From 4d36d8aefeed23d07ab51563998a0514cbefb8b6 Mon Sep 17 00:00:00 2001 From: wuy <1311695042@qq.com> Date: Fri, 21 Feb 2020 23:10:40 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8Dshiro2.0.3=E7=BB=84=E4=BB=B6b?= =?UTF-8?q?ug?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- build.gradle | 21 ++--- diboot-shiro/build.gradle | 9 ++- .../com/diboot/shiro/config/AuthType.java | 3 +- .../controller/PermissionController.java | 12 +-- .../shiro/controller/RoleController.java | 6 +- .../shiro/mapper/RolePermissionMapper.xml | 4 +- .../impl/RolePermissionServiceImpl.java | 2 +- .../shiro/service/impl/RoleServiceImpl.java | 2 +- .../service/impl/SysUserServiceImpl.java | 8 +- .../UsernameNoPasswordAuthWayServiceImpl.java | 80 +++++++++++++++++++ .../java/com/diboot/shiro/util/JwtHelper.java | 12 ++- 11 files changed, 122 insertions(+), 37 deletions(-) create mode 100644 diboot-shiro/src/main/java/com/diboot/shiro/service/impl/UsernameNoPasswordAuthWayServiceImpl.java diff --git a/build.gradle b/build.gradle index 2df9930..b3c257b 100644 --- a/build.gradle +++ b/build.gradle @@ -3,8 +3,10 @@ buildscript { springBootVersion = '2.2.1.RELEASE' } repositories { - mavenLocal() //优先查找本地maven库,性能最好 - maven{ url 'http://maven.aliyun.com/nexus/content/groups/public/'} +// mavenLocal() //优先查找本地maven库,性能最好 + maven { url 'http://maven.diboot.com/repository/diboot' } + maven { url 'http://maven.aliyun.com/nexus/content/groups/public/' } + } dependencies { classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}") @@ -26,11 +28,12 @@ subprojects { sourceCompatibility = 1.8 targetCompatibility = 1.8 - - [compileJava,compileTestJava,javadoc]*.options*.encoding = 'UTF-8' + + [compileJava, compileTestJava, javadoc]*.options*.encoding = 'UTF-8' repositories { - mavenLocal() //优先查找本地maven库,性能最好 - maven{ url 'http://maven.aliyun.com/nexus/content/groups/public/'} +// mavenLocal() //优先查找本地maven库,性能最好 + maven { url 'http://maven.diboot.com/repository/diboot' } + maven { url 'http://maven.aliyun.com/nexus/content/groups/public/' } } ext {//依赖版本 springBootVersion = "2.2.1.RELEASE" @@ -42,7 +45,7 @@ subprojects { } dependencies { // Gradle 5.0及以上版本,使用如下方式 -// annotationProcessor("org.projectlombok:lombok:$lombokVersion") + annotationProcessor("org.projectlombok:lombok:$lombokVersion") //gradle 5.0版本以下,使用如下方式 compileOnly("org.projectlombok:lombok:$lombokVersion") @@ -60,9 +63,9 @@ subprojects { compile("org.hibernate.validator:hibernate-validator:$validatorVersion") // Apache Commons compile("org.apache.commons:commons-lang3:3.8.1", - // "commons-fileupload:commons-fileupload:1.3.3", + // "commons-fileupload:commons-fileupload:1.3.3", "commons-io:commons-io:2.6") - + // 单元测试 testCompile("org.springframework.boot:spring-boot-starter-test:$springBootVersion") testCompile("junit:junit:4.12") diff --git a/diboot-shiro/build.gradle b/diboot-shiro/build.gradle index 1789b37..28cc26a 100644 --- a/diboot-shiro/build.gradle +++ b/diboot-shiro/build.gradle @@ -1,7 +1,8 @@ dependencies { - compile project(":diboot-core") - + compile 'com.diboot:diboot-core-spring-boot-starter:2.0.3-RC1' +// compile("com.diboot:diboot-core-spring-boot-starter:2.0.3-RC3") + compile("org.apache.shiro:shiro-spring:1.4.1") compile("org.aspectj:aspectjweaver") compile("com.auth0:java-jwt:3.4.1", @@ -9,6 +10,10 @@ dependencies { testCompile group: 'junit', name: 'junit', version: '4.12' } +group 'com.diboot' +version '2.0.3' +apply plugin: 'idea' +jar.enabled = true sourceSets { main { diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/config/AuthType.java b/diboot-shiro/src/main/java/com/diboot/shiro/config/AuthType.java index 620b96e..f922453 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/config/AuthType.java +++ b/diboot-shiro/src/main/java/com/diboot/shiro/config/AuthType.java @@ -15,7 +15,8 @@ public enum AuthType { USERNAME_PASSWORD(1, true, "账号密码"), WX_MP(2, false, "公众号"), - WX_CP(3, false, "企业微信"); + WX_CP(3, false, "企业微信"), + WX_USERNAME_NO_PASSWORD(4, false, "微信绑定,用户免密登录"),; private int code; private boolean requirePassword; diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/controller/PermissionController.java b/diboot-shiro/src/main/java/com/diboot/shiro/controller/PermissionController.java index 17a1daa..910ea33 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/controller/PermissionController.java +++ b/diboot-shiro/src/main/java/com/diboot/shiro/controller/PermissionController.java @@ -54,7 +54,7 @@ public class PermissionController extends BaseCrudRestController { @GetMapping("/list") @AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表") public JsonResult getVOList(PermissionDto permissionDto, Pagination pagination, HttpServletRequest request) throws Exception{ - QueryWrapper queryWrapper = super.buildQueryWrapper(permissionDto, request); + QueryWrapper queryWrapper = super.buildQueryWrapper(permissionDto); // 查询当前页的Entity主表数据 List entityList = permissionService.getPermissionList(queryWrapper, pagination); return new JsonResult(Status.OK, entityList).bindPagination(pagination); @@ -81,13 +81,13 @@ public class PermissionController extends BaseCrudRestController { */ @PostMapping("/") @AuthorizationWrapper(value = @RequiresPermissions("create"), name = "新建") - public JsonResult createEntity(@ModelAttribute PermissionVO viewObject, HttpServletRequest request) + public JsonResult createEntity(@ModelAttribute PermissionVO viewObject, HttpServletRequest request, BindingResult result) throws Exception{ // 转换 Permission entity = BeanUtils.convert(viewObject, Permission.class); // 创建 entity.setApplication(systemParamConfig.getApplication()); - return super.createEntity(entity, request); + return super.createEntity(entity, result); } /*** @@ -99,9 +99,9 @@ public class PermissionController extends BaseCrudRestController { @PutMapping("/{id}") @AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新") public JsonResult updateModel(@PathVariable("id")Long id, @ModelAttribute Permission entity, - HttpServletRequest request) throws Exception{ + HttpServletRequest request, BindingResult result) throws Exception{ entity.setApplication(systemParamConfig.getApplication()); - return super.updateEntity(id, entity, request); + return super.updateEntity(entity, result); } /*** @@ -113,7 +113,7 @@ public class PermissionController extends BaseCrudRestController { @DeleteMapping("/{id}") @AuthorizationWrapper(value = @RequiresPermissions("delete"), name = "删除") public JsonResult deleteModel(@PathVariable("id")Long id, HttpServletRequest request) throws Exception{ - return super.deleteEntity(id, request); + return super.deleteEntity(id); } @Override diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/controller/RoleController.java b/diboot-shiro/src/main/java/com/diboot/shiro/controller/RoleController.java index 72d1c2a..13c4fef 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/controller/RoleController.java +++ b/diboot-shiro/src/main/java/com/diboot/shiro/controller/RoleController.java @@ -62,7 +62,7 @@ public class RoleController extends BaseCrudRestController { @GetMapping("/list") @AuthorizationWrapper(value = @RequiresPermissions("list"), name = "列表") public JsonResult getVOList(RoleDto roleDto, Pagination pagination, HttpServletRequest request) throws Exception{ - QueryWrapper queryWrapper = super.buildQueryWrapper(roleDto, request); + QueryWrapper queryWrapper = super.buildQueryWrapper(roleDto); // 获取结果 List voList = roleService.getRoleList(queryWrapper, pagination); // 返回结果 @@ -92,10 +92,6 @@ public class RoleController extends BaseCrudRestController { @AuthorizationWrapper(value = @RequiresPermissions("update"), name = "更新") public JsonResult updateModel(@PathVariable("id")Long id, @RequestBody Role entity, BindingResult result, HttpServletRequest request) throws Exception{ - // Model属性值验证结果 - if(result.hasErrors()) { - return new JsonResult(Status.FAIL_INVALID_PARAM, V.getBindingError(result)); - } entity.setId(id); roleService.updateRole(entity); return new JsonResult(Status.OK); diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/mapper/RolePermissionMapper.xml b/diboot-shiro/src/main/java/com/diboot/shiro/mapper/RolePermissionMapper.xml index 57795c9..dffb780 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/mapper/RolePermissionMapper.xml +++ b/diboot-shiro/src/main/java/com/diboot/shiro/mapper/RolePermissionMapper.xml @@ -12,8 +12,8 @@ AND role_id = #{ew.roleId} - - AND user_type = #{ew.userType} + + AND permission_id = #{ew.permissionId} diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RolePermissionServiceImpl.java b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RolePermissionServiceImpl.java index 181860e..adf91b0 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RolePermissionServiceImpl.java +++ b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RolePermissionServiceImpl.java @@ -51,7 +51,7 @@ public class RolePermissionServiceImpl extends BaseServiceImpl criteria = new HashMap(){{ put("roleId", entity.getRoleId()); - put("permissionId", entity.getId()); + put("permissionId", entity.getPermissionId()); }}; deletePhysics(criteria); } diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RoleServiceImpl.java b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RoleServiceImpl.java index 1ae65d7..28a1b70 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RoleServiceImpl.java +++ b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/RoleServiceImpl.java @@ -317,7 +317,7 @@ public class RoleServiceImpl extends BaseServiceImpl implement role.getPermissionList() .stream() .forEach(permission -> { - if (!dbPermissionIdBuffer.toString().contains(S.join("_", role.getId(), "_"))) { + if (!dbPermissionIdBuffer.toString().contains(S.join("_", permission.getId(), "_"))) { RolePermission entity = new RolePermission(); entity.setRoleId(role.getId()); entity.setPermissionId(permission.getId()); diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/SysUserServiceImpl.java b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/SysUserServiceImpl.java index 25ca0b9..43b6bfe 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/SysUserServiceImpl.java +++ b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/SysUserServiceImpl.java @@ -147,10 +147,12 @@ public class SysUserServiceImpl extends BaseServiceImpl put("userId", sysUser.getId()); put("userType", iUserType.getType()); }}; - - if (!userRoleService.deletePhysics(criteria)) { - throw new ShiroCustomException(Status.FAIL_VALIDATION, "删除用户失败!"); + try { + userRoleService.deletePhysics(criteria); + } catch (Exception e) { + log.error("删除用户绑定角色失败!"); } + return true; } diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/UsernameNoPasswordAuthWayServiceImpl.java b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/UsernameNoPasswordAuthWayServiceImpl.java new file mode 100644 index 0000000..c72c17b --- /dev/null +++ b/diboot-shiro/src/main/java/com/diboot/shiro/service/impl/UsernameNoPasswordAuthWayServiceImpl.java @@ -0,0 +1,80 @@ +package com.diboot.shiro.service.impl; + +import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; +import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; +import com.baomidou.mybatisplus.core.toolkit.Wrappers; +import com.diboot.core.util.V; +import com.diboot.shiro.config.AuthType; +import com.diboot.shiro.entity.SysUser; +import com.diboot.shiro.jwt.BaseJwtAuthenticationToken; +import com.diboot.shiro.service.AuthWayService; +import com.diboot.shiro.service.SysUserService; +import com.diboot.shiro.util.AuthHelper; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.List; + +/*** + * 