first commit
This commit is contained in:
zc
@@ -0,0 +1,22 @@
|
||||
package top.ysoft.admin.config.satoken;
|
||||
|
||||
import lombok.Data;
|
||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
/**
|
||||
* 密码配置属性
|
||||
*
|
||||
* @author Charles7c
|
||||
* @since 2024/6/15 22:15
|
||||
*/
|
||||
@Data
|
||||
@Component
|
||||
@ConfigurationProperties(prefix = "auth.password")
|
||||
public class LoginPasswordProperties {
|
||||
|
||||
/**
|
||||
* 排除(放行)路径配置
|
||||
*/
|
||||
private String[] excludes = new String[0];
|
||||
}
|
||||
@@ -0,0 +1,46 @@
|
||||
package top.ysoft.admin.config.satoken;
|
||||
|
||||
import cn.dev33.satoken.fun.SaParamFunction;
|
||||
import cn.dev33.satoken.interceptor.SaInterceptor;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.lang.Nullable;
|
||||
import top.ysoft.admin.common.context.UserContextHolder;
|
||||
|
||||
/**
|
||||
* Sa-Token 扩展拦截器
|
||||
*
|
||||
* @author Charles7c
|
||||
* @since 2024/10/10 20:25
|
||||
*/
|
||||
public class SaExtensionInterceptor extends SaInterceptor {
|
||||
|
||||
public SaExtensionInterceptor(SaParamFunction<Object> auth) {
|
||||
super(auth);
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
Object handler) throws Exception {
|
||||
boolean flag = super.preHandle(request, response, handler);
|
||||
if (flag && StpUtil.isLogin()) {
|
||||
UserContextHolder.getContext();
|
||||
UserContextHolder.getExtraContext();
|
||||
}
|
||||
return flag;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void afterCompletion(HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
Object handler,
|
||||
@Nullable Exception e) throws Exception {
|
||||
try {
|
||||
super.afterCompletion(request, response, handler, e);
|
||||
} finally {
|
||||
UserContextHolder.clearContext();
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,77 @@
|
||||
package top.ysoft.admin.config.satoken;
|
||||
|
||||
import cn.dev33.satoken.SaManager;
|
||||
import cn.dev33.satoken.context.SaHolder;
|
||||
import cn.dev33.satoken.context.model.SaRequest;
|
||||
import cn.dev33.satoken.interceptor.SaInterceptor;
|
||||
import cn.dev33.satoken.router.SaRouter;
|
||||
import cn.dev33.satoken.sign.SaSignTemplate;
|
||||
import cn.dev33.satoken.sign.SaSignUtil;
|
||||
import cn.dev33.satoken.stp.StpInterface;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import top.ysoft.admin.common.context.UserContext;
|
||||
import top.ysoft.admin.common.context.UserContextHolder;
|
||||
import top.ysoft.admin.open.sign.OpenApiSignTemplate;
|
||||
import top.continew.starter.auth.satoken.autoconfigure.SaTokenExtensionProperties;
|
||||
import top.continew.starter.core.constant.StringConstants;
|
||||
import top.continew.starter.core.exception.BusinessException;
|
||||
import top.continew.starter.core.validation.CheckUtils;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Sa-Token 配置
|
||||
*
|
||||
* @author Charles7c
|
||||
* @author chengzi
|
||||
* @since 2022/12/19 22:13
|
||||
*/
|
||||
@Configuration
|
||||
@RequiredArgsConstructor
|
||||
public class SaTokenConfiguration {
|
||||
|
||||
private final SaTokenExtensionProperties properties;
|
||||
private final LoginPasswordProperties loginPasswordProperties;
|
||||
private final OpenApiSignTemplate signTemplate;
|
||||
|
||||
/**
|
||||
* Sa-Token 权限认证配置
|
||||
*/
|
||||
@Bean
|
||||
public StpInterface stpInterface() {
|
||||
return new SaTokenPermissionImpl();
|
||||
}
|
||||
|
||||
/**
|
||||
* SaToken 拦截器配置
|
||||
*/
|
||||
@Bean
|
||||
public SaInterceptor saInterceptor() {
|
||||
SaManager.setSaSignTemplate(signTemplate);
|
||||
return new SaExtensionInterceptor(handle -> SaRouter.match(StringConstants.PATH_PATTERN)
|
||||
.notMatch(properties.getSecurity().getExcludes())
|
||||
.check(r -> {
|
||||
// 如果包含 sign,进行 API 接口参数签名验证
|
||||
SaRequest saRequest = SaHolder.getRequest();
|
||||
List<String> paramNames = saRequest.getParamNames();
|
||||
if (paramNames.stream().anyMatch(SaSignTemplate.sign::equals)) {
|
||||
try {
|
||||
SaSignUtil.checkRequest(saRequest);
|
||||
} catch (Exception e) {
|
||||
throw new BusinessException(e.getMessage());
|
||||
}
|
||||
return;
|
||||
}
|
||||
// 不包含 sign 参数,进行普通登录验证
|
||||
StpUtil.checkLogin();
|
||||
if (SaRouter.isMatchCurrURI(loginPasswordProperties.getExcludes())) {
|
||||
return;
|
||||
}
|
||||
UserContext userContext = UserContextHolder.getContext();
|
||||
CheckUtils.throwIf(userContext.isPasswordExpired(), "密码已过期,请修改密码");
|
||||
}));
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,29 @@
|
||||
package top.ysoft.admin.config.satoken;
|
||||
|
||||
import cn.dev33.satoken.stp.StpInterface;
|
||||
import top.ysoft.admin.common.context.UserContext;
|
||||
import top.ysoft.admin.common.context.UserContextHolder;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* Sa-Token 权限认证实现
|
||||
*
|
||||
* @author Charles7c
|
||||
* @since 2023/3/1 22:28
|
||||
*/
|
||||
public class SaTokenPermissionImpl implements StpInterface {
|
||||
|
||||
@Override
|
||||
public List<String> getPermissionList(Object loginId, String loginType) {
|
||||
UserContext userContext = UserContextHolder.getContext();
|
||||
return new ArrayList<>(userContext.getPermissions());
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> getRoleList(Object loginId, String loginType) {
|
||||
UserContext userContext = UserContextHolder.getContext();
|
||||
return new ArrayList<>(userContext.getRoleCodes());
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user