sx/map
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

das项目结构修改

Browse Source
This commit is contained in:
chenhaojie 2024-06-21 08:31:44 +08:00
parent 642aa94e52
commit 5ec97d6f97
15 changed files with 293 additions and 176 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
das/src/main/java/com/das/common/config/AesProperties.java Normal file
View File

@ -0,0 +1,23 @@
package com.das.common.config;
import lombok.Data;
import lombok.Getter;
import lombok.Setter;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
/**
* @author zb
* @Description
*/
@Component
@Getter
@Setter
@ConfigurationProperties(prefix = "aes")
public class AesProperties {
/**
* token 请求头
*/
private String aeskey;
}

38
das/src/main/java/com/das/common/config/SaTokenProperties.java Normal file
View File

@ -0,0 +1,38 @@
package com.das.common.config;
import lombok.Getter;
import lombok.Setter;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
/**
* @author zb
* @Description
*/
@Component
@Getter
@Setter
@ConfigurationProperties(prefix = "sa-token")
public class SaTokenProperties {
/**
* token 请求头
*/
private String tokenHeader;
/**
* token前缀
*/
private String tokenPrefix;
/**
* token过期时间,单位 默认 2个小时
*/
private Integer expireTime;
/**
* 刷新token过期时间,单位 默认 7
*/
private Integer refreshExpireTime;
}

25
das/src/main/java/com/das/common/config/WebConfig.java
View File

@ -1,25 +0,0 @@
package com.das.common.config;
import com.das.common.interceptor.TokenInterceptor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class WebConfig implements WebMvcConfigurer {
@Bean
public TokenInterceptor getTokenInterceptor() {
return new TokenInterceptor();
}
@Override
public void addInterceptors(InterceptorRegistry registry) {
// 将Token拦截器添加到注册表中
registry.addInterceptor(getTokenInterceptor())
// 可以指定拦截哪些路径例如"/api/**"表示所有以/api开头的路径
// .addPathPatterns("/api/**");
// 排除不需要拦截的路径
.excludePathPatterns("/api/**");
}
}

103
das/src/main/java/com/das/common/interceptor/DecryptingOncePerRequestFilter.java Normal file
View File

@ -0,0 +1,103 @@
package com.das.common.interceptor;
import cn.hutool.core.codec.Base64;
import cn.hutool.crypto.Mode;
import cn.hutool.crypto.Padding;
import cn.hutool.crypto.symmetric.AES;
import com.das.common.config.AesProperties;
import com.das.common.utils.AESUtil;
import io.micrometer.common.util.StringUtils;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequestWrapper;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.filter.OncePerRequestFilter;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import java.io.*;
import java.nio.charset.Charset;
public class DecryptingOncePerRequestFilter extends OncePerRequestFilter {
// @Autowired
// AESUtil aesUtils;
//
// @Autowired
// AesProperties aesProperties;
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
// 读取加密的请求体数据
String iv = request.getHeader("v");
String encryptedData = readRequestBody(request);
if (StringUtils.isNotBlank(encryptedData)) {
String key = "b6967ee87b86d85a";
AES aes = new AES(Mode.CBC, Padding.ZeroPadding, key.getBytes(), iv.getBytes());
encryptedData = aes.decryptStr(Base64.decode(encryptedData), Charset.forName("UTF-8"));
// 使用自定义的请求包装器替换原始请求
filterChain.doFilter(new DecryptingHttpServletRequestWrapper(request, encryptedData), response);
}
}
private String readRequestBody(HttpServletRequest request) throws IOException {
StringBuilder stringBuilder = new StringBuilder();
try (BufferedReader reader = request.getReader()) {
String line;
while ((line = reader.readLine()) != null) {
stringBuilder.append(line);
}
}
return stringBuilder.toString();
}
// 自定义的请求包装器
static class DecryptingHttpServletRequestWrapper extends HttpServletRequestWrapper {
private final String decryptedData;
public DecryptingHttpServletRequestWrapper(HttpServletRequest request, String decryptedData) {
super(request);
this.decryptedData = decryptedData;
}
@Override
public ServletInputStream getInputStream() throws IOException {
final ByteArrayInputStream bais = new ByteArrayInputStream(decryptedData.getBytes("UTF-8"));
return new ServletInputStream() {
@Override
public boolean isFinished() {
return false;
}
@Override
public boolean isReady() {
return false;
}
@Override
public void setReadListener(ReadListener listener) {
}
@Override
public int read() throws IOException {
return bais.read();
}
};
}
@Override
public BufferedReader getReader() throws IOException {
return new BufferedReader(new InputStreamReader(getInputStream()));
}
}
}

