Skip to content

涂亚平 / template

Go to a project
Commit 97dda540 by 邓敏
Options

修复未开放权限无法拦截问题

1 parent a37a3fb1
Inline Side-by-side
Showing with 27 additions and 135 deletions
src/main/java/com/zhongzhi/common/configure/SecurityConfig.java
...@@ -62,20 +62,20 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { ...@@ -62,20 +62,20 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http http.csrf()
.exceptionHandling().accessDeniedHandler(accessDeniedHandler) .disable()
.and() .sessionManagement()
.csrf().disable() .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and() .and()
.authorizeRequests() .authorizeRequests()
.antMatchers(HttpMethod.POST, "/**").permitAll() .antMatchers("/openApi/login", "/openApi/loginOut").permitAll()//接口白名单配置
.antMatchers("/openApi/login", "/openApi/**").permitAll()//接口白名单配置
.anyRequest().authenticated(); .anyRequest().authenticated();
http.headers().cacheControl(); http.headers().cacheControl();
http.addFilterBefore(authenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class); http.addFilterBefore(authenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
http.exceptionHandling()
.accessDeniedHandler(accessDeniedHandler)
.authenticationEntryPoint(unauthorizedHandler);
} }
@Bean @Bean
......
src/main/java/com/zhongzhi/common/interceptor/JwtAuthenticationTokenFilter.java
...@@ -2,8 +2,11 @@ package com.zhongzhi.common.interceptor; ...@@ -2,8 +2,11 @@ package com.zhongzhi.common.interceptor;
import com.auth0.jwt.interfaces.Claim; import com.auth0.jwt.interfaces.Claim;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.zhongzhi.common.constant.Code;
import com.zhongzhi.common.exception.HttpException;
import com.zhongzhi.common.utils.JwtUtil; import com.zhongzhi.common.utils.JwtUtil;
import com.zhongzhi.common.utils.Localstorage; import com.zhongzhi.common.utils.Localstorage;
import com.zhongzhi.common.utils.ResponseData;
import com.zhongzhi.dao.UserMapper; import com.zhongzhi.dao.UserMapper;
import com.zhongzhi.model.base.UserModel; import com.zhongzhi.model.base.UserModel;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
...@@ -35,26 +38,22 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter { ...@@ -35,26 +38,22 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
@Override @Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
String token = request.getHeader("Authorization"); String token = request.getHeader("Authorization");
if (StringUtils.isNotEmpty(token)) { if(token != null && SecurityContextHolder.getContext().getAuthentication() == null) {
if (token.startsWith("Bearer")) { if(token.startsWith("Bearer")) {
token = token.replace("Bearer ", ""); token = token.replace("Bearer ", "");
} }
if (!JwtUtil.isExpired(token) && JwtUtil.verifyToken(token)) { Map<String, Claim> claimMap = JwtUtil.getClaims(token);
Map<String, Claim> claimMap = JwtUtil.getClaims(token); UserModel userModel = userMapper.selectOne(new QueryWrapper<UserModel>()
if(claimMap != null && SecurityContextHolder.getContext().getAuthentication() == null) { .lambda()
UserModel userModel = userMapper.selectOne(new QueryWrapper<UserModel>() .eq(UserModel::getUsername, claimMap.get("username").asString()));
.lambda() if(userModel != null) {
.eq(UserModel::getUsername, claimMap.get("username").asString())); UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userModel, null, userModel.getAuthorities());
if(userModel != null) { authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userModel, null, userModel.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication);
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); Localstorage.setUser(userModel);
SecurityContextHolder.getContext().setAuthentication(authentication); } else {
Localstorage.setUser(userModel); Localstorage.remove();
} else {
Localstorage.remove();
}
}
} }
} }
filterChain.doFilter(request, response); filterChain.doFilter(request, response);
......
src/main/java/com/zhongzhi/common/utils/EncryptUtil.java
...@@ -21,6 +21,8 @@ public class EncryptUtil { ...@@ -21,6 +21,8 @@ public class EncryptUtil {
