mall整合SpringSecurity和JWT實(shí)現(xiàn)認(rèn)證和授權(quán)（二）

印度阿三17 2021-01-14

展開(kāi)全文

接上一篇，controller和service層的代碼實(shí)現(xiàn)及登錄授權(quán)流程演示。

登錄注冊(cè)功能實(shí)現(xiàn)

添加UmsAdminController類

實(shí)現(xiàn)了后臺(tái)用戶登錄、注冊(cè)及獲取權(quán)限的接口

package com.macro.mall.tiny.controller;
import com.macro.mall.tiny.common.api.CommonResult;
import com.macro.mall.tiny.dto.UmsAdminLoginParam;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import com.macro.mall.tiny.service.UmsAdminService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
* 后臺(tái)用戶管理
* Created by macro on 2018/4/26.
*/
@Controller
@Api(tags = "UmsAdminController", description = "后臺(tái)用戶管理")
@RequestMapping("/admin")
public class UmsAdminController {
? ?@Autowired
? ?private UmsAdminService adminService;
? ?@Value("${jwt.tokenHeader}")
? ?private String tokenHeader;
? ?@Value("${jwt.tokenHead}")
? ?private String tokenHead;
? ?@ApiOperation(value = "用戶注冊(cè)")
? ?@RequestMapping(value = "/register", method = RequestMethod.POST)
? ?@ResponseBody
? ?public CommonResult<UmsAdmin> register(@RequestBody UmsAdmin umsAdminParam, BindingResult result) {
? ? ? ?UmsAdmin umsAdmin = adminService.register(umsAdminParam);
? ? ? ?if (umsAdmin == null) {
? ? ? ? ? ?CommonResult.failed();
? ? ? ?}
? ? ? ?return CommonResult.success(umsAdmin);
? ?}
? ?@ApiOperation(value = "登錄以后返回token")
? ?@RequestMapping(value = "/login", method = RequestMethod.POST)
? ?@ResponseBody
? ?public CommonResult login(@RequestBody UmsAdminLoginParam umsAdminLoginParam, BindingResult result) {
? ? ? ?String token = adminService.login(umsAdminLoginParam.getUsername(), umsAdminLoginParam.getPassword());
? ? ? ?if (token == null) {
? ? ? ? ? ?return CommonResult.validateFailed("用戶名或密碼錯(cuò)誤");
? ? ? ?}
? ? ? ?Map<String, String> tokenMap = new HashMap<>();
? ? ? ?tokenMap.put("token", token);
? ? ? ?tokenMap.put("tokenHead", tokenHead);
? ? ? ?return CommonResult.success(tokenMap);
? ?}
? ?@ApiOperation("獲取用戶所有權(quán)限（包括 -權(quán)限）")
? ?@RequestMapping(value = "/permission/{adminId}", method = RequestMethod.GET)
? ?@ResponseBody
? ?public CommonResult<List<UmsPermission>> getPermissionList(@PathVariable Long adminId) {
? ? ? ?List<UmsPermission> permissionList = adminService.getPermissionList(adminId);
? ? ? ?return CommonResult.success(permissionList);
? ?}
}

添加UmsAdminService接口

package com.macro.mall.tiny.service;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import java.util.List;
/**
* 后臺(tái)管理員Service
* Created by macro on 2018/4/26.
*/
public interface UmsAdminService {
? ?/**
? ? * 根據(jù)用戶名獲取后臺(tái)管理員
? ? */
? ?UmsAdmin getAdminByUsername(String username);
? ?/**
? ? * 注冊(cè)功能
? ? */
? ?UmsAdmin register(UmsAdmin umsAdminParam);
? ?/**
? ? * 登錄功能
? ? * @param username 用戶名
? ? * @param password 密碼
? ? * @return 生成的JWT的token
? ? */
? ?String login(String username, String password);
? ?/**
? ? * 獲取用戶所有權(quán)限（包括角色權(quán)限和 -權(quán)限）
? ? */
? ?List<UmsPermission> getPermissionList(Long adminId);
}

添加UmsAdminServiceImpl類

package com.macro.mall.tiny.service.impl;
import com.macro.mall.tiny.common.utils.JwtTokenUtil;
import com.macro.mall.tiny.dao.UmsAdminRoleRelationDao;
import com.macro.mall.tiny.dto.UmsAdminLoginParam;
import com.macro.mall.tiny.mbg.mapper.UmsAdminMapper;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsAdminExample;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import com.macro.mall.tiny.service.UmsAdminService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.Date;
import java.util.List;
/**
* UmsAdminService實(shí)現(xiàn)類
* Created by macro on 2018/4/26.
*/
@Service
public class UmsAdminServiceImpl implements UmsAdminService {
? ?private static final Logger LOGGER = LoggerFactory.getLogger(UmsAdminServiceImpl.class);
? ?@Autowired
? ?private UserDetailsService userDetailsService;
? ?@Autowired
? ?private JwtTokenUtil jwtTokenUtil;
? ?@Autowired
? ?private PasswordEncoder passwordEncoder;
? ?@Value("${jwt.tokenHead}")
? ?private String tokenHead;
? ?@Autowired
? ?private UmsAdminMapper adminMapper;
? ?@Autowired
? ?private UmsAdminRoleRelationDao adminRoleRelationDao;
? ?@Override
? ?public UmsAdmin getAdminByUsername(String username) {
? ? ? ?UmsAdminExample example = new UmsAdminExample();
? ? ? ?example.createCriteria().andUsernameEqualTo(username);
? ? ? ?List<UmsAdmin> adminList = adminMapper.selectByExample(example);
? ? ? ?if (adminList != null && adminList.size() > 0) {
? ? ? ? ? ?return adminList.get(0);
? ? ? ?}
? ? ? ?return null;
? ?}
? ?@Override
? ?public UmsAdmin register(UmsAdmin umsAdminParam) {
? ? ? ?UmsAdmin umsAdmin = new UmsAdmin();
? ? ? ?BeanUtils.copyProperties(umsAdminParam, umsAdmin);
? ? ? ?umsAdmin.setCreateTime(new Date());
? ? ? ?umsAdmin.setStatus(1);
? ? ? ?//查詢是否有相同用戶名的用戶
? ? ? ?UmsAdminExample example = new UmsAdminExample();
? ? ? ?example.createCriteria().andUsernameEqualTo(umsAdmin.getUsername());
? ? ? ?List<UmsAdmin> umsAdminList = adminMapper.selectByExample(example);
? ? ? ?if (umsAdminList.size() > 0) {
? ? ? ? ? ?return null;
? ? ? ?}
? ? ? ?//將密碼進(jìn)行加密操作
? ? ? ?String encodePassword = passwordEncoder.encode(umsAdmin.getPassword());
? ? ? ?umsAdmin.setPassword(encodePassword);
? ? ? ?adminMapper.insert(umsAdmin);
? ? ? ?return umsAdmin;
? ?}
? ?@Override
? ?public String login(String username, String password) {
? ? ? ?String token = null;
? ? ? ?try {
? ? ? ? ? ?UserDetails userDetails = userDetailsService.loadUserByUsername(username);
? ? ? ? ? ?if (!passwordEncoder.matches(password, userDetails.getPassword())) {
? ? ? ? ? ? ? ?throw new BadCredentialsException("密碼不正確");
? ? ? ? ? ?}
? ? ? ? ? ?UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
? ? ? ? ? ?SecurityContextHolder.getContext().setAuthentication(authentication);
? ? ? ? ? ?token = jwtTokenUtil.generateToken(userDetails);
? ? ? ?} catch (AuthenticationException e) {
? ? ? ? ? ?LOGGER.warn("登錄異常:{}", e.getMessage());
? ? ? ?}
? ? ? ?return token;
? ?}
? ?@Override
? ?public List<UmsPermission> getPermissionList(Long adminId) {
? ? ? ?return adminRoleRelationDao.getPermissionList(adminId);
? ?}
}

