登录授权代码更新

2022-09-28 15:40:16 +08:00
parent 2abfb67839
commit 8ca24695d4
5 changed files with 46 additions and 33 deletions
--- a/nladmin-system/src/main/java/org/nl/modules/common/utils/SecurityUtils.java
+++ b/nladmin-system/src/main/java/org/nl/modules/common/utils/SecurityUtils.java
@@ -1,8 +1,11 @@
 package org.nl.modules.common.utils;

 import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.json.JSONArray;
+import cn.hutool.json.JSONObject;
 import lombok.extern.slf4j.Slf4j;
-import org.nl.modules.common.utils.dto.CurrentUser;
+import org.nl.modules.system.service.dto.UserDto;

 import java.util.List;

@@ -19,16 +22,14 @@ public class SecurityUtils {
     *
     * @return 系统用户
     */
-    public static Object getCurrentUser() {
-        CurrentUser user = null;
+    public static UserDto getCurrentUser() {
        try {
-            user = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
-            if (user.getUser() != null) {
-                return user.getUser();
+            JSONObject json = (JSONObject) StpUtil.getExtra("loginInfo");
+            if (ObjectUtil.isNotEmpty(json)) {
+                return json.toBean(UserDto.class);
            }
-        }
-        catch (Exception e) {
-            return null;
+        } catch (Exception e) {
+            return new UserDto();
        }
        return null;
    }
@@ -39,11 +40,16 @@ public class SecurityUtils {
     * @return 系统用户名称
     */
    public static String getCurrentUsername() {
-        CurrentUser currentUser = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
-        if (currentUser.getUsername() != null) {
-            return currentUser.getUsername();
-        }
-        return "";
+        return getCurrentUser().getUsername();
+    }
+
+    /**
+     * 获取系统用户名称
+     *
+     * @return 系统用户名称
+     */
+    public static String getCurrentNickName() {
+        return getCurrentUser().getNickName();
    }

    /**
@@ -52,22 +58,19 @@ public class SecurityUtils {
     * @return 系统用户Id
     */
    public static Long getCurrentUserId() {
-        CurrentUser currentUser = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
-        if (currentUser.getId() != null) {
-            return currentUser.getId();
-        }
-        return 0L;
+        return getCurrentUser().getId();
    }

    /**
     * 获取当前用户权限
+     *
     * @return 权限列表
     */
    public static List<String> getCurrentUserPermissions() {
-        CurrentUser userInfo = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
-        List<String> permissions = userInfo.getPermissions();
+        JSONObject json = (JSONObject) StpUtil.getExtra("loginInfo");
+        JSONArray permissions = json.getJSONArray("permissions");
        if (permissions.size() > 0) {
-            return permissions;
+            return permissions.toList(String.class);
        }
        return null;
    }
--- a/nladmin-system/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java
+++ b/nladmin-system/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java
@@ -3,6 +3,7 @@ package org.nl.modules.common.utils.dto;
 import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
 import lombok.Data;
+import org.nl.modules.system.service.dto.UserDto;

 import java.io.Serializable;
 import java.util.ArrayList;
@@ -18,9 +19,13 @@ public class CurrentUser implements Serializable {
    @JsonSerialize(using = ToStringSerializer.class)
    private Long id;

+    //账号
    private String username;
+    //姓名
+    private String nickName;

-    private Object user;
+    //用户详细信息
+    private UserDto user;

    private List<String> permissions = new ArrayList<>();
 }
--- a/nladmin-system/src/main/java/org/nl/modules/security/rest/AuthorizationController.java
+++ b/nladmin-system/src/main/java/org/nl/modules/security/rest/AuthorizationController.java
@@ -16,6 +16,7 @@
 package org.nl.modules.security.rest;

 import cn.dev33.satoken.secure.SaSecureUtil;
+import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.StrUtil;
@@ -90,9 +91,7 @@ public class AuthorizationController {
        if (!userDto.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
            throw new BadRequestException("账号或密码错误");
        }
-        StpUtil.login(userDto.getId()); // 调用satoken登录

-        StpUtil.getSession().set("UserDto", userDto);
        // 获取权限列表 - 登录查找权限
        List<String> permissionList = roleService.getPermissionList(userDto.getId().toString());

@@ -100,11 +99,16 @@ public class AuthorizationController {
        CurrentUser user = new CurrentUser();
        user.setId(userDto.getId());
        user.setUsername(userDto.getUsername());
+        user.setNickName(userDto.getNickName());
        user.setUser(userDto);
        user.setPermissions(permissionList);
-        StpUtil.getTokenSession().set("userInfo", user);

-        // 返回一个User
+        // SaLoginModel 配置登录相关参数
+        StpUtil.login(userDto.getId(), new SaLoginModel()
+                .setDevice("PC")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
+                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
+        );
+
        // 返回 token 与 用户信息
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("roles", permissionList);
--- a/nladmin-system/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java
+++ b/nladmin-system/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java
@@ -14,6 +14,7 @@ import org.nl.modules.common.utils.FileUtil;
 import org.nl.modules.common.utils.SecurityUtils;
 import org.nl.modules.system.service.ParamService;
 import org.nl.modules.system.service.dto.ParamDto;
+import org.nl.modules.system.service.dto.UserDto;
 import org.nl.modules.wql.core.bean.ResultBean;
 import org.nl.modules.wql.core.bean.WQLObject;
 import org.nl.modules.wql.util.WqlUtil;
@@ -73,7 +74,7 @@ public class ParamServiceImpl implements ParamService {
    @Override
    @Transactional(rollbackFor = Exception.class)
    public void create(ParamDto dto) {
-        String currentUsername = SecurityUtils.getCurrentUsername();
+        UserDto currentUsername = SecurityUtils.getCurrentUser();
        Long currentId = StpUtil.getLoginIdAsLong();

        String now = DateUtil.now();
@@ -81,8 +82,8 @@ public class ParamServiceImpl implements ParamService {
        dto.setId(IdUtil.simpleUUID());
        dto.setCreate_id(currentId);
        dto.setUpdate_optid(currentId);
-        dto.setCreate_name(currentUsername);
-        dto.setUpdate_optname(currentUsername);
+        dto.setCreate_name(currentUsername.getNickName());
+        dto.setUpdate_optname(currentUsername.getNickName());
        dto.setUpdate_time(now);
        dto.setCreate_time(now);

@@ -97,12 +98,12 @@ public class ParamServiceImpl implements ParamService {
        ParamDto entity = this.findById(dto.getId());
        if (entity == null) throw new BadRequestException("被删除或无权限，操作失败!");

-        String currentUsername = SecurityUtils.getCurrentUsername();
+        UserDto currentUsername = SecurityUtils.getCurrentUser();
        String now = DateUtil.now();

        dto.setUpdate_optid(StpUtil.getLoginIdAsLong());
        dto.setUpdate_time(now);
-        dto.setUpdate_optname(currentUsername);
+        dto.setUpdate_optname(currentUsername.getNickName());

        WQLObject wo = WQLObject.getWQLObject("sys_param");
        JSONObject json = JSONObject.parseObject( JSONObject.toJSONString(dto));
--- a/nladmin-system/src/main/resources/logback-spring.xml
+++ b/nladmin-system/src/main/resources/logback-spring.xml
@@ -79,7 +79,7 @@ https://juejin.cn/post/6844903775631572999
    <springProfile name="dev">
        <root level="info">
            <appender-ref ref="CONSOLE"/>
-            <appender-ref ref="lokiAppender" />
+<!--            <appender-ref ref="lokiAppender" />-->
        </root>

        <logger name="jdbc.audit" level="ERROR" additivity="false">