("@saAuth.checkPermission('system:department:add')")
public ResponseDTO addDepartment(@Valid @RequestBody DepartmentAddForm createDTO) {
return departmentService.addDepartment(createDTO);
}
@ApiOperation(value = "更新部门 @author 卓大")
@PostMapping("/department/update")
- @PreAuthorize("@saAuth.checkPermission('system:department:update')")
+ @SaCheckPermission("@saAuth.checkPermission('system:department:update')")
public ResponseDTO updateDepartment(@Valid @RequestBody DepartmentUpdateForm updateDTO) {
return departmentService.updateDepartment(updateDTO);
}
@ApiOperation(value = "删除部门 @author 卓大")
@GetMapping("/department/delete/{departmentId}")
- @PreAuthorize("@saAuth.checkPermission('system:department:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('system:department:delete')")
public ResponseDTO deleteDepartment(@PathVariable Long departmentId) {
return departmentService.deleteDepartment(departmentId);
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/controller/EmployeeController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/controller/EmployeeController.java
index c5f0f325..d5455bef 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/controller/EmployeeController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/controller/EmployeeController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.employee.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -12,7 +13,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.common.util.SmartRequestUtil;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -43,35 +43,35 @@ public class EmployeeController extends AdminBaseController {
@ApiOperation(value = "添加员工(返回添加员工的密码) @author 卓大")
@PostMapping("/employee/add")
- @PreAuthorize("@saAuth.checkPermission('system:employee:add')")
+ @SaCheckPermission("@saAuth.checkPermission('system:employee:add')")
public ResponseDTO addEmployee(@Valid @RequestBody EmployeeAddForm employeeAddForm) {
return employeeService.addEmployee(employeeAddForm);
}
@ApiOperation(value = "更新员工 @author 卓大")
@PostMapping("/employee/update")
- @PreAuthorize("@saAuth.checkPermission('system:employee:update')")
+ @SaCheckPermission("@saAuth.checkPermission('system:employee:update')")
public ResponseDTO updateEmployee(@Valid @RequestBody EmployeeUpdateForm employeeUpdateForm) {
return employeeService.updateEmployee(employeeUpdateForm);
}
@ApiOperation(value = "更新员工禁用/启用状态 @author 卓大")
@GetMapping("/employee/update/disabled/{employeeId}")
- @PreAuthorize("@saAuth.checkPermission('system:employee:disabled')")
+ @SaCheckPermission("@saAuth.checkPermission('system:employee:disabled')")
public ResponseDTO updateDisableFlag(@PathVariable Long employeeId) {
return employeeService.updateDisableFlag(employeeId);
}
@ApiOperation(value = "批量删除员工 @author 卓大")
@PostMapping("/employee/update/batch/delete")
- @PreAuthorize("@saAuth.checkPermission('system:employee:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('system:employee:delete')")
public ResponseDTO batchUpdateDeleteFlag(@RequestBody List employeeIdList) {
return employeeService.batchUpdateDeleteFlag(employeeIdList);
}
@ApiOperation(value = "批量调整员工部门 @author 卓大")
@PostMapping("/employee/update/batch/department")
- @PreAuthorize("@saAuth.checkPermission('system:employee:department:update')")
+ @SaCheckPermission("@saAuth.checkPermission('system:employee:department:update')")
public ResponseDTO batchUpdateDepartment(@Valid @RequestBody EmployeeBatchUpdateDepartmentForm batchUpdateDepartmentForm) {
return employeeService.batchUpdateDepartment(batchUpdateDepartmentForm);
}
@@ -79,13 +79,13 @@ public class EmployeeController extends AdminBaseController {
@ApiOperation(value = "修改密码 @author 卓大")
@PostMapping("/employee/update/password")
public ResponseDTO updatePassword(@Valid @RequestBody EmployeeUpdatePasswordForm updatePasswordForm) {
- updatePasswordForm.setEmployeeId(SmartRequestUtil.getRequestUserId());
+ updatePasswordForm.setEmployeeId(SmartRequestUtil.getUserId());
return employeeService.updatePassword(updatePasswordForm);
}
@ApiOperation(value = "重置员工密码 @author 卓大")
@GetMapping("/employee/update/password/reset/{employeeId}")
- @PreAuthorize("@saAuth.checkPermission('system:employee:password:reset')")
+ @SaCheckPermission("@saAuth.checkPermission('system:employee:password:reset')")
public ResponseDTO resetPassword(@PathVariable Integer employeeId) {
return employeeService.resetPassword(employeeId);
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeePermissionService.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeePermissionService.java
index 3e6a0297..6457edd0 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeePermissionService.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeePermissionService.java
@@ -1,19 +1,12 @@
package net.lab1024.sa.admin.module.system.employee.service;
-import net.lab1024.sa.admin.module.system.menu.constant.MenuPermsTypeEnum;
import net.lab1024.sa.admin.module.system.menu.domain.vo.MenuVO;
import net.lab1024.sa.admin.module.system.role.service.RoleEmployeeService;
import net.lab1024.sa.admin.module.system.role.service.RoleMenuService;
-import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Service;
-import java.util.HashSet;
import java.util.List;
-import java.util.Set;
-import java.util.stream.Collectors;
/**
* 员工权限校验
@@ -33,40 +26,6 @@ public class EmployeePermissionService {
@Autowired
private RoleMenuService roleMenuService;
- /**
- * 构建权限集合
- *
- * @param menuAndPointsList
- */
- public Set buildAuthorities(List menuAndPointsList) {
- HashSet permissionList = new HashSet<>();
- for (MenuVO menu : menuAndPointsList) {
- if(menu.getPermsType() == null){
- continue;
- }
-
- String perms = null;
- if(menu.getPermsType().equals(MenuPermsTypeEnum.SPRING_SECURITY.getValue())){
- perms = menu.getWebPerms();
- }else{
- perms = menu.getApiPerms();
- }
-
- if (StringUtils.isEmpty(perms)) {
- continue;
- }
- //接口权限
- String[] split = perms.split(",");
- for (String perm : split) {
- permissionList.add(perm);
- }
- }
-
- Set authorities = new HashSet<>();
- authorities.addAll(permissionList.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toSet()));
- return authorities;
- }
-
/**
* 查询用户拥有的前端菜单项 用于登陆返回 前端动态路由配置
*
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeeService.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeeService.java
index a315397d..3606d781 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeeService.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/employee/service/EmployeeService.java
@@ -206,12 +206,12 @@ public class EmployeeService {
return ResponseDTO.error(UserErrorCode.DATA_NOT_EXIST);
}
- boolean disableFlag=!employeeEntity.getDisabledFlag();
+ boolean disableFlag = !employeeEntity.getDisabledFlag();
employeeEntity.setDisabledFlag(disableFlag);
employeeDao.updateDisableFlag(employeeId, disableFlag);
if (employeeEntity.getDisabledFlag()) {
- tokenService.batchRemoveRedisToken(employeeId, UserTypeEnum.ADMIN_EMPLOYEE);
+ tokenService.removeToken(employeeId, UserTypeEnum.ADMIN_EMPLOYEE);
}
return ResponseDTO.ok();
@@ -240,9 +240,7 @@ public class EmployeeService {
}).collect(Collectors.toList());
employeeManager.updateBatchById(deleteList);
- for (Long employeeId : employeeIdList) {
- tokenService.batchRemoveRedisToken(employeeId, UserTypeEnum.ADMIN_EMPLOYEE);
- }
+ tokenService.removeToken(employeeIdList, UserTypeEnum.ADMIN_EMPLOYEE);
return ResponseDTO.ok();
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/controller/LoginController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/controller/LoginController.java
index 1d28888d..ad945a02 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/controller/LoginController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/controller/LoginController.java
@@ -8,17 +8,15 @@ import net.lab1024.sa.admin.module.system.login.domain.LoginEmployeeDetail;
import net.lab1024.sa.admin.module.system.login.domain.LoginForm;
import net.lab1024.sa.admin.module.system.login.service.LoginService;
import net.lab1024.sa.common.common.annoation.NoNeedLogin;
-import net.lab1024.sa.common.common.code.UserErrorCode;
import net.lab1024.sa.common.common.constant.RequestHeaderConst;
import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.common.util.SmartRequestUtil;
import net.lab1024.sa.common.module.support.captcha.domain.CaptchaVO;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.web.bind.annotation.*;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
@@ -40,26 +38,25 @@ public class LoginController {
private LoginService loginService;
@NoNeedLogin
- @PostMapping("/login")
@ApiOperation("登录 @author 卓大")
- public ResponseDTO login(@Valid @RequestBody LoginForm loginForm) {
- HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+ @PostMapping("/login")
+ public ResponseDTO login(@Valid @RequestBody LoginForm loginForm, HttpServletRequest request) {
String ip = ServletUtil.getClientIP(request);
String userAgent = ServletUtil.getHeaderIgnoreCase(request, RequestHeaderConst.USER_AGENT);
return loginService.login(loginForm, ip, userAgent);
}
- @GetMapping("/login/refresh")
@ApiOperation("刷新用户信息(包含用户基础信息、权限信息等等) @author 卓大")
+ @GetMapping("/login/refresh")
public ResponseDTO refresh() {
- loginService.removeLoginUserDetailCache(SmartRequestUtil.getRequestUserId());
+ loginService.removeLoginUserDetailCache(SmartRequestUtil.getUserId());
return ResponseDTO.ok();
