diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java index 64bcd53b..854539b3 100644 --- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java +++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/RemoteUserService.java @@ -7,10 +7,11 @@ import com.ruoyi.common.core.constant.ServiceNameConstants; import com.ruoyi.common.core.domain.R; import com.ruoyi.system.api.factory.RemoteUserFallbackFactory; import com.ruoyi.system.api.model.UserInfo; +import org.springframework.web.bind.annotation.RequestParam; /** * 用户服务 - * + * * @author ruoyi */ @FeignClient(contextId = "remoteUserService", value = ServiceNameConstants.SYSTEM_SERVICE, fallbackFactory = RemoteUserFallbackFactory.class) @@ -24,4 +25,7 @@ public interface RemoteUserService */ @GetMapping(value = "/user/info/{username}") public R getUserInfo(@PathVariable("username") String username); + + @GetMapping(value = "/user/login") + public R login(@RequestParam("username")String username, @RequestParam("password")String password); } diff --git a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java index 59041e2f..50e76541 100644 --- a/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java +++ b/ruoyi-api/ruoyi-api-system/src/main/java/com/ruoyi/system/api/factory/RemoteUserFallbackFactory.java @@ -10,7 +10,7 @@ import feign.hystrix.FallbackFactory; /** * 用户服务降级处理 - * + * * @author ruoyi */ @Component @@ -29,6 +29,12 @@ public class RemoteUserFallbackFactory implements FallbackFactory login(String username,String password) + { + return null; + } }; } } diff --git a/ruoyi-auth/pom.xml b/ruoyi-auth/pom.xml index 7bef44d2..40366c0f 100644 --- a/ruoyi-auth/pom.xml +++ b/ruoyi-auth/pom.xml @@ -56,8 +56,19 @@ com.ruoyi ruoyi-common-redis - com.ruoyiruoyi-common-swagger - + + + + com.ruoyi + ruoyi-common-swagger + + + + + io.springfox + springfox-swagger-ui + ${swagger.fox.version} + diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java index 53bb2cf8..47b5b60f 100644 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java +++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/config/AuthServerConfig.java @@ -1,8 +1,10 @@ package com.ruoyi.auth.config; -import java.util.LinkedHashMap; -import java.util.Map; +import java.util.*; import javax.sql.DataSource; + +import com.ruoyi.common.security.granter.PasswordCustomTokenGranter; +import com.ruoyi.common.security.service.CustomUserDetailsService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; @@ -17,7 +19,8 @@ import org.springframework.security.oauth2.config.annotation.web.configuration.A import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer; import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer; -import org.springframework.security.oauth2.provider.OAuth2Authentication; +import org.springframework.security.oauth2.provider.*; +import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; import org.springframework.security.oauth2.provider.token.TokenEnhancer; import org.springframework.security.oauth2.provider.token.TokenStore; import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore; @@ -29,7 +32,7 @@ import com.ruoyi.common.security.service.RedisClientDetailsService; /** * OAuth2 认证服务配置 - * + * * @author ruoyi */ @Configuration @@ -45,8 +48,11 @@ public class AuthServerConfig extends AuthorizationServerConfigurerAdapter @Autowired private RedisConnectionFactory redisConnectionFactory; +// @Autowired +// private UserDetailsService userDetailsService; + @Autowired - private UserDetailsService userDetailsService; + private CustomUserDetailsService customUserDetailsService; @Autowired private TokenEnhancer tokenEnhancer; @@ -58,6 +64,7 @@ public class AuthServerConfig extends AuthorizationServerConfigurerAdapter public void configure(AuthorizationServerEndpointsConfigurer endpoints) { endpoints + .tokenGranter(new CompositeTokenGranter(getTokenGranters(endpoints.getTokenServices(), endpoints.getClientDetailsService(), endpoints.getOAuth2RequestFactory()))) // 请求方式 .allowedTokenEndpointRequestMethods(HttpMethod.GET, HttpMethod.POST) // 指定token存储位置 @@ -65,15 +72,20 @@ public class AuthServerConfig extends AuthorizationServerConfigurerAdapter // 自定义生成令牌 .tokenEnhancer(tokenEnhancer) // 用户账号密码认证 - .userDetailsService(userDetailsService) +// .userDetailsService(userDetailsService) // 指定认证管理器 .authenticationManager(authenticationManager) // 是否重复使用 refresh_token - .reuseRefreshTokens(false) + .reuseRefreshTokens(false); // 自定义异常处理 - .exceptionTranslator(new CustomWebResponseExceptionTranslator()); +// .exceptionTranslator(new CustomWebResponseExceptionTranslator()); } + private List getTokenGranters(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) { + return new ArrayList<>(Arrays.asList( + new PasswordCustomTokenGranter(customUserDetailsService,tokenServices, clientDetailsService, requestFactory) + )); + } /** * 配置令牌端点(Token Endpoint)的安全约束 */ diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java index cddb6d6b..9da8df3b 100644 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java +++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/config/WebSecurityConfig.java @@ -4,6 +4,7 @@ import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.core.annotation.Order; import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @@ -41,16 +42,17 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter // auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); // } -// @Override -// protected void configure(HttpSecurity http) throws Exception -// { -// http -// .authorizeRequests() -// .antMatchers( -// "/actuator/**", -// "/oauth/*", -// "/token/**").permitAll() -// .anyRequest().authenticated() -// .and().csrf().disable(); -// } + @Override + protected void configure(HttpSecurity http) throws Exception + { + http + .authorizeRequests() + .antMatchers( + "/actuator/**", + "/v2/**", + "/oauth/*", + "/token/**").permitAll() + .anyRequest().authenticated() + .and().csrf().disable(); + } } diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/OauthController.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/OauthController.java index 50ec2c59..5950e1ad 100644 --- a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/OauthController.java +++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/OauthController.java @@ -4,6 +4,7 @@ import com.ruoyi.common.core.domain.R; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken; import org.springframework.security.oauth2.common.OAuth2AccessToken; +import org.springframework.security.oauth2.provider.endpoint.CheckTokenEndpoint; import org.springframework.security.oauth2.provider.endpoint.TokenEndpoint; import org.springframework.web.HttpRequestMethodNotSupportedException; import org.springframework.web.bind.annotation.*; @@ -22,6 +23,8 @@ public class OauthController { @Autowired private TokenEndpoint tokenEndpoint; +// @Autowired +// private CheckTokenEndpoint checkTokenEndpoint; /** * * @param principal @@ -39,6 +42,12 @@ public class OauthController { return custom(tokenEndpoint.postAccessToken(principal, parameters).getBody()); } +// @RequestMapping(value = "/check_token") +// @ResponseBody +// public R checkToken(@RequestParam("token") String value) throws HttpRequestMethodNotSupportedException { +// return R.ok(checkTokenEndpoint.checkToken(value)); +// } + //自定义返回格式 private R custom(OAuth2AccessToken accessToken) { DefaultOAuth2AccessToken token = (DefaultOAuth2AccessToken) accessToken; diff --git a/ruoyi-common/ruoyi-common-security/pom.xml b/ruoyi-common/ruoyi-common-security/pom.xml index e12fd09f..502e0001 100644 --- a/ruoyi-common/ruoyi-common-security/pom.xml +++ b/ruoyi-common/ruoyi-common-security/pom.xml @@ -7,7 +7,7 @@ 2.0.0 4.0.0 - + ruoyi-common-security @@ -15,19 +15,19 @@ - + org.springframework.cloud spring-cloud-starter-oauth2 - + com.ruoyi ruoyi-api-system - + diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java index 6aa3ba89..a5d5a805 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/ResourceServerConfig.java @@ -1,5 +1,8 @@ package com.ruoyi.common.security.config; +import com.ruoyi.common.security.handler.AuthenticationEntryPointImpl; +import com.ruoyi.common.security.handler.CustomAccessDeniedHandler; +import com.ruoyi.common.security.handler.CustomResponseErrorHandler; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.security.oauth2.OAuth2ClientProperties; import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties; @@ -20,7 +23,7 @@ import org.springframework.web.client.RestTemplate; /** * oauth2 服务配置 - * + * * @author ruoyi */ @Configuration @@ -33,6 +36,9 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter @Autowired private OAuth2ClientProperties oAuth2ClientProperties; + @Autowired + private CustomAccessDeniedHandler customAccessDeniedHandler; + @Bean public AuthIgnoreConfig authIgnoreConfig() { @@ -44,10 +50,23 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter public RestTemplate restTemplate() { RestTemplate restTemplate = new RestTemplate(); - restTemplate.setErrorHandler(new DefaultResponseErrorHandler()); + // 设置一个空的 异常处理 + restTemplate.setErrorHandler(getErrorHandler()); return restTemplate; } + @Bean + public CustomResponseErrorHandler getErrorHandler() + { + return new CustomResponseErrorHandler(); + } + + @Bean + public AuthenticationEntryPointImpl getUnAuthorizedHandler() + { + return new AuthenticationEntryPointImpl(); + } + @Bean public ResourceServerTokenServices tokenServices() { @@ -60,6 +79,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter remoteTokenServices.setClientSecret(oAuth2ClientProperties.getClientSecret()); remoteTokenServices.setRestTemplate(restTemplate()); remoteTokenServices.setAccessTokenConverter(accessTokenConverter); + return remoteTokenServices; } @@ -67,8 +87,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter public void configure(HttpSecurity http) throws Exception { http.csrf().disable(); - ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry = http - .authorizeRequests(); + ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry = http.authorizeRequests(); // 不登录可以访问 authIgnoreConfig().getUrls().forEach(url -> registry.antMatchers(url).permitAll()); registry.anyRequest().authenticated(); @@ -77,6 +96,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter @Override public void configure(ResourceServerSecurityConfigurer resources) { + resources.authenticationEntryPoint(getUnAuthorizedHandler()).accessDeniedHandler(customAccessDeniedHandler); resources.tokenServices(tokenServices()); } } diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java index 386bce00..7a064390 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityImportBeanDefinitionRegistrar.java @@ -8,7 +8,7 @@ import com.ruoyi.common.core.utils.StringUtils; /** * 导入 SecurityImportBeanDefinitionRegistrar 自动加载类 - * + * * @author ruoyi */ public class SecurityImportBeanDefinitionRegistrar implements ImportBeanDefinitionRegistrar diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/granter/AbstractCustomTokenGranter.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/granter/AbstractCustomTokenGranter.java new file mode 100644 index 00000000..81bcc97e --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/granter/AbstractCustomTokenGranter.java @@ -0,0 +1,37 @@ +package com.ruoyi.common.security.granter; + +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; +import org.springframework.security.oauth2.provider.*; +import org.springframework.security.oauth2.provider.token.AbstractTokenGranter; +import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; +import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken; + +import java.util.Map; + +public abstract class AbstractCustomTokenGranter extends AbstractTokenGranter { + + private final OAuth2RequestFactory requestFactory; + + protected AbstractCustomTokenGranter(AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory, String grantType) { + super(tokenServices, clientDetailsService, requestFactory, grantType); + this.requestFactory = requestFactory; + } + + @Override + protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) { + Map parameters = tokenRequest.getRequestParameters(); + UserDetails customUser = getCustomUser(parameters); + if (customUser == null) { + throw new InvalidGrantException("无法获取用户信息"); + } + OAuth2Request storedOAuth2Request = this.requestFactory.createOAuth2Request(client, tokenRequest); + PreAuthenticatedAuthenticationToken authentication = new PreAuthenticatedAuthenticationToken(customUser, null, customUser.getAuthorities()); + authentication.setDetails(customUser); + OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(storedOAuth2Request, authentication); + return oAuth2Authentication; + } + + protected abstract UserDetails getCustomUser(Map parameters); + +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/granter/PasswordCustomTokenGranter.