SpringCloud&SpringSecurity

最新推荐文章于 2024-08-03 21:02:21 发布

JavaBoot1992

最新推荐文章于 2024-08-03 21:02:21 发布

阅读量532

点赞数

分类专栏： java基础文章标签： java

本文链接：https://blog.csdn.net/JavaBoot1992/article/details/116587523

版权

java基础专栏收录该内容

6 篇文章 0 订阅

订阅专栏

w1、各个服务包名前面要一致
在这里插入图片描述

SpringSecurity
https://www.cnblogs.com/crazy-lc/p/12361118.html
https://blog.csdn.net/u012702547/article/details/89629415
内部用ThreadLocal存储用户信息
如何配置数据库到SpringSecurity中呢
先创建方法实现UserDetailsService（做身份认证，登入时调用），数据库查询用户信息和角色信息返回UserDetails对象,用户信息放在session中

@Service
public class SecurityUserDetailsService implements UserDetailsService {

    @Autowired
    private AdminService adminService;

    @Autowired
    private RoleService roleService;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        QueryWrapper<Admin> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq(SQLConf.USER_NAME, username);
        Admin admin = adminService.getOne(queryWrapper);

        if (admin == null) {
            throw new UsernameNotFoundException(String.format("No user found with username '%s'.", username));
        } else {
            //查询出角色信息封装到admin中
            List<String> roleNames = new ArrayList<>();
            Role role = roleService.getById(admin.getRoleUid());
            roleNames.add(role.getRoleName());

            admin.setRoleNames(roleNames);

            return SecurityUserFactory.create(admin);
        }
    }
}

在config方法中加入这个类
https://www.cnblogs.com/pjjlt/p/10960690.html

@Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService);
    }

在这里插入图片描述

SpringSecurity整合jwt
在config方法中添加jwtfitter

httpSecurity.addFilterBefore(registrationBean(new JwtAuthenticationTokenFilter()).getFilter(), UsernamePasswordAuthenticationFilter.class);

jwtfitter

@Slf4j
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {


    @Autowired
    private Audience audience;

    @Resource
    private UserDetailsService userDetailsService;

    @Autowired
    private JwtHelper jwtHelper;

//	@Value(value="${base64Secret}")
//	private String base64Secret;

    @Value(value = "${tokenHead}")
    private String tokenHead;

    @Value(value = "${tokenHeader}")
    private String tokenHeader;

    /**
     * token过期的时间
     */
    @Value(value = "${audience.expiresSecond}")
    private Long expiresSecond;

    /**
     * token刷新的时间
     */
    @Value(value = "${audience.refreshSecond}")
    private Long refreshSecond;

    @Autowired
    private RedisUtil redisUtil;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
            throws ServletException, IOException {

        //得到请求头信息authorization信息
        String authHeader = request.getHeader(tokenHeader);

        // 从picture服务传递过来的token，如果有说明执行了上传操作
        final String pictureToken = request.getHeader("pictureToken");
        if (StringUtils.isNotEmpty(pictureToken)) {
            authHeader = pictureToken;
        }

        //请求头 'Authorization': tokenHead + token
        if (authHeader != null && authHeader.startsWith(tokenHead)) {

            log.error("传递过来的token为: {}", authHeader);

            final String token = authHeader.substring(tokenHead.length());

            // 获取在线的管理员信息
            String onlineAdmin = redisUtil.get(RedisConf.LOGIN_TOKEN_KEY + RedisConf.SEGMENTATION + authHeader);

            if(StringUtils.isNotEmpty(onlineAdmin) && !jwtHelper.isExpiration(token, audience.getBase64Secret())) {
                /**
                 * 得到过期时间
                 */
                Date expirationDate = jwtHelper.getExpiration(token, audience.getBase64Secret());
                long nowMillis = System.currentTimeMillis();
                Date nowDate = new Date(nowMillis);
                // 得到两个日期相差的间隔，秒
                Integer second = DateUtils.getSecondByTwoDay(expirationDate, nowDate);
                // 如果小于5分钟，那么更新过期时间
                if(second < refreshSecond) {
                    // 生成一个新的Token
                    String newToken = tokenHead + jwtHelper.refreshToken(token, audience.getBase64Secret(), expiresSecond * 1000);
                    // 生成新的token，发送到客户端
                    CookieUtils.setCookie("Admin-Token", newToken, expiresSecond.intValue());
                    // 重新更新Redis中的过期时间
                    redisUtil.setEx(RedisConf.LOGIN_TOKEN_KEY + RedisConf.SEGMENTATION + newToken, onlineAdmin, expiresSecond, TimeUnit.SECONDS);
                }
            } else {
                chain.doFilter(request, response);
                return;
            }

            String username = jwtHelper.getUsername(token, audience.getBase64Secret());
            String adminUid = jwtHelper.getUserUid(token, audience.getBase64Secret());

            //把adminUid存储到request中
            request.setAttribute(SysConf.ADMIN_UID, adminUid);
            request.setAttribute(SysConf.USER_NAME, username);
            request.setAttribute(SysConf.TOKEN, authHeader);
            log.info("解析出来用户: {}" ,username);
            log.info("解析出来的用户Uid: {}", adminUid);

            if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {

                UserDetails userDetails = this.userDetailsService.loadUserByUsername(username);

                if (jwtHelper.validateToken(token, userDetails, audience.getBase64Secret())) {
                    UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
                            userDetails, null, userDetails.getAuthorities());
                    authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(
                            request));

                    //以后可以security中取得SecurityUser信息
                    SecurityContextHolder.getContext().setAuthentication(authentication);
                }
            }
        }
        chain.doFilter(request, response);
    }
}