master
zwzw1219
parent
608545dd15
commit
034c71d9bb
|
|
@ -47,8 +47,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
.loginProcessingUrl("/login").successHandler(authenticationSuccessHandler)
|
||||
.failureHandler(authenticationFailureHandler).and().logout().logoutUrl("/logout")
|
||||
.logoutSuccessHandler(logoutSuccessHandler);
|
||||
http.csrf().disable().headers().frameOptions().sameOrigin();
|
||||
|
||||
http.csrf().disable();
|
||||
http.headers().frameOptions().sameOrigin();
|
||||
http.headers().cacheControl();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -2,46 +2,58 @@ package com.boot.security.server.dto;
|
|||
|
||||
import java.util.Collection;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
|
||||
import com.boot.security.server.model.SysUser;
|
||||
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||
|
||||
public class LoginUser extends SysUser implements UserDetails {
|
||||
|
||||
private static final long serialVersionUID = 1422037805178348848L;
|
||||
|
||||
private Set<GrantedAuthority> authorities;
|
||||
private Set<String> permissions;
|
||||
|
||||
public void setAuthorities(Set<GrantedAuthority> authorities) {
|
||||
this.authorities = authorities;
|
||||
public Set<String> getPermissions() {
|
||||
return permissions;
|
||||
}
|
||||
|
||||
public void setPermissions(Set<String> permissions) {
|
||||
this.permissions = permissions;
|
||||
}
|
||||
|
||||
@Override
|
||||
@JsonIgnore
|
||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||
return authorities;
|
||||
return permissions.parallelStream().map(a -> new SimpleGrantedAuthority(a)).collect(Collectors.toSet());
|
||||
}
|
||||
|
||||
// 账户是否未过期
|
||||
@JsonIgnore
|
||||
@Override
|
||||
public boolean isAccountNonExpired() {
|
||||
return true;
|
||||
}
|
||||
|
||||
// 账户是否未锁定
|
||||
@JsonIgnore
|
||||
@Override
|
||||
public boolean isAccountNonLocked() {
|
||||
return getStatus() != Status.LOCKED;
|
||||
}
|
||||
|
||||
// 密码是否未过期
|
||||
@JsonIgnore
|
||||
@Override
|
||||
public boolean isCredentialsNonExpired() {
|
||||
return true;
|
||||
}
|
||||
|
||||
// 账户是否激活
|
||||
@JsonIgnore
|
||||
@Override
|
||||
public boolean isEnabled() {
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -47,6 +47,7 @@ public class TokenFilter extends OncePerRequestFilter {
|
|||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,16 +1,14 @@
|
|||
package com.boot.security.server.service.impl;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import org.springframework.beans.BeanUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
||||
import org.springframework.security.authentication.DisabledException;
|
||||
import org.springframework.security.authentication.LockedException;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
|
|
@ -45,16 +43,12 @@ public class UserDetailsServiceImpl implements UserDetailsService {
|
|||
|
||||
// 查询权限
|
||||
List<Permission> permissionList = permissionDao.listByUserId(sysUser.getId());
|
||||
|
||||
Set<GrantedAuthority> authorities = new HashSet<>();
|
||||
permissionList.parallelStream().filter(p -> !StringUtils.isEmpty(p.getPermission())).forEach(p -> {
|
||||
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(p.getPermission());
|
||||
authorities.add(grantedAuthority);
|
||||
});
|
||||
Set<String> permissions = permissionList.parallelStream().filter(p -> !StringUtils.isEmpty(p.getPermission()))
|
||||
.map(Permission::getPermission).collect(Collectors.toSet());
|
||||
|
||||
LoginUser loginUser = new LoginUser();
|
||||
BeanUtils.copyProperties(sysUser, loginUser);
|
||||
loginUser.setAuthorities(authorities);
|
||||
loginUser.setPermissions(permissions);
|
||||
|
||||
return loginUser;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue