后台管理系统的通用权限解决方案-代码

package com.itweid.auth.service.impl; import cn.hutool.core.bean.BeanUtil; import com.baomidou.mybatisplus.extension.toolkit.Db; import com.itweid.auth.mapper.AuthResourceMapper; import com.itweid.auth.service.ILoginService; import com.itweid.common.code.ErrorCode; import com.itweid.common.code.RedisCode; import com.itweid.common.entity.AuthResource; import com.itweid.common.entity.AuthUser; import com.itweid.common.pojo.*; import com.itweid.jwt.pojo.JwtUserInfo; import com.itweid.jwt.utils.AuthTokenUtils; import lombok.extern.slf4j.Slf4j; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import java.util.Arrays; import java.util.List; import java.util.stream.Collectors; @Slf4j @Service @Transactional(rollbackFor = Exception.class) public class LoginServiceImpl implements ILoginService { @Autowired private StringRedisTemplate stringRedisTemplate; @Autowired private AuthTokenUtils authTokenUtils; @Autowired private AuthResourceMapper authResourceMapper; @Override public BaseResult<LoginVO> doLogin(LoginQuery loginQuery) { log.info(loginQuery.toString()); // 校验验证码是否正确 BaseResult checkCodeRes = checkCode(loginQuery.getKey(), loginQuery.getCode()); if(!checkCodeRes.isSuccess()) { return BaseResult.setError(checkCodeRes); } // 校验账号、密码是否正确 BaseResult<AuthUser> checkPassRes = checkPass(loginQuery.getAccount(), loginQuery.getPassword()); if(!checkPassRes.isSuccess()) { return BaseResult.setError(checkPassRes); } // 为用户生成jwt令牌 AuthUser authUser = checkPassRes.getData(); Token token = generateUserToken(authUser); // 查询当前用户可以访问的资源权限 List<AuthResource> authResourceList = authResourceMapper.findVisibleResourceByUserId(authUser.getId()); List<String> permissionList = null; if(authResourceList != null && !authResourceList.isEmpty()) { // 用户对应的权限（给前端使用的） permissionList = authResourceList.stream().map(AuthResource::getCode).collect(Collectors.toList()); // 将用户对应的权限（给后端网关使用的）进行缓存 List<String> visibleResource = authResourceList.stream().map((resource -> { return resource.getMethod() + resource.getUrl(); })).collect(Collectors.toList()); stringRedisTemplate.opsForHash().put(RedisCode.USER_RESOURCE, authUser.getId().toString(), visibleResource.toString()); } // 封装返回结果 UserVO userVO = new UserVO(); BeanUtil.copyProperties(authUser, userVO); LoginVO loginDTO = LoginVO.builder() .user(userVO) .token(token) .permissionsList(permissionList) .build(); return BaseResult.setOk(loginDTO); } private BaseResult checkCode(String key, String code) { // 从缓存中获取验证码并进行验证 Object captchaObj = stringRedisTemplate.opsForHash().get(RedisCode.CAPTCHA, key); log.info("Redis => get {} {} => {}", RedisCode.CAPTCHA, key, captchaObj); if (captchaObj == null) { return BaseResult.setError(ErrorCode.VALID_CODE_IS_OVERDUE); } if (!StringUtils.equalsIgnoreCase(code, String.valueOf(captchaObj))) { return BaseResult.setError(ErrorCode.VALID_CODE_IS_WRONG); } // 验证通过，立即从缓存中删除验证码 Long delete = stringRedisTemplate.opsForHash().delete(RedisCode.CAPTCHA, key); log.info("Redis => del {} {} => {}", RedisCode.CAPTCHA, key, delete); return BaseResult.setOk(); } public BaseResult<AuthUser> checkPass(String account, String password) { AuthUser authUser = Db.lambdaQuery(AuthUser.class) .eq(AuthUser::getAccount, account) .one(); // 将前端提交的密码进行md5加密 String md5Hex = DigestUtils.md5Hex(password); if (authUser == null || !authUser.getPassword().equals(md5Hex)) { // 认证失败 return BaseResult.setError(ErrorCode.ACCOUNT_PASS_IS_WRONG); } // 认证成功 return BaseResult.setOk(authUser); } private Token generateUserToken(AuthUser authUser){ JwtUserInfo jwtUserInfo = new JwtUserInfo(authUser.getId(), authUser.getAccount()); return authTokenUtils.generateUserToken(jwtUserInfo, null); } }