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/granter/PasswordCustomTokenGranter.java new file mode 100644 index 00000000..a2f0a304 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/granter/PasswordCustomTokenGranter.java @@ -0,0 +1,27 @@ +package com.ruoyi.common.security.granter; + +import com.ruoyi.common.security.service.CustomUserDetailsService; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.oauth2.provider.ClientDetailsService; +import org.springframework.security.oauth2.provider.OAuth2RequestFactory; + +import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices; + +import java.util.Map; + +public class PasswordCustomTokenGranter extends AbstractCustomTokenGranter { + + protected CustomUserDetailsService userDetailsService; + + public PasswordCustomTokenGranter(CustomUserDetailsService userDetailsService, AuthorizationServerTokenServices tokenServices, ClientDetailsService clientDetailsService, OAuth2RequestFactory requestFactory) { + super(tokenServices, clientDetailsService, requestFactory, "password"); + this.userDetailsService = userDetailsService; + } + + @Override + protected UserDetails getCustomUser(Map parameters) { + String username = parameters.get("username"); + String password = parameters.get("password"); + return userDetailsService.loadUserByUsernameAndPassword(username, password); + } +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/AuthenticationEntryPointImpl.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/AuthenticationEntryPointImpl.java new file mode 100644 index 00000000..42861a3d --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/AuthenticationEntryPointImpl.java @@ -0,0 +1,35 @@ +package com.ruoyi.common.security.handler; + +import com.alibaba.fastjson.JSON; +import com.ruoyi.common.core.constant.HttpStatus; +import com.ruoyi.common.core.utils.ServletUtils; +import com.ruoyi.common.core.utils.StringUtils; +import com.ruoyi.common.core.web.domain.AjaxResult; +import org.springframework.security.core.AuthenticationException; +import org.springframework.security.web.AuthenticationEntryPoint; +import org.springframework.stereotype.Component; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.Serializable; + +/** + * 认证失败处理类 返回未授权 + * + * @author cleanwarm + */ +@Component +public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint, Serializable +{ + private static final long serialVersionUID = -8970718410437077606L; + + @Override + public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) + throws IOException + { + int code = HttpStatus.UNAUTHORIZED; + String msg = StringUtils.format("请求访问:{},认证失败,无法访问系统资源", request.getRequestURI()); + ServletUtils.renderString(response, JSON.toJSONString(AjaxResult.error(code, msg))); + } +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomResponseErrorHandler.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomResponseErrorHandler.java new file mode 100644 index 00000000..b6e34793 --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/CustomResponseErrorHandler.java @@ -0,0 +1,29 @@ +package com.ruoyi.common.security.handler; + +import org.springframework.http.HttpMethod; +import org.springframework.http.client.ClientHttpResponse; +import org.springframework.web.client.ResponseErrorHandler; + +import java.io.IOException; +import java.net.URI; + +public class CustomResponseErrorHandler implements ResponseErrorHandler { + + + @Override + public boolean hasError(ClientHttpResponse response) throws IOException { + return true; + } + + @Override + public void handleError(ClientHttpResponse response) throws IOException { + + } + + @Override + public void handleError(URI url, HttpMethod method, ClientHttpResponse response) throws IOException { + + } + + +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/CustomUserDetailsService.