}
- @GetMapping("/login/getLoginInfo")
@ApiOperation("获取登录结果信息 @author 卓大")
+ @GetMapping("/login/getLoginInfo")
public ResponseDTO getLoginInfo() {
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+ /* Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication == null) {
return ResponseDTO.error(UserErrorCode.LOGIN_STATE_INVALID);
}
@@ -71,18 +68,19 @@ public class LoginController {
LoginEmployeeDetail loginEmployeeDetail = (LoginEmployeeDetail) authentication.getPrincipal();
loginEmployeeDetail.setLoginPassword(null);
- return ResponseDTO.ok(loginEmployeeDetail);
+ return ResponseDTO.ok(loginEmployeeDetail);*/
+ return ResponseDTO.ok();
}
- @ApiOperation("退出登陆 @author 卓大")
+ @ApiOperation("退出登录 @author 卓大")
@GetMapping("/login/logout")
- public ResponseDTO logout(@RequestHeader(value = RequestHeaderConst.TOKEN, required = false) String token) {
- return loginService.logout(token, SmartRequestUtil.getRequestUser());
+ public ResponseDTO logout() {
+ return loginService.logout(SmartRequestUtil.getUser());
}
+ @NoNeedLogin
@ApiOperation("获取验证码 @author 卓大")
@GetMapping("/login/getCaptcha")
- @NoNeedLogin
public ResponseDTO getCaptcha() {
return loginService.getCaptcha();
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginEmployeeDetail.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginEmployeeDetail.java
index a8be6eef..00596b76 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginEmployeeDetail.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginEmployeeDetail.java
@@ -8,13 +8,9 @@ import net.lab1024.sa.common.common.domain.RequestUser;
import net.lab1024.sa.common.common.enumeration.GenderEnum;
import net.lab1024.sa.common.common.enumeration.UserTypeEnum;
import net.lab1024.sa.common.common.swagger.ApiModelPropertyEnum;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;
import java.time.LocalDateTime;
-import java.util.Collection;
import java.util.List;
-import java.util.Set;
/**
* 员工登录
@@ -26,7 +22,7 @@ import java.util.Set;
* @Copyright 1024创新实验室 ( https://1024lab.net ),2012-2022
*/
@Data
-public class LoginEmployeeDetail implements UserDetails, RequestUser {
+public class LoginEmployeeDetail implements RequestUser {
@ApiModelProperty("token")
private String token;
@@ -79,65 +75,6 @@ public class LoginEmployeeDetail implements UserDetails, RequestUser {
@ApiModelProperty("请求user-agent")
private String userAgent;
- /**
- * security 权限串
- */
- private Set authorities;
-
- @Override
- public Collection getAuthorities() {
- return authorities;
- }
-
- @Override
- @JsonIgnore
- public String getPassword() {
- return this.loginPassword;
- }
-
- @Override
- public String getUsername() {
- return this.getLoginName();
- }
-
- /**
- * 账户是否未过期,过期无法验证
- */
- @Override
- public boolean isAccountNonExpired() {
- return true;
- }
-
- /**
- * 指定用户是否解锁,锁定的用户无法进行身份验证
- *
- * @return
- */
- @Override
- public boolean isAccountNonLocked() {
- return true;
- }
-
- /**
- * 指示是否已过期的用户的凭据(密码),过期的凭据防止认证
- *
- * @return
- */
- @Override
- public boolean isCredentialsNonExpired() {
- return true;
- }
-
- /**
- * 是否可用 ,禁用的用户不能身份验证
- *
- * @return
- */
- @Override
- public boolean isEnabled() {
- return true;
- }
-
@Override
public Long getUserId() {
return employeeId;
@@ -147,19 +84,4 @@ public class LoginEmployeeDetail implements UserDetails, RequestUser {
public String getUserName() {
return actualName;
}
-
- @Override
- public UserTypeEnum getUserType() {
- return userType;
- }
-
- @Override
- public String getIp() {
- return this.ip;
- }
-
- @Override
- public String getUserAgent() {
- return this.userAgent;
- }
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginForm.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginForm.java
index c7e9ffb3..7a859946 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginForm.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/domain/LoginForm.java
@@ -24,8 +24,8 @@ import javax.validation.constraints.Pattern;
@Data
public class LoginForm extends CaptchaForm {
- @ApiModelProperty("登录名")
- @NotBlank(message = "登录名不能为空")
+ @ApiModelProperty("登录账号")
+ @NotBlank(message = "登录账号不能为空")
@Length(max = 30, message = "登录账号最多30字符")
private String loginName;
@@ -34,8 +34,7 @@ public class LoginForm extends CaptchaForm {
@Pattern(regexp = SmartVerificationUtil.PWD_REGEXP, message = "请输入6-15位密码(数字|大小写字母|小数点)")
private String password;
- @ApiModelProperty(value = "登录终端")
- @ApiModelPropertyEnum(LoginDeviceEnum.class)
- @CheckEnum(value = LoginDeviceEnum.class, required = true, message = "此终端不允许登录")
+ @ApiModelPropertyEnum(desc = "登录终端", value = LoginDeviceEnum.class)
+ @CheckEnum(value = LoginDeviceEnum.class, required = true, message = "登录终端类型错误")
private Integer loginDevice;
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/service/LoginService.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/service/LoginService.java
index 95dafbe6..6dc36ff3 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/service/LoginService.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/login/service/LoginService.java
@@ -1,6 +1,5 @@
package net.lab1024.sa.admin.module.system.login.service;
-import cn.hutool.extra.servlet.ServletUtil;
import com.googlecode.concurrentlinkedhashmap.ConcurrentLinkedHashMap;
import lombok.extern.slf4j.Slf4j;
import net.lab1024.sa.admin.module.system.department.domain.vo.DepartmentVO;
@@ -11,7 +10,6 @@ import net.lab1024.sa.admin.module.system.employee.service.EmployeeService;
import net.lab1024.sa.admin.module.system.login.domain.LoginEmployeeDetail;
import net.lab1024.sa.admin.module.system.login.domain.LoginForm;
import net.lab1024.sa.admin.module.system.menu.domain.vo.MenuVO;
-import net.lab1024.sa.common.common.constant.RequestHeaderConst;
import net.lab1024.sa.common.common.constant.StringConst;
import net.lab1024.sa.common.common.domain.RequestUser;
import net.lab1024.sa.common.common.domain.ResponseDTO;
@@ -31,7 +29,6 @@ import net.lab1024.sa.common.module.support.token.TokenService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
-import javax.servlet.http.HttpServletRequest;
import java.time.LocalDateTime;
import java.util.List;
import java.util.concurrent.ConcurrentMap;
@@ -55,9 +52,6 @@ public class LoginService {
@Autowired
private DepartmentService departmentService;
- @Autowired
- private TokenService tokenService;
-
@Autowired
private CaptchaService captchaService;
@@ -70,6 +64,9 @@ public class LoginService {
@Autowired
private LoginLogService loginLogService;
+ @Autowired
+ private TokenService tokenService;
+
/**
* 登录信息二级缓存
*/
@@ -88,17 +85,15 @@ public class LoginService {
* 员工登陆
*
* @param loginForm
+ * @param ip
+ * @param userAgent
* @return 返回用户登录信息
*/
public ResponseDTO login(LoginForm loginForm, String ip, String userAgent) {
- LoginDeviceEnum loginDeviceEnum = SmartEnumUtil.getEnumByValue(loginForm.getLoginDevice(), LoginDeviceEnum.class);
- if (loginDeviceEnum == null) {
- return ResponseDTO.userErrorParam("登录设备暂不支持!");
- }
// 校验 图形验证码
ResponseDTO checkCaptcha = captchaService.checkCaptcha(loginForm);
if (!checkCaptcha.getOk()) {
- return ResponseDTO.error(checkCaptcha);
+ // TODO listen 待放开 return ResponseDTO.error(checkCaptcha);
}
/**
@@ -126,8 +121,9 @@ public class LoginService {
}
// 生成 登录token,保存token
- Boolean superPasswordFlag = superPassword.equals(requestPassword);
- String token = tokenService.generateToken(employeeEntity.getEmployeeId(), employeeEntity.getActualName(), UserTypeEnum.ADMIN_EMPLOYEE, loginDeviceEnum, superPasswordFlag);
+ boolean superPasswordFlag = superPassword.equals(requestPassword);
+ LoginDeviceEnum loginDeviceEnum = SmartEnumUtil.getEnumByValue(loginForm.getLoginDevice(), LoginDeviceEnum.class);
+ String token = tokenService.generateToken(employeeEntity.getEmployeeId(), employeeEntity.getActualName(), UserTypeEnum.ADMIN_EMPLOYEE, loginDeviceEnum);
//获取员工登录信息
LoginEmployeeDetail loginEmployeeDetail = loadLoginInfo(employeeEntity);
@@ -165,7 +161,7 @@ public class LoginService {
//前端菜单
loginEmployeeDetail.setMenuList(menuAndPointsList);
//后端权限
- loginEmployeeDetail.setAuthorities(employeePermissionService.buildAuthorities(menuAndPointsList));
+ // loginEmployeeDetail.setAuthorities(employeePermissionService.buildAuthorities(menuAndPointsList));
//上次登录信息
LoginLogVO loginLogVO = loginLogService.queryLastByUserId(employeeEntity.getEmployeeId(), UserTypeEnum.ADMIN_EMPLOYEE);
@@ -209,48 +205,15 @@ public class LoginService {
loginUserDetailCache.remove(requestUserId);
}
- /**
- * 根据登陆token 获取员请求工信息
- *
- * @param
- * @return
- */
- public LoginEmployeeDetail getLoginUserDetail(String token, HttpServletRequest request) {
- Long requestUserId = tokenService.getUserIdAndValidateToken(token);
- if (requestUserId == null) {
- return null;
- }
- // 查询用户信息
- LoginEmployeeDetail loginEmployeeDetail = loginUserDetailCache.get(requestUserId);
- if (loginEmployeeDetail == null) {
- // 员工基本信息
- EmployeeEntity employeeEntity = employeeService.getById(requestUserId);
- if (employeeEntity == null) {
- return null;
- }
-
- loginEmployeeDetail = this.loadLoginInfo(employeeEntity);
- loginEmployeeDetail.setToken(token);
- loginUserDetailCache.put(requestUserId, loginEmployeeDetail);
- }
-
- //更新请求ip和user agent
- loginEmployeeDetail.setUserAgent(ServletUtil.getHeaderIgnoreCase(request, RequestHeaderConst.USER_AGENT));
- loginEmployeeDetail.setIp(ServletUtil.getClientIP(request));
-
- return loginEmployeeDetail;
