diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java index 3e3d2eb8..e83e3840 100644 --- a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java +++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java @@ -5,10 +5,10 @@ import com.alibaba.fastjson.JSONObject; import com.anji.plus.gaea.bean.ResponseBean; import com.anji.plus.gaea.cache.CacheHelper; import com.anji.plus.gaea.utils.JwtBean; +import com.anjiplus.template.gaea.business.constant.BusinessConstant; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; -import org.springframework.core.Ordered; import org.springframework.core.annotation.Order; import org.springframework.stereotype.Component; @@ -32,42 +32,16 @@ public class TokenFilter implements Filter { @Autowired private JwtBean jwtBean; - /**跳过token验证和权限验证的url清单*/ + // 跳过token验证和权限验证的url清单 @Value("#{'${customer.skip-authenticate-urls}'.split(',')}") private List skipAuthenticateUrls; private Pattern SKIP_AUTHENTICATE_PATTERN; @Override public void init(FilterConfig filterConfig) throws ServletException { - Filter.super.init(filterConfig); - } - - /** 根据名单,生成正则 - * @param skipUrlList - * @return - */ - private Pattern fitByList(List skipUrlList){ - if(skipUrlList == null || skipUrlList.size() == 0){ - return Pattern.compile(".*().*"); - } - StringBuffer patternString = new StringBuffer(); - patternString.append(".*("); - - skipUrlList.stream().forEach(url ->{ - patternString.append(url.trim()); - patternString.append("|"); - }); - if(skipUrlList.size()>0){ - patternString.deleteCharAt(patternString.length()-1); - } - patternString.append(").*"); - - return Pattern.compile(patternString.toString()); - } - - @PostConstruct - private void postConstruct() { + // 生成匹配正则,跳过token验证和权限验证的url SKIP_AUTHENTICATE_PATTERN = fitByList(skipAuthenticateUrls); + Filter.super.init(filterConfig); } @Override @@ -89,25 +63,32 @@ public class TokenFilter implements Filter { } //获取token - String authorization = request.getHeader("Authorization"); - if (StringUtils.isBlank(authorization)) { + String token = request.getHeader("Authorization"); + if (StringUtils.isBlank(token)) { error(response); return; } - String username = jwtBean.getUsername(authorization); -// String uuid = jwtBean.getUUID(authorization); - - if (!cacheHelper.exist(username)) { + // 判断token是否过期 + String loginName = jwtBean.getUsername(token); + String tokenKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_TOKEN, loginName); + String userKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_USER, loginName); + if (!cacheHelper.exist(tokenKey)) { error(response); return; } + if (!cacheHelper.exist(userKey)) { + error(response); + return; + } + String gaeaUserJsonStr = cacheHelper.stringGet(userKey); - //延长有效期 - cacheHelper.stringSetExpire(username, authorization, 3600); + // 延长有效期 + cacheHelper.stringSetExpire(tokenKey, token, 3600); + cacheHelper.stringSetExpire(userKey, gaeaUserJsonStr, 3600); //在线体验版本 - if (username.equals("guest") + if (loginName.equals("guest") && !uri.endsWith("/dataSet/testTransform") && !uri.endsWith("/reportDashboard/getData") && !uri.startsWith("/dict") @@ -127,7 +108,6 @@ public class TokenFilter implements Filter { //执行 filterChain.doFilter(request, response); - } @Override @@ -135,6 +115,29 @@ public class TokenFilter implements Filter { Filter.super.destroy(); } + /** 根据名单,生成正则 + * @param skipUrlList + * @return + */ + private Pattern fitByList(List skipUrlList){ + if(skipUrlList == null || skipUrlList.size() == 0){ + return Pattern.compile(".*().*"); + } + StringBuffer patternString = new StringBuffer(); + patternString.append(".*("); + + skipUrlList.stream().forEach(url ->{ + patternString.append(url.trim()); + patternString.append("|"); + }); + if(skipUrlList.size()>0){ + patternString.deleteCharAt(patternString.length()-1); + } + patternString.append(").*"); + + return Pattern.compile(patternString.toString()); + } + private void error(HttpServletResponse response) throws IOException { ResponseBean responseBean = ResponseBean.builder().code("50014").message("The Token has expired").build(); response.getWriter().print(JSONObject.toJSONString(responseBean)); diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/AccessAuthorityService.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/AccessAuthorityService.java index 092bbb87..0e3e0238 100755 --- a/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/AccessAuthorityService.java +++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/AccessAuthorityService.java @@ -21,4 +21,9 @@ public interface AccessAuthorityService extends GaeaBaseService getAuthorityTree(String loginName, boolean withActionNode); + + /** + * 扫描所有mvc url的需要权限码,建立拦截体系 + */ + void scanGaeaSecurityAuthorities(); } \ No newline at end of file diff --git a/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/impl/AccessAuthorityServiceImpl.java b/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/impl/AccessAuthorityServiceImpl.java index 52819e6c..b2618623 100755 --- a/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/impl/AccessAuthorityServiceImpl.java +++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/impl/AccessAuthorityServiceImpl.java @@ -1,8 +1,13 @@ package com.anjiplus.template.gaea.business.modules.accessauthority.service.impl; +import com.alibaba.fastjson.JSONObject; import com.anji.plus.gaea.bean.TreeNode; +import com.anji.plus.gaea.cache.CacheHelper; +import com.anji.plus.gaea.constant.Enabled; import com.anji.plus.gaea.curd.mapper.GaeaBaseMapper; +import com.anji.plus.gaea.init.InitRequestUrlMappings; +import com.anjiplus.template.gaea.business.constant.BusinessConstant; import com.anjiplus.template.gaea.business.modules.accessauthority.dao.entity.AccessAuthority; import com.anjiplus.template.gaea.business.modules.accessauthority.service.AccessAuthorityService; import com.anjiplus.template.gaea.business.modules.accessauthority.dao.AccessAuthorityMapper; @@ -13,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import java.util.ArrayList; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.stream.Collectors; @@ -25,6 +31,12 @@ import java.util.stream.Collectors; @Service public class AccessAuthorityServiceImpl implements AccessAuthorityService { + @Autowired + private InitRequestUrlMappings initRequestUrlMappings; + + @Autowired + private CacheHelper cacheHelper; + @Autowired private AccessAuthorityMapper accessAuthorityMapper; @@ -102,4 +114,27 @@ public class AccessAuthorityServiceImpl implements AccessAuthorityService { return parentNodes; } + + @Override + public void scanGaeaSecurityAuthorities() { + /* 获取当前应用中所有的请求信息 + { + "applicationName": "aj-report", + "authCode": "authorityManage:query", + "authName": "权限管理查询", + "beanName": "accessAuthorityController", + "menuCode": "authorityManage", + "path": "GET#/accessAuthority/menuTree" + }*/ + List requestInfos = initRequestUrlMappings.getRequestInfos(Enabled.YES.getValue()); + + // key="GET#/accessAuthority/menuTree" value="authorityManage:query" + Map securityAuthorityMap = new HashMap(); + requestInfos.stream().forEach(requestInfo -> { + securityAuthorityMap.put(requestInfo.getPath(), requestInfo.getAuthCode()); + }); + + // 将key存入到缓存中 + cacheHelper.hashSet(BusinessConstant.GAEA_SECURITY_AUTHORITIES, securityAuthorityMap); + } } \ No newline at end of file