25
das/src/main/java/com/das/common/interceptor/FilterConfig.java Normal file
View File

@ -0,0 +1,25 @@
package com.das.common.interceptor;
import com.das.common.config.AesProperties;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
/**
* @author
*/
@Configuration
public class FilterConfig {
@Bean
public FilterRegistrationBean decryptingFilterRegistration() {
FilterRegistrationBean registrationBean = new FilterRegistrationBean();
//注册过滤器
registrationBean.setFilter(new DecryptingOncePerRequestFilter());
registrationBean.addUrlPatterns("/*"); // 设置过滤器应用的URL模式
registrationBean.setOrder(1); // 设置过滤器的顺序
return registrationBean;
}
}

54
das/src/main/java/com/das/common/interceptor/TokenInterceptor.java
View File

@ -1,54 +0,0 @@
package com.das.common.interceptor;
import com.das.common.utils.AESUtil;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.servlet.HandlerInterceptor;
public class TokenInterceptor implements HandlerInterceptor {
@Resource
private AESUtil aesUtil;
private static String key;
@Value("${aesKey}")
public void setKey(String key){
TokenInterceptor.key = key;
}
// 示例Token验证方法需要根据实际情况实现
private boolean validateToken(String token) {
// 实现Token验证逻辑
// ...
return true; // 假设Token总是有效的实际应进行真实验证
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
String param = request.getParameter("param");
// 从请求头中获取Token
// String token = request.getHeader("token");
// 从请求头中获取向量IV
String iv = request.getHeader("v");
// 先解密token
// AESUtil.decrypt(token, iv);
// 解密参数
aesUtil.decrypt(key, param, iv);
System.out.println(aesUtil.decrypt(key ,param, iv));
request.setAttribute("param", aesUtil.decrypt(key,param, iv));
return true;
// if (token != null && validateToken(token)) {
// // Token有效继续处理请求
// return true;
// } else {
// // Token无效可以设置响应状态并返回错误信息
// response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
// response.getWriter().write("Unauthorized");
// return false; // 阻止请求继续
// }
}
}

4
das/src/main/java/com/das/modules/auth/controller/CaptchaImageController.java
View File

@ -20,7 +20,7 @@ import org.springframework.web.bind.annotation.RestController;
* @Description 获取验证码
*/
@Slf4j
@RequestMapping("/api")
@RequestMapping("/api/captcha")
@RestController
public class CaptchaImageController {
@Resource
@ -28,7 +28,7 @@ public class CaptchaImageController {
@Resource
private CaptchaProperties captchaProperties;
@Value("${aesKey}")
@Value("${aes.Key}")
String key;
@Resource
private AdminRedisTemplate adminRedisTemplate;

20
das/src/main/java/com/das/modules/auth/controller/LoginController.java
View File