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/CustomUserDetailsService.java new file mode 100644 index 00000000..d1b92f8d --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/service/CustomUserDetailsService.java @@ -0,0 +1,78 @@ +package com.ruoyi.common.security.service; + +import com.ruoyi.common.core.domain.R; +import com.ruoyi.common.core.enums.UserStatus; +import com.ruoyi.common.core.exception.BaseException; +import com.ruoyi.common.core.utils.StringUtils; +import com.ruoyi.common.security.domain.LoginUser; +import com.ruoyi.system.api.RemoteUserService; +import com.ruoyi.system.api.domain.SysUser; +import com.ruoyi.system.api.model.UserInfo; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.core.GrantedAuthority; +import org.springframework.security.core.authority.AuthorityUtils; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UsernameNotFoundException; +import org.springframework.security.oauth2.common.exceptions.OAuth2Exception; +import org.springframework.stereotype.Service; + +import java.util.Collection; +import java.util.HashSet; +import java.util.Set; + +@Service +public class CustomUserDetailsService { + + private static final Logger log = LoggerFactory.getLogger(CustomUserDetailsService.class); + + @Autowired + private RemoteUserService remoteUserService; + + public UserDetails loadUserByUsernameAndPassword(String username, String password) { + // 判断成功后返回用户细节 + R userResult = remoteUserService.login(username,password); + checkUser(userResult, username,password); + return getUserDetails(userResult); + } + public void checkUser(R userResult, String username, String password) + { + if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) + { + log.info("登录用户:{} 不存在.", username); +// throw new UsernameNotFoundException("登录用户:" + username + " 不存在"); + throw new OAuth2Exception("账号或密码不正确");// + } + else if (UserStatus.DELETED.getCode().equals(userResult.getData().getSysUser().getDelFlag())) + { + log.info("登录用户:{} 已被删除.", username); + throw new OAuth2Exception("对不起,您的账号:" + username + " 已被删除"); + } + else if (UserStatus.DISABLE.getCode().equals(userResult.getData().getSysUser().getStatus())) + { + log.info("登录用户:{} 已被停用.", username); + throw new OAuth2Exception("对不起,您的账号:" + username + " 已停用"); + } + } + private UserDetails getUserDetails(R result) + { + UserInfo info = result.getData(); + Set dbAuthsSet = new HashSet(); + if (StringUtils.isNotEmpty(info.getRoles())) + { + // 获取角色 + dbAuthsSet.addAll(info.getRoles()); + // 获取权限 + dbAuthsSet.addAll(info.getPermissions()); + } + + Collection authorities = AuthorityUtils + .createAuthorityList(dbAuthsSet.toArray(new String[0])); + SysUser user = info.getSysUser(); + + return new LoginUser(user.getUserId(), user.getUserName(), user.getPassword(), true, true, true, true, + authorities); + } + +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories index 50f0267b..ccbacfd2 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories +++ b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring.factories @@ -1,5 +1,4 @@ org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ com.ruoyi.common.security.service.UserDetailsServiceImpl,\ + com.ruoyi.common.security.service.CustomUserDetailsService,\ com.ruoyi.common.security.handler.CustomAccessDeniedHandler - - diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java index c0bdd7a4..3c991aed 100644 --- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java +++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/config/SwaggerProvider.java @@ -28,7 +28,7 @@ public class SwaggerProvider implements SwaggerResourcesProvider /** * 聚合其他服务接口 - * + * * @return */ @Override @@ -43,7 +43,7 @@ public class SwaggerProvider implements SwaggerResourcesProvider .contains(routeDefinition.getId())) .forEach(routeDefinition -> routeDefinition.getPredicates().stream() .filter(predicateDefinition -> "Path".equalsIgnoreCase(predicateDefinition.getName())) - .filter(predicateDefinition -> !"ruoyi-auth".equalsIgnoreCase(routeDefinition.getId())) +// .filter(predicateDefinition -> !"ruoyi-auth".equalsIgnoreCase(routeDefinition.getId())) .forEach(predicateDefinition -> resourceList .add(swaggerResource(routeDefinition.getId(), predicateDefinition.getArgs() .get(NameUtils.GENERATED_NAME_PREFIX + "0").replace("/**", SWAGGER2URL))))); diff --git a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java index cc4d673c..fae84ff0 100644 --- a/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java +++ b/ruoyi-gateway/src/main/java/com/ruoyi/gateway/filter/ValidateCodeFilter.java @@ -15,13 +15,13 @@ import reactor.core.publisher.Mono; /** * 验证码过滤器 - * + * * @author ruoyi */ @Component public class ValidateCodeFilter extends AbstractGatewayFilterFactory { - private final static String AUTH_URL = "/oauth/token"; + private final static String AUTH_URL = "/oauth/token1";//"/oauth/token"; @Autowired private ValidateCodeService validateCodeService; diff --git a/ruoyi-gateway/src/main/resources/bootstrap.yml b/ruoyi-gateway/src/main/resources/bootstrap.yml index 5f9f269e..7e7f7c20 100644 --- a/ruoyi-gateway/src/main/resources/bootstrap.yml +++ b/ruoyi-gateway/src/main/resources/bootstrap.yml @@ -3,7 +3,7 @@ server: port: 8080 # Spring -spring: +spring: application: # 应用名称 name: ruoyi-gateway @@ -29,7 +29,7 @@ spring: eager: true transport: # 控制台地址 - dashboard: 127.0.0.1:8718 + dashboard: 127.0.0.1:8076 # nacos配置持久化 datasource: ds1: diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java index ee24c93f..ecabec45 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/RuoYiSystemApplication.java @@ -1,20 +1,25 @@ package com.ruoyi.system; +import com.ruoyi.common.core.domain.R; import org.springframework.boot.SpringApplication; import org.springframework.cloud.client.SpringCloudApplication; import com.ruoyi.common.security.annotation.EnableCustomConfig; import com.ruoyi.common.security.annotation.EnableRyFeignClients; import com.ruoyi.common.swagger.annotation.EnableCustomSwagger2; +import org.springframework.web.bind.annotation.ControllerAdvice; +import org.springframework.web.bind.annotation.ExceptionHandler; +import org.springframework.web.bind.annotation.ResponseBody; /** * 系统模块 - * + * * @author ruoyi */ @EnableCustomConfig @EnableCustomSwagger2 @EnableRyFeignClients @SpringCloudApplication +@ControllerAdvice public class RuoYiSystemApplication { public static void main(String[] args) @@ -31,4 +36,11 @@ public class RuoYiSystemApplication " | | \\ / \\ / \n" + " ''-' `'-' `-..-' "); } + + @ResponseBody + @ExceptionHandler(Exception.class) + public R exceptionHandler(Exception e) { + e.printStackTrace(); + return R.failed(e,e.getMessage()); + } } diff --git a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java index 3f7b72ca..a8509575 100644 --- a/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java +++ b/ruoyi-modules/ruoyi-system/src/main/java/com/ruoyi/system/controller/SysUserController.java @@ -7,14 +7,7 @@ import javax.servlet.http.HttpServletResponse; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.validation.annotation.Validated; -import org.springframework.web.bind.annotation.DeleteMapping; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.PutMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import org.springframework.web.multipart.MultipartFile; import com.ruoyi.common.core.constant.UserConstants; import com.ruoyi.common.core.domain.R; @@ -35,7 +28,7 @@ import com.ruoyi.system.service.ISysUserService; /** * 用户信息 - * + * * @author ruoyi */ @RestController @@ -117,9 +110,28 @@ public class SysUserController extends BaseController return R.ok(sysUserVo); } + @GetMapping("/login") + public R login(@RequestParam("username")String username, @RequestParam("password")String password) + { + SysUser sysUser = userService.selectUserByUserName(username); + if(SecurityUtils.matchesPassword(password,sysUser.getPassword())) + { + // 角色集合 + Set roles = permissionService.getRolePermission(sysUser.getUserId()); + // 权限集合 + Set permissions = permissionService.getMenuPermission(sysUser.getUserId()); + UserInfo sysUserVo = new UserInfo(); + sysUserVo.setSysUser(sysUser); + sysUserVo.setRoles(roles); + sysUserVo.setPermissions(permissions); + return R.ok(sysUserVo); + } + + return R.ok(null); + } /** * 获取用户信息 - * + * * @return 用户信息 */ @GetMapping("getInfo") diff --git a/ruoyi-modules/ruoyi-system/src/main/resources/bootstrap.yml b/ruoyi-modules/ruoyi-system/src/main/resources/bootstrap.yml index 554d7979..64a4a4f8 100644 --- a/ruoyi-modules/ruoyi-system/src/main/resources/bootstrap.yml +++ b/ruoyi-modules/ruoyi-system/src/main/resources/bootstrap.yml @@ -1,9 +1,9 @@ # Tomcat server: - port: 9201 + port: 9001 # Spring -spring: +spring: application: # 应用名称 name: ruoyi-system diff --git a/ruoyi-ui/src/store/modules/user.js b/ruoyi-ui/src/store/modules/user.js index 