fix:权限拦截修改

V0.5.x
xiwa 2023-07-21 07:48:32 +08:00
parent 47f7dc789b
commit 9e07ff8d9c
6 changed files with 41 additions and 133 deletions

View File

@ -95,10 +95,6 @@ public interface Constants {
String CACHE_OAUTH_CLIENT = "oauth_client_cache"; String CACHE_OAUTH_CLIENT = "oauth_client_cache";
String WECHAT_APP_ID = "wx791cb7bf75950e0c";
String WECHAT_APP_SECRET = "eeef73ce71f1a722ad6298985d859844";
String APP_DESIGN_CACHE = "app_design_cache"; String APP_DESIGN_CACHE = "app_design_cache";
String CACHE_PRODUCT_SCRIPT = "product_script_cache"; String CACHE_PRODUCT_SCRIPT = "product_script_cache";

View File

@ -3,11 +3,12 @@ package cc.iotkit.common.satoken.config;
import cc.iotkit.common.satoken.core.dao.PlusSaTokenDao; import cc.iotkit.common.satoken.core.dao.PlusSaTokenDao;
import cc.iotkit.common.satoken.core.service.SaPermissionImpl; import cc.iotkit.common.satoken.core.service.SaPermissionImpl;
import cn.dev33.satoken.dao.SaTokenDao; import cn.dev33.satoken.dao.SaTokenDao;
import cn.dev33.satoken.jwt.StpLogicJwtForSimple; import cn.dev33.satoken.interceptor.SaInterceptor;
import cn.dev33.satoken.stp.StpInterface; import cn.dev33.satoken.stp.StpInterface;
import cn.dev33.satoken.stp.StpLogic; import cn.dev33.satoken.stp.StpUtil;
import org.springframework.boot.autoconfigure.AutoConfiguration;
import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/** /**
@ -15,15 +16,9 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
* *
* @author Lion Li * @author Lion Li
*/ */
@AutoConfiguration @Configuration
public class SaTokenConfig implements WebMvcConfigurer { public class SaTokenConfig implements WebMvcConfigurer {
@Bean
public StpLogic getStpLogicJwt() {
// Sa-Token 整合 jwt (简单模式)
return new StpLogicJwtForSimple();
}
/** /**
* (使bean便) * (使bean便)
*/ */
@ -40,4 +35,12 @@ public class SaTokenConfig implements WebMvcConfigurer {
return new PlusSaTokenDao(); return new PlusSaTokenDao();
} }
// 注册拦截器
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 注册 Sa-Token 拦截器,校验规则为 StpUtil.checkLogin() 登录校验。
registry.addInterceptor(new SaInterceptor(handle -> StpUtil.checkLogin()))
.addPathPatterns("/**")
.excludePathPatterns("/code", "/auth/tenant/list", "/auth/login");
}
} }

View File

@ -1,90 +0,0 @@
/*
* +----------------------------------------------------------------------
* | Copyright (c) 2021-2022 All rights reserved.
* +----------------------------------------------------------------------
* | Licensed
* +----------------------------------------------------------------------
* | Author: xw2sy@163.com
* +----------------------------------------------------------------------
*/
package cc.iotkit.manager.service;
import cc.iotkit.common.constant.Constants;
import cc.iotkit.common.exception.BizException;
import cc.iotkit.common.utils.CodecUtil;
import cc.iotkit.common.utils.JsonUtils;
import cc.iotkit.common.utils.WeChatUtil;
import cc.iotkit.data.manager.IUserInfoData;
import cc.iotkit.model.UserInfo;
import lombok.Data;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@Slf4j
@Service
public class WeChatService {
@Autowired
private IUserInfoData userInfoData;
public String login(String encryptedData, String iv, String loginCode) {
WxSession wxSession = authCode2Session(Constants.WECHAT_APP_ID, Constants.WECHAT_APP_SECRET, loginCode);
if (wxSession == null) {
throw new BizException("调用微信端授权认证接口错误");
}
if (StringUtils.isEmpty(wxSession.getOpenid())) {
throw new BizException("微信授权认证失败");
}
if (wxSession.getErrcode() != 0) {
throw new BizException("微信授权认证失败:" + wxSession.getErrmsg());
}
UserInfo userInfo = userInfoData.findById(wxSession.getOpenid());
//判断用户表中是否存在该用户,不存在则进行解密得到用户信息,并进行新增用户
String strUserInfo = WeChatUtil.decryptData(encryptedData, wxSession.getSession_key(), iv);
if (StringUtils.isEmpty(strUserInfo)) {
throw new BizException("解密用户信息错误");
}
UserInfo decryptUser = JsonUtils.parseObject(strUserInfo, UserInfo.class);
if (userInfo == null) {
} else {
decryptUser.setId(userInfo.getId());
}
// decryptUser.setId(decryptUser.getOpenId());
userInfoData.save(decryptUser);
try {
return CodecUtil.aesEncrypt(System.currentTimeMillis() + "_" + wxSession.getOpenid(), Constants.ACCOUNT_SECRET);
} catch (Throwable e) {
throw new BizException("微信授权认证失败");
}
}
public WxSession authCode2Session(String appId, String secret, String jsCode) {
String url = "https://api.weixin.qq.com/sns/jscode2session?appid=" + appId + "&secret=" + secret + "&js_code=" + jsCode + "&grant_type=authorization_code";
String str = WeChatUtil.httpRequest(url, "GET", null);
log.info("api/wx-mini/getSessionKey:" + str);
if (StringUtils.isBlank(str)) {
return null;
} else {
return JsonUtils.parseObject(str, WxSession.class);
}
}
@Data
public static class WxSession {
private String openid;
private String session_key;
private String unionid;
private int errcode;
private String errmsg;
}
}

