5 tahun lalu · 287276c2fa
--- a/mall-portal/pom.xml
+++ b/mall-portal/pom.xml
@@ -30,8 +30,8 @@
 
				             <artifactId>mall-mbg</artifactId>
			
 
				         </dependency>
			
 
				         <dependency>
			
 
				-            <groupId>org.springframework.boot</groupId>
			
 
				-            <artifactId>spring-boot-starter-security</artifactId>
			
 
				+            <groupId>com.macro.mall</groupId>
			
 
				+            <artifactId>mall-security</artifactId>
			
 
				         </dependency>
			
 
				         <!--mongodb依赖配置-->
			
 
				         <dependency>
			
--- a/mall-portal/src/main/java/com/macro/mall/portal/config/MallSecurityConfig.java
+++ b/mall-portal/src/main/java/com/macro/mall/portal/config/MallSecurityConfig.java
@@ -0,0 +1,29 @@
 
				+package com.macro.mall.portal.config;
			
 
				+
			
 
				+import com.macro.mall.portal.service.UmsMemberService;
			
 
				+import com.macro.mall.security.config.SecurityConfig;
			
 
				+import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.context.annotation.Bean;
			
 
				+import org.springframework.context.annotation.Configuration;
			
 
				+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
			
 
				+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
			
 
				+import org.springframework.security.core.userdetails.UserDetailsService;
			
 
				+
			
 
				+/**
			
 
				+ * mall-security模块相关配置
			
 
				+ * Created by macro on 2019/11/5.
			
 
				+ */
			
 
				+@Configuration
			
 
				+@EnableWebSecurity
			
 
				+@EnableGlobalMethodSecurity(prePostEnabled=true)
			
 
				+public class MallSecurityConfig extends SecurityConfig {
			
 
				+
			
 
				+    @Autowired
			
 
				+    private UmsMemberService memberService;
			
 
				+
			
 
				+    @Bean
			
 
				+    public UserDetailsService userDetailsService() {
			
 
				+        //获取登录用户信息
			
 
				+        return username -> memberService.loadUserByUsername(username);
			
 
				+    }
			
 
				+}
			
--- a/mall-portal/src/main/java/com/macro/mall/portal/config/SecurityConfig.java
+++ b/mall-portal/src/main/java/com/macro/mall/portal/config/SecurityConfig.java
@@ -1,111 +0,0 @@
 
				-package com.macro.mall.portal.config;
			
 
				-
			
 
				-import com.macro.mall.model.UmsMember;
			
 
				-import com.macro.mall.portal.component.*;
			
 
				-import com.macro.mall.portal.domain.MemberDetails;
			
 
				-import com.macro.mall.portal.service.UmsMemberService;
			
 
				-import org.springframework.beans.factory.annotation.Autowired;
			
 
				-import org.springframework.context.annotation.Bean;
			
 
				-import org.springframework.context.annotation.Configuration;
			
 
				-import org.springframework.http.HttpMethod;
			
 
				-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
			
 
				-import org.springframework.security.config.annotation.web.builders.HttpSecurity;
			
 
				-import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
			
 
				-import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
			
 
				-import org.springframework.security.core.userdetails.UserDetails;
			
 
				-import org.springframework.security.core.userdetails.UserDetailsService;
			
 
				-import org.springframework.security.core.userdetails.UsernameNotFoundException;
			
 
				-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
			
 
				-import org.springframework.security.crypto.password.PasswordEncoder;
			
 
				-
			
 
				-/**
			
 
				- * SpringSecurity的配置
			
 
				- * Created by macro on 2018/8/3.
			
 
				- */
			
 
				-@Configuration
			
 
				-@EnableWebSecurity
			
 
				-public class SecurityConfig extends WebSecurityConfigurerAdapter {
			
 
				-    @Autowired
			
 
				-    private UmsMemberService memberService;
			
 
				-    @Override
			
 
				-    protected void configure(HttpSecurity http) throws Exception {
			
 
				-        http.authorizeRequests()
			
 
				-                .antMatchers(HttpMethod.GET, // 允许对于网站静态资源的无授权访问
			
 
				-                        "/",
			
 
				-                        "/*.html",
			
 
				-                        "/favicon.ico",
			
 
				-                        "/**/*.html",
			
 
				-                        "/**/*.css",
			
 
				-                        "/**/*.js",
			
 
				-                        "/swagger-resources/**",
			
 
				-                        "/v2/api-docs/**",
			
 
				-                        "/webjars/springfox-swagger-ui/**"
			
 
				-                )
			
 
				-                .permitAll()
			
 
				-                .antMatchers(HttpMethod.OPTIONS)//跨域请求会先进行一次options请求
			
 
				-                .permitAll()
			