- }
-
-
/**
* 退出登陆,清除token缓存
*
* @return
*/
- public ResponseDTO logout(String token, RequestUser requestUser) {
+ public ResponseDTO logout(RequestUser requestUser) {
loginUserDetailCache.remove(requestUser.getUserId());
- tokenService.removeToken(token);
- //保存登出日志
+ tokenService.removeToken();
+ // 保存登出日志
saveLogoutLog(requestUser, requestUser.getIp(), requestUser.getUserAgent());
return ResponseDTO.ok();
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/menu/controller/MenuController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/menu/controller/MenuController.java
index d0b921e7..ab39a213 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/menu/controller/MenuController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/menu/controller/MenuController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.menu.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -14,7 +15,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.common.util.SmartRequestUtil;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -39,25 +39,25 @@ public class MenuController extends AdminBaseController {
@ApiOperation(value = "添加菜单 @author 卓大")
@PostMapping("/menu/add")
- @PreAuthorize("@saAuth.checkPermission('system:menu:add')")
+ @SaCheckPermission("@saAuth.checkPermission('system:menu:add')")
public ResponseDTO addMenu(@RequestBody @Valid MenuAddForm menuAddForm) {
- menuAddForm.setCreateUserId(SmartRequestUtil.getRequestUserId());
+ menuAddForm.setCreateUserId(SmartRequestUtil.getUserId());
return menuService.addMenu(menuAddForm);
}
@ApiOperation(value = "更新菜单 @author 卓大")
@PostMapping("/menu/update")
- @PreAuthorize("@saAuth.checkPermission('system:menu:update')")
+ @SaCheckPermission("@saAuth.checkPermission('system:menu:update')")
public ResponseDTO updateMenu(@RequestBody @Valid MenuUpdateForm menuUpdateForm) {
- menuUpdateForm.setUpdateUserId(SmartRequestUtil.getRequestUserId());
+ menuUpdateForm.setUpdateUserId(SmartRequestUtil.getUserId());
return menuService.updateMenu(menuUpdateForm);
}
@ApiOperation(value = "批量删除菜单 @author 卓大")
@GetMapping("/menu/batchDelete")
- @PreAuthorize("@saAuth.checkPermission('system:menu:delete,system:menu:batch:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('system:menu:delete,system:menu:batch:delete')")
public ResponseDTO batchDeleteMenu(@RequestParam("menuIdList") List menuIdList) {
- return menuService.batchDeleteMenu(menuIdList, SmartRequestUtil.getRequestUserId());
+ return menuService.batchDeleteMenu(menuIdList, SmartRequestUtil.getUserId());
}
@ApiOperation(value = "查询菜单列表 @author 卓大")
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleController.java
index 4fcdc2d2..690bb17d 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.role.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -11,7 +12,6 @@ import net.lab1024.sa.admin.module.system.role.service.RoleService;
import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -36,21 +36,21 @@ public class RoleController extends AdminBaseController {
@ApiOperation("添加角色 @author 卓大")
@PostMapping("/role/add")
- @PreAuthorize("@saAuth.checkPermission('system:role:add')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:add')")
public ResponseDTO addRole(@Valid @RequestBody RoleAddForm roleAddForm) {
return roleService.addRole(roleAddForm);
}
@ApiOperation("删除角色 @author 卓大")
@GetMapping("/role/delete/{roleId}")
- @PreAuthorize("@saAuth.checkPermission('system:role:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:delete')")
public ResponseDTO deleteRole(@PathVariable Long roleId) {
return roleService.deleteRole(roleId);
}
@ApiOperation("更新角色 @author 卓大")
@PostMapping("/role/update")
- @PreAuthorize("@saAuth.checkPermission('system:role:update')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:update')")
public ResponseDTO updateRole(@Valid @RequestBody RoleUpdateForm roleUpdateDTO) {
return roleService.updateRole(roleUpdateDTO);
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleDataScopeController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleDataScopeController.java
index a2814595..945294e4 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleDataScopeController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleDataScopeController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.role.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -10,7 +11,6 @@ import net.lab1024.sa.admin.module.system.role.service.RoleDataScopeService;
import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -41,7 +41,7 @@ public class RoleDataScopeController extends AdminBaseController {
@ApiOperation(value = "批量设置某角色数据范围 @author 卓大")
@PostMapping("/role/dataScope/updateRoleDataScopeList")
- @PreAuthorize("@saAuth.checkPermission('system:role:dataScope:update')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:dataScope:update')")
public ResponseDTO updateRoleDataScopeList(@RequestBody @Valid RoleDataScopeUpdateForm roleDataScopeUpdateForm) {
return roleDataScopeService.updateRoleDataScopeList(roleDataScopeUpdateForm);
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleEmployeeController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleEmployeeController.java
index 19ad623c..ca9f9f1c 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleEmployeeController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleEmployeeController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.role.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -13,7 +14,6 @@ import net.lab1024.sa.common.common.domain.PageResult;
import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -50,21 +50,21 @@ public class RoleEmployeeController extends AdminBaseController {
@ApiOperation(value = "从角色成员列表中移除员工 @author 卓大")
@GetMapping("/role/employee/removeEmployee")
- @PreAuthorize("@saAuth.checkPermission('system:role:employee:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:employee:delete')")
public ResponseDTO removeEmployee(Long employeeId, Long roleId) {
return roleEmployeeService.removeRoleEmployee(employeeId, roleId);
}
@ApiOperation(value = "从角色成员列表中批量移除员工 @author 卓大")
@PostMapping("/role/employee/batchRemoveRoleEmployee")
- @PreAuthorize("@saAuth.checkPermission('system:role:employee:batch:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:employee:batch:delete')")
public ResponseDTO batchRemoveEmployee(@Valid @RequestBody RoleEmployeeUpdateForm updateForm) {
return roleEmployeeService.batchRemoveRoleEmployee(updateForm);
}
@ApiOperation(value = "角色成员列表中批量添加员工 @author 卓大")
@PostMapping("/role/employee/batchAddRoleEmployee")
- @PreAuthorize("@saAuth.checkPermission('system:role:employee:add')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:employee:add')")
public ResponseDTO addEmployeeList(@Valid @RequestBody RoleEmployeeUpdateForm addForm) {
return roleEmployeeService.batchAddRoleEmployee(addForm);
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleMenuController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleMenuController.java
index 02e7b8c3..7c519f3c 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleMenuController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/role/controller/RoleMenuController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.role.controller;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.admin.common.AdminBaseController;
@@ -10,7 +11,6 @@ import net.lab1024.sa.admin.module.system.role.service.RoleMenuService;
import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.module.support.operatelog.annoation.OperateLog;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -34,7 +34,7 @@ public class RoleMenuController extends AdminBaseController {
@ApiOperation("更新角色权限 @author 卓大")
@PostMapping("/role/menu/updateRoleMenu")
- @PreAuthorize("@saAuth.checkPermission('system:role:menu:update')")
+ @SaCheckPermission("@saAuth.checkPermission('system:role:menu:update')")
public ResponseDTO updateRoleMenu(@Valid @RequestBody RoleMenuUpdateForm updateDTO) {
return roleMenuService.updateRoleMenu(updateDTO);
}
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminCacheController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminCacheController.java
index 492a063b..103ab12d 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminCacheController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminCacheController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -7,7 +8,6 @@ import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.constant.SwaggerTagConst;
import net.lab1024.sa.common.module.support.cache.CacheService;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RestController;
@@ -38,7 +38,7 @@ public class AdminCacheController extends SupportBaseController {
@ApiOperation(value = "移除某个缓存 @author 罗伊")
- @PreAuthorize("@saAuth.checkPermission('support:cache:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('support:cache:delete')")
@GetMapping("/cache/remove/{cacheName}")
public ResponseDTO removeCache(@PathVariable String cacheName) {
cacheService.removeCache(cacheName);
@@ -47,7 +47,7 @@ public class AdminCacheController extends SupportBaseController {
@ApiOperation(value = "获取某个缓存的所有key @author 罗伊")
- @PreAuthorize("@saAuth.checkPermission('support:cache:keys')")
+ @SaCheckPermission("@saAuth.checkPermission('support:cache:keys')")
@GetMapping("/cache/keys/{cacheName}")
public ResponseDTO> cacheKeys(@PathVariable String cacheName) {