@ -2,20 +2,18 @@ package com.das.modules.auth.controller;
import com.das.common.result.R;
import com.das.modules.auth.domain.LoginUserDetails;
import com.das.modules.auth.domain.request.LoginRequest;
import com.das.modules.auth.domain.vo.LoginVO;
import com.das.modules.auth.service.ILoginService;
import com.fasterxml.jackson.core.JsonProcessingException;
import io.micrometer.common.util.StringUtils;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import jakarta.validation.constraints.NotEmpty;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
/**
@ -28,7 +26,7 @@ import org.springframework.web.bind.annotation.RestController;
public class LoginController {
@Resource
private ILoginService loginService;
@Value("${aesKey}")
@Value("${aes.Key}")
String key;
@ -37,9 +35,13 @@ public class LoginController {
* @return 退出结果提示信息
*/
@PostMapping("/login")
public R<LoginUserDetails> login(@RequestParam String param, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException {
LoginUserDetails loginInfo = loginService.login(param,request, response);
public R<LoginUserDetails> login(@RequestBody LoginRequest loginRequest, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException {
LoginUserDetails loginInfo = loginService.login(loginRequest,request, response);
if (StringUtils.isNotEmpty(loginInfo.getMsg())){
return R.fail(loginInfo.getMsg());
}
return R.success(loginInfo);
}
/**
@ -58,7 +60,7 @@ public class LoginController {
@PostMapping("/refreshToken")
public R<LoginVO> refreshToken(@NotEmpty(message = "刷新token不允许为空") @RequestParam("refreshToken")String refreshToken){
LoginVO loginVO = loginService.refreshToken(refreshToken);
return R.data(loginVO);
return R.success(loginVO);
}

5
das/src/main/java/com/das/modules/auth/domain/LoginUserDetails.java
View File

@ -6,7 +6,7 @@ import lombok.Data;
import java.io.Serializable;
/**
* @author zb
* @author chenhaojie
* @Description
*/
@Data
@ -16,6 +16,9 @@ public class LoginUserDetails implements Serializable {
private SysUserVo sysUser;
private String msg;
private String refreshToken;
private String token;

10
das/src/main/java/com/das/modules/auth/domain/vo/LoginVO.java
View File

@ -23,6 +23,9 @@ public class LoginVO implements Serializable {
*/
private String refreshToken;
private String msg;
/**
*过期时间
*/
@ -30,6 +33,13 @@ public class LoginVO implements Serializable {
public LoginVO(){}
public LoginVO(String accessToken, String refreshToken , Integer expire, String msg){
this.refreshToken = refreshToken;
this.accessToken = accessToken;
this.expire = expire;
this.msg = msg;
}
public LoginVO(String accessToken, String refreshToken , Integer expire){
this.refreshToken = refreshToken;
this.accessToken = accessToken;

3
das/src/main/java/com/das/modules/auth/service/ILoginService.java
View File

@ -2,6 +2,7 @@ package com.das.modules.auth.service;
import com.das.modules.auth.domain.LoginUserDetails;
import com.das.modules.auth.domain.request.LoginRequest;
import com.das.modules.auth.domain.vo.LoginVO;
import com.fasterxml.jackson.core.JsonProcessingException;
import jakarta.servlet.http.HttpServletRequest;
@ -20,7 +21,7 @@ public interface ILoginService {
* @param data 登录请求
* @return 登录成功
*/
LoginUserDetails login(String data, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException;
LoginUserDetails login(LoginRequest loginRequest, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException;
/**
* 退出登录

108
das/src/main/java/com/das/modules/auth/service/impl/LoginServiceImpl.java
View File

