登录授权代码更新

nladmin-system/src/main/java/org/nl/modules/common/utils/SecurityUtils.java

@@ -1,8 +1,11 @@
 package org.nl.modules.common.utils;
 
 import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.json.JSONArray;
+import cn.hutool.json.JSONObject;
 import lombok.extern.slf4j.Slf4j;
-import org.nl.modules.common.utils.dto.CurrentUser;
+import org.nl.modules.system.service.dto.UserDto;
 
 import java.util.List;
 
@@ -19,16 +22,14 @@ public class SecurityUtils {
      *
      * @return 系统用户
      */
-    public static Object getCurrentUser() {
+    public static UserDto getCurrentUser() {
-        CurrentUser user = null;
         try {
-            user = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
+            JSONObject json = (JSONObject) StpUtil.getExtra("loginInfo");
-            if (user.getUser() != null) {
+            if (ObjectUtil.isNotEmpty(json)) {
-                return user.getUser();
+                return json.toBean(UserDto.class);
             }
-        }
+        } catch (Exception e) {
-        catch (Exception e) {
+            return new UserDto();
-            return null;
         }
         return null;
     }
@@ -39,11 +40,16 @@ public class SecurityUtils {
      * @return 系统用户名称
      */
     public static String getCurrentUsername() {
-        CurrentUser currentUser = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
+        return getCurrentUser().getUsername();
-        if (currentUser.getUsername() != null) {
-            return currentUser.getUsername();
     }
-        return "";
+
+    /**
+     * 获取系统用户名称
+     *
+     * @return 系统用户名称
+     */
+    public static String getCurrentNickName() {
+        return getCurrentUser().getNickName();
     }
 
     /**
@@ -52,22 +58,19 @@ public class SecurityUtils {
      * @return 系统用户Id
      */
     public static Long getCurrentUserId() {
-        CurrentUser currentUser = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
+        return getCurrentUser().getId();
-        if (currentUser.getId() != null) {
-            return currentUser.getId();
-        }
-        return 0L;
     }
 
     /**
      * 获取当前用户权限
+     *
      * @return 权限列表
      */
     public static List<String> getCurrentUserPermissions() {
-        CurrentUser userInfo = (CurrentUser) StpUtil.getTokenSession().get("userInfo");
+        JSONObject json = (JSONObject) StpUtil.getExtra("loginInfo");
-        List<String> permissions = userInfo.getPermissions();
+        JSONArray permissions = json.getJSONArray("permissions");
         if (permissions.size() > 0) {
-            return permissions;
+            return permissions.toList(String.class);
         }
         return null;
     }

nladmin-system/src/main/java/org/nl/modules/common/utils/dto/CurrentUser.java

@@ -3,6 +3,7 @@ package org.nl.modules.common.utils.dto;
 import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
 import lombok.Data;
+import org.nl.modules.system.service.dto.UserDto;
 
 import java.io.Serializable;
 import java.util.ArrayList;
@@ -18,9 +19,13 @@ public class CurrentUser implements Serializable {
     @JsonSerialize(using = ToStringSerializer.class)
     private Long id;
 
+    //账号
     private String username;
+    //姓名
+    private String nickName;
 
-    private Object user;
+    //用户详细信息
+    private UserDto user;
 
     private List<String> permissions = new ArrayList<>();
 }

nladmin-system/src/main/java/org/nl/modules/security/rest/AuthorizationController.java

@@ -16,6 +16,7 @@
 package org.nl.modules.security.rest;
 
 import cn.dev33.satoken.secure.SaSecureUtil;
+import cn.dev33.satoken.stp.SaLoginModel;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.hutool.core.util.IdUtil;
 import cn.hutool.core.util.StrUtil;
@@ -90,9 +91,7 @@ public class AuthorizationController {
         if (!userDto.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
             throw new BadRequestException("账号或密码错误");
         }
-        StpUtil.login(userDto.getId()); // 调用satoken登录
 
