diff --git a/src/main/java/com/zhongzhi/common/configure/SecurityConfig.java b/src/main/java/com/zhongzhi/common/configure/SecurityConfig.java index 6b60dce..1f8e08e 100644 --- a/src/main/java/com/zhongzhi/common/configure/SecurityConfig.java +++ b/src/main/java/com/zhongzhi/common/configure/SecurityConfig.java @@ -62,20 +62,20 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { - http - .exceptionHandling().accessDeniedHandler(accessDeniedHandler) - .and() - .csrf().disable() - .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() - .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) + http.csrf() + .disable() + .sessionManagement() + .sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and() .authorizeRequests() - .antMatchers(HttpMethod.POST, "/**").permitAll() - .antMatchers("/openApi/login", "/openApi/**").permitAll()//接口白名单配置 + .antMatchers("/openApi/login", "/openApi/loginOut").permitAll()//接口白名单配置 .anyRequest().authenticated(); http.headers().cacheControl(); http.addFilterBefore(authenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class); + http.exceptionHandling() + .accessDeniedHandler(accessDeniedHandler) + .authenticationEntryPoint(unauthorizedHandler); } @Bean diff --git a/src/main/java/com/zhongzhi/common/interceptor/JwtAuthenticationTokenFilter.java b/src/main/java/com/zhongzhi/common/interceptor/JwtAuthenticationTokenFilter.java index caf76b4..0a9d143 100644 --- a/src/main/java/com/zhongzhi/common/interceptor/JwtAuthenticationTokenFilter.java +++ b/src/main/java/com/zhongzhi/common/interceptor/JwtAuthenticationTokenFilter.java @@ -2,8 +2,11 @@ package com.zhongzhi.common.interceptor; import com.auth0.jwt.interfaces.Claim; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; +import com.zhongzhi.common.constant.Code; +import com.zhongzhi.common.exception.HttpException; import com.zhongzhi.common.utils.JwtUtil; import com.zhongzhi.common.utils.Localstorage; +import com.zhongzhi.common.utils.ResponseData; import com.zhongzhi.dao.UserMapper; import com.zhongzhi.model.base.UserModel; import org.apache.commons.lang3.StringUtils; @@ -35,26 +38,22 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { String token = request.getHeader("Authorization"); - if (StringUtils.isNotEmpty(token)) { - if (token.startsWith("Bearer")) { + if(token != null && SecurityContextHolder.getContext().getAuthentication() == null) { + if(token.startsWith("Bearer")) { token = token.replace("Bearer ", ""); } - if (!JwtUtil.isExpired(token) && JwtUtil.verifyToken(token)) { - Map claimMap = JwtUtil.getClaims(token); - if(claimMap != null && SecurityContextHolder.getContext().getAuthentication() == null) { - UserModel userModel = userMapper.selectOne(new QueryWrapper() - .lambda() - .eq(UserModel::getUsername, claimMap.get("username").asString())); - if(userModel != null) { - UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userModel, null, userModel.getAuthorities()); - authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - SecurityContextHolder.getContext().setAuthentication(authentication); - Localstorage.setUser(userModel); - } else { - Localstorage.remove(); - } - } + Map claimMap = JwtUtil.getClaims(token); + UserModel userModel = userMapper.selectOne(new QueryWrapper() + .lambda() + .eq(UserModel::getUsername, claimMap.get("username").asString())); + if(userModel != null) { + UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userModel, null, userModel.getAuthorities()); + authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + SecurityContextHolder.getContext().setAuthentication(authentication); + Localstorage.setUser(userModel); + } else { + Localstorage.remove(); } } filterChain.doFilter(request, response); diff --git a/src/main/java/com/zhongzhi/common/utils/EncryptUtil.java b/src/main/java/com/zhongzhi/common/utils/EncryptUtil.java index c19f936..6664669 100644 --- a/src/main/java/com/zhongzhi/common/utils/EncryptUtil.java +++ b/src/main/java/com/zhongzhi/common/utils/EncryptUtil.java @@ -21,6 +21,8 @@ public class EncryptUtil { public static String encrypt(String password) { char[] chars = password.toCharArray(); return Hash.password(chars).algorithm(Type.PBKDF2_SHA256).create(); + + } /** diff --git a/src/main/java/com/zhongzhi/common/utils/PDFUtil.java b/src/main/java/com/zhongzhi/common/utils/PDFUtil.java deleted file mode 100644 index 70e91c6..0000000 --- a/src/main/java/com/zhongzhi/common/utils/PDFUtil.java +++ /dev/null @@ -1,109 +0,0 @@ -package com.zhongzhi.common.utils; - -import com.itextpdf.text.*; -import com.itextpdf.text.pdf.BaseFont; -import com.itextpdf.text.pdf.PdfPTable; - -import lombok.extern.slf4j.Slf4j; -import org.apache.commons.lang3.StringUtils; -import org.springframework.stereotype.Component; -import org.springframework.web.context.request.RequestContextHolder; -import org.springframework.web.context.request.ServletRequestAttributes; - -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.nio.charset.StandardCharsets; - -@Slf4j -@Component -public class PDFUtil { - - static BaseFont baseFont; - - { - try { - baseFont = BaseFont.createFont("https://zhongzhi-cms.oss-cn-shanghai.aliyuncs.com/STSONG.TTF", BaseFont.IDENTITY_H, BaseFont.NOT_EMBEDDED); - } catch (Exception e) { - e.printStackTrace(); - } - } - - public static void tableStyle(PdfPTable table, int[] cellsWidth) throws DocumentException { - table.setWidths(cellsWidth); - table.setWidthPercentage(100); - table.getDefaultCell().setHorizontalAlignment(Element.ALIGN_CENTER); - table.getDefaultCell().setVerticalAlignment(Element.ALIGN_MIDDLE); - table.getDefaultCell().setFixedHeight(30); - table.getDefaultCell().setBackgroundColor(BaseColor.BLUE); - table.getDefaultCell().setPadding(0); - table.getDefaultCell().setBorderWidth(0); - } - - /** - * 流化下载 - * - * @param bytes - * @param filename - */ - public static void renderPdf(final byte[] bytes, final String filename, String type) { - ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); - HttpServletResponse response = servletRequestAttributes.getResponse(); - initResponseHeader(response, "application/" + type); - setFileDownloadHeader(response, filename, "." + type); - if (null != bytes) { - try { - response.getOutputStream().write(bytes); - response.getOutputStream().flush(); - } catch (IOException e) { - throw new IllegalArgumentException(e); - } - } - } - - /** - * 分析并设置contentType与headers. - */ - private static HttpServletResponse initResponseHeader(HttpServletResponse response, final String contentType, final String... headers) { - // 分析headers参数 - String encoding = "utf-8"; - boolean noCache = true; - for (String header : headers) { - String headerName = StringUtils.substringBefore(header, ":"); - String headerValue = StringUtils.substringAfter(header, ":"); - if (StringUtils.equalsIgnoreCase(headerName, "utf-8")) { - encoding = headerValue; - } else if (StringUtils.equalsIgnoreCase(headerName, "no-cache")) { - noCache = Boolean.parseBoolean(headerValue); - } else { - throw new IllegalArgumentException(headerName + "不是一个合法的header类型"); - } - } - // 设置headers参数 - String fullContentType = contentType + ";charset=" + encoding; - response.setContentType(fullContentType); - if (noCache) { - // Http 1.0 header - response.setDateHeader("Expires", 0); - response.addHeader("Pragma", "no-cache"); - // Http 1.1 header - response.setHeader("Cache-Control", "no-cache"); - } - return response; - } - - /** - * 设置让浏览器弹出下载对话框的Header. - * - * @param - */ - public static void setFileDownloadHeader(HttpServletResponse response, String fileName, String fileType) { - try { - // 中文文件名支持 - String encodedfileName = new String(fileName.getBytes(StandardCharsets.UTF_8), "ISO8859-1"); - response.setHeader("Content-Disposition", "attachment; filename=\"" + encodedfileName + fileType + "\""); - } catch (UnsupportedEncodingException e) { - e.printStackTrace(); - } - } -} diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties index d42c802..118abba 100644 --- a/src/main/resources/application-dev.properties +++ b/src/main/resources/application-dev.properties @@ -3,7 +3,7 @@ server.port=23507 # 数据源配置 # 数据源配置 -spring.datasource.url=jdbc:mysql://139.224.253.21:3306/lida?autoReconnect=true&useUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8 +spring.datasource.url=jdbc:mysql://139.224.253.21:3306/template?autoReconnect=true&useUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8 spring.datasource.type=com.alibaba.druid.pool.DruidDataSource spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource.username=root