 
				-                .antMatchers(
			
 
				-                        "/sso/*",//登录注册
			
 
				-                        "/home/**"//首页接口
			
 
				-                )
			
 
				-                .permitAll()
			
 
				-                .antMatchers("/member/**","/returnApply/**")// 测试时开启
			
 
				-                .permitAll()
			
 
				-                .anyRequest()// 除上面外的所有请求全部需要鉴权认证
			
 
				-                .authenticated()
			
 
				-                .and()
			
 
				-                .exceptionHandling()
			
 
				-                .accessDeniedHandler(new GoAccessDeniedHandler())
			
 
				-                .authenticationEntryPoint(new GoAuthenticationEntryPoint())
			
 
				-                .and()
			
 
				-                .formLogin()
			
 
				-                .loginPage("/sso/login")
			
 
				-                .successHandler(new GoAuthenticationSuccessHandler())
			
 
				-                .failureHandler(new GoAuthenticationFailureHandler())
			
 
				-                .and()
			
 
				-                .logout()
			
 
				-                .logoutUrl("/sso/logout")
			
 
				-                .logoutSuccessHandler(new GoLogoutSuccessHandler())
			
 
				-                .invalidateHttpSession(true)
			
 
				-                .deleteCookies("JSESSIONID")
			
 
				-//                .and()
			
 
				-//                .requiresChannel()
			
 
				-//                .antMatchers("/sso/*")
			
 
				-//                .requiresSecure()
			
 
				-//                .anyRequest()
			
 
				-//                .requiresInsecure()
			
 
				-//                .and()
			
 
				-//                .rememberMe()
			
 
				-//                .tokenValiditySeconds(1800)
			
 
				-//                .key("token_key")
			
 
				-                .and()
			
 
				-                .csrf()
			
 
				-                .disable();//开启basic认证登录后可以调用需要认证的接口
			
 
				-    }
			
 
				-
			
 
				-    @Override
			
 
				-    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
			
 
				-        auth.userDetailsService(userDetailsService())
			
 
				-                .passwordEncoder(passwordEncoder());
			
 
				-    }
			
 
				-
			
 
				-    @Bean
			
 
				-    public PasswordEncoder passwordEncoder() {
			
 
				-        return new BCryptPasswordEncoder();
			
 
				-    }
			
 
				-
			
 
				-    @Bean
			
 
				-    public UserDetailsService userDetailsService() {
			
 
				-        //获取登录用户信息
			
 
				-        return new UserDetailsService() {
			
 
				-            @Override
			
 
				-            public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
			
 
				-                UmsMember member = memberService.getByUsername(username);
			
 
				-                if(member!=null){
			
 
				-                    return new MemberDetails(member);
			
 
				-                }
			
 
				-                throw new UsernameNotFoundException("用户名或密码错误");
			
 
				-            }
			
 
				-        };
			
 
				-    }
			
 
				-}
			
--- a/mall-portal/src/main/java/com/macro/mall/portal/service/UmsMemberService.java
+++ b/mall-portal/src/main/java/com/macro/mall/portal/service/UmsMemberService.java
@@ -2,6 +2,7 @@ package com.macro.mall.portal.service;
 
				 
			
 
				 import com.macro.mall.common.api.CommonResult;
			
 
				 import com.macro.mall.model.UmsMember;
			
 
				+import org.springframework.security.core.userdetails.UserDetails;
			
 
				 import org.springframework.transaction.annotation.Transactional;
			
 
				 
			
 
				 /**
			
@@ -45,4 +46,15 @@ public interface UmsMemberService {
 
				      * 根据会员id修改会员积分
			
 
				      */
			
 
				     void updateIntegration(Long id,Integer integration);
			
 
				+
			
 
				+
			
 
				+    /**
			
 
				+     * 获取用户信息
			
 
				+     */
			
 
				+    UserDetails loadUserByUsername(String username);
			
 
				+
			
 
				+    /**
			
 
				+     * 登录后获取token
			
 
				+     */
			
 
				+    String login(String username, String password);
			
 
				 }
			
--- a/mall-portal/src/main/java/com/macro/mall/portal/service/impl/UmsMemberServiceImpl.java
+++ b/mall-portal/src/main/java/com/macro/mall/portal/service/impl/UmsMemberServiceImpl.java
@@ -10,11 +10,19 @@ import com.macro.mall.model.UmsMemberLevelExample;
 
				 import com.macro.mall.portal.domain.MemberDetails;
			
 
				 import com.macro.mall.portal.service.RedisService;
			
 
				 import com.macro.mall.portal.service.UmsMemberService;
			
 
				+import com.macro.mall.security.util.JwtTokenUtil;
			
 
				+import org.slf4j.Logger;
			