用户名无密码认证实现 + * @author Yangzhao + * @version v2.0 + * @date 2019/6/6 + */ +@Service +public class UsernameNoPasswordAuthWayServiceImpl implements AuthWayService { + + private final Logger logger = LoggerFactory.getLogger(UsernameNoPasswordAuthWayServiceImpl.class); + + @Autowired + private SysUserService sysUserService; + + private AuthType authType = AuthType.WX_USERNAME_NO_PASSWORD; + + private BaseJwtAuthenticationToken token; + + @Override + public AuthType authType() { + return authType; + } + + @Override + public void initByToken(BaseJwtAuthenticationToken token) { + this.token = token; + } + + @Override + public SysUser getUser() { + logger.debug("【获取用户】==>当前登陆用户类型 - {},- 账号{}", token.getIUserType().getType(), token.getAccount()); + LambdaQueryWrapper query = Wrappers.lambdaQuery() + .eq(SysUser::getUsername, token.getAccount()) + .eq(SysUser::getUserType, token.getIUserType().getType()); + List userList = sysUserService.getEntityList(query); + if (V.isEmpty(userList)){ + return null; + } + return userList.get(0); + } + + @Override + public boolean requirePassword() { + return authType.isRequirePassword(); + } + + @Override + public boolean isPasswordMatch() { + return true; + } + + @Override + public boolean isPreliminaryVerified() { + return false; + } + + @Override + public Long getExpiresInMinutes() { + return null; + } +} diff --git a/diboot-shiro/src/main/java/com/diboot/shiro/util/JwtHelper.java b/diboot-shiro/src/main/java/com/diboot/shiro/util/JwtHelper.java index afd59d3..f585508 100644 --- a/diboot-shiro/src/main/java/com/diboot/shiro/util/JwtHelper.java +++ b/diboot-shiro/src/main/java/com/diboot/shiro/util/JwtHelper.java @@ -22,13 +22,11 @@ import java.util.Date; public class JwtHelper { private static final Logger logger = LoggerFactory.getLogger(JwtHelper.class); - private static final String ISSUER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.issuer")) ? BaseConfig.getProperty("diboot.shiro.jwt.issuer") : "diboot.com"; - private static final String AUTH_HEADER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key")) ? BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key") : "authtoken"; - private static final String TOKEN_PREFIX = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.prefix")) ? BaseConfig.getProperty("diboot.shiro.jwt.token.prefix") : "Bearer "; - public static final String SIGN_KEY = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.signkey"))? BaseConfig.getProperty("diboot.shiro.jwt.signkey") : "Dibo2016Mazc"; - - // 默认过期时间 2小时 - public static final int EXPIRES_IN_MINUTES = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours")) ? Integer.valueOf(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours")) * 60 : 2 * 60; + private static final String ISSUER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.issuer", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.issuer", new String[0]) : "diboot.com"; + private static final String AUTH_HEADER = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.authz.header.key", new String[0]) : "authtoken"; + private static final String TOKEN_PREFIX = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.prefix", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.token.prefix", new String[0]) : "Bearer "; + public static final String SIGN_KEY = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.signkey", new String[0])) ? BaseConfig.getProperty("diboot.shiro.jwt.signkey", new String[0]) : "Dibo2016Mazc"; + public static final int EXPIRES_IN_MINUTES = V.notEmpty(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours", new String[0])) ? Integer.valueOf(BaseConfig.getProperty("diboot.shiro.jwt.token.expires.hours", new String[0])) * 60 : 120; private static final SignatureAlgorithm SIGNATURE_ALGORITHM = SignatureAlgorithm.HS256; /***