master
zwzw1219
parent
608545dd15
commit
034c71d9bb
|
|
@ -47,8 +47,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
.loginProcessingUrl("/login").successHandler(authenticationSuccessHandler)
|
.loginProcessingUrl("/login").successHandler(authenticationSuccessHandler)
|
||||||
.failureHandler(authenticationFailureHandler).and().logout().logoutUrl("/logout")
|
.failureHandler(authenticationFailureHandler).and().logout().logoutUrl("/logout")
|
||||||
.logoutSuccessHandler(logoutSuccessHandler);
|
.logoutSuccessHandler(logoutSuccessHandler);
|
||||||
http.csrf().disable().headers().frameOptions().sameOrigin();
|
http.csrf().disable();
|
||||||
|
http.headers().frameOptions().sameOrigin();
|
||||||
|
http.headers().cacheControl();
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
|
|
||||||
|
|
@ -2,46 +2,58 @@ package com.boot.security.server.dto;
|
||||||
|
|
||||||
import java.util.Collection;
|
import java.util.Collection;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||||
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
|
|
||||||
import com.boot.security.server.model.SysUser;
|
import com.boot.security.server.model.SysUser;
|
||||||
|
import com.fasterxml.jackson.annotation.JsonIgnore;
|
||||||
|
|
||||||
public class LoginUser extends SysUser implements UserDetails {
|
public class LoginUser extends SysUser implements UserDetails {
|
||||||
|
|
||||||
private static final long serialVersionUID = 1422037805178348848L;
|
private static final long serialVersionUID = 1422037805178348848L;
|
||||||
|
|
||||||
private Set<GrantedAuthority> authorities;
|
private Set<String> permissions;
|
||||||
|
|
||||||
public void setAuthorities(Set<GrantedAuthority> authorities) {
|
public Set<String> getPermissions() {
|
||||||
this.authorities = authorities;
|
return permissions;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPermissions(Set<String> permissions) {
|
||||||
|
this.permissions = permissions;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@JsonIgnore
|
||||||
public Collection<? extends GrantedAuthority> getAuthorities() {
|
public Collection<? extends GrantedAuthority> getAuthorities() {
|
||||||
return authorities;
|
return permissions.parallelStream().map(a -> new SimpleGrantedAuthority(a)).collect(Collectors.toSet());
|
||||||
}
|
}
|
||||||
|
|
||||||
// 账户是否未过期
|
// 账户是否未过期
|
||||||
|
@JsonIgnore
|
||||||
@Override
|
@Override
|
||||||
public boolean isAccountNonExpired() {
|
public boolean isAccountNonExpired() {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// 账户是否未锁定
|
// 账户是否未锁定
|
||||||
|
@JsonIgnore
|
||||||
@Override
|
@Override
|
||||||
public boolean isAccountNonLocked() {
|
public boolean isAccountNonLocked() {
|
||||||
return getStatus() != Status.LOCKED;
|
return getStatus() != Status.LOCKED;
|
||||||
}
|
}
|
||||||
|
|
||||||
// 密码是否未过期
|
// 密码是否未过期
|
||||||
|
@JsonIgnore
|
||||||
@Override
|
@Override
|
||||||
public boolean isCredentialsNonExpired() {
|
public boolean isCredentialsNonExpired() {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
// 账户是否激活
|
// 账户是否激活
|
||||||
|
@JsonIgnore
|
||||||
@Override
|
@Override
|
||||||
public boolean isEnabled() {
|
public boolean isEnabled() {
|
||||||
return true;
|
return true;
|
||||||
|
|
|
||||||
|
|
@ -47,6 +47,7 @@ public class TokenFilter extends OncePerRequestFilter {
|
||||||
SecurityContextHolder.getContext().setAuthentication(authentication);
|
SecurityContextHolder.getContext().setAuthentication(authentication);
|
||||||
|
|
||||||
filterChain.doFilter(request, response);
|
filterChain.doFilter(request, response);
|
||||||
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,16 +1,14 @@
|
||||||
package com.boot.security.server.service.impl;
|
package com.boot.security.server.service.impl;
|
||||||
|
|
||||||
import java.util.HashSet;
|
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
import java.util.stream.Collectors;
|
||||||
|
|
||||||
import org.springframework.beans.BeanUtils;
|
import org.springframework.beans.BeanUtils;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
||||||
import org.springframework.security.authentication.DisabledException;
|
import org.springframework.security.authentication.DisabledException;
|
||||||
import org.springframework.security.authentication.LockedException;
|
import org.springframework.security.authentication.LockedException;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
|
||||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|
||||||
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.core.userdetails.UserDetails;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||||
|
|
@ -45,16 +43,12 @@ public class UserDetailsServiceImpl implements UserDetailsService {
|
||||||
|
|
||||||
// 查询权限
|
// 查询权限
|
||||||
List<Permission> permissionList = permissionDao.listByUserId(sysUser.getId());
|
List<Permission> permissionList = permissionDao.listByUserId(sysUser.getId());
|
||||||
|
Set<String> permissions = permissionList.parallelStream().filter(p -> !StringUtils.isEmpty(p.getPermission()))
|
||||||
Set<GrantedAuthority> authorities = new HashSet<>();
|
.map(Permission::getPermission).collect(Collectors.toSet());
|
||||||
permissionList.parallelStream().filter(p -> !StringUtils.isEmpty(p.getPermission())).forEach(p -> {
|
|
||||||
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(p.getPermission());
|
|
||||||
authorities.add(grantedAuthority);
|
|
||||||
});
|
|
||||||
|
|
||||||
LoginUser loginUser = new LoginUser();
|
LoginUser loginUser = new LoginUser();
|
||||||
BeanUtils.copyProperties(sysUser, loginUser);
|
BeanUtils.copyProperties(sysUser, loginUser);
|
||||||
loginUser.setAuthorities(authorities);
|
loginUser.setPermissions(permissions);
|
||||||
|
|
||||||
return loginUser;
|
return loginUser;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue