tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 添加 websocket 连接认证拦截器实现点对点指定用户发送消息;移除 easy-captcha 替换为 hutool-captcha验证码实现代码简化;重构认证接口控制层代码。

Browse Source
This commit is contained in:
haoxr
2023-09-12 18:25:16 +08:00
parent 87fcf022ba
commit 9453600715
37 changed files with 290 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

103
src/main/java/com/youlai/system/service/impl/AuthServiceImpl.java Normal file
View File

@@ -0,0 +1,103 @@
package com.youlai.system.service.impl;
import cn.hutool.captcha.CaptchaUtil;
import cn.hutool.captcha.GifCaptcha;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.service.AuthService;
import com.youlai.system.util.RequestUtils;
import com.youlai.system.model.dto.CaptchaResult;
import com.youlai.system.model.dto.LoginResult;
import com.youlai.system.security.JwtTokenManager;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import java.util.Date;
import java.util.concurrent.TimeUnit;
/**
* @author haoxr
* @since 2.4.0
*/
@Service
@RequiredArgsConstructor
public class AuthServiceImpl implements AuthService {
private final AuthenticationManager authenticationManager;
private final JwtTokenManager jwtTokenManager;
private final RedisTemplate redisTemplate;
/**
* 登录
*
* @param username 用户名
* @param password 密码
* @return 登录结果
*/
@Override
public LoginResult login(String username, String password) {
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(username.toLowerCase().trim(), password);
Authentication authentication = authenticationManager.authenticate(authenticationToken);
String accessToken = jwtTokenManager.createToken(authentication);
return LoginResult.builder()
.tokenType("Bearer")
.accessToken(accessToken)
.build();
}
/**
* 登出
*/
@Override
public void logout() {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String token = RequestUtils.resolveToken(request);
if (StrUtil.isNotBlank(token)) {
Claims claims = jwtTokenManager.getTokenClaims(token);
String jti = claims.get("jti", String.class);
Date expiration = claims.getExpiration();
if (expiration != null) {
long ttl = expiration.getTime() - System.currentTimeMillis();
redisTemplate.opsForValue().set(SecurityConstants.BLACK_TOKEN_CACHE_PREFIX + jti, null, ttl, TimeUnit.MILLISECONDS);
} else {
redisTemplate.opsForValue().set(SecurityConstants.BLACK_TOKEN_CACHE_PREFIX + jti, null);
}
}
SecurityContextHolder.clearContext();
}
/**
* 获取验证码
*
* @return 验证码
*/
@Override
public CaptchaResult getCaptcha() {
// 获取验证码
GifCaptcha captcha = CaptchaUtil.createGifCaptcha(120, 36, 4); // 宽、高、位数
String captchaCode = captcha.getCode(); // 验证码
String captchaBase64 = captcha.getImageBase64Data(); // 验证码图片Base64
// 验证码文本缓存至Redis用于登录校验
String verifyCodeKey = IdUtil.fastSimpleUUID();
redisTemplate.opsForValue().set(SecurityConstants.VERIFY_CODE_CACHE_PREFIX + verifyCodeKey, captchaCode,
120, TimeUnit.SECONDS);
return CaptchaResult.builder()
.verifyCodeKey(verifyCodeKey)
.verifyCodeBase64(captchaBase64)
.build();
}
}

2
src/main/java/com/youlai/system/service/impl/SysRoleServiceImpl.java
View File

@@ -20,7 +20,7 @@ import com.youlai.system.model.vo.RolePageVO;
import com.youlai.system.service.SysRoleMenuService;
import com.youlai.system.service.SysRoleService;
import com.youlai.system.service.SysUserRoleService;
import com.youlai.system.common.util.SecurityUtils;
import com.youlai.system.util.SecurityUtils;
import lombok.RequiredArgsConstructor;
import org.springframework.cache.annotation.CacheEvict;
import org.springframework.stereotype.Service;

16
src/main/java/com/youlai/system/service/impl/SysUserServiceImpl.java
View File

@@ -11,7 +11,7 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.common.constant.SystemConstants;
import com.youlai.system.converter.UserConverter;
import com.youlai.system.common.util.SecurityUtils;
import com.youlai.system.util.SecurityUtils;
import com.youlai.system.mapper.SysUserMapper;
import com.youlai.system.model.dto.UserAuthInfo;
import com.youlai.system.model.bo.UserBO;
@@ -233,25 +233,29 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
* @return
*/
@Override
public UserInfoVO getUserLoginInfo() {
// 登录用户entity
public UserInfoVO getCurrentUserInfo() {
String username = SecurityUtils.getUser().getUsername(); // 登录用户名
// 获取登录用户基础信息
SysUser user = this.getOne(new LambdaQueryWrapper<SysUser>()
.eq(SysUser::getUsername, SecurityUtils.getUser().getUsername())
.eq(SysUser::getUsername, username)
.select(
SysUser::getId,
SysUser::getUsername,
SysUser::getNickname,
SysUser::getAvatar
)
);
// entity->VO
UserInfoVO userInfoVO = userConverter.entity2UserInfoVo(user);
UserInfoVO userInfoVO = userConverter.toUserInfoVo(user);
// 用户角色集合
Set<String> roles = SecurityUtils.getRoles();
userInfoVO.setRoles(roles);
// 用户权限集合
Set<String> perms = (Set<String>) redisTemplate.opsForValue().get(SecurityConstants.USER_PERMS_CACHE_PREFIX+ user.getId());
Set<String> perms = (Set<String>) redisTemplate.opsForValue().get(SecurityConstants.USER_PERMS_CACHE_PREFIX + user.getId());
userInfoVO.setPerms(perms);
return userInfoVO;