public static String encrypt(String password) { public static String encrypt(String password) {
char[] chars = password.toCharArray(); char[] chars = password.toCharArray();
return Hash.password(chars).algorithm(Type.PBKDF2_SHA256).create(); return Hash.password(chars).algorithm(Type.PBKDF2_SHA256).create();
} }
/** /**
......
src/main/java/com/zhongzhi/common/utils/PDFUtil.java deleted 100644 → 0
package com.zhongzhi.common.utils;
import com.itextpdf.text.*;
import com.itextpdf.text.pdf.BaseFont;
import com.itextpdf.text.pdf.PdfPTable;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
@Slf4j
@Component
public class PDFUtil {
static BaseFont baseFont;
{
try {
baseFont = BaseFont.createFont("https://zhongzhi-cms.oss-cn-shanghai.aliyuncs.com/STSONG.TTF", BaseFont.IDENTITY_H, BaseFont.NOT_EMBEDDED);
} catch (Exception e) {
e.printStackTrace();
}
}
public static void tableStyle(PdfPTable table, int[] cellsWidth) throws DocumentException {
table.setWidths(cellsWidth);
table.setWidthPercentage(100);
table.getDefaultCell().setHorizontalAlignment(Element.ALIGN_CENTER);
table.getDefaultCell().setVerticalAlignment(Element.ALIGN_MIDDLE);
table.getDefaultCell().setFixedHeight(30);
table.getDefaultCell().setBackgroundColor(BaseColor.BLUE);
table.getDefaultCell().setPadding(0);
table.getDefaultCell().setBorderWidth(0);
}
/**
* 流化下载
*
* @param bytes
* @param filename
*/
public static void renderPdf(final byte[] bytes, final String filename, String type) {
ServletRequestAttributes servletRequestAttributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletResponse response = servletRequestAttributes.getResponse();
initResponseHeader(response, "application/" + type);
setFileDownloadHeader(response, filename, "." + type);
if (null != bytes) {
try {
response.getOutputStream().write(bytes);
response.getOutputStream().flush();
} catch (IOException e) {
throw new IllegalArgumentException(e);
}
}
}
/**
* 分析并设置contentType与headers.
*/
private static HttpServletResponse initResponseHeader(HttpServletResponse response, final String contentType, final String... headers) {
// 分析headers参数
String encoding = "utf-8";
boolean noCache = true;
for (String header : headers) {
String headerName = StringUtils.substringBefore(header, ":");
String headerValue = StringUtils.substringAfter(header, ":");
if (StringUtils.equalsIgnoreCase(headerName, "utf-8")) {
encoding = headerValue;
} else if (StringUtils.equalsIgnoreCase(headerName, "no-cache")) {
noCache = Boolean.parseBoolean(headerValue);
} else {
throw new IllegalArgumentException(headerName + "不是一个合法的header类型");
}
}
// 设置headers参数
String fullContentType = contentType + ";charset=" + encoding;
response.setContentType(fullContentType);
if (noCache) {
// Http 1.0 header
response.setDateHeader("Expires", 0);
response.addHeader("Pragma", "no-cache");
// Http 1.1 header
response.setHeader("Cache-Control", "no-cache");
}
return response;
}
/**
* 设置让浏览器弹出下载对话框的Header.
*
* @param
*/
public static void setFileDownloadHeader(HttpServletResponse response, String fileName, String fileType) {
try {
// 中文文件名支持
String encodedfileName = new String(fileName.getBytes(StandardCharsets.UTF_8), "ISO8859-1");
response.setHeader("Content-Disposition", "attachment; filename=\"" + encodedfileName + fileType + "\"");
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
}
}
src/main/resources/application-dev.properties
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
server.port=23507 server.port=23507
# 数据源配置 # 数据源配置
# 数据源配置 # 数据源配置
spring.datasource.url=jdbc:mysql://139.224.253.21:3306/lida?autoReconnect=true&useUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8 spring.datasource.url=jdbc:mysql://139.224.253.21:3306/template?autoReconnect=true&useUnicode=true&characterEncoding=utf8&serverTimezone=GMT%2B8
spring.datasource.type=com.alibaba.druid.pool.DruidDataSource spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.username=root spring.datasource.username=root
......
Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!