 
				+import org.slf4j.LoggerFactory;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.beans.factory.annotation.Value;
			
 
				+import org.springframework.security.authentication.BadCredentialsException;
			
 
				+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
			
 
				 import org.springframework.security.core.Authentication;
			
 
				+import org.springframework.security.core.AuthenticationException;
			
 
				 import org.springframework.security.core.context.SecurityContext;
			
 
				 import org.springframework.security.core.context.SecurityContextHolder;
			
 
				+import org.springframework.security.core.userdetails.UserDetails;
			
 
				+import org.springframework.security.core.userdetails.UsernameNotFoundException;
			
 
				 import org.springframework.security.crypto.password.PasswordEncoder;
			
 
				 import org.springframework.stereotype.Service;
			
 
				 import org.springframework.util.CollectionUtils;
			
@@ -30,13 +38,16 @@ import java.util.Random;
 
				  */
			
 
				 @Service
			
 
				 public class UmsMemberServiceImpl implements UmsMemberService {
			
 
				+    private static final Logger LOGGER = LoggerFactory.getLogger(UmsMemberServiceImpl.class);
			
 
				+    @Autowired
			
 
				+    private PasswordEncoder passwordEncoder;
			
 
				+    @Autowired
			
 
				+    private JwtTokenUtil jwtTokenUtil;
			
 
				     @Autowired
			
 
				     private UmsMemberMapper memberMapper;
			
 
				     @Autowired
			
 
				     private UmsMemberLevelMapper memberLevelMapper;
			
 
				     @Autowired
			
 
				-    private PasswordEncoder passwordEncoder;
			
 
				-    @Autowired
			
 
				     private RedisService redisService;
			
 
				     @Value("${redis.key.prefix.authCode}")
			
 
				     private String REDIS_KEY_PREFIX_AUTH_CODE;
			
@@ -139,6 +150,33 @@ public class UmsMemberServiceImpl implements UmsMemberService {
 
				         memberMapper.updateByPrimaryKeySelective(record);
			
 
				     }
			
 
				 
			
 
				+    @Override
			
 
				+    public UserDetails loadUserByUsername(String username) {
			
 
				+        UmsMember member = getByUsername(username);
			
 
				+        if(member!=null){
			
 
				+            return new MemberDetails(member);
			
 
				+        }
			
 
				+        throw new UsernameNotFoundException("用户名或密码错误");
			
 
				+    }
			
 
				+
			
 
				+    @Override
			
 
				+    public String login(String username, String password) {
			
 
				+        String token = null;
			
 
				+        //密码需要客户端加密后传递
			
 
				+        try {
			
 
				+            UserDetails userDetails = loadUserByUsername(username);
			
 
				+            if(!passwordEncoder.matches(password,userDetails.getPassword())){
			
 
				+                throw new BadCredentialsException("密码不正确");
			
 
				+            }
			
 
				+            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
			
 
				+            SecurityContextHolder.getContext().setAuthentication(authentication);
			
 
				+            token = jwtTokenUtil.generateToken(userDetails);
			
 
				+        } catch (AuthenticationException e) {
			
 
				+            LOGGER.warn("登录异常:{}", e.getMessage());
			
 
				+        }
			
 
				+        return token;
			
 
				+    }
			
 
				+
			
 
				     //对输入的验证码进行校验
			
 
				     private boolean verifyAuthCode(String authCode, String telephone){
			
 
				         if(StringUtils.isEmpty(authCode)){
			
--- a/mall-portal/src/main/resources/application.yml
+++ b/mall-portal/src/main/resources/application.yml
@@ -9,6 +9,26 @@ mybatis:
 
				 
			
 
				 http:
			
 
				   port: 8085 # http服务端口
			
 
				+jwt:
			
 
				+  tokenHeader: Authorization #JWT存储的请求头
			
 
				+  secret: mall-portal-secret #JWT加解密使用的密钥
			
 
				+  expiration: 604800 #JWT的超期限时间(60*60*24)
			
 
				+  tokenHead: Bearer  #JWT负载中拿到开头
			
 
				+ignored: #安全路径白名单
			
 
				+  urls:
			
 
				+    - /swagger-ui.html
			
 
				+    - /swagger-resources/**
			
 
				+    - /swagger/**
			
 
				+    - /**/v2/api-docs
			
 
				+    - /**/*.js
			
 
				+    - /**/*.css
			
 
				+    - /**/*.png
			
 
				+    - /**/*.ico
			
 
				+    - /webjars/springfox-swagger-ui/**
			
 
				+    - /druid/**
			
 
				+    - /actuator/**
			
 
				+    - /sso/**
			
 
				+    - /home/**
			
 
				 
			
 
				 # 自定义redis key
			
 
				 redis: