diff --git a/src/main/java/com/youlai/boot/config/SecurityConfig.java b/src/main/java/com/youlai/boot/config/SecurityConfig.java index 523eee07..fef74b6f 100644 --- a/src/main/java/com/youlai/boot/config/SecurityConfig.java +++ b/src/main/java/com/youlai/boot/config/SecurityConfig.java @@ -65,12 +65,12 @@ public class SecurityConfig { return http .authorizeHttpRequests(requestMatcherRegistry -> { - // 忽略认证的 URI 地址 + // 配置无需登录即可访问的公开接口 String[] ignoreUrls = securityProperties.getIgnoreUrls(); if (ArrayUtil.isNotEmpty(ignoreUrls)) { requestMatcherRegistry.requestMatchers(ignoreUrls).permitAll(); } - // 其他请求都需要认证 + // 其他所有请求需登录后访问 requestMatcherRegistry.anyRequest().authenticated(); } ) diff --git a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java index 70058226..553d6d6c 100644 --- a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java +++ b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java @@ -5,7 +5,7 @@ import cn.hutool.core.util.StrUtil; import com.youlai.boot.common.constant.RedisConstants; import com.youlai.boot.core.security.exception.CaptchaValidationException; import com.youlai.boot.core.security.model.SysUserDetails; -import com.youlai.boot.system.model.dto.UserAuthInfo; +import com.youlai.boot.core.security.model.AuthCredentials; import com.youlai.boot.system.service.UserService; import lombok.extern.slf4j.Slf4j; import org.springframework.data.redis.core.RedisTemplate; @@ -49,14 +49,14 @@ public class SmsAuthenticationProvider implements AuthenticationProvider { String inputVerifyCode = (String) authentication.getCredentials(); // 根据手机号获取用户信息 - UserAuthInfo userAuthInfo = userService.getUserAuthInfoByMobile(mobile); + AuthCredentials authCredentials = userService.getAuthCredentialsByMobile(mobile); - if (userAuthInfo == null) { + if (authCredentials == null) { throw new UsernameNotFoundException("用户不存在"); } // 检查用户状态是否有效 - if (ObjectUtil.notEqual(userAuthInfo.getStatus(), 1)) { + if (ObjectUtil.notEqual(authCredentials.getStatus(), 1)) { throw new DisabledException("用户已被禁用"); } @@ -72,7 +72,7 @@ public class SmsAuthenticationProvider implements AuthenticationProvider { } // 构建认证后的用户详情信息 - SysUserDetails userDetails = new SysUserDetails(userAuthInfo); + SysUserDetails userDetails = new SysUserDetails(authCredentials); // 创建已认证的 SmsAuthenticationToken return SmsAuthenticationToken.authenticated( diff --git a/src/main/java/com/youlai/boot/core/security/extension/wechat/WechatAuthenticationProvider.java b/src/main/java/com/youlai/boot/core/security/extension/wechat/WechatAuthenticationProvider.java index 01f410ff..15e9a329 100644 --- a/src/main/java/com/youlai/boot/core/security/extension/wechat/WechatAuthenticationProvider.java +++ b/src/main/java/com/youlai/boot/core/security/extension/wechat/WechatAuthenticationProvider.java @@ -5,7 +5,7 @@ import cn.binarywang.wx.miniapp.bean.WxMaJscode2SessionResult; import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import com.youlai.boot.core.security.model.SysUserDetails; -import com.youlai.boot.system.model.dto.UserAuthInfo; +import com.youlai.boot.core.security.model.AuthCredentials; import com.youlai.boot.system.service.UserService; import lombok.extern.slf4j.Slf4j; import me.chanjar.weixin.common.error.WxErrorException; @@ -63,27 +63,27 @@ public class WechatAuthenticationProvider implements AuthenticationProvider { } // 根据微信 OpenID 查询用户信息 - UserAuthInfo userAuthInfo = userService.getUserAuthInfoByOpenId(openId); + AuthCredentials authCredentials = userService.getAuthCredentialsByOpenId(openId); - if (userAuthInfo == null) { + if (authCredentials == null) { // TODO: 用户不存在则注册,这里需要获取用户手机号并与现有用户绑定 userService.registerOrBindWechatUser(openId); // 再次查询用户信息,确保用户注册成功 - userAuthInfo = userService.getUserAuthInfoByOpenId(openId); - if (userAuthInfo == null) { + authCredentials = userService.getAuthCredentialsByOpenId(openId); + if (authCredentials == null) { throw new UsernameNotFoundException("用户注册失败,请稍后重试"); } } // 检查用户状态是否有效 - if (ObjectUtil.notEqual(userAuthInfo.getStatus(), 1)) { + if (ObjectUtil.notEqual(authCredentials.getStatus(), 1)) { throw new DisabledException("用户已被禁用"); } // 这里因为已经根据 code 从微信小程序获取到 openid 不需要再经过系统认证,所以直接生成 // 构建认证后的用户详情信息 - SysUserDetails userDetails = new SysUserDetails(userAuthInfo); + SysUserDetails userDetails = new SysUserDetails(authCredentials); // 创建已认证的 WeChatAuthenticationToken return WechatAuthenticationToken.authenticated( diff --git a/src/main/java/com/youlai/boot/core/security/filter/TokenAuthenticationFilter.java b/src/main/java/com/youlai/boot/core/security/filter/TokenAuthenticationFilter.java index 9cbbd0a6..b71e86ce 100644 --- a/src/main/java/com/youlai/boot/core/security/filter/TokenAuthenticationFilter.java +++ b/src/main/java/com/youlai/boot/core/security/filter/TokenAuthenticationFilter.java @@ -56,7 +56,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter { return; } - // 将令牌解析为Spring Security认证对象 + // 将令牌解析为 Spring Security 上下文认证对象 Authentication authentication = tokenManager.parseToken(rawToken); SecurityContextHolder.getContext().setAuthentication(authentication); } diff --git a/src/main/java/com/youlai/boot/system/model/dto/UserAuthInfo.java b/src/main/java/com/youlai/boot/core/security/model/AuthCredentials.java similarity index 87% rename from src/main/java/com/youlai/boot/system/model/dto/UserAuthInfo.java rename to src/main/java/com/youlai/boot/core/security/model/AuthCredentials.java index 49fde52a..951adcd8 100644 --- a/src/main/java/com/youlai/boot/system/model/dto/UserAuthInfo.java +++ b/src/main/java/com/youlai/boot/core/security/model/AuthCredentials.java @@ -1,17 +1,16 @@ -package com.youlai.boot.system.model.dto; +package com.youlai.boot.core.security.model; import lombok.Data; - import java.util.Set; /** - * 用户认证信息 + * 用户认证凭证信息 * * @author Ray.Hao * @since 2022/10/22 */ @Data -public class UserAuthInfo { +public class AuthCredentials { /** * 用户ID diff --git a/src/main/java/com/youlai/boot/core/security/model/SysUserDetails.java b/src/main/java/com/youlai/boot/core/security/model/SysUserDetails.java index a0db5a9d..5a86ca97 100644 --- a/src/main/java/com/youlai/boot/core/security/model/SysUserDetails.java +++ b/src/main/java/com/youlai/boot/core/security/model/SysUserDetails.java @@ -3,7 +3,6 @@ package com.youlai.boot.core.security.model; import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.util.ObjectUtil; import com.youlai.boot.common.constant.SecurityConstants; -import com.youlai.boot.system.model.dto.UserAuthInfo; import lombok.Data; import lombok.NoArgsConstructor; import org.springframework.security.core.GrantedAuthority; @@ -65,9 +64,9 @@ public class SysUserDetails implements UserDetails { /** * 构造函数:根据用户认证信息初始化用户详情对象 * - * @param user 用户认证信息对象 {@link UserAuthInfo} + * @param user 用户认证信息对象 {@link AuthCredentials} */ - public SysUserDetails(UserAuthInfo user) { + public SysUserDetails(AuthCredentials user) { this.userId = user.getUserId(); this.username = user.getUsername(); this.password = user.getPassword(); diff --git a/src/main/java/com/youlai/boot/core/security/service/SysUserDetailsService.java b/src/main/java/com/youlai/boot/core/security/service/SysUserDetailsService.java index a87c6478..e664af94 100644 --- a/src/main/java/com/youlai/boot/core/security/service/SysUserDetailsService.java +++ b/src/main/java/com/youlai/boot/core/security/service/SysUserDetailsService.java @@ -1,7 +1,7 @@ package com.youlai.boot.core.security.service; import com.youlai.boot.core.security.model.SysUserDetails; -import com.youlai.boot.system.model.dto.UserAuthInfo; +import com.youlai.boot.core.security.model.AuthCredentials; import com.youlai.boot.system.service.UserService; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; @@ -33,11 +33,11 @@ public class SysUserDetailsService implements UserDetailsService { @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { try { - UserAuthInfo userAuthInfo = userService.getUserAuthInfo(username); - if (userAuthInfo == null) { + AuthCredentials authCredentials = userService.getAuthCredentialsByUsername(username); + if (authCredentials == null) { throw new UsernameNotFoundException(username); } - return new SysUserDetails(userAuthInfo); + return new SysUserDetails(authCredentials); } catch (Exception e) { // 记录异常日志 log.error("认证异常:{}", e.getMessage()); diff --git a/src/main/java/com/youlai/boot/system/mapper/UserMapper.java b/src/main/java/com/youlai/boot/system/mapper/UserMapper.java index 690e74ec..f7256014 100644 --- a/src/main/java/com/youlai/boot/system/mapper/UserMapper.java +++ b/src/main/java/com/youlai/boot/system/mapper/UserMapper.java @@ -7,7 +7,7 @@ import com.youlai.boot.system.model.entity.User; import com.youlai.boot.system.model.query.UserPageQuery; import com.youlai.boot.system.model.form.UserForm; import com.youlai.boot.common.annotation.DataPermission; -import com.youlai.boot.system.model.dto.UserAuthInfo; +import com.youlai.boot.core.security.model.AuthCredentials; import com.youlai.boot.system.model.dto.UserExportDTO; import org.apache.ibatis.annotations.Mapper; @@ -46,7 +46,7 @@ public interface UserMapper extends BaseMapper { * @param username 用户名 * @return 认证信息 */ - UserAuthInfo getUserAuthInfo(String username); + AuthCredentials getAuthCredentialsByUsername(String username); /** * 根据微信openid获取用户认证信息 @@ -54,7 +54,7 @@ public interface UserMapper extends BaseMapper { * @param openid 微信openid * @return 认证信息 */ - UserAuthInfo getUserAuthInfoByOpenId(String openid); + AuthCredentials getAuthCredentialsByOpenId(String openid); /** * 根据手机号获取用户认证信息 @@ -62,7 +62,7 @@ public interface UserMapper extends BaseMapper { * @param mobile 手机号 * @return 认证信息 */ - UserAuthInfo getUserAuthInfoByMobile(String mobile); + AuthCredentials getAuthCredentialsByMobile(String mobile); /** * 获取导出用户列表 diff --git a/src/main/java/com/youlai/boot/system/service/UserService.java b/src/main/java/com/youlai/boot/system/service/UserService.java index cacdbd2d..400aeaaf 100644 --- a/src/main/java/com/youlai/boot/system/service/UserService.java +++ b/src/main/java/com/youlai/boot/system/service/UserService.java @@ -3,7 +3,7 @@ package com.youlai.boot.system.service; import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.service.IService; import com.youlai.boot.common.model.Option; -import com.youlai.boot.system.model.dto.UserAuthInfo; +import com.youlai.boot.core.security.model.AuthCredentials; import com.youlai.boot.system.model.dto.UserExportDTO; import com.youlai.boot.system.model.entity.User; import com.youlai.boot.system.model.query.UserPageQuery; @@ -69,10 +69,10 @@ public interface UserService extends IService { * 根据用户名获取认证信息 * * @param username 用户名 - * @return {@link UserAuthInfo} + * @return {@link AuthCredentials} */ - UserAuthInfo getUserAuthInfo(String username); + AuthCredentials getAuthCredentialsByUsername(String username); /** @@ -166,10 +166,10 @@ public interface UserService extends IService { * 根据 openid 获取用户认证信息 * * @param username 用户名 - * @return {@link UserAuthInfo} + * @return {@link AuthCredentials} */ - UserAuthInfo getUserAuthInfoByOpenId(String username); + AuthCredentials getAuthCredentialsByOpenId(String username); /** * 根据微信 OpenID 注册或绑定用户 @@ -182,9 +182,9 @@ public interface UserService extends IService { * 根据手机号获取用户认证信息 * * @param mobile 手机号 - * @return {@link UserAuthInfo} + * @return {@link AuthCredentials} */ - UserAuthInfo getUserAuthInfoByMobile(String