Skip to content

Commit 207e6fb

Browse files
elunezelunez
committed
SecurityUtils 加入获取当前登录用户ID方法,Security 结构调整
1 parent 4054ac7 commit 207e6fb

25 files changed

Lines changed: 159 additions & 145 deletions

File tree

eladmin-common/src/main/java/me/zhengjie/config/ElPermissionConfig.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ public class ElPermissionConfig {
1515

1616
public Boolean check(String ...permissions){
1717
// 获取当前用户的所有权限
18-
List<String> elPermissions = SecurityUtils.getUserDetails().getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
18+
List<String> elPermissions = SecurityUtils.getCurrentUser().getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
1919
// 判断当前用户的所有权限是否包含接口上定义的权限
2020
return elPermissions.contains("admin") || Arrays.stream(permissions).anyMatch(elPermissions::contains);
2121
}

eladmin-common/src/main/java/me/zhengjie/utils/SecurityUtils.java

Lines changed: 36 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,34 +1,60 @@
11
package me.zhengjie.utils;
22

33
import cn.hutool.json.JSONObject;
4+
import lombok.extern.slf4j.Slf4j;
45
import me.zhengjie.exception.BadRequestException;
56
import org.springframework.http.HttpStatus;
7+
import org.springframework.security.core.Authentication;
68
import org.springframework.security.core.context.SecurityContextHolder;
79
import org.springframework.security.core.userdetails.UserDetails;
10+
import org.springframework.security.core.userdetails.UserDetailsService;
811

912
/**
1013
* 获取当前登录的用户
1114
* @author Zheng Jie
1215
* @date 2019-01-17
1316
*/
17+
@Slf4j
1418
public class SecurityUtils {
1519

16-
public static UserDetails getUserDetails() {
17-
UserDetails userDetails;
18-
try {
19-
userDetails = (UserDetails) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
20-
} catch (Exception e) {
21-
throw new BadRequestException(HttpStatus.UNAUTHORIZED, "登录状态过期");
20+
/**
21+
* 获取当前登录的用户
22+
* @return UserDetails
23+
*/
24+
public static UserDetails getCurrentUser() {
25+
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
26+
if (authentication == null) {
27+
throw new BadRequestException(HttpStatus.UNAUTHORIZED, "当前登录状态过期");
2228
}
23-
return userDetails;
29+
if (authentication.getPrincipal() instanceof UserDetails) {
30+
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
31+
UserDetailsService userDetailsService = SpringContextHolder.getBean(UserDetailsService.class);
32+
return userDetailsService.loadUserByUsername(userDetails.getUsername());
33+
}
34+
throw new BadRequestException(HttpStatus.UNAUTHORIZED, "找不到当前登录的信息");
2435
}
2536

2637
/**
2738
* 获取系统用户名称
39+
*
2840
* @return 系统用户名称
2941
*/
30-
public static String getUsername(){
31-
Object obj = getUserDetails();
32-
return new JSONObject(obj).get("username", String.class);
42+
public static String getCurrentUsername() {
43+
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
44+
if (authentication == null) {
45+
throw new BadRequestException(HttpStatus.UNAUTHORIZED, "当前登录状态过期");
46+
}
47+
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
48+
return userDetails.getUsername();
49+
}
50+
51+
/**
52+
* 获取系统用户ID
53+
*
54+
* @return 系统用户ID
55+
*/
56+
public static Long getCurrentUserId() {
57+
UserDetails userDetails = getCurrentUser();
58+
return new JSONObject(new JSONObject(userDetails).get("user")).get("id", Long.class);
3359
}
3460
}

eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@ public void logAfterThrowing(JoinPoint joinPoint, Throwable e) {
7676

