package com.gec.system.config;
import com.alibaba.fastjson.JSON;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.gec.model.system.SysUser;
import com.gec.system.component.RestAuthenticationEntryPoin;
import com.gec.system.component.RestAuthorizationHandler;
import com.gec.system.filter.JwtAuthencationFilter;
import com.gec.system.filter.JwtAuthorizationFilter;
import com.gec.system.pojo.UserDetailsImpl;
import com.gec.system.service.SysLoginLogService;
import com.gec.system.service.SysMenuService;
import com.gec.system.service.SysUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
/**
* @Description
* @Author 何冠磊
* @Date 2024/5/27 15:07
* @Version 1.0
*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private SysLoginLogService sysLoginLogService;
@Autowired
private SysUserService sysUserService;
@Autowired
private SysMenuService sysMenuService;
@Autowired
private StringRedisTemplate redisTemplate;
// WebSecurityConfigurerAdapter中的认证管理器,需要传入到过滤器中
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
// 指定加密算法,BCrypt
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
// 使用UserDetailsService加载业务层
@Bean
public UserDetailsService userDetailsService(){
return new UserDetailsService() {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
System.out.println("登录使用的账号:" + username);
QueryWrapper<SysUser> wrapper = new QueryWrapper<>();
wrapper.eq("username",username);
SysUser sysUser = sysUserService.getOne(wrapper);
if(null == sysUser){
throw new UsernameNotFoundException("账号不存在!");
}
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
// 判断redis数据库中是否存在权限信息,如果存在就不用查询MySQL数据库,减少MySQL数据库的检索压力
if(!redisTemplate.hasKey(sysUser.getUsername() + ":userPermsList1")){
System.out.println("redis无权限数据,查询数据库......");
List<String> permsList = sysMenuService.findUserPermsList(sysUser.getId());
for (String s : permsList) {
authorities.add(new SimpleGrantedAuthority(s.trim()));
}
}
else {
String authoritiesString = redisTemplate.opsForValue().get(sysUser.getUsername()+":userPermsList1");
List<Map> mapList = JSON.parseArray(authoritiesString, Map.class);
for (Map map : mapList) {
authorities.add(new SimpleGrantedAuthority((String) map.get("authority")));
}
}
return new UserDetailsImpl(sysUser,authorities);
}
};
}
// 重写一个config方法,将userDetailsService放入security
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService());
}
// 重写一个config方法,配置请求的拦截以及回调信息
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors() // 解决跨域问题CrossOrigin
.and() //TODO: 拼接认证方式
.sessionManagement() // 会话管理
.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 配置无状态认证
.and() //TODO: 拼接请求拦截
.authorizeRequests() // 拦截请求
.antMatchers("/admin/system/index/login") // 设置不被拦截的请求
.permitAll() // 不拦截
.antMatchers("/admin/system/upload/uploadImage")
.permitAll()
.antMatchers("/admin/system/upload/uploadVideo")
.permitAll()
// 放行swagger接口文档
.antMatchers("/doc.html")
.permitAll()
.antMatchers("/webjars/**")
.permitAll()
.antMatchers("/swagger-resources/**")
.permitAll()
.antMatchers("/v2/**")
.permitAll()
.antMatchers("/swagger-ui.html")
.permitAll()
.anyRequest() // 其他请求
.authenticated() // 全部拦截
.and() //TODO: 拼接过滤器
.addFilterBefore(new JwtAuthencationFilter("/admin/system/index/login",authenticationManager(), redisTemplate, sysLoginLogService), UsernamePasswordAuthenticationFilter.class) // 添加用户认证过程的过滤器 (登录)
.addFilterBefore(new JwtAuthorizationFilter(redisTemplate),UsernamePasswordAuthenticationFilter.class); // 过滤请求,判断身份(检测jwt的有效性)
// 解决csrf防御问题,阻止post合法请求被识别为无效
http.csrf().disable();
// 报错组件的处理程序配置
http.exceptionHandling() // 报错
.accessDeniedHandler(new RestAuthorizationHandler()) // 没有登录权限的报错
.authenticationEntryPoint(new RestAuthenticationEntryPoin()); // 未登录、认证或token失效时的报错
}
}
基于SpringBoot+Vue的影视管理后台系统设计源码 (372个子文件) 
.gitignore 278B gec-service-system.iml 26KB service-util.iml 20KB common-util.iml 17KB gec-common.iml 10KB gec-model.iml 8KB gec-auth-parent.iml 574B gec-auth-parent.iml 80B SecurityConfig.java 7KB JwtAuthencationFilter.java 5KB OperLogAspect.java 5KB SysUserServiceImpl.java 4KB SysMenuServiceImpl.java 4KB JwtAuthorizationFilter.java 3KB IpUtil.java 3KB SysRoleController.java 3KB SysUserController.java 3KB JwtTokenUtil.java 3KB SysMenuController.java 3KB SysMovieController.java 3KB SysCategoryController.java 3KB SysRoleServiceImpl.java 3KB RouterHelper.java 3KB JwtLoginController.java 2KB JwtHelper.java 2KB Knife4jConfig.java 2KB OssTemplate.java 2KB VodTemplate.java 2KB SysOperLog.java 2KB Result.java 2KB SysOperLogController.java 2KB GlobalException.java 2KB SysLoginLogController.java 2KB UploadController.java 2KB LoginController.java 2KB MenuHelper.java 2KB SysUser.java 1KB SysMenu.java 1KB UserDetailsImpl.java 1KB SysLoginLogServiceImpl.java 1KB RestAuthorizationHandler.java 1KB RestAuthenticationEntryPoin.java 1KB MD5Helper.java 1KB MybatisPlusConfig.java 1KB SysMovie.java 1KB SysRoleService.java 995B SysLoginLog.java 966B BaseEntity.java 923B ResultCodeEnum.java 910B SysCategoryServiceImpl.java 877B SysLoginLogService.java 874B JwtUtil.java 850B SysUserService.java 835B SysOperLogServiceImpl.java 788B MybatisplusObjectMetaHandler.java 783B RouterVo.java 767B SysMenuService.java 761B SysMovieServiceImpl.java 761B SysRoleMenu.java 635B SysUserRole.java 634B SysCategoryService.java 621B SysMovieService.java 571B SysRoleQueryVo.java 569B SysCategoryMapper.java 549B SysLoginLogMapper.java 542B SysOperLogMapper.java 533B OssConfig.java 520B SysMovieMapper.java 518B SysRoleMapper.java 517B LoginVo.java 508B SysUserMapper.java 501B SysRole.java 491B SysOperLogService.java 480B MetaVo.java 474B ServiceApplication.java 471B SysMovieQueryVo.java 463B VodConfig.java 433B SysMenuMapper.java 410B SysUserQueryVo.java 405B SysCategory.java 403B SysUserRoleMapper.java 402B SysRoleMenuMapper.java 402B AssginRoleVo.java 390B AssginMenuVo.java 390B MyCustomerException.java 285B SysCategoryQueryVo.java 277B SysLoginLogQueryVo.java 276B SysOperLogQueryVo.java 206B LICENSE 34KB inputFiles.lst 5KB createdFiles.lst 2KB inputFiles.lst 2KB inputFiles.lst 1KB createdFiles.lst 776B inputFiles.lst 598B createdFiles.lst 480B createdFiles.lst 243B inputFiles.lst 0B inputFiles.lst 0B inputFiles.lst 0B共 372 条
- 1
- 2
- 3
- 4
资源评论
