🔥 热搜 🔥
百度今日热点微信公众平台贴吧opggdnf私服百度贴吧知乎dnf公益服百度傻逼
分类
社会娱乐国际人权科技经济其它
🔥 热搜 🔥
上海习近平新疆鄂州父女瓜乌鲁木齐疫情H工口小学生赛高习明泽芊川一笑图包印尼排华
分类
社会娱乐国际人权科技经济其它
查看原文
其他

mall整合SpringSecurity和JWT实现认证和授权(二)

梦想de星空 macrozheng 2020-08-20
来自专辑
mall学习教程(架构篇)

接上一篇,controller和service层的代码实现及登录授权流程演示。

登录注册功能实现

添加UmsAdminController类

实现了后台用户登录、注册及获取权限的接口

  1. package com.macro.mall.tiny.controller;


  3. import com.macro.mall.tiny.common.api.CommonResult;

  4. import com.macro.mall.tiny.dto.UmsAdminLoginParam;

  5. import com.macro.mall.tiny.mbg.model.UmsAdmin;

  6. import com.macro.mall.tiny.mbg.model.UmsPermission;

  7. import com.macro.mall.tiny.service.UmsAdminService;

  8. import io.swagger.annotations.Api;

  9. import io.swagger.annotations.ApiOperation;

  10. import org.springframework.beans.factory.annotation.Autowired;

  11. import org.springframework.beans.factory.annotation.Value;

  12. import org.springframework.stereotype.Controller;

  13. import org.springframework.validation.BindingResult;

  14. import org.springframework.web.bind.annotation.*;


  16. import java.util.HashMap;

  17. import java.util.List;

  18. import java.util.Map;


  20. /**

  21. * 后台用户管理

  22. * Created by macro on 2018/4/26.

  23. */

  24. @Controller

  25. @Api(tags = "UmsAdminController", description = "后台用户管理")

  26. @RequestMapping("/admin")

  27. public class UmsAdminController {

  28. @Autowired

  29. private UmsAdminService adminService;

  30. @Value("${jwt.tokenHeader}")

  31. private String tokenHeader;

  32. @Value("${jwt.tokenHead}")

  33. private String tokenHead;


  35. @ApiOperation(value = "用户注册")

  36. @RequestMapping(value = "/register", method = RequestMethod.POST)

  37. @ResponseBody

  38. public CommonResult<UmsAdmin> register(@RequestBody UmsAdmin umsAdminParam, BindingResult result) {

  39. UmsAdmin umsAdmin = adminService.register(umsAdminParam);

  40. if (umsAdmin == null) {

  41. CommonResult.failed();

  42. }

  43. return CommonResult.success(umsAdmin);

  44. }


  46. @ApiOperation(value = "登录以后返回token")

  47. @RequestMapping(value = "/login", method = RequestMethod.POST)

  48. @ResponseBody

  49. public CommonResult login(@RequestBody UmsAdminLoginParam umsAdminLoginParam, BindingResult result) {

  50. String token = adminService.login(umsAdminLoginParam.getUsername(), umsAdminLoginParam.getPassword());

  51. if (token == null) {

  52. return CommonResult.validateFailed("用户名或密码错误");

  53. }

  54. Map<String, String> tokenMap = new HashMap<>();

  55. tokenMap.put("token", token);

  56. tokenMap.put("tokenHead", tokenHead);

  57. return CommonResult.success(tokenMap);

  58. }


  60. @ApiOperation("获取用户所有权限(包括+-权限)")

  61. @RequestMapping(value = "/permission/{adminId}", method = RequestMethod.GET)

  62. @ResponseBody

  63. public CommonResult<List<UmsPermission>> getPermissionList(@PathVariable Long adminId) {

  64. List<UmsPermission> permissionList = adminService.getPermissionList(adminId);

  65. return CommonResult.success(permissionList);

  66. }

  67. }

添加UmsAdminService接口

  1. package com.macro.mall.tiny.service;


  3. import com.macro.mall.tiny.mbg.model.UmsAdmin;

  4. import com.macro.mall.tiny.mbg.model.UmsPermission;


  6. import java.util.List;


  8. /**

  9. * 后台管理员Service

  10. * Created by macro on 2018/4/26.

  11. */

  12. public interface UmsAdminService {

  13. /**

  14. * 根据用户名获取后台管理员

  15. */

  16. UmsAdmin getAdminByUsername(String username);


  18. /**

  19. * 注册功能

  20. */

  21. UmsAdmin register(UmsAdmin umsAdminParam);


  23. /**

  24. * 登录功能

  25. * @param username 用户名

  26. * @param password 密码

  27. * @return 生成的JWT的token

  28. */

  29. String login(String username, String password);


  31. /**

  32. * 获取用户所有权限(包括角色权限和+-权限)

  33. */

  34. List<UmsPermission> getPermissionList(Long adminId);

  35. }

添加UmsAdminServiceImpl类

  1. package com.macro.mall.tiny.service.impl;


  3. import com.macro.mall.tiny.common.utils.JwtTokenUtil;

  4. import com.macro.mall.tiny.dao.UmsAdminRoleRelationDao;

  5. import com.macro.mall.tiny.dto.UmsAdminLoginParam;

  6. import com.macro.mall.tiny.mbg.mapper.UmsAdminMapper;

  7. import com.macro.mall.tiny.mbg.model.UmsAdmin;

  8. import com.macro.mall.tiny.mbg.model.UmsAdminExample;

  9. import com.macro.mall.tiny.mbg.model.UmsPermission;

  10. import com.macro.mall.tiny.service.UmsAdminService;

  11. import org.slf4j.Logger;

  12. import org.slf4j.LoggerFactory;

  13. import org.springframework.beans.BeanUtils;

  14. import org.springframework.beans.factory.annotation.Autowired;

  15. import org.springframework.beans.factory.annotation.Value;

  16. import org.springframework.security.authentication.AuthenticationManager;

  17. import org.springframework.security.authentication.BadCredentialsException;

  18. import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;

  19. import org.springframework.security.core.AuthenticationException;

  20. import org.springframework.security.core.context.SecurityContextHolder;

  21. import org.springframework.security.core.userdetails.UserDetails;

  22. import org.springframework.security.core.userdetails.UserDetailsService;

  23. import org.springframework.security.crypto.password.PasswordEncoder;

  24. import org.springframework.stereotype.Service;


  26. import java.util.Date;

  27. import java.util.List;


  29. /**

  30. * UmsAdminService实现类

  31. * Created by macro on 2018/4/26.

  32. */

  33. @Service

  34. public class UmsAdminServiceImpl implements UmsAdminService {

  35. private static final Logger LOGGER = LoggerFactory.getLogger(UmsAdminServiceImpl.class);

  36. @Autowired

  37. private UserDetailsService userDetailsService;

  38. @Autowired

  39. private JwtTokenUtil jwtTokenUtil;

  40. @Autowired

  41. private PasswordEncoder passwordEncoder;

  42. @Value("${jwt.tokenHead}")

  43. private String tokenHead;

  44. @Autowired

  45. private UmsAdminMapper adminMapper;

  46. @Autowired

  47. private UmsAdminRoleRelationDao adminRoleRelationDao;


  49. @Override

  50. public UmsAdmin getAdminByUsername(String username) {

  51. UmsAdminExample example = new UmsAdminExample();

  52. example.createCriteria().andUsernameEqualTo(username);

  53. List<UmsAdmin> adminList = adminMapper.selectByExample(example);

  54. if (adminList != null && adminList.size() > 0) {

  55. return adminList.get(0);

  56. }

  57. return null;

  58. }


  60. @Override

  61. public UmsAdmin register(UmsAdmin umsAdminParam) {

  62. UmsAdmin umsAdmin = new UmsAdmin();

  63. BeanUtils.copyProperties(umsAdminParam, umsAdmin);

  64. umsAdmin.setCreateTime(new Date());

  65. umsAdmin.setStatus(1);

  66. //查询是否有相同用户名的用户

  67. UmsAdminExample example = new UmsAdminExample();

  68. example.createCriteria().andUsernameEqualTo(umsAdmin.getUsername());

  69. List<UmsAdmin> umsAdminList = adminMapper.selectByExample(example);

  70. if (umsAdminList.size() > 0) {

  71. return null;

  72. }

  73. //将密码进行加密操作

  74. String encodePassword = passwordEncoder.encode(umsAdmin.getPassword());

  75. umsAdmin.setPassword(encodePassword);

  76. adminMapper.insert(umsAdmin);

  77. return umsAdmin;

  78. }


  80. @Override

  81. public String login(String username, String password) {

  82. String token = null;

  83. try {

  84. UserDetails userDetails = userDetailsService.loadUserByUsername(username);

  85. if (!passwordEncoder.matches(password, userDetails.getPassword())) {

  86. throw new BadCredentialsException("密码不正确");

  87. }

  88. UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());

  89. SecurityContextHolder.getContext().setAuthentication(authentication);

  90. token = jwtTokenUtil.generateToken(userDetails);

  91. } catch (AuthenticationException e) {

  92. LOGGER.warn("登录异常:{}", e.getMessage());

  93. }

  94. return token;