return ResponseDTO.ok(cacheService.cacheKey(cacheName));
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminChangeLogController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminChangeLogController.java
index 7c4b1eec..49079729 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminChangeLogController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminChangeLogController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.domain.ResponseDTO;
@@ -9,7 +10,6 @@ import net.lab1024.sa.common.module.support.changelog.domain.form.ChangeLogAddFo
import net.lab1024.sa.common.module.support.changelog.domain.form.ChangeLogUpdateForm;
import net.lab1024.sa.common.module.support.changelog.service.ChangeLogService;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -31,27 +31,27 @@ public class AdminChangeLogController {
@ApiOperation("添加 @author 卓大")
@PostMapping("/changeLog/add")
- @PreAuthorize("@saAuth.checkPermission('changeLog:add')")
+ @SaCheckPermission("@saAuth.checkPermission('changeLog:add')")
public ResponseDTO add(@RequestBody @Valid ChangeLogAddForm addForm) {
return changeLogService.add(addForm);
}
@ApiOperation("更新 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('changeLog:update')")
+ @SaCheckPermission("@saAuth.checkPermission('changeLog:update')")
@PostMapping("/changeLog/update")
public ResponseDTO update(@RequestBody @Valid ChangeLogUpdateForm updateForm) {
return changeLogService.update(updateForm);
}
@ApiOperation("批量删除 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('changeLog:batchDelete')")
+ @SaCheckPermission("@saAuth.checkPermission('changeLog:batchDelete')")
@PostMapping("/changeLog/batchDelete")
public ResponseDTO batchDelete(@RequestBody ValidateList idList) {
return changeLogService.batchDelete(idList);
}
@ApiOperation("单个删除 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('changeLog:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('changeLog:delete')")
@GetMapping("/changeLog/delete/{changeLogId}")
public ResponseDTO batchDelete(@PathVariable Long changeLogId) {
return changeLogService.delete(changeLogId);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminConfigController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminConfigController.java
index 78ab1722..d776b079 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminConfigController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminConfigController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -12,7 +13,6 @@ import net.lab1024.sa.common.module.support.config.domain.ConfigQueryForm;
import net.lab1024.sa.common.module.support.config.domain.ConfigUpdateForm;
import net.lab1024.sa.common.module.support.config.domain.ConfigVO;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@@ -36,21 +36,21 @@ public class AdminConfigController extends SupportBaseController {
private ConfigService configService;
@ApiOperation("分页查询系统配置 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('support:config:query')")
+ @SaCheckPermission("@saAuth.checkPermission('support:config:query')")
@PostMapping("/config/query")
public ResponseDTO> querySystemConfigPage(@RequestBody @Valid ConfigQueryForm queryForm) {
return configService.queryConfigPage(queryForm);
}
@ApiOperation("添加配置参数 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('support:config:add')")
+ @SaCheckPermission("@saAuth.checkPermission('support:config:add')")
@PostMapping("/config/add")
public ResponseDTO addSystemConfig(@RequestBody @Valid ConfigAddForm configAddForm) {
return configService.add(configAddForm);
}
@ApiOperation("修改配置参数 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('support:config:update')")
+ @SaCheckPermission("@saAuth.checkPermission('support:config:update')")
@PostMapping("/config/update")
public ResponseDTO updateSystemConfig(@RequestBody @Valid ConfigUpdateForm updateForm) {
return configService.updateSystemConfig(updateForm);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminFileController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminFileController.java
index b4528715..674571d4 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminFileController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminFileController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.file.domain.form.FileQueryForm;
import net.lab1024.sa.common.module.support.file.domain.vo.FileVO;
import net.lab1024.sa.common.module.support.file.service.FileService;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@@ -34,7 +34,7 @@ public class AdminFileController extends SupportBaseController {
private FileService fileService;
@ApiOperation("分页查询 @author 1024创新实验室-主任-卓大")
- @PreAuthorize("@saAuth.checkPermission('support:file:query')")
+ @SaCheckPermission("@saAuth.checkPermission('support:file:query')")
@PostMapping("/file/queryPage")
public ResponseDTO> queryPage(@RequestBody @Valid FileQueryForm queryForm) {
return ResponseDTO.ok(fileService.queryPage(queryForm));
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminHelpDocController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminHelpDocController.java
index 5d0949e2..ae08aa6c 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminHelpDocController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminHelpDocController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -13,7 +14,6 @@ import net.lab1024.sa.common.module.support.helpdoc.service.HelpDocCatalogServic
import net.lab1024.sa.common.module.support.helpdoc.service.HelpDocService;
import net.lab1024.sa.common.module.support.repeatsubmit.annoation.RepeatSubmit;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -42,14 +42,14 @@ public class AdminHelpDocController extends SupportBaseController {
@ApiOperation("帮助文档目录-添加 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('helpDocCatalog:addCategory')")
+ @SaCheckPermission("@saAuth.checkPermission('helpDocCatalog:addCategory')")
@PostMapping("/helpDoc/helpDocCatalog/add")
public ResponseDTO addHelpDocCatalog(@RequestBody @Valid HelpDocCatalogAddForm helpDocCatalogAddForm) {
return helpDocCatalogService.add(helpDocCatalogAddForm);
}
@ApiOperation("帮助文档目录-更新 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('helpDocCatalog:edit')")
+ @SaCheckPermission("@saAuth.checkPermission('helpDocCatalog:edit')")
@PostMapping("/helpDoc/helpDocCatalog/update")
public ResponseDTO updateHelpDocCatalog(@RequestBody @Valid HelpDocCatalogUpdateForm helpDocCatalogUpdateForm) {
return helpDocCatalogService.update(helpDocCatalogUpdateForm);
@@ -64,7 +64,7 @@ public class AdminHelpDocController extends SupportBaseController {
// --------------------- 帮助文档 【管理:增、删、查、改】-------------------------
@ApiOperation("【管理】帮助文档-分页查询 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('helpDoc:query')")
+ @SaCheckPermission("@saAuth.checkPermission('helpDoc:query')")
@PostMapping("/helpDoc/query")
public ResponseDTO> query(@RequestBody @Valid HelpDocQueryForm queryForm) {
return ResponseDTO.ok(helpDocService.query(queryForm));
@@ -77,7 +77,7 @@ public class AdminHelpDocController extends SupportBaseController {
}
@ApiOperation("【管理】帮助文档-添加 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('helpDoc:add')")
+ @SaCheckPermission("@saAuth.checkPermission('helpDoc:add')")
@PostMapping("/helpDoc/add")
@RepeatSubmit
public ResponseDTO add(@RequestBody @Valid HelpDocAddForm addForm) {
@@ -85,7 +85,7 @@ public class AdminHelpDocController extends SupportBaseController {
}
@ApiOperation("【管理】帮助文档-更新 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('helpDoc:update')")
+ @SaCheckPermission("@saAuth.checkPermission('helpDoc:update')")
@PostMapping("/helpDoc/update")
@RepeatSubmit
public ResponseDTO update(@RequestBody @Valid HelpDocUpdateForm updateForm) {
@@ -93,7 +93,7 @@ public class AdminHelpDocController extends SupportBaseController {
}
@ApiOperation("【管理】帮助文档-删除 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('helpDoc:delete')")
+ @SaCheckPermission("@saAuth.checkPermission('helpDoc:delete')")
@GetMapping("/helpDoc/delete/{helpDocId}")
public ResponseDTO delete(@PathVariable Long helpDocId) {
return helpDocService.delete(helpDocId);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminLoginLogController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminLoginLogController.java
index 0fd71522..33ec9f90 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminLoginLogController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminLoginLogController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.loginlog.LoginLogService;
import net.lab1024.sa.common.module.support.loginlog.domain.LoginLogQueryForm;
import net.lab1024.sa.common.module.support.loginlog.domain.LoginLogVO;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@@ -32,7 +32,7 @@ public class AdminLoginLogController extends SupportBaseController {
private LoginLogService loginLogService;
@ApiOperation(value = "分页查询 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('loginLog:query')")
+ @SaCheckPermission("@saAuth.checkPermission('loginLog:query')")
@PostMapping("/loginLog/page/query")
public ResponseDTO> queryByPage(@RequestBody LoginLogQueryForm queryForm) {
return loginLogService.queryByPage(queryForm);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminOperateLogController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminOperateLogController.java