5c8a33ff..9f57059b 100644 --- a/ruoyi-ui/src/store/modules/user.js +++ b/ruoyi-ui/src/store/modules/user.js @@ -1,96 +1,96 @@ -import { login, logout, getInfo } from '@/api/login' -import { getToken, setToken, removeToken } from '@/utils/auth' - -const user = { - state: { - token: getToken(), - name: '', - avatar: '', - roles: [], - permissions: [] - }, - - mutations: { - SET_TOKEN: (state, token) => { - state.token = token - }, - SET_NAME: (state, name) => { - state.name = name - }, - SET_AVATAR: (state, avatar) => { - state.avatar = avatar - }, - SET_ROLES: (state, roles) => { - state.roles = roles - }, - SET_PERMISSIONS: (state, permissions) => { - state.permissions = permissions - } - }, - - actions: { - // 登录 - Login({ commit }, userInfo) { - const username = userInfo.username.trim() - const password = userInfo.password - const code = userInfo.code - const uuid = userInfo.uuid - return new Promise((resolve, reject) => { - login(username, password, code, uuid).then(res => { - setToken(res.access_token) - commit('SET_TOKEN', res.access_token) - resolve() - }).catch(error => { - reject(error) - }) - }) - }, - - // 获取用户信息 - GetInfo({ commit, state }) { - return new Promise((resolve, reject) => { - getInfo(state.token).then(res => { - const user = res.user - const avatar = user.avatar == "" ? require("@/assets/image/profile.jpg") : process.env.VUE_APP_BASE_API + user.avatar; - if (res.roles && res.roles.length > 0) { // 验证返回的roles是否是一个非空数组 - commit('SET_ROLES', res.roles) - commit('SET_PERMISSIONS', res.permissions) - } else { - commit('SET_ROLES', ['ROLE_DEFAULT']) - } - commit('SET_NAME', user.userName) - commit('SET_AVATAR', avatar) - resolve(res) - }).catch(error => { - reject(error) - }) - }) - }, - - // 退出系统 - LogOut({ commit, state }) { - return new Promise((resolve, reject) => { - logout(state.token).then(() => { - commit('SET_TOKEN', '') - commit('SET_ROLES', []) - commit('SET_PERMISSIONS', []) - removeToken() - resolve() - }).catch(error => { - reject(error) - }) - }) - }, - - // 前端 登出 - FedLogOut({ commit }) { - return new Promise(resolve => { - commit('SET_TOKEN', '') - removeToken() - resolve() - }) - } - } -} - -export default user +import { login, logout, getInfo } from '@/api/login' +import { getToken, setToken, removeToken } from '@/utils/auth' + +const user = { + state: { + token: getToken(), + name: '', + avatar: '', + roles: [], + permissions: [] + }, + + mutations: { + SET_TOKEN: (state, token) => { + state.token = token + }, + SET_NAME: (state, name) => { + state.name = name + }, + SET_AVATAR: (state, avatar) => { + state.avatar = avatar + }, + SET_ROLES: (state, roles) => { + state.roles = roles + }, + SET_PERMISSIONS: (state, permissions) => { + state.permissions = permissions + } + }, + + actions: { + // 登录 + Login({ commit }, userInfo) { + const username = userInfo.username.trim() + const password = userInfo.password + const code = userInfo.code + const uuid = userInfo.uuid + return new Promise((resolve, reject) => { + login(username, password, code, uuid).then(res => { + setToken(res.data.access_token) + commit('SET_TOKEN', res.data.access_token) + resolve() + }).catch(error => { + reject(error) + }) + }) + }, + + // 获取用户信息 + GetInfo({ commit, state }) { + return new Promise((resolve, reject) => { + getInfo(state.token).then(res => { + const user = res.user + const avatar = user.avatar == "" ? require("@/assets/image/profile.jpg") : process.env.VUE_APP_BASE_API + user.avatar; + if (res.roles && res.roles.length > 0) { // 验证返回的roles是否是一个非空数组 + commit('SET_ROLES', res.roles) + commit('SET_PERMISSIONS', res.permissions) + } else { + commit('SET_ROLES', ['ROLE_DEFAULT']) + } + commit('SET_NAME', user.userName) + commit('SET_AVATAR', avatar) + resolve(res) + }).catch(error => { + reject(error) + }) + }) + }, + + // 退出系统 + LogOut({ commit, state }) { + return new Promise((resolve, reject) => { + logout(state.token).then(() => { + commit('SET_TOKEN', '') + commit('SET_ROLES', []) + commit('SET_PERMISSIONS', []) + removeToken() + resolve() + }).catch(error => { + reject(error) + }) + }) + }, + + // 前端 登出 + FedLogOut({ commit }) { + return new Promise(resolve => { + commit('SET_TOKEN', '') + removeToken() + resolve() + }) + } + } +} + +export default user