@ -1,9 +1,12 @@
package com.das.modules.auth.service.impl;
import cn.dev33.satoken.secure.BCrypt;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.util.IdUtil;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.das.common.captcha.CaptchaUtil;
import com.das.common.config.SaTokenProperties;
import com.das.common.exceptions.ServiceException;
import com.das.common.utils.AESUtil;
import com.das.common.utils.AdminRedisTemplate;
@ -23,6 +26,8 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import java.time.Duration;
/**
* @author chenhaojie
* @Description
@ -30,6 +35,8 @@ import org.springframework.stereotype.Service;
@Service
public class LoginServiceImpl implements ILoginService {
@Resource
private SaTokenProperties saTokenProperties;
@Resource
private SysUserMapper sysUserMapper;
@ -39,54 +46,43 @@ public class LoginServiceImpl implements ILoginService {
@Resource
private AESUtil aesUtil;
@Value("${aesKey}")
@Value("${aes.Key}")
private String key;
// @Override
// public String login(LoginRequest loginRequest) {
// String captcha = loginRequest.getUsername();
// String account = loginRequest.getUsername();
// String password = loginRequest.getPassword();
// String uuid = loginRequest.getPassword();
//
// // 验证码验证逻辑这里省略需根据实际情况实现
// if (CaptchaUtil.checkVerificationCode(uuid, captcha, adminRedisTemplate)) {
// return "验证码错误";
// }
// // 用户名密码验证
//// if (isValidUser(account, password)) {
// // 登录成功使用Sa-Token生成Token
// StpUtil.login(account);
// // 返回Token给客户端
// return StpUtil.getTokenValue();
//// } else {
//// return "用户名或密码错误";
//
// }
@Override
public LoginUserDetails login(String param, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException {
String iv = request.getHeader("v");
System.out.println("iv:" + iv);
param = aesUtil.decrypt(key, param, iv);
ObjectMapper objectMapper = new ObjectMapper();
LoginRequest loginRequest = objectMapper.readValue(param, LoginRequest.class);
public LoginUserDetails login(LoginRequest loginRequest, HttpServletRequest request, HttpServletResponse response) throws JsonProcessingException {
// String iv = request.getHeader("v");
// System.out.println("iv:" + iv);
// param = aesUtil.decrypt(key, param, iv);
// ObjectMapper objectMapper = new ObjectMapper();
// LoginRequest loginRequest = objectMapper.readValue(param, LoginRequest.class);
String name = loginRequest.getUsername();
String password = loginRequest.getPassword();
String code = loginRequest.getCode();
String uuid = loginRequest.getUuid();
LoginUserDetails loginInfo = new LoginUserDetails();
LambdaQueryWrapper<SysUser> wrapper = Wrappers.lambdaQuery();
wrapper.eq(SysUser::getAccount, loginRequest.getUsername());
wrapper.eq(SysUser::getAccount, name);
SysUser sysUser = sysUserMapper.selectOne(wrapper);
if (sysUser == null) {
throw new ServiceException("无账号信息");
loginInfo.setMsg("无账号信息");
return loginInfo;
}
if (!CaptchaUtil.checkVerificationCode(uuid, code, adminRedisTemplate)) {
throw new ServiceException("验证码不正确");
loginInfo.setMsg("验证码不正确");
return loginInfo;
}
StpUtil.login(sysUser.getId()); // 执行登录这里username为用户唯一标识
if (!BCrypt.checkpw(password, sysUser.getPassword())) {
loginInfo.setMsg("账号密码错误");
return loginInfo;
}
StpUtil.login(sysUser.getAccount());// 执行登录这里username为用户唯一标识
String refreshTokenUuid = IdUtil.fastSimpleUUID();
String token = StpUtil.getTokenValue();
String refreshToken = "refresh:" + refreshTokenUuid;
SysUserVo sysUserVo = new SysUserVo();
sysUserVo.setId(sysUser.getId());
sysUserVo.setAccount(sysUser.getAccount());
@ -94,9 +90,12 @@ public class LoginServiceImpl implements ILoginService {
sysUserVo.setPhone(sysUser.getPhone());
sysUserVo.setEmail(sysUser.getEmail());
sysUserVo.setOrgId(sysUser.getOrgId());
LoginUserDetails loginInfo = new LoginUserDetails();
loginInfo.setSysUser(sysUserVo); // 存储用户信息到会话
loginInfo.setToken(StpUtil.getTokenValue());
loginInfo.setRefreshToken(refreshTokenUuid);
adminRedisTemplate.setEx(token, loginInfo, Duration.ofSeconds(saTokenProperties.getExpireTime()));
adminRedisTemplate.setEx(refreshToken, loginInfo, Duration.ofSeconds(saTokenProperties.getRefreshExpireTime()));
return loginInfo;
}
@ -113,24 +112,29 @@ public class LoginServiceImpl implements ILoginService {
@Override
public LoginVO refreshToken(String refreshToken) {
// Claims claim = tokenService.getClaim(refreshToken);
// String uuid = (String) claim.get("uuid");
// String username = (String) claim.get("username");
// String refresh = (String) claim.get("refresh");
// if (StrUtil.isEmpty(refresh)) {
// throw new BusinessException("非法token");
// }
// LoginUserDetails loginUserDetails = adminRedisTemplate.get(username + ":refresh:" + uuid);
// if (loginUserDetails == null) {
// throw new BusinessException("token过期请重新登录");
// }
// String token = tokenService.createToken(loginUserDetails);
// String newRefreshToken = tokenService.createRefreshToken(loginUserDetails);
// String tokenPrefix = jwtProperties.getTokenPrefix();
// // 删除原有刷新token
// adminRedisTemplate.del(username + ":refresh:" + uuid);
// return new LoginVO(tokenPrefix + " " + token, newRefreshToken, jwtProperties.getExpireTime());
return new LoginVO();
LoginUserDetails loginUserDetails = adminRedisTemplate.get(refreshToken);
LoginVO loginInfo = new LoginVO();
if (loginUserDetails == null) {
loginInfo.setMsg("token过期请重新登录");
return loginInfo;
}
StpUtil.login(loginUserDetails.getSysUser().getAccount());// 执行登录这里username为用户唯一标识
String newToken = StpUtil.getTokenValue();
String newRefreshTokenUuid = IdUtil.fastSimpleUUID();
String newRefreshToken = "refresh:" + newRefreshTokenUuid;
loginInfo.setAccessToken(newToken);
loginUserDetails.setToken(newToken);
loginUserDetails.setRefreshToken(newRefreshTokenUuid);
String oldRefreshToken = loginUserDetails.getRefreshToken();
adminRedisTemplate.setEx(newToken, loginUserDetails, Duration.ofSeconds(saTokenProperties.getExpireTime()));
adminRedisTemplate.setEx(refreshToken, loginUserDetails, Duration.ofSeconds(saTokenProperties.getRefreshExpireTime()));
// 删除原有刷新token
adminRedisTemplate.del("refresh:" + oldRefreshToken);
return new LoginVO(newToken, newRefreshToken, saTokenProperties.getRefreshExpireTime());
}
}