index 85161a6f..3594eaf3 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminOperateLogController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminOperateLogController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.operatelog.OperateLogService;
import net.lab1024.sa.common.module.support.operatelog.domain.OperateLogQueryForm;
import net.lab1024.sa.common.module.support.operatelog.domain.OperateLogVO;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
/**
@@ -30,14 +30,14 @@ public class AdminOperateLogController extends SupportBaseController {
private OperateLogService operateLogService;
@ApiOperation(value = "分页查询 @author 罗伊")
- @PreAuthorize("@saAuth.checkPermission('operateLog:query')")
+ @SaCheckPermission("@saAuth.checkPermission('operateLog:query')")
@PostMapping("/operateLog/page/query")
public ResponseDTO> queryByPage(@RequestBody OperateLogQueryForm queryForm) {
return operateLogService.queryByPage(queryForm);
}
@ApiOperation(value = "详情 @author 罗伊")
- @PreAuthorize("@saAuth.checkPermission('operateLog:detail')")
+ @SaCheckPermission("@saAuth.checkPermission('operateLog:detail')")
@GetMapping("/operateLog/detail/{operateLogId}")
public ResponseDTO detail(@PathVariable Long operateLogId) {
return operateLogService.detail(operateLogId);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminReloadController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminReloadController.java
index 24637f6e..56cadbe7 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminReloadController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminReloadController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -10,7 +11,6 @@ import net.lab1024.sa.common.module.support.reload.domain.ReloadForm;
import net.lab1024.sa.common.module.support.reload.domain.ReloadItemVO;
import net.lab1024.sa.common.module.support.reload.domain.ReloadResultVO;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
@@ -39,14 +39,14 @@ public class AdminReloadController extends SupportBaseController {
}
@ApiOperation(value = "获取reload result @author 开云")
- @PreAuthorize("@saAuth.checkPermission('support:reload:result')")
+ @SaCheckPermission("@saAuth.checkPermission('support:reload:result')")
@GetMapping("/reload/result/{tag}")
public ResponseDTO> queryReloadResult(@PathVariable("tag") String tag) {
return reloadService.queryReloadItemResult(tag);
}
@ApiOperation(value = "通过tag更新标识 @author 开云")
- @PreAuthorize("@saAuth.checkPermission('support:reload:execute')")
+ @SaCheckPermission("@saAuth.checkPermission('support:reload:execute')")
@PostMapping("/reload/update")
public ResponseDTO updateByTag(@RequestBody @Valid ReloadForm reloadForm) {
return reloadService.updateByTag(reloadForm);
diff --git a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminSerialNumberController.java b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminSerialNumberController.java
index 329a2aaf..670b3985 100644
--- a/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminSerialNumberController.java
+++ b/smart-admin-api/sa-admin/src/main/java/net/lab1024/sa/admin/module/system/support/AdminSerialNumberController.java
@@ -1,5 +1,6 @@
package net.lab1024.sa.admin.module.system.support;
+import cn.dev33.satoken.annotation.SaCheckPermission;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.controller.SupportBaseController;
@@ -16,7 +17,6 @@ import net.lab1024.sa.common.module.support.serialnumber.domain.SerialNumberReco
import net.lab1024.sa.common.module.support.serialnumber.service.SerialNumberRecordService;
import net.lab1024.sa.common.module.support.serialnumber.service.SerialNumberService;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -48,7 +48,7 @@ public class AdminSerialNumberController extends SupportBaseController {
private SerialNumberRecordService serialNumberRecordService;
@ApiOperation("生成单号 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('support:serial:number:generate')")
+ @SaCheckPermission("@saAuth.checkPermission('support:serial:number:generate')")
@PostMapping("/serialNumber/generate")
public ResponseDTO> generate(@RequestBody @Valid SerialNumberGenerateForm generateForm) {
SerialNumberIdEnum serialNumberIdEnum = SmartEnumUtil.getEnumByValue(generateForm.getSerialNumberId(), SerialNumberIdEnum.class);
@@ -65,7 +65,7 @@ public class AdminSerialNumberController extends SupportBaseController {
}
@ApiOperation("获取生成记录 @author 卓大")
- @PreAuthorize("@saAuth.checkPermission('support:serial:number:record')")
+ @SaCheckPermission("@saAuth.checkPermission('support:serial:number:record')")
@PostMapping("/serialNumber/queryRecord")
public ResponseDTO> queryRecord(@RequestBody @Valid SerialNumberRecordQueryForm queryForm) {
return ResponseDTO.ok(serialNumberRecordService.query(queryForm));
diff --git a/smart-admin-api/sa-common/pom.xml b/smart-admin-api/sa-common/pom.xml
index 6a5d2b38..9620d010 100644
--- a/smart-admin-api/sa-common/pom.xml
+++ b/smart-admin-api/sa-common/pom.xml
@@ -49,10 +49,15 @@
-
+
- org.springframework.boot
- spring-boot-starter-security
+ cn.dev33
+ sa-token-spring-boot-starter
+
+
+
+ cn.dev33
+ sa-token-redis-jackson
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/interceptor/AbstractInterceptor.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/interceptor/AbstractInterceptor.java
index 62f2042d..0cb82222 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/interceptor/AbstractInterceptor.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/interceptor/AbstractInterceptor.java
@@ -97,7 +97,7 @@ public abstract class AbstractInterceptor implements HandlerInterceptor {
if (StringUtils.isNotBlank(xAccessToken)) {
RequestUser requestUser = userFunction().apply(xAccessToken);
if (requestUser != null) {
- SmartRequestUtil.setRequestUser(requestUser);
+ // SmartRequestUtil.setRequestUser(requestUser);
}
// 有token 无需登录
if (null != noNeedLogin) {
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/AbstractSecurityConfig.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/AbstractSecurityConfig.java
deleted file mode 100644
index 30fc239b..00000000
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/AbstractSecurityConfig.java
+++ /dev/null
@@ -1,93 +0,0 @@
-package net.lab1024.sa.common.common.security;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.web.filter.CorsFilter;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.List;
-import java.util.function.BiFunction;
-import java.util.function.Function;
-
-/**
- * Spring Security
- *
- * @Author 1024创新实验室-主任: 卓大
- * @Date 2021/8/3 17:50
- * @Wechat zhuoda1024
- * @Email lab1024@163.com
- * @Copyright 1024创新实验室 ( https://1024lab.net )
- */
-public abstract class AbstractSecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- private CorsFilter corsFilter;
-
- @Autowired
- private List noNeedLoginUrlList;
-
- @Autowired
- private List ignoreUrlList;
-
- /**
- * Token获取用户信息
- *
- * @return
- */
- protected abstract BiFunction userFunction();
-
- /**
- * 需要认证的url集合
- *
- * @return
- */
- protected abstract String[] getAuthenticatedUrlPatterns();
-
- /**
- * 不需要登录的url集合
- *
- * @return
- */
- protected String[] getNoNeedLoginUrl() {
- return noNeedLoginUrlList.toArray(new String[noNeedLoginUrlList.size()]);
- }
-
- /**
- * 忽略的url集合
- *
- * @return
- */
- protected String[] getIgnoreUrlList() {
- return ignoreUrlList.toArray(new String[ignoreUrlList.size()]);
- }
-
- @Override
- protected void configure(HttpSecurity httpSecurity) throws Exception {
- httpSecurity
- // CSRF禁用,因为不使用session
- .csrf().disable()
- // 认证失败处理类
- .exceptionHandling().authenticationEntryPoint(new SecurityAuthenticationFailHandler()).and()
- .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
- // 过滤请求
- .authorizeRequests()
- //忽略的url
- .antMatchers(this.getIgnoreUrlList()).permitAll()
- // 不需要登陆的url
- .antMatchers(this.getNoNeedLoginUrl()).permitAll()
- //需要校验权限的url
- .antMatchers(getAuthenticatedUrlPatterns()).authenticated();
-
- // token filter 进行校验
- httpSecurity.addFilterBefore(new SecurityTokenFilter(this.userFunction()), UsernamePasswordAuthenticationFilter.class);
- httpSecurity.addFilterBefore(corsFilter, SecurityTokenFilter.class);
- // 禁用spring security 使用 X-Frame-Options防止网页被Frame
- httpSecurity.headers().frameOptions().disable();
-
- }
-
-
-}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityAuthenticationFailHandler.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityAuthenticationFailHandler.java
deleted file mode 100644
index 3e146f18..00000000
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityAuthenticationFailHandler.java
+++ /dev/null
@@ -1,43 +0,0 @@
-package net.lab1024.sa.common.common.security;
-
-import com.alibaba.fastjson.JSONObject;
-import net.lab1024.sa.common.common.code.ErrorCode;
-import net.lab1024.sa.common.common.code.UserErrorCode;
-import net.lab1024.sa.common.common.domain.ResponseDTO;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.AuthenticationEntryPoint;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-
-/**
- * 登录认证失败处理
- *
- * @Author 1024创新实验室: 罗伊
- * @Date 2022-08-26 20:21:10
- * @Wechat zhuoda1024
- * @Email lab1024@163.com
- * @Copyright 1024创新实验室 ( https://1024lab.net )
- */
-public class SecurityAuthenticationFailHandler implements AuthenticationEntryPoint {
-
- @Override
- public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException {
- this.outputResult(response, UserErrorCode.LOGIN_STATE_INVALID);
