diff --git a/nladmin-common/src/main/java/org/nl/exception/handler/GlobalExceptionHandler.java b/nladmin-common/src/main/java/org/nl/exception/handler/GlobalExceptionHandler.java index fc8384044..746dd0d91 100644 --- a/nladmin-common/src/main/java/org/nl/exception/handler/GlobalExceptionHandler.java +++ b/nladmin-common/src/main/java/org/nl/exception/handler/GlobalExceptionHandler.java @@ -49,17 +49,6 @@ public class GlobalExceptionHandler { return buildResponseEntity(ApiError.error(e.getMessage())); } - /** - * BadCredentialsException - */ -// @ExceptionHandler(BadCredentialsException.class) -// public ResponseEntity badCredentialsException(BadCredentialsException e){ -// // 打印堆栈信息 -// String message = "坏的凭证".equals(e.getMessage()) ? "用户名或密码不正确" : e.getMessage(); -// log.error(message); -// return buildResponseEntity(ApiError.error(message)); -// } - /** * token 无效的异常拦截 * @param e @@ -67,9 +56,8 @@ public class GlobalExceptionHandler { */ @ExceptionHandler(value = NotLoginException.class) public ResponseEntity notLoginException(Exception e) { -// e.printStackTrace(); log.error(ThrowableUtil.getStackTrace(e)); - return buildResponseEntity(ApiError.error("Token 无效")); + return buildResponseEntity(ApiError.error(401,"token 失效")); } diff --git a/nladmin-common/src/main/java/org/nl/utils/SecurityUtils.java b/nladmin-common/src/main/java/org/nl/utils/SecurityUtils.java index 1bf5a2c91..5d0a9d318 100644 --- a/nladmin-common/src/main/java/org/nl/utils/SecurityUtils.java +++ b/nladmin-common/src/main/java/org/nl/utils/SecurityUtils.java @@ -4,6 +4,8 @@ import cn.dev33.satoken.stp.StpUtil; import lombok.extern.slf4j.Slf4j; import org.nl.utils.dto.CurrentUser; +import java.util.List; + /** * @author: lyd * @description: 获取当前用户的信息 - 前提下在登录之后将数据存储到session @@ -56,4 +58,17 @@ public class SecurityUtils { } return 0L; } + + /** + * 获取当前用户权限 + * @return 权限列表 + */ + public static List getCurrentUserPermissions() { + CurrentUser userInfo = (CurrentUser) StpUtil.getTokenSession().get("userInfo"); + List permissions = userInfo.getPermissions(); + if (permissions.size() > 0) { + return permissions; + } + return null; + } } diff --git a/nladmin-common/src/main/java/org/nl/utils/dto/CurrentUser.java b/nladmin-common/src/main/java/org/nl/utils/dto/CurrentUser.java index 6515702b2..3827800ff 100644 --- a/nladmin-common/src/main/java/org/nl/utils/dto/CurrentUser.java +++ b/nladmin-common/src/main/java/org/nl/utils/dto/CurrentUser.java @@ -5,6 +5,8 @@ import com.fasterxml.jackson.databind.ser.std.ToStringSerializer; import lombok.Data; import java.io.Serializable; +import java.util.ArrayList; +import java.util.List; /** * @author: lyd @@ -19,4 +21,6 @@ public class CurrentUser implements Serializable { private String username; private Object user; + + private List permissions = new ArrayList<>(); } diff --git a/nladmin-system/src/main/java/org/nl/modules/security/rest/AuthorizationController.java b/nladmin-system/src/main/java/org/nl/modules/security/rest/AuthorizationController.java index 6f4e058f7..6dc733969 100644 --- a/nladmin-system/src/main/java/org/nl/modules/security/rest/AuthorizationController.java +++ b/nladmin-system/src/main/java/org/nl/modules/security/rest/AuthorizationController.java @@ -99,17 +99,20 @@ public class AuthorizationController { } StpUtil.login(userDto.getId()); // 调用satoken登录 + StpUtil.getSession().set("UserDto", userDto); + // 获取权限列表 - 登录查找权限 + List permissionList = roleService.getPermissionList(userDto.getId().toString()); + // 保存用户信息到session - 登录输入,登出删除 CurrentUser user = new CurrentUser(); user.setId(userDto.getId()); user.setUsername(userDto.getUsername()); user.setUser(userDto); + user.setPermissions(permissionList); StpUtil.getTokenSession().set("userInfo", user); - StpUtil.getSession().set("UserDto", userDto); // 返回一个User // 返回 token 与 用户信息 - List permissionList = roleService.getPermissionList(userDto.getId().toString()); JSONObject jsonObject = new JSONObject(); jsonObject.put("roles", permissionList); jsonObject.put("user", userDto); @@ -128,9 +131,8 @@ public class AuthorizationController { @GetMapping(value = "/info") public ResponseEntity getUserInfo() { UserDto currentUser = (UserDto) SecurityUtils.getCurrentUser(); - List permissionList = roleService.getPermissionList(currentUser.getId().toString()); JSONObject jsonObject = new JSONObject(); - jsonObject.put("roles", permissionList); + jsonObject.put("roles", SecurityUtils.getCurrentUserPermissions()); jsonObject.put("user", currentUser); return ResponseEntity.ok(jsonObject); } @@ -159,7 +161,6 @@ public class AuthorizationController { @ApiOperation("退出登录") @AnonymousDeleteMapping(value = "/logout") public ResponseEntity logout(HttpServletRequest request) { - StpUtil.getTokenSession().clear(); // 清除session数据 onlineUserService.logout(StpUtil.getTokenValue()); StpUtil.logout(); return new ResponseEntity<>(HttpStatus.OK); diff --git a/nladmin-system/src/main/java/org/nl/modules/security/satoken/SaTokenConfigure.java b/nladmin-system/src/main/java/org/nl/modules/security/satoken/SaTokenConfigure.java index 6da1d954b..3adb0cd0b 100644 --- a/nladmin-system/src/main/java/org/nl/modules/security/satoken/SaTokenConfigure.java +++ b/nladmin-system/src/main/java/org/nl/modules/security/satoken/SaTokenConfigure.java @@ -24,7 +24,7 @@ public class SaTokenConfigure implements WebMvcConfigurer { return new StpLogicJwtForSimple(); } - String[] whitelist = new String[]{"/auth/login", "/auth/code", "/swagger-ui.html", "/swagger-resources/**", + String[] whitelist = new String[]{"/auth/login", "/auth/code","auth/logout", "/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/avatar/**", "/file/**", "/druid/**", "/favicon.ico", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js","/webSocket/**"}; diff --git a/nladmin-system/src/main/java/org/nl/modules/security/satoken/StpInterfaceImpl.java b/nladmin-system/src/main/java/org/nl/modules/security/satoken/StpInterfaceImpl.java index 070435b9e..ee240c796 100644 --- a/nladmin-system/src/main/java/org/nl/modules/security/satoken/StpInterfaceImpl.java +++ b/nladmin-system/src/main/java/org/nl/modules/security/satoken/StpInterfaceImpl.java @@ -1,9 +1,7 @@ package org.nl.modules.security.satoken; import cn.dev33.satoken.stp.StpInterface; -import cn.dev33.satoken.stp.StpUtil; -import org.nl.modules.system.service.RoleService; -import org.springframework.beans.factory.annotation.Autowired; +import org.nl.utils.SecurityUtils; import org.springframework.stereotype.Component; import java.util.List; @@ -16,14 +14,23 @@ import java.util.List; @Component public class StpInterfaceImpl implements StpInterface { - @Autowired - private RoleService roleService; - + /** + * 用户权限获取 + * @param o login存入的值,此处存放用户id + * @param s + * @return + */ @Override public List getPermissionList(Object o, String s) { - return roleService.getPermissionList((String) StpUtil.getLoginId()); + return SecurityUtils.getCurrentUserPermissions(); } + /** + * 角色权限获取 - 数据库没有设计角色code,因此不推荐使用角色鉴权 + * @param o + * @param s + * @return + */ @Override public List getRoleList(Object o, String s) { return null; diff --git a/nladmin-system/src/main/java/org/nl/modules/security/satoken/hint.md b/nladmin-system/src/main/java/org/nl/modules/security/satoken/hint.md new file mode 100644 index 000000000..995291ba1 --- /dev/null +++ b/nladmin-system/src/main/java/org/nl/modules/security/satoken/hint.md @@ -0,0 +1,64 @@ +## 关于satoken的提示 +### 本系统采用两个session存放相关信息 +1、其中tokenSession存放的是 +提供公共模块使用,获取是Object可以直接强转此实体. +主要使用在 SecurityUtils类上,使用的key: userInfo +```java +@Data +public class CurrentUser implements Serializable { + @JsonSerialize(using = ToStringSerializer.class) + private Long id; + + private String username; + + private Object user; + + private List permissions = new ArrayList<>(); +} +``` +2、Session存放的是UserDto,提供业务模块使用使用的key: UserDto +```java +@Getter +@Setter +public class UserDto extends BaseDTO implements Serializable { + @JsonSerialize(using = ToStringSerializer.class) + private Long id; + + private Set roles; + + private Set jobs; + + private DeptSmallDto dept; + + private Long deptId; + + private String username; + + private String nickName; + + private String email; + + private String phone; + + private String gender; + + private String avatarName; + + private String avatarPath; + + private String extId; + + private String extuserId; + + + @JsonIgnore + private String password; + + private Boolean enabled; + + @JsonIgnore + private Boolean isAdmin = false; + + private Date pwdResetTime; +} +``` \ No newline at end of file diff --git a/nladmin-system/src/main/java/org/nl/modules/system/service/impl/RoleServiceImpl.java b/nladmin-system/src/main/java/org/nl/modules/system/service/impl/RoleServiceImpl.java index ab052e230..7758ae5c7 100644 --- a/nladmin-system/src/main/java/org/nl/modules/system/service/impl/RoleServiceImpl.java +++ b/nladmin-system/src/main/java/org/nl/modules/system/service/impl/RoleServiceImpl.java @@ -15,6 +15,7 @@ */ package org.nl.modules.system.service.impl; +import cn.dev33.satoken.stp.StpUtil; import cn.hutool.core.collection.CollectionUtil; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; @@ -30,6 +31,7 @@ import org.nl.modules.system.service.RoleService; import org.nl.modules.system.service.dto.RoleDto; import org.nl.modules.system.service.dto.RoleQueryCriteria; import org.nl.modules.system.service.dto.RoleSmallDto; +import org.nl.modules.system.service.dto.UserDto; import org.nl.modules.system.service.mapstruct.RoleMapper; import org.nl.modules.system.service.mapstruct.RoleSmallMapper; import org.nl.utils.*; @@ -183,6 +185,11 @@ public class RoleServiceImpl implements RoleService { @Cacheable(key = "'auth:' + #p0") public List getPermissionList(String id) { List permission = new LinkedList<>(); + // 查看是否为管理员 + UserDto user = (UserDto) StpUtil.getSession().get("UserDto"); + if (user.getIsAdmin()) { // 是管理员 + permission.add("admin"); + } HashMap map = new HashMap<>(); map.put("flag", "1"); map.put("user_id", id); diff --git a/nladmin-system/src/main/resources/config/application-dev.yml b/nladmin-system/src/main/resources/config/application-dev.yml index f37c4f0b7..637735106 100644 --- a/nladmin-system/src/main/resources/config/application-dev.yml +++ b/nladmin-system/src/main/resources/config/application-dev.yml @@ -6,12 +6,12 @@ spring: druid: db-type: com.alibaba.druid.pool.DruidDataSource driverClassName: net.sf.log4jdbc.sql.jdbcapi.DriverSpy -# url: jdbc:log4jdbc:mysql://${DB_HOST:47.111.78.178}:${DB_PORT:3306}/${DB_NAME:nladmin}?serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false&useOldAliasMetadataBehavior=true - url: jdbc:log4jdbc:mysql://${DB_HOST:127.0.0.1}:${DB_PORT:3306}/${DB_NAME:nladmin}?serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false&useOldAliasMetadataBehavior=true -# username: ${DB_USER:root} + url: jdbc:log4jdbc:mysql://${DB_HOST:47.111.78.178}:${DB_PORT:3306}/${DB_NAME:nladmin}?serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false&useOldAliasMetadataBehavior=true +# url: jdbc:log4jdbc:mysql://${DB_HOST:127.0.0.1}:${DB_PORT:3306}/${DB_NAME:nladmin}?serverTimezone=Asia/Shanghai&characterEncoding=utf8&useSSL=false&useOldAliasMetadataBehavior=true username: ${DB_USER:root} -# password: ${DB_PWD:P@ssw0rd} - password: ${DB_PWD:12356} +# username: ${DB_USER:root} + password: ${DB_PWD:P@ssw0rd} +# password: ${DB_PWD:12356} # 初始连接数 initial-size: 5 # 最小连接数 diff --git a/nladmin-ui/src/router/index.js b/nladmin-ui/src/router/index.js index 69a4be522..2bc3d9086 100644 --- a/nladmin-ui/src/router/index.js +++ b/nladmin-ui/src/router/index.js @@ -17,6 +17,7 @@ router.beforeEach((to, from, next) => { } NProgress.start() if (getToken()) { + // debugger // 已登录且要跳转的页面是登录页 if (to.path === '/login') { next({ path: '/' }) diff --git a/nladmin-ui/src/views/nested/menu1/index.vue b/nladmin-ui/src/views/nested/menu1/index.vue deleted file mode 100644 index 98240aef8..000000000 --- a/nladmin-ui/src/views/nested/menu1/index.vue +++ /dev/null @@ -1,3 +0,0 @@ - diff --git a/nladmin-ui/src/views/nested/menu1/menu1-1/index.vue b/nladmin-ui/src/views/nested/menu1/menu1-1/index.vue deleted file mode 100644 index 20ff93b9b..000000000 --- a/nladmin-ui/src/views/nested/menu1/menu1-1/index.vue +++ /dev/null @@ -1,15 +0,0 @@ - - diff --git a/nladmin-ui/src/views/nested/menu1/menu1-2/index.vue b/nladmin-ui/src/views/nested/menu1/menu1-2/index.vue deleted file mode 100644 index db642ccfe..000000000 --- a/nladmin-ui/src/views/nested/menu1/menu1-2/index.vue +++ /dev/null @@ -1,5 +0,0 @@ - diff --git a/nladmin-ui/src/views/nested/menu2/index.vue b/nladmin-ui/src/views/nested/menu2/index.vue deleted file mode 100644 index b8283a2e7..000000000 --- a/nladmin-ui/src/views/nested/menu2/index.vue +++ /dev/null @@ -1,5 +0,0 @@ -