7777
public String getUsername() {
7878
try {
79-
return SecurityUtils.getUsername();
79+
return SecurityUtils.getCurrentUsername();
8080
}catch (Exception e){
8181
return "";
8282
}

eladmin-logging/src/main/java/me/zhengjie/rest/LogController.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,7 @@ public ResponseEntity<Object> getLogs(LogQueryCriteria criteria, Pageable pageab
5858
@ApiOperation("用户日志查询")
5959
public ResponseEntity<Object> getUserLogs(LogQueryCriteria criteria, Pageable pageable){
6060
criteria.setLogType("INFO");
61-
criteria.setBlurry(SecurityUtils.getUsername());
61+
criteria.setBlurry(SecurityUtils.getCurrentUsername());
6262
return new ResponseEntity<>(logService.queryAllByUser(criteria,pageable), HttpStatus.OK);
6363
}
6464

eladmin-system/src/main/java/me/zhengjie/AppRun.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,12 +14,12 @@
1414
import org.springframework.web.bind.annotation.RestController;
1515

1616
/**
17+
* 开启审计功能 -> @EnableJpaAuditing
1718
* @author Zheng Jie
1819
* @date 2018/11/15 9:20:19
1920
*/
2021
@EnableAsync
2122
@RestController
22-
/** 开启审计功能 */
2323
@EnableJpaAuditing(auditorAwareRef = "auditorAware")
2424
@SpringBootApplication
2525
@EnableTransactionManagement

eladmin-system/src/main/java/me/zhengjie/config/AuditorConfig.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@
88

99
/**
1010
* @描述 : 设置审计
11-
* @作者 : Dong ZhaoYang
11+
* @author : Dong ZhaoYang
1212
* @日期 : 2019/10/28
1313
* @时间 : 10:29
1414
*/
@@ -18,11 +18,11 @@ public class AuditorConfig implements AuditorAware<String> {
1818
/**
1919
* 返回操作员标志信息
2020
*
21-
* @return
21+
* @return /
2222
*/
2323
@Override
2424
public Optional<String> getCurrentAuditor() {
2525
// 这里应根据实际业务情况获取具体信息
26-
return Optional.of(SecurityUtils.getUsername());
26+
return Optional.of(SecurityUtils.getCurrentUsername());
2727
}
2828
}

eladmin-system/src/main/java/me/zhengjie/config/DataScope.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ public DataScope(UserService userService, RoleService roleService, DeptService d
3737

3838
public Set<Long> getDeptIds() {
3939

40-
UserDto user = userService.findByName(SecurityUtils.getUsername());
40+
UserDto user = userService.findByName(SecurityUtils.getCurrentUsername());
4141

4242
// 用于存储部门id
4343
Set<Long> deptIds = new HashSet<>();

eladmin-system/src/main/java/me/zhengjie/modules/mnt/service/impl/DeployServiceImpl.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -202,7 +202,7 @@ private void backupApp(ExecuteShellUtil executeShellUtil, String ip, String file
202202
//还原信息入库
203203
DeployHistory deployHistory = new DeployHistory();
204204
deployHistory.setAppName(appName);
205-
deployHistory.setDeployUser(SecurityUtils.getUsername());
205+
deployHistory.setDeployUser(SecurityUtils.getCurrentUsername());
206206
deployHistory.setIp(ip);
207207
deployHistory.setDeployId(id);
208208
deployHistoryService.create(deployHistory);

eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
3737
private final JwtAccessDeniedHandler jwtAccessDeniedHandler;
3838
private final ApplicationContext applicationContext;
3939

40+
4041
public SecurityConfig(TokenProvider tokenProvider, CorsFilter corsFilter, JwtAuthenticationEntryPoint authenticationErrorHandler, JwtAccessDeniedHandler jwtAccessDeniedHandler, ApplicationContext applicationContext) {
4142
this.tokenProvider = tokenProvider;
4243
this.corsFilter = corsFilter;

eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java renamed to eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthorizationController.java