- }
-
- /**
- * 输出
- *
- * @param response
- * @param errorCode
- * @throws IOException
- */
- private void outputResult(HttpServletResponse response, ErrorCode errorCode) throws IOException {
- String msg = JSONObject.toJSONString(ResponseDTO.error(errorCode));
- response.setContentType("application/json;charset=UTF-8");
- response.getWriter().write(msg);
- response.flushBuffer();
- }
-}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityMethodSource.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityMethodSource.java
deleted file mode 100644
index 290b3d9c..00000000
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityMethodSource.java
+++ /dev/null
@@ -1,66 +0,0 @@
-package net.lab1024.sa.common.common.security;
-
-import net.lab1024.sa.common.common.annoation.SaAuth;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.security.access.ConfigAttribute;
-import org.springframework.security.access.prepost.PreInvocationAttribute;
-import org.springframework.security.access.prepost.PrePostAnnotationSecurityMetadataSource;
-import org.springframework.security.access.prepost.PrePostInvocationAttributeFactory;
-
-import java.lang.reflect.Method;
-import java.util.ArrayList;
-import java.util.Collection;
-
-/**
- * 此类用于默认给所有接口添加权限 @saAuth.checkPermission('%s')
- * %s 为类名.方法名
- * 和使用@PreAuthorize("@saAuth.checkPermission('%s')") 效果一致
- * 避免所有接口都添加一遍 减轻工作量
- *
- * @Author 1024创新实验室: 罗伊
- * @Date 2021-08-30 23:08
- * @Wechat zhuoda1024
- * @Email lab1024@163.com
- * @Copyright 1024创新实验室 ( https://1024lab.net )
- */
-public class SecurityMethodSource extends PrePostAnnotationSecurityMetadataSource {
-
-
- private static String EXPRESSION_FORMAT = "@%s.checkPermission('%s')";
-
- private final PrePostInvocationAttributeFactory attributeFactory;
-
- private String beanName;
-
-
- public SecurityMethodSource(PrePostInvocationAttributeFactory attributeFactory, String beanName) {
- super(attributeFactory);
- this.attributeFactory = attributeFactory;
- this.beanName = beanName;
- }
-
-
- @Override
- public Collection getAttributes(Method method, Class targetClass) {
- //如果不存在SaAuth采用security认证模式
- SaAuth saAuth = method.getAnnotation(SaAuth.class);
- if (saAuth == null) {
- return super.getAttributes(method, targetClass);
- }
-
- //存在添加以URL为权限字符串的校验模式
- ArrayList configAttributes = new ArrayList(1);
- String classFullName = targetClass.getName();
- String methodName = method.getName();
- String[] classNameArray = StringUtils.split(classFullName, "\\.");
- String controllerName = classNameArray[classNameArray.length - 1];
- String privilegeName = controllerName + "." + methodName;
- String preAuthorizeAttribute = String.format(EXPRESSION_FORMAT, beanName, privilegeName);
- PreInvocationAttribute pre = this.attributeFactory.createPreInvocationAttribute(null, null, preAuthorizeAttribute);
- if (pre != null) {
- configAttributes.add(pre);
- }
- return configAttributes;
- }
-
-}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityPermissionCheckService.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityPermissionCheckService.java
deleted file mode 100644
index 29e46559..00000000
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityPermissionCheckService.java
+++ /dev/null
@@ -1,74 +0,0 @@
-package net.lab1024.sa.common.common.security;
-
-import org.apache.commons.collections4.CollectionUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-
-import java.util.Arrays;
-import java.util.Optional;
-import java.util.Set;
-import java.util.stream.Collectors;
-
-/**
- * 校验权限
- *
- * @Author 1024创新实验室: 罗伊
- * @Date 2022/5/12 21:50
- * @Wechat zhuoda1024
- * @Email lab1024@163.com
- * @Copyright 1024创新实验室 ( https://1024lab.net )
- */
-public abstract class SecurityPermissionCheckService {
-
-
- /**
- * 校验是否有权限
- *
- * @param permission
- * @return
- */
- public boolean checkPermission(String permission) {
- Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
- if (authentication == null) {
- return false;
- }
- return checkPermission(authentication, permission);
- }
-
- /**
- * 校验是否有权限
- *
- * @param authentication
- * @param permission
- * @return
- */
- public abstract boolean checkPermission(Authentication authentication, String permission);
-
- /**
- * 判断
- *
- * @param userDetails
- * @param permissionStr
- * @return
- */
- protected boolean permissionJudge(UserDetails userDetails, String permissionStr) {
- if (CollectionUtils.isEmpty(userDetails.getAuthorities())) {
- return false;
- }
-
- if (StringUtils.isBlank(permissionStr)) {
- return false;
- }
-
- String[] permissionArray = permissionStr.split(",");
- for (String permission : permissionArray) {
- if(userDetails.getAuthorities().contains(new SimpleGrantedAuthority(permission))){
- return true;
- }
- }
- return false;
- }
-}
\ No newline at end of file
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityTokenFilter.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityTokenFilter.java
deleted file mode 100644
index 1a2ef97e..00000000
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/security/SecurityTokenFilter.java
+++ /dev/null
@@ -1,64 +0,0 @@
-package net.lab1024.sa.common.common.security;
-
-import lombok.extern.slf4j.Slf4j;
-import net.lab1024.sa.common.common.constant.RequestHeaderConst;
-import net.lab1024.sa.common.common.domain.RequestUser;
-import net.lab1024.sa.common.common.util.SmartRequestUtil;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
-import org.springframework.security.core.userdetails.UserDetails;
-import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
-import org.springframework.web.filter.OncePerRequestFilter;
-
-import javax.servlet.FilterChain;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.util.function.BiFunction;
-import java.util.function.Function;
-
-/**
- * 注意此处不能 加入@Component,否则对应ignoreUrl的相关请求 将会进入此Filter,并会覆盖CorsFilter
- *
- * @Author 1024创新实验室: 罗伊
- * @Date 2022/5/12 21:50
- * @Wechat zhuoda1024
- * @Email lab1024@163.com
- * @Copyright 1024创新实验室 ( https://1024lab.net )
- */
-@Slf4j
-public class SecurityTokenFilter extends OncePerRequestFilter {
-
- private BiFunction userFunction;
-
- public SecurityTokenFilter(BiFunction userFunction) {
- this.userFunction = userFunction;
- }
-
- @Override
- protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
- throws ServletException, IOException {
- //需要做token校验, 消息头的token优先于请求query参数的token
- String xHeaderToken = request.getHeader(RequestHeaderConst.TOKEN);
- String xRequestToken = request.getParameter(RequestHeaderConst.TOKEN);
- String xAccessToken = null != xHeaderToken ? xHeaderToken : xRequestToken;
- if (StringUtils.isBlank(xAccessToken)) {
- chain.doFilter(request, response);
- return;
- }
- //清理spring security
- SecurityContextHolder.clearContext();
-
- UserDetails loginUserDetail = userFunction.apply(xAccessToken,request);
- if (null != loginUserDetail) {
- UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUserDetail, null, loginUserDetail.getAuthorities());
- authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
- SecurityContextHolder.getContext().setAuthentication(authenticationToken);
- SmartRequestUtil.setRequestUser((RequestUser) loginUserDetail);
- }
- // 若未给予spring security上下文用户授权 则会授权失败 进入AuthenticationEntryPointImpl
- chain.doFilter(request, response);
- }
-}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/util/SmartRequestUtil.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/util/SmartRequestUtil.java
index 40210ba2..03def039 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/util/SmartRequestUtil.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/common/util/SmartRequestUtil.java
@@ -14,24 +14,18 @@ import net.lab1024.sa.common.common.domain.RequestUser;
*/
@Slf4j
public class SmartRequestUtil {
-
- private static final ThreadLocal requestThreadLocal = new ThreadLocal<>();
-
- public static void setRequestUser(RequestUser requestUser) {
- requestThreadLocal.set(requestUser);
+ public static RequestUser getUser() {
+ // TODO listen
+ return null;
}
- public static RequestUser getRequestUser() {
- return requestThreadLocal.get();
- }
-
- public static Long getRequestUserId() {
- RequestUser requestUser = getRequestUser();
+ public static Long getUserId() {
+ RequestUser requestUser = getUser();
return null == requestUser ? null : requestUser.getUserId();
}
public static void remove() {
- requestThreadLocal.remove();
+ // TODO listen
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/config/RepeatSubmitConfig.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/config/RepeatSubmitConfig.java
index fcfdd5ee..9f4083c3 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/config/RepeatSubmitConfig.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/config/RepeatSubmitConfig.java
@@ -31,7 +31,7 @@ public class RepeatSubmitConfig {
* @return
*/
private String ticket(String servletPath) {
- Long userId = SmartRequestUtil.getRequestUserId();
+ Long userId = SmartRequestUtil.getUserId();
if (null == userId) {
return StringConst.EMPTY;
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/handler/GlobalExceptionHandler.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/handler/GlobalExceptionHandler.java
index 66da1df0..ea17fd75 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/handler/GlobalExceptionHandler.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/handler/GlobalExceptionHandler.java