13
das/src/main/resources/application-dev.yml
View File

@ -1,13 +0,0 @@
spring:
datasource:
url: jdbc:postgresql://192.168.109.102:5432/das
username: das
password: qwaszx12
# # redis相关配置
data:
redis:
host: 127.0.0.1
database: 0
port: 6379
password:
client-type: lettuce

13
das/src/main/resources/application-prd.yml
View File

@ -1,13 +0,0 @@
spring:
datasource:
url: jdbc:postgresql://192.168.109.102:5432/das
username: das
password: qwaszx12
# # redis相关配置
data:
redis:
host: 127.0.0.1
database: 0
port: 6379
password:
client-type: lettuce

25
das/src/main/resources/application.yml
View File

@ -19,17 +19,17 @@ sa-token:
# 是否开启Sa-Token全局拦截器默认为true
enabled: true
# token名称
token-name: token
tokenHeader: token
# token前缀
token-prefix: Bearer
tokenPrefix: Bearer
# token有效期单位秒
timeout: 7200
expireTime: 7200
refreshExpireTime: 604800
# 是否允许同一账号多终端登录默认为true
is-concurrent: true
spring:
profiles:
active: dev
application:
name: das
#json格式化全局配置,相当于@JsonFormat
@ -45,6 +45,18 @@ spring:
max-file-size: 1024MB
# 多个文件总大小
max-request-size: 2048MB
datasource:
url: jdbc:postgresql://192.168.109.102:5432/das
username: das
password: qwaszx12
# # redis相关配置
data:
redis:
host: 127.0.0.1
database: 0
port: 6379
password:
client-type: lettuce
# 配置 xml 文件所在位置 配置全局的 主键策略,默认为 ASSIGN_ID 默认为 【雪花算法】 , atuo 自增
@ -79,4 +91,5 @@ captcha:
verify-type: calculate
expire: 120
aesKey: b6967ee87b86d85a
aes:
Key: b6967ee87b86d85a