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -12,8 +12,8 @@
1212
import me.zhengjie.exception.BadRequestException;
1313
import me.zhengjie.modules.security.config.SecurityProperties;
1414
import me.zhengjie.modules.security.security.TokenProvider;
15-
import me.zhengjie.modules.security.security.vo.AuthUser;
16-
import me.zhengjie.modules.security.security.vo.JwtUser;
15+
import me.zhengjie.modules.security.service.dto.AuthUserDto;
16+
import me.zhengjie.modules.security.service.dto.JwtUserDto;
1717
import me.zhengjie.modules.security.service.OnlineUserService;
1818
import me.zhengjie.utils.RedisUtils;
1919
import me.zhengjie.utils.SecurityUtils;
@@ -42,7 +42,7 @@
4242
@RestController
4343
@RequestMapping("/auth")
4444
@Api(tags = "系统:系统授权接口")
45-
public class AuthController {
45+
public class AuthorizationController {
4646

4747
@Value("${loginCode.expiration}")
4848
private Long expiration;
@@ -57,7 +57,7 @@ public class AuthController {
5757
private final TokenProvider tokenProvider;
5858
private final AuthenticationManagerBuilder authenticationManagerBuilder;
5959

60-
public AuthController(SecurityProperties properties, RedisUtils redisUtils, UserDetailsService userDetailsService, OnlineUserService onlineUserService, TokenProvider tokenProvider, AuthenticationManagerBuilder authenticationManagerBuilder) {
60+
public AuthorizationController(SecurityProperties properties, RedisUtils redisUtils, UserDetailsService userDetailsService, OnlineUserService onlineUserService, TokenProvider tokenProvider, AuthenticationManagerBuilder authenticationManagerBuilder) {
6161
this.properties = properties;
6262
this.redisUtils = redisUtils;
6363
this.userDetailsService = userDetailsService;
@@ -70,7 +70,7 @@ public AuthController(SecurityProperties properties, RedisUtils redisUtils, User
7070
@ApiOperation("登录授权")
7171
@AnonymousAccess
7272
@PostMapping(value = "/login")
73-
public ResponseEntity<Object> login(@Validated @RequestBody AuthUser authUser, HttpServletRequest request){
73+
public ResponseEntity<Object> login(@Validated @RequestBody AuthUserDto authUser, HttpServletRequest request){
7474
// 密码解密
7575
RSA rsa = new RSA(privateKey, null);
7676
String password = new String(rsa.decrypt(authUser.getPassword(), KeyType.PrivateKey));
@@ -91,13 +91,13 @@ public ResponseEntity<Object> login(@Validated @RequestBody AuthUser authUser, H
9191
SecurityContextHolder.getContext().setAuthentication(authentication);
9292
// 生成令牌
9393
String token = tokenProvider.createToken(authentication);
94-
final JwtUser jwtUser = (JwtUser) authentication.getPrincipal();
94+
final JwtUserDto jwtUserDto = (JwtUserDto) authentication.getPrincipal();
9595
// 保存在线信息
96-
onlineUserService.save(jwtUser, token, request);
96+
onlineUserService.save(jwtUserDto, token, request);
9797
// 返回 token 与 用户信息
9898
Map<String,Object> authInfo = new HashMap<String,Object>(2){{
9999
put("token", properties.getTokenStartWith() + token);
100-
put("user", jwtUser);
100+
put("user", jwtUserDto);
101101
}};
102102
if(singleLogin){
103103
//踢掉之前已经登录的token
@@ -109,8 +109,8 @@ public ResponseEntity<Object> login(@Validated @RequestBody AuthUser authUser, H
109109
@ApiOperation("获取用户信息")
110110
@GetMapping(value = "/info")
111111
public ResponseEntity<Object> getUserInfo(){
112-
JwtUser jwtUser = (JwtUser)userDetailsService.loadUserByUsername(SecurityUtils.getUsername());
113-
return ResponseEntity.ok(jwtUser);
112+
JwtUserDto jwtUserDto = (JwtUserDto)userDetailsService.loadUserByUsername(SecurityUtils.getCurrentUsername());
113+
return ResponseEntity.ok(jwtUserDto);
114114
}
115115

116116
@AnonymousAccess

0 commit comments

Comments
 (0)