@@ -9,7 +9,6 @@ import net.lab1024.sa.common.common.exception.BusinessException;
import org.springframework.beans.TypeMismatchException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.converter.HttpMessageNotReadableException;
-import org.springframework.security.access.AccessDeniedException;
import org.springframework.validation.BindException;
import org.springframework.validation.FieldError;
import org.springframework.web.bind.MethodArgumentNotValidException;
@@ -77,15 +76,6 @@ public class GlobalExceptionHandler {
return ResponseDTO.error(UserErrorCode.PARAM_ERROR);
}
- /**
- * 权限异常
- */
- @ResponseBody
- @ExceptionHandler({AccessDeniedException.class})
- public ResponseDTO permissionExceptionHandler(AccessDeniedException e) {
- return ResponseDTO.error(UserErrorCode.NO_PERMISSION);
- }
-
/**
* 业务异常
*/
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/datatracer/service/DataTracerService.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/datatracer/service/DataTracerService.java
index 2968ed5a..aa05bbc9 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/datatracer/service/DataTracerService.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/datatracer/service/DataTracerService.java
@@ -157,7 +157,7 @@ public class DataTracerService {
* 保存数据变动记录
*/
public void addTrace(DataTracerForm tracerForm) {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
this.addTrace(tracerForm, requestUser);
}
@@ -182,7 +182,7 @@ public class DataTracerService {
* 批量保存数据变动记录
*/
public void addTraceList(List tracerFormList) {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
this.addTraceList(tracerFormList, requestUser);
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/feedback/controller/FeedbackController.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/feedback/controller/FeedbackController.java
index b9a1cd09..a3242326 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/feedback/controller/FeedbackController.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/feedback/controller/FeedbackController.java
@@ -13,7 +13,6 @@ import net.lab1024.sa.common.module.support.feedback.domain.FeedbackAddForm;
import net.lab1024.sa.common.module.support.feedback.domain.FeedbackQueryForm;
import net.lab1024.sa.common.module.support.feedback.domain.FeedbackVO;
import net.lab1024.sa.common.module.support.feedback.service.FeedbackService;
-import net.lab1024.sa.common.module.support.repeatsubmit.annoation.RepeatSubmit;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
@@ -47,7 +46,7 @@ public class FeedbackController extends SupportBaseController {
@ApiOperation("意见反馈-新增 @author 开云")
@PostMapping("/feedback/add")
public ResponseDTO add(@RequestBody @Valid FeedbackAddForm addForm) {
- RequestUser employee = SmartRequestUtil.getRequestUser();
+ RequestUser employee = SmartRequestUtil.getUser();
return feedbackService.add(addForm, employee);
}
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/file/controller/FileController.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/file/controller/FileController.java
index 04dc3f10..4734bfa4 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/file/controller/FileController.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/file/controller/FileController.java
@@ -5,17 +5,13 @@ import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import net.lab1024.sa.common.common.constant.RequestHeaderConst;
import net.lab1024.sa.common.common.controller.SupportBaseController;
-import net.lab1024.sa.common.common.domain.PageResult;
import net.lab1024.sa.common.common.domain.RequestUser;
import net.lab1024.sa.common.common.domain.ResponseDTO;
import net.lab1024.sa.common.common.util.SmartRequestUtil;
import net.lab1024.sa.common.constant.SwaggerTagConst;
-import net.lab1024.sa.common.module.support.file.domain.form.FileQueryForm;
+import net.lab1024.sa.common.module.support.file.constant.FileFolderTypeEnum;
import net.lab1024.sa.common.module.support.file.domain.form.FileUrlUploadForm;
import net.lab1024.sa.common.module.support.file.domain.vo.FileUploadVO;
-import net.lab1024.sa.common.module.support.file.domain.vo.FileVO;
-import net.lab1024.sa.common.module.support.repeatsubmit.annoation.RepeatSubmit;
-import net.lab1024.sa.common.module.support.file.constant.FileFolderTypeEnum;
import net.lab1024.sa.common.module.support.file.service.FileService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
@@ -46,14 +42,14 @@ public class FileController extends SupportBaseController {
@PostMapping("/file/upload")
public ResponseDTO upload(@RequestParam MultipartFile file,
@RequestParam Integer folder) {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
return fileService.fileUpload(file, folder, requestUser);
}
@ApiOperation(value = "文件上传,通过url上传 @author 胡克", notes = FileFolderTypeEnum.INFO)
@PostMapping("/file/upload/url")
public ResponseDTO uploadByUrl(@RequestBody @Valid FileUrlUploadForm uploadForm) {
- RequestUser requestUser = SmartRequestUtil.getRequestUser();
+ RequestUser requestUser = SmartRequestUtil.getUser();
return fileService.fileUpload(uploadForm,requestUser);
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/helpdoc/controller/HelpDocController.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/helpdoc/controller/HelpDocController.java
index cd3eb398..005320e2 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/helpdoc/controller/HelpDocController.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/helpdoc/controller/HelpDocController.java
@@ -56,7 +56,7 @@ public class HelpDocController extends SupportBaseController {
@RepeatSubmit
public ResponseDTO view(@PathVariable Long helpDocId, HttpServletRequest request) {
return helpDocUserService.view(
- SmartRequestUtil.getRequestUser(),
+ SmartRequestUtil.getUser(),
helpDocId);
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/operatelog/core/OperateLogAspect.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/operatelog/core/OperateLogAspect.java
index 3d9da663..75ef250d 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/operatelog/core/OperateLogAspect.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/operatelog/core/OperateLogAspect.java
@@ -179,7 +179,7 @@ public abstract class OperateLogAspect {
return;
}
//设置用户信息
- RequestUser user = SmartRequestUtil.getRequestUser();
+ RequestUser user = SmartRequestUtil.getUser();
if (user == null) {
return;
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/table/TableColumnController.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/table/TableColumnController.java
index fd657e09..0c5ca017 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/table/TableColumnController.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/table/TableColumnController.java
@@ -33,19 +33,19 @@ public class TableColumnController extends SupportBaseController {
@PostMapping("/tableColumn/update")
@RepeatSubmit
public ResponseDTO updateTableColumn(@RequestBody @Valid TableColumnUpdateForm updateForm) {
- return tableColumnService.updateTableColumns(SmartRequestUtil.getRequestUser(), updateForm);
+ return tableColumnService.updateTableColumns(SmartRequestUtil.getUser(), updateForm);
}
@ApiOperation("恢复默认(删除) @author 卓大")
@GetMapping("/tableColumn/delete/{tableId}")
@RepeatSubmit
public ResponseDTO deleteTableColumn(@PathVariable Integer tableId) {
- return tableColumnService.deleteTableColumn(SmartRequestUtil.getRequestUser(), tableId);
+ return tableColumnService.deleteTableColumn(SmartRequestUtil.getUser(), tableId);
}
@ApiOperation("查询表格列 @author 卓大")
@GetMapping("/tableColumn/getColumns/{tableId}")
public ResponseDTO getColumns(@PathVariable Integer tableId) {
- return ResponseDTO.ok(tableColumnService.getTableColumns(SmartRequestUtil.getRequestUser(), tableId));
+ return ResponseDTO.ok(tableColumnService.getTableColumns(SmartRequestUtil.getUser(), tableId));
}
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/LoginDeviceEnum.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/LoginDeviceEnum.java
index 3fa94198..5baa2afa 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/LoginDeviceEnum.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/LoginDeviceEnum.java
@@ -1,5 +1,7 @@
package net.lab1024.sa.common.module.support.token;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
import net.lab1024.sa.common.common.enumeration.BaseEnum;
/**
@@ -11,6 +13,8 @@ import net.lab1024.sa.common.common.enumeration.BaseEnum;
* @Email lab1024@163.com
* @Copyright 1024创新实验室 ( https://1024lab.net )
*/
+@Getter
+@AllArgsConstructor
public enum LoginDeviceEnum implements BaseEnum {
PC(1, "电脑端"),
@@ -21,23 +25,9 @@ public enum LoginDeviceEnum implements BaseEnum {
H5(4, "H5"),
- WEIXIN_MP(5, "微信小程序");
+ WX_MP(5, "微信小程序");
- LoginDeviceEnum(Integer value, String desc) {
- this.value = value;
- this.desc = desc;
- }
+ private final Integer value;
- private Integer value;
- private String desc;
-
- @Override
- public Integer getValue() {
- return value;
- }
-
- @Override
- public String getDesc() {
- return desc;
- }
+ private final String desc;
}
diff --git a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/TokenService.java b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/TokenService.java
index e3af8649..13daa2f9 100644
--- a/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/TokenService.java
