tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 添加 websocket 连接认证拦截器实现点对点指定用户发送消息;移除 easy-captcha 替换为 hutool-captcha验证码实现代码简化;重构认证接口控制层代码。

Browse Source
This commit is contained in:
haoxr
2023-09-12 18:25:16 +08:00
parent 87fcf022ba
commit 9453600715
37 changed files with 290 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

103
src/main/java/com/youlai/system/service/impl/AuthServiceImpl.java Normal file
View File

@@ -0,0 +1,103 @@
package com.youlai.system.service.impl;
import cn.hutool.captcha.CaptchaUtil;
import cn.hutool.captcha.GifCaptcha;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.StrUtil;
import com.youlai.system.common.constant.SecurityConstants;
import com.youlai.system.service.AuthService;
import com.youlai.system.util.RequestUtils;
import com.youlai.system.model.dto.CaptchaResult;
import com.youlai.system.model.dto.LoginResult;
import com.youlai.system.security.JwtTokenManager;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.HttpServletRequest;
import lombok.RequiredArgsConstructor;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import java.util.Date;
import java.util.concurrent.TimeUnit;
/**
* @author haoxr
* @since 2.4.0
*/
@Service
@RequiredArgsConstructor
public class AuthServiceImpl implements AuthService {
private final AuthenticationManager authenticationManager;
private final JwtTokenManager jwtTokenManager;
private final RedisTemplate redisTemplate;
/**
* 登录
*
* @param username 用户名
* @param password 密码
* @return 登录结果
*/
@Override
public LoginResult login(String username, String password) {
UsernamePasswordAuthenticationToken authenticationToken =
new UsernamePasswordAuthenticationToken(username.toLowerCase().trim(), password);
Authentication authentication = authenticationManager.authenticate(authenticationToken);
String accessToken = jwtTokenManager.createToken(authentication);
return LoginResult.builder()
.tokenType("Bearer")
.accessToken(accessToken)
.build();
}
/**
* 登出
*/
@Override
public void logout() {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String token = RequestUtils.resolveToken(request);
if (StrUtil.isNotBlank(token)) {
Claims claims = jwtTokenManager.getTokenClaims(token);
String jti = claims.get("jti", String.class);
Date expiration = claims.getExpiration();
if (expiration != null) {
long ttl = expiration.getTime() - System.currentTimeMillis();
redisTemplate.opsForValue().set(SecurityConstants.BLACK_TOKEN_CACHE_PREFIX + jti, null, ttl, TimeUnit.MILLISECONDS);
} else {
redisTemplate.opsForValue().set(SecurityConstants.BLACK_TOKEN_CACHE_PREFIX + jti, null);
}
}
SecurityContextHolder.clearContext();
}
/**
* 获取验证码
*
* @return 验证码
*/
@Override
public CaptchaResult getCaptcha() {
// 获取验证码
GifCaptcha captcha = CaptchaUtil.createGifCaptcha(120, 36, 4); // 宽、高、位数
String captchaCode = captcha.getCode(); // 验证码
String captchaBase64 = captcha.getImageBase64Data(); // 验证码图片Base64
// 验证码文本缓存至Redis用于登录校验
String verifyCodeKey = IdUtil.fastSimpleUUID();
redisTemplate.opsForValue().set(SecurityConstants.VERIFY_CODE_CACHE_PREFIX + verifyCodeKey, captchaCode,
120, TimeUnit.SECONDS);
return CaptchaResult.builder()
.verifyCodeKey(verifyCodeKey)
.verifyCodeBase64(captchaBase64)
.build();
}
}