View File

@ -63,6 +63,11 @@
<artifactId>iot-common-oss</artifactId> <artifactId>iot-common-oss</artifactId>
</dependency> </dependency>
<dependency>
<groupId>cc.iotkit</groupId>
<artifactId>iot-common-satoken</artifactId>
</dependency>
<dependency> <dependency>
<groupId>io.github.linpeilie</groupId> <groupId>io.github.linpeilie</groupId>
<artifactId>mapstruct-plus-spring-boot-starter</artifactId> <artifactId>mapstruct-plus-spring-boot-starter</artifactId>

View File

@ -57,7 +57,7 @@ spring:
username: sa username: sa
password: 123456 password: 123456
# 内置h2 web console设置 # 内置h2 web console设置
platform: h2 platform: h2
h2: h2:
console: console:
@ -69,22 +69,22 @@ spring:
# <<==========mysql配置开始============== # <<==========mysql配置开始==============
# datasource: # datasource:
# url: jdbc:mysql://127.0.0.1:3306/iotkit?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false # url: jdbc:mysql://127.0.0.1:3306/iotkit?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false
# driverClassName: com.mysql.cj.jdbc.Driver # driverClassName: com.mysql.cj.jdbc.Driver
# username: root # username: root
# password: 123456 # password: 123456
# validationQuery: SELECT 1 # validationQuery: SELECT 1
# testOnBorrow: true # testOnBorrow: true
# jpa: # jpa:
# database: MySQL # database: MySQL
# database-platform: org.hibernate.dialect.MySQL5InnoDBDialect # database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
## show-sql: true ## show-sql: true
# hibernate: # hibernate:
# ddl-auto: update # ddl-auto: update
# properties: # properties:
# hibernate: # hibernate:
# format_sql: true # format_sql: true
# ============mysql配置结束============>> # ============mysql配置结束============>>
#<<================es时序数据配置开始=============== #<<================es时序数据配置开始===============
@ -99,11 +99,11 @@ spring:
#================es时序数据配置结束===============>> #================es时序数据配置结束===============>>
#<<===========tdengine时序数据库配置开始============ #<<===========tdengine时序数据库配置开始============
# td-datasource: # td-datasource:
# url: jdbc:TAOS-RS://127.0.0.1:6041/iotkit?timezone=UTC-8&charset=UTF-8&locale=en_US.UTF-8 # url: jdbc:TAOS-RS://127.0.0.1:6041/iotkit?timezone=UTC-8&charset=UTF-8&locale=en_US.UTF-8
# username: root # username: root
# password: taosdata # password: taosdata
# driverClassName: com.taosdata.jdbc.rs.RestfulDriver # driverClassName: com.taosdata.jdbc.rs.RestfulDriver
#===========tdengine时序数据库配置开始============>> #===========tdengine时序数据库配置开始============>>
@ -149,11 +149,6 @@ sa-token:
# 是否输出操作日志 # 是否输出操作日志
is-log: false is-log: false
#认证中心地址
oauth2:
auth-server-url: http://127.0.0.1:8086
# 多租户配置 # 多租户配置
tenant: tenant:
# 是否开启 # 是否开启

View File

@ -69,7 +69,6 @@
<scope>import</scope> <scope>import</scope>
</dependency> </dependency>
<dependency> <dependency>
<groupId>commons-beanutils</groupId> <groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId> <artifactId>commons-beanutils</artifactId>
@ -221,7 +220,7 @@
<dependency> <dependency>
<groupId>co.elastic.clients</groupId> <groupId>co.elastic.clients</groupId>
<artifactId>elasticsearch-java</artifactId> <artifactId>elasticsearch-java</artifactId>
<version>7.15.2</version> <version>7.17.9</version>
</dependency> </dependency>
<dependency> <dependency>