mobile); + AuthCredentials getAuthCredentialsByMobile(String mobile); } diff --git a/src/main/java/com/youlai/boot/system/service/impl/UserServiceImpl.java b/src/main/java/com/youlai/boot/system/service/impl/UserServiceImpl.java index 2e1f056c..31f219e6 100644 --- a/src/main/java/com/youlai/boot/system/service/impl/UserServiceImpl.java +++ b/src/main/java/com/youlai/boot/system/service/impl/UserServiceImpl.java @@ -22,7 +22,7 @@ import com.youlai.boot.system.converter.UserConverter; import com.youlai.boot.system.enums.DictCodeEnum; import com.youlai.boot.system.mapper.UserMapper; import com.youlai.boot.system.model.bo.UserBO; -import com.youlai.boot.system.model.dto.UserAuthInfo; +import com.youlai.boot.core.security.model.AuthCredentials; import com.youlai.boot.system.model.dto.UserExportDTO; import com.youlai.boot.system.model.entity.DictItem; import com.youlai.boot.system.model.entity.User; @@ -192,54 +192,54 @@ public class UserServiceImpl extends ServiceImpl implements Us * 根据用户名获取认证信息 * * @param username 用户名 - * @return 用户认证信息 {@link UserAuthInfo} + * @return 用户认证信息 {@link AuthCredentials} */ @Override - public UserAuthInfo getUserAuthInfo(String username) { - UserAuthInfo userAuthInfo = this.baseMapper.getUserAuthInfo(username); - if (userAuthInfo != null) { - Set roles = userAuthInfo.getRoles(); + public AuthCredentials getAuthCredentialsByUsername(String username) { + AuthCredentials authCredentials = this.baseMapper.getAuthCredentialsByUsername(username); + if (authCredentials != null) { + Set roles = authCredentials.getRoles(); // 获取最大范围的数据权限 Integer dataScope = roleService.getMaximumDataScope(roles); - userAuthInfo.setDataScope(dataScope); + authCredentials.setDataScope(dataScope); } - return userAuthInfo; + return authCredentials; } /** * 根据 openid 获取用户认证信息 * * @param openid 微信 - * @return {@link UserAuthInfo} + * @return {@link AuthCredentials} */ @Override - public UserAuthInfo getUserAuthInfoByOpenId(String openid) { - UserAuthInfo userAuthInfo = this.baseMapper.getUserAuthInfoByOpenId(openid); - if (userAuthInfo != null) { - Set roles = userAuthInfo.getRoles(); + public AuthCredentials getAuthCredentialsByOpenId(String openid) { + AuthCredentials authCredentials = this.baseMapper.getAuthCredentialsByOpenId(openid); + if (authCredentials != null) { + Set roles = authCredentials.getRoles(); // 获取最大范围的数据权限 Integer dataScope = roleService.getMaximumDataScope(roles); - userAuthInfo.setDataScope(dataScope); + authCredentials.setDataScope(dataScope); } - return userAuthInfo; + return authCredentials; } /** * 根据手机号获取用户认证信息 * * @param mobile 手机号 - * @return {@link UserAuthInfo} + * @return {@link AuthCredentials} */ @Override - public UserAuthInfo getUserAuthInfoByMobile(String mobile) { - UserAuthInfo userAuthInfo = this.baseMapper.getUserAuthInfoByMobile(mobile); - if (userAuthInfo != null) { - Set roles = userAuthInfo.getRoles(); + public AuthCredentials getAuthCredentialsByMobile(String mobile) { + AuthCredentials authCredentials = this.baseMapper.getAuthCredentialsByMobile(mobile); + if (authCredentials != null) { + Set roles = authCredentials.getRoles(); // 获取最大范围的数据权限 Integer dataScope = roleService.getMaximumDataScope(roles); - userAuthInfo.setDataScope(dataScope); + authCredentials.setDataScope(dataScope); } - return userAuthInfo; + return authCredentials; } diff --git a/src/main/resources/mapper/system/UserMapper.xml b/src/main/resources/mapper/system/UserMapper.xml index 32e0832c..314b00f3 100644 --- a/src/main/resources/mapper/system/UserMapper.xml +++ b/src/main/resources/mapper/system/UserMapper.xml @@ -119,7 +119,7 @@ - + @@ -131,7 +131,7 @@ - SELECT t1.id userId, t1.username, @@ -149,7 +149,7 @@ - SELECT t1.id userId, t1.username, @@ -167,7 +167,7 @@ - SELECT t1.id userId, t1.username,