import com.sinochem.erp.common.entity.Permissions;
import com.sinochem.erp.common.entity.Role;
import com.sinochem.erp.common.entity.User;
import com.sinochem.erp.common.exception.MoreUsersException;
import com.sinochem.erp.service.UserService;
import com.sinochem.erp.service.impmain.PermissionsServcie;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import javax.annotation.PostConstruct;
import java.util.ArrayList;
import java.util.List;
@Service
public class SystemAuthorizingRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
@Autowired
private PermissionsServcie permissionsServcie;
public SystemAuthorizingRealm(CacheManager ehCacheManager) {
this.setCacheManager(ehCacheManager);
}
/**
*认证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
CaptchaFormAuthenticationFilter.CaptchaUsernamePasswordToken t = (CaptchaFormAuthenticationFilter.CaptchaUsernamePasswordToken) token;
List<User> users = userService.findAllByLoginName(t.getUsername());
if (users.size() > 1) {
throw new MoreUsersException("");
}
if (users.size() == 0) {
return null;
}
User user = users.get(0);
if (null != user) {
user.setPlatforms(t.getPlatforms());
List<Role> roles=permissionsServcie.getRolesByUser(user.getId());
user.setRoles(roles);
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user, user.getPwd(), getName());
info.setCredentialsSalt(ByteSource.Util.bytes(user.getSalt()));
return info;
}
return null;
}
/**
* 获取授权信息
*
* @param principals principals
* @return 授权信息
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
User user = (User) principals.getPrimaryPrincipal();
List<Permissions> permissions = permissionsServcie.getPermissionsByuser(user.getId());
for (Permissions permission : permissions) {
info.addStringPermission(permission.getCode());
}
return info;
}
@PostConstruct
public void initCredentialsMatcher() {
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher("SHA-256");
matcher.setHashIterations(1024);
matcher.setStoredCredentialsHexEncoded(false);
setCredentialsMatcher(matcher);
}
}