+++ b/smart-admin-api/sa-common/src/main/java/net/lab1024/sa/common/module/support/token/TokenService.java
@@ -1,21 +1,11 @@
package net.lab1024.sa.common.module.support.token;
-import io.jsonwebtoken.Claims;
-import io.jsonwebtoken.JwtBuilder;
-import io.jsonwebtoken.Jwts;
-import io.jsonwebtoken.SignatureAlgorithm;
-import lombok.extern.slf4j.Slf4j;
+import cn.dev33.satoken.stp.SaLoginModel;
+import cn.dev33.satoken.stp.StpUtil;
import net.lab1024.sa.common.common.enumeration.UserTypeEnum;
-import net.lab1024.sa.common.constant.RedisKeyConst;
-import net.lab1024.sa.common.module.support.redis.RedisService;
-import org.apache.commons.collections4.MapUtils;
-import org.apache.commons.lang3.math.NumberUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
-import java.util.Date;
-import java.util.Map;
+import java.util.List;
/**
* 与用户token的相关的服务
@@ -27,194 +17,59 @@ import java.util.Map;
* @Copyright 1024创新实验室 ( https://1024lab.net )
*/
@Component
-@Slf4j
public class TokenService {
- private static final long HOUR_TIME_MILLI = 60 * 60 * 1000;
- @Value("${token.key}")
- private String tokenKey;
+ private static final String EXTRA_KEY_USER_NAME = "userName";
- @Value("${token.expire-day}")
- private Integer tokenExpire;
-
- @Autowired
- private RedisService redisService;
+ private static final String EXTRA_KEY_USER_TYPE = "userType";
/**
- * 生成Token,并存入redis
+ * 生成Token
*
* @param userId
* @param userName
* @param userTypeEnum
* @param loginDeviceEnum
- * @param superPasswordFlag 特殊万能密码标识
* @return
*/
- public String generateToken(Long userId, String userName, UserTypeEnum userTypeEnum, LoginDeviceEnum loginDeviceEnum, Boolean superPasswordFlag) {
- long nowTimeMilli = System.currentTimeMillis();
- Claims jwtClaims = Jwts.claims();
- jwtClaims.put(JwtConst.CLAIM_ID_KEY, userId);
- jwtClaims.put(JwtConst.CLAIM_NAME_KEY, userName);
- jwtClaims.put(JwtConst.CLAIM_USER_TYPE_KEY, userTypeEnum.getValue());
- jwtClaims.put(JwtConst.CLAIM_DEVICE_KEY, loginDeviceEnum.getValue());
- jwtClaims.put(JwtConst.CLAIM_SUPER_PASSWORD_FLAG, superPasswordFlag);
- JwtBuilder jwtBuilder = Jwts.builder()
- .setClaims(jwtClaims)
- .setIssuedAt(new Date(nowTimeMilli))
- .signWith(SignatureAlgorithm.HS512, tokenKey);
+ public String generateToken(Long userId,
+ String userName,
+ UserTypeEnum userTypeEnum,
+ LoginDeviceEnum loginDeviceEnum) {
- // 如果是万能密码,则不需要记录到redis中;万能密码最多半个小时有效期
- if (superPasswordFlag) {
- jwtBuilder.setExpiration(new Date(nowTimeMilli + (HOUR_TIME_MILLI / 2)));
- return jwtBuilder.compact();
- }
+ /**
+ * 设置登录模式参数
+ * 具体参数 @see SaLoginModel 属性
+ * 已经写的挺清楚的了
+ */
+ SaLoginModel loginModel = new SaLoginModel();
+ // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
+ loginModel.setDevice(String.valueOf(loginDeviceEnum.getDesc()));
+ // 扩展参数
+ loginModel.setExtra(EXTRA_KEY_USER_NAME, userName);
+ loginModel.setExtra(EXTRA_KEY_USER_TYPE, userTypeEnum.getValue());
- jwtBuilder.setExpiration(new Date(nowTimeMilli + tokenExpire * 24 * HOUR_TIME_MILLI));
- String token = jwtBuilder.compact();
- String redisKey = this.generateTokenRedisKey(userId, userTypeEnum.getValue(), loginDeviceEnum.getValue());
- redisService.set(redisKey, token, tokenExpire * 24 * 3600);
- return token;
+ String loginId = generateLoginId(userId, userTypeEnum);
+ StpUtil.login(loginId, loginModel);
+ return StpUtil.getTokenValue();
+ }
+
+ public static String generateLoginId(Long userId, UserTypeEnum userType) {
+ return userType.getValue() + "_" + userId;
}
/**
- * 生成登录信息: 含设备信息
- *
- * @param userId
- * @param device
- * @return
+ * 退出登录 注销
*/
- private String generateTokenRedisKey(Long userId, Integer userType, Integer device) {
- String userKey = userType + "_" + userId + "_" + device;
- return redisService.generateRedisKey(RedisKeyConst.Support.TOKEN, userKey);
+ public void removeToken() {
+ StpUtil.logout();
}
-
- /**
- * 强制移除 此用户各端的登录信息
- *
- * @param token
- */
- public void removeToken(String token) {
- Map tokenData = this.decryptTokenData(token);
- if (MapUtils.isEmpty(tokenData)) {
- return;
- }
-
- //特殊账号
- if (tokenData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG) != null) {
- try {
- Boolean superPasswordFlag = Boolean.valueOf(tokenData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG).toString());
- if (superPasswordFlag) {
- return;
- }
- } catch (Exception e) {
- log.error(e.getMessage(), e);
- return;
- }
- }
-
- boolean isValid = this.checkRedisToken(tokenData, token);
- if (!isValid) {
- return;
- }
-
- Long userId = Long.valueOf(tokenData.get(JwtConst.CLAIM_ID_KEY).toString());
- Integer userType = Integer.valueOf(tokenData.get(JwtConst.CLAIM_USER_TYPE_KEY).toString());
- Integer device = Integer.valueOf(tokenData.get(JwtConst.CLAIM_DEVICE_KEY).toString());
-
- String redisKey = this.generateTokenRedisKey(userId, userType, device);
- redisService.delete(redisKey);
+ public void removeToken(Long userId, UserTypeEnum userType) {
+ StpUtil.logout(generateLoginId(userId, userType));
}
- /**
- * 解析并校验token信息 获取 userId
- *
- * @param token
- * @return
- */
- public Long getUserIdAndValidateToken(String token) {
- Map parseJwtData = this.decryptTokenData(token);
- boolean isValid = this.checkRedisToken(parseJwtData, token);
- if (!isValid) {
- return null;
- }
- Long userId = Long.valueOf(parseJwtData.get(JwtConst.CLAIM_ID_KEY).toString());
- return userId;
- }
-
- /**
- * 解密和解析token
- *
- * @param token
- * @return
- */
- private Map decryptTokenData(String token) {
- try {
- return Jwts.parser()
- .setSigningKey(tokenKey)
- .parseClaimsJws(token)
- .getBody();
- } catch (Exception e) {
- }
- return null;
- }
-
- /**
- * 校验token是否有效
- *
- * @param token
- * @return
- */
- private boolean checkRedisToken(Map parseJwtData, String token) {
- if (MapUtils.isEmpty(parseJwtData)) {
- return false;
- }
- //特殊账号
- if (parseJwtData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG) != null) {
- try {
- Boolean superPasswordFlag = Boolean.valueOf(parseJwtData.get(JwtConst.CLAIM_SUPER_PASSWORD_FLAG).toString());
- if (superPasswordFlag) {
- return true;
- }
- } catch (Exception e) {
- log.error(e.getMessage(), e);
- return false;
- }
- }
-
- Long userId = null;
- Integer userType = null, device = null;
-
- if (null != parseJwtData.get(JwtConst.CLAIM_ID_KEY)) {
- userId = NumberUtils.toLong(parseJwtData.get(JwtConst.CLAIM_ID_KEY).toString(), -1);
- userId = userId == -1 ? null : userId;
- }
-
- if (null != parseJwtData.get(JwtConst.CLAIM_USER_TYPE_KEY)) {
- userType = NumberUtils.toInt(parseJwtData.get(JwtConst.CLAIM_USER_TYPE_KEY).toString(), -1);
- userType = userType == -1 ? null : userType;
- }
-
- if (null != parseJwtData.get(JwtConst.CLAIM_DEVICE_KEY)) {
- device = NumberUtils.toInt(parseJwtData.get(JwtConst.CLAIM_DEVICE_KEY).toString(), -1);
- device = device == -1 ? null : device;
- }
-
- if (userId == null || userType == null || device == null) {
- return false;
- }
-
- String redisKey = this.generateTokenRedisKey(userId, userType, device);
- String redisToken = redisService.get(redisKey);
- return token.equals(redisToken);
- }
-
- /**
- * 批量移除用户所有设备的token
- */
- public void batchRemoveRedisToken(Long userId, UserTypeEnum userTypeEnum) {
- for (LoginDeviceEnum device : LoginDeviceEnum.values()) {
- redisService.delete(this.generateTokenRedisKey(userId, userTypeEnum.getValue(), device.getValue()));
- }
+ public void removeToken(List userIdList, UserTypeEnum userType) {
+ userIdList.forEach(id -> StpUtil.logout(generateLoginId(id, userType)));
}
}
\ No newline at end of file
diff --git a/smart-admin-api/sa-common/src/main/resources/dev/sa-common.yaml b/smart-admin-api/sa-common/src/main/resources/dev/sa-common.yaml
index b6b25c9d..73a3c270 100644
--- a/smart-admin-api/sa-common/src/main/resources/dev/sa-common.yaml
+++ b/smart-admin-api/sa-common/src/main/resources/dev/sa-common.yaml
@@ -3,7 +3,7 @@ spring:
datasource:
url: jdbc:p6spy:mysql://127.0.0.1:3306/smart_admin_v2?autoReconnect=true&useServerPreparedStmts=false&rewriteBatchedStatements=true&characterEncoding=UTF-8&useSSL=false&allowMultiQueries=true&serverTimezone=Asia/Shanghai
username: root
- password: Zhuoda1024lab
+ password: 123456
initial-size: 2
min-idle: 2
max-active: 10
@@ -27,17 +27,17 @@ spring:
# redis 连接池配置信息
redis:
- database: 1
+ database: 12
host: 127.0.0.1
lettuce:
pool:
- max-active: 5
+ max-active: 50
min-idle: 1
max-idle: 3
max-wait: 30000ms
port: 6379
- timeout: 10000ms
- password:
+ timeout: 10s
+ password: 123456
# 上传文件大小配置
servlet:
@@ -109,11 +109,6 @@ http:
write-timeout: 50000
keep-alive: 300000
-# token相关配置
-token:
- key: sa-jwt-key
- expire-day: 7
-
# 跨域配置
access-control-allow-origin: '*'
@@ -123,4 +118,23 @@ heart-beat:
# 热加载配置
reload:
- interval-seconds: 300
\ No newline at end of file
+ interval-seconds: 300
+
+############## Sa-Token 配置 (文档: https://sa-token.cc) ##############
+sa-token:
+ # token 名称(同时也是 cookie 名称)
+ token-name: x-access-token
+ # token 前缀
+ token-prefix:
+ # token 有效期(单位:秒) 默认30天,-1 代表永久有效
+ timeout: 2592000
+ # token 最低活跃频率(单位:秒),如果 token 超过此时间没有访问系统就会被冻结,默认-1 代表不限制,永不冻结
+ active-timeout: 28800
+ # 是否允许同一账号多地同时登录 (为 true 时允许一起登录, 为 false 时新登录挤掉旧登录)
+ is-concurrent: false
+ # 在多人登录同一账号时,是否共用一个 token (为 true 时所有登录共用一个 token, 为 false 时每次登录新建一个 token)
+ is-share: false
+ # token 风格(默认可取值:uuid、simple-uuid、random-32、random-64、random-128、tik)
+ token-style: simple-uuid
+ # 是否输出操作日志
+ is-log: true
\ No newline at end of file