  95. }



  98. @Override

  99. public List<UmsPermission> getPermissionList(Long adminId) {

  100. return adminRoleRelationDao.getPermissionList(adminId);

  101. }

  102. }

修改Swagger的配置

通过修改配置实现调用接口自带Authorization头,这样就可以访问需要登录的接口了。

  1. package com.macro.mall.tiny.config;


  3. import org.springframework.context.annotation.Bean;

  4. import org.springframework.context.annotation.Configuration;

  5. import springfox.documentation.builders.ApiInfoBuilder;

  6. import springfox.documentation.builders.PathSelectors;

  7. import springfox.documentation.builders.RequestHandlerSelectors;

  8. import springfox.documentation.service.ApiInfo;

  9. import springfox.documentation.service.ApiKey;

  10. import springfox.documentation.service.AuthorizationScope;

  11. import springfox.documentation.service.SecurityReference;

  12. import springfox.documentation.spi.DocumentationType;

  13. import springfox.documentation.spi.service.contexts.SecurityContext;

  14. import springfox.documentation.spring.web.plugins.Docket;

  15. import springfox.documentation.swagger2.annotations.EnableSwagger2;


  17. import java.util.ArrayList;

  18. import java.util.List;


  20. /**

  21. * Swagger2API文档的配置

  22. */

  23. @Configuration

  24. @EnableSwagger2

  25. public class Swagger2Config {

  26. @Bean

  27. public Docket createRestApi(){

  28. return new Docket(DocumentationType.SWAGGER_2)

  29. .apiInfo(apiInfo())

  30. .select()

  31. //为当前包下controller生成API文档

  32. .apis(RequestHandlerSelectors.basePackage("com.macro.mall.tiny.controller"))

  33. .paths(PathSelectors.any())

  34. .build()

  35. //添加登录认证

  36. .securitySchemes(securitySchemes())

  37. .securityContexts(securityContexts());

  38. }


  40. private ApiInfo apiInfo() {

  41. return new ApiInfoBuilder()

  42. .title("SwaggerUI演示")

  43. .description("mall-tiny")

  44. .contact("macro")

  45. .version("1.0")

  46. .build();

  47. }


  49. private List<ApiKey> securitySchemes() {

  50. //设置请求头信息

  51. List<ApiKey> result = new ArrayList<>();

  52. ApiKey apiKey = new ApiKey("Authorization", "Authorization", "header");

  53. result.add(apiKey);

  54. return result;

  55. }


  57. private List<SecurityContext> securityContexts() {

  58. //设置需要登录认证的路径

  59. List<SecurityContext> result = new ArrayList<>();

  60. result.add(getContextByPath("/brand/.*"));

  61. return result;

  62. }


  64. private SecurityContext getContextByPath(String pathRegex){

  65. return SecurityContext.builder()

  66. .securityReferences(defaultAuth())

  67. .forPaths(PathSelectors.regex(pathRegex))

  68. .build();

  69. }


  71. private List<SecurityReference> defaultAuth() {

  72. List<SecurityReference> result = new ArrayList<>();

  73. AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");

  74. AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];

  75. authorizationScopes[0] = authorizationScope;

  76. result.add(new SecurityReference("Authorization", authorizationScopes));

  77. return result;

  78. }

  79. }

给PmsBrandController接口中的方法添加访问权限

  • 给查询接口添加pms:brand:read权限

  • 给修改接口添加pms:brand:update权限

  • 给删除接口添加pms:brand:delete权限

  • 给添加接口添加pms:brand:create权限

例子:

  1. @PreAuthorize("hasAuthority('pms:brand:read')")

  2. public CommonResult<List<PmsBrand>> getBrandList() {

  3. return CommonResult.success(brandService.listAllBrand());

  4. }

认证与授权流程演示

运行项目,访问API

Swagger api地址:http://localhost:8080/swagger-ui.html

未登录前访问接口

登录后访问接口

  • 进行登录操作:登录帐号test 123456

  • 点击Authorize按钮,在弹框中输入登录接口中获取到的token信息

  • 登录后访问获取权限列表接口,发现已经可以正常访问

访问需要权限的接口

由于test帐号并没有设置任何权限,所以他无法访问具有pms:brand:read权限的获取品牌列表接口。

改用其他有权限的帐号登录

改用admin 123456登录后访问,点击Authorize按钮打开弹框,点击logout登出后再重新输入新token。

项目源码地址

https://github.com/macrozheng/mall-learning/tree/master/mall-tiny-04

推荐阅读


    您可能也对以下帖子感兴趣

    文章有问题?点此查看未经处理的缓存