-        StpUtil.getSession().set("UserDto", userDto);
         // 获取权限列表 - 登录查找权限
         List<String> permissionList = roleService.getPermissionList(userDto.getId().toString());
 
@@ -100,11 +99,16 @@ public class AuthorizationController {
         CurrentUser user = new CurrentUser();
         user.setId(userDto.getId());
         user.setUsername(userDto.getUsername());
+        user.setNickName(userDto.getNickName());
         user.setUser(userDto);
         user.setPermissions(permissionList);
-        StpUtil.getTokenSession().set("userInfo", user);
 
-        // 返回一个User
+        // SaLoginModel 配置登录相关参数
+        StpUtil.login(userDto.getId(), new SaLoginModel()
+                .setDevice("PC")                // 此次登录的客户端设备类型, 用于[同端互斥登录]时指定此次登录的设备类型
+                .setExtra("loginInfo", user)    // Token挂载的扩展参数 （此方法只有在集成jwt插件时才会生效）
+        );
+
         // 返回 token 与 用户信息
         JSONObject jsonObject = new JSONObject();
         jsonObject.put("roles", permissionList);

nladmin-system/src/main/java/org/nl/modules/system/service/impl/ParamServiceImpl.java

@@ -14,6 +14,7 @@ import org.nl.modules.common.utils.FileUtil;
 import org.nl.modules.common.utils.SecurityUtils;
 import org.nl.modules.system.service.ParamService;
 import org.nl.modules.system.service.dto.ParamDto;
+import org.nl.modules.system.service.dto.UserDto;
 import org.nl.modules.wql.core.bean.ResultBean;
 import org.nl.modules.wql.core.bean.WQLObject;
 import org.nl.modules.wql.util.WqlUtil;
@@ -73,7 +74,7 @@ public class ParamServiceImpl implements ParamService {
     @Override
     @Transactional(rollbackFor = Exception.class)
     public void create(ParamDto dto) {
-        String currentUsername = SecurityUtils.getCurrentUsername();
+        UserDto currentUsername = SecurityUtils.getCurrentUser();
         Long currentId = StpUtil.getLoginIdAsLong();
 
         String now = DateUtil.now();
@@ -81,8 +82,8 @@ public class ParamServiceImpl implements ParamService {
         dto.setId(IdUtil.simpleUUID());
         dto.setCreate_id(currentId);
         dto.setUpdate_optid(currentId);
-        dto.setCreate_name(currentUsername);
+        dto.setCreate_name(currentUsername.getNickName());
-        dto.setUpdate_optname(currentUsername);
+        dto.setUpdate_optname(currentUsername.getNickName());
         dto.setUpdate_time(now);
         dto.setCreate_time(now);
 
@@ -97,12 +98,12 @@ public class ParamServiceImpl implements ParamService {
         ParamDto entity = this.findById(dto.getId());
         if (entity == null) throw new BadRequestException("被删除或无权限，操作失败!");
 
-        String currentUsername = SecurityUtils.getCurrentUsername();
+        UserDto currentUsername = SecurityUtils.getCurrentUser();
         String now = DateUtil.now();
 
         dto.setUpdate_optid(StpUtil.getLoginIdAsLong());
         dto.setUpdate_time(now);
-        dto.setUpdate_optname(currentUsername);
+        dto.setUpdate_optname(currentUsername.getNickName());
 
         WQLObject wo = WQLObject.getWQLObject("sys_param");
         JSONObject json = JSONObject.parseObject( JSONObject.toJSONString(dto));

nladmin-system/src/main/resources/logback-spring.xml

@@ -79,7 +79,7 @@ https://juejin.cn/post/6844903775631572999
     <springProfile name="dev">
         <root level="info">
             <appender-ref ref="CONSOLE"/>
-            <appender-ref ref="lokiAppender" />
+<!--            <appender-ref ref="lokiAppender" />-->
         </root>
 
         <logger name="jdbc.audit" level="ERROR" additivity="false">