修改Swagger的配置

通過(guò)修改配置實(shí)現(xiàn)調(diào)用接口自帶Authorization頭，這樣就可以訪問(wèn)需要登錄的接口了。

package com.macro.mall.tiny.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.ArrayList;
import java.util.List;
/**
* Swagger2API文檔的配置
*/
@Configuration
@EnableSwagger2
public class Swagger2Config {
? ?@Bean
? ?public Docket createRestApi(){
? ? ? ?return new Docket(DocumentationType.SWAGGER_2)
? ? ? ? ? ? ? ?.apiInfo(apiInfo())
? ? ? ? ? ? ? ?.select()
? ? ? ? ? ? ? ?//為當(dāng)前包下controller生成API文檔
? ? ? ? ? ? ? ?.apis(RequestHandlerSelectors.basePackage("com.macro.mall.tiny.controller"))
? ? ? ? ? ? ? ?.paths(PathSelectors.any())
? ? ? ? ? ? ? ?.build()
? ? ? ? ? ? ? ?//添加登錄認(rèn)證
? ? ? ? ? ? ? ?.securitySchemes(securitySchemes())
? ? ? ? ? ? ? ?.securityContexts(securityContexts());
? ?}
? ?private ApiInfo apiInfo() {
? ? ? ?return new ApiInfoBuilder()
? ? ? ? ? ? ? ?.title("SwaggerUI演示")
? ? ? ? ? ? ? ?.description("mall-tiny")
? ? ? ? ? ? ? ?.contact("macro")
? ? ? ? ? ? ? ?.version("1.0")
? ? ? ? ? ? ? ?.build();
? ?}
? ?private List<ApiKey> securitySchemes() {
? ? ? ?//設(shè)置請(qǐng)求頭信息
? ? ? ?List<ApiKey> result = new ArrayList<>();
? ? ? ?ApiKey apiKey = new ApiKey("Authorization", "Authorization", "header");
? ? ? ?result.add(apiKey);
? ? ? ?return result;
? ?}
? ?private List<SecurityContext> securityContexts() {
? ? ? ?//設(shè)置需要登錄認(rèn)證的路徑
? ? ? ?List<SecurityContext> result = new ArrayList<>();
? ? ? ?result.add(getContextByPath("/brand/.*"));
? ? ? ?return result;
? ?}
? ?private SecurityContext getContextByPath(String pathRegex){
? ? ? ?return SecurityContext.builder()
? ? ? ? ? ? ? ?.securityReferences(defaultAuth())
? ? ? ? ? ? ? ?.forPaths(PathSelectors.regex(pathRegex))
? ? ? ? ? ? ? ?.build();
? ?}
? ?private List<SecurityReference> defaultAuth() {
? ? ? ?List<SecurityReference> result = new ArrayList<>();
? ? ? ?AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
? ? ? ?AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
? ? ? ?authorizationScopes[0] = authorizationScope;
? ? ? ?result.add(new SecurityReference("Authorization", authorizationScopes));
? ? ? ?return result;
? ?}
}

給PmsBrandController接口中的方法添加訪問(wèn)權(quán)限

給查詢接口添加pms:brand:read權(quán)限
給修改接口添加pms:brand:update權(quán)限
給刪除接口添加pms:brand:delete權(quán)限
給添加接口添加pms:brand:create權(quán)限

例子：

@PreAuthorize("hasAuthority('pms:brand:read')")public?CommonResult<List<PmsBrand>>?getBrandList()?{????return?CommonResult.success(brandService.listAllBrand());}

認(rèn)證與授權(quán)流程演示

運(yùn)行項(xiàng)目，訪問(wèn)API

Swagger api地址：http://localhost:8080/swagger-ui.html

未登錄前訪問(wèn)接口

登錄后訪問(wèn)接口

進(jìn)行登錄操作：登錄賬號(hào)test 123456

點(diǎn)擊Authorize按鈕，在彈框中輸入登錄接口中獲取到的token信息

登錄后訪問(wèn)獲取權(quán)限列表接口，發(fā)現(xiàn)已經(jīng)可以正常訪問(wèn)

訪問(wèn)需要權(quán)限的接口

由于test賬號(hào)并沒(méi)有設(shè)置任何權(quán)限，所以他無(wú)法訪問(wèn)具有pms:brand:read權(quán)限的獲取品牌列表接口。

改用其他有權(quán)限的賬號(hào)登錄

改用admin 123456登錄后訪問(wèn)，點(diǎn)擊Authorize按鈕打開(kāi)彈框,點(diǎn)擊logout登出后再重新輸入新token。

來(lái)源：https://www./content-4-821551.html

本站是提供個(gè)人知識(shí)管理的網(wǎng)絡(luò)存儲(chǔ)空間，所有內(nèi)容均由用戶發(fā)布，不代表本站觀點(diǎn)。請(qǐng)注意甄別內(nèi)容中的聯(lián)系方式、誘導(dǎo)購(gòu)買等信息，謹(jǐn)防詐騙。如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容，請(qǐng)點(diǎn)擊一鍵舉報(bào)。

电竞比分网-中国电竞赛事及体育赛事平台