tongtong/youlai-boot
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: 添加 websocket 连接认证拦截器实现点对点指定用户发送消息;移除 easy-captcha 替换为 hutool-captcha验证码实现代码简化;重构认证接口控制层代码。

Browse Source
This commit is contained in:
haoxr
2023-09-12 18:25:16 +08:00
parent 87fcf022ba
commit 9453600715
37 changed files with 290 additions and 358 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/main/java/com/youlai/system/util/ExcelUtils.java Normal file
View File

@@ -0,0 +1,20 @@
package com.youlai.system.util;
import com.alibaba.excel.EasyExcel;
import com.youlai.system.listener.easyexcel.MyAnalysisEventListener;
import java.io.InputStream;
/**
* Excel 工具类
*
* @author haoxr
* @since 2023/03/01
*/
public class ExcelUtils {
public static <T> String importExcel(InputStream is, Class clazz, MyAnalysisEventListener<T> listener) {
EasyExcel.read(is, clazz, listener).sheet().doRead();
return listener.getMsg();
}
}

24
src/main/java/com/youlai/system/util/RequestUtils.java Normal file
View File

@@ -0,0 +1,24 @@
package com.youlai.system.util;
import cn.hutool.core.util.StrUtil;
import com.youlai.system.common.constant.SecurityConstants;
import jakarta.servlet.http.HttpServletRequest;
/**
* 请求工具类
*
* @author haoxr
*/
public class RequestUtils {
/**
* 请求头解析获取 Token
*/
public static String resolveToken(HttpServletRequest request) {
String bearerToken = request.getHeader(SecurityConstants.TOKEN_KEY);
if (StrUtil.isNotBlank(bearerToken) && bearerToken.startsWith(SecurityConstants.TOKEN_PREFIX)) {
return bearerToken.substring(SecurityConstants.TOKEN_PREFIX.length());
}
return null;
}
}

46
src/main/java/com/youlai/system/util/ResponseUtils.java Normal file
View File

@@ -0,0 +1,46 @@
package com.youlai.system.util;
import cn.hutool.json.JSONUtil;
import com.youlai.system.common.result.Result;
import com.youlai.system.common.result.ResultCode;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import jakarta.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* 响应工具类
*
* @author haoxr
* @since 2.0.0
*/
public class ResponseUtils {
/**
* 异常消息返回(适用过滤器中处理异常响应)
*
* @param response
* @param resultCode
*/
public static void writeErrMsg(HttpServletResponse response, ResultCode resultCode) throws IOException {
switch (resultCode) {
case ACCESS_UNAUTHORIZED:
case TOKEN_INVALID:
response.setStatus(HttpStatus.UNAUTHORIZED.value());
break;
case TOKEN_ACCESS_FORBIDDEN:
response.setStatus(HttpStatus.FORBIDDEN.value());
break;
default:
response.setStatus(HttpStatus.BAD_REQUEST.value());
break;
}
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
response.setCharacterEncoding("UTF-8");
response.getWriter().print(JSONUtil.toJsonStr(Result.failed(resultCode)));
}
}

141
src/main/java/com/youlai/system/util/SecurityUtils.java Normal file
View File

@@ -0,0 +1,141 @@
package com.youlai.system.util;
import cn.hutool.core.collection.CollectionUtil;
import cn.hutool.core.convert.Convert;
import cn.hutool.core.util.StrUtil;
import com.youlai.system.common.constant.SystemConstants;
import com.youlai.system.security.model.SysUserDetails;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.util.PatternMatchUtils;
import java.util.Collection;
import java.util.Collections;
import java.util.Set;
import java.util.stream.Collectors;
public class SecurityUtils {
/**
* 获取当前登录人信息
*
* @return
*/
public static SysUserDetails getUser() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null) {
Object principal = authentication.getPrincipal();
if (principal instanceof SysUserDetails) {
return (SysUserDetails) authentication.getPrincipal();
}
}
return null;
}
/**
* 获取用户ID
*
* @return
*/
public static Long getUserId() {
Long userId = Convert.toLong(getUser().getUserId());
return userId;
}
/**
* 获取部门ID
*
* @return
*/
public static Long getDeptId() {
Long userId = Convert.toLong(getUser().getDeptId());
return userId;
}
/**
* 获取数据权限范围
*
* @return DataScope
*/
public static Integer getDataScope() {
Integer dataScope = Convert.toInt(getUser().getDataScope());
return dataScope;
}
/**
* 获取用户角色集合
*
* @return
*/
public static Set<String> getRoles() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null) {
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
if (CollectionUtil.isNotEmpty(authorities)) {
Set<String> roles = authorities.stream().filter(item -> item.getAuthority().startsWith("ROLE_"))
.map(item -> StrUtil.removePrefix(item.getAuthority(), "ROLE_"))
.collect(Collectors.toSet());
return roles;
}
}
return Collections.EMPTY_SET;
}
/**
* 获取用户权限集合
*
* @return
*/
public static Set<String> getPerms() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null) {
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
if (CollectionUtil.isNotEmpty(authorities)) {
Set<String> perms = authorities.stream().filter(item -> !item.getAuthority().startsWith("ROLE_"))
.map(item -> item.getAuthority())
.collect(Collectors.toSet());
return perms;
}
}
return Collections.EMPTY_SET;
}
/**
* 是否超级管理员
* <p>
* 超级管理员忽视任何权限判断
*
* @return
*/
public static boolean isRoot() {
Set<String> roles = getRoles();
if (roles.contains(SystemConstants.ROOT_ROLE_CODE)) {
return true;
}
return false;
}
/**
* 是否拥有权限判断
* <p>
* 适用业务判断(接口权限判断适用Spring Security 自带注解 PreAuthorize 判断即可 )
*
* @return
*/
public static boolean hasPerm(String perm) {
if (isRoot()) {
return true;
}
Set<String> perms = getPerms();
boolean hasPerm = perms.stream().anyMatch(item -> PatternMatchUtils.simpleMatch(perm, item));
return hasPerm;
}
}