diff --git a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemResourceService.java b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemResourceService.java index cdec74b..b353ea2 100644 --- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemResourceService.java +++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemResourceService.java @@ -3,6 +3,7 @@ package cn.estsh.i3plus.core.api.iservice.busi; import cn.estsh.i3plus.pojo.model.common.Pager; import cn.estsh.i3plus.pojo.platform.bean.SysLocaleLanguage; import cn.estsh.i3plus.pojo.platform.bean.SysLocaleResource; +import org.springframework.transaction.annotation.Transactional; import java.util.List; diff --git a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemUserService.java b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemUserService.java index 02e3a87..7439f18 100644 --- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemUserService.java +++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/busi/ISystemUserService.java @@ -19,13 +19,13 @@ import java.util.List; **/ public interface ISystemUserService { - SessionUser userLogin(String loginName, String s, String languageCode); + SessionUser queryUserLogin(String loginName, String s, String languageCode); - SessionUser adminLogin(String loginName, String s, String languageCode); + SessionUser queryAdminLogin(String loginName, String s, String languageCode); - SessionUser checkUserLogin(UserToken authenticationToken); + SessionUser queryCheckUserLogin(UserToken authenticationToken); - SessionUser checkAdminLogin(AdminToken authenticationToken); + SessionUser queryCheckAdminLogin(AdminToken authenticationToken); - SessionUser checkSaAdminLogin(SaAdminToken authenticationToken); + SessionUser queryCheckSaAdminLogin(SaAdminToken authenticationToken); } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/AuthUtil.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/AuthUtil.java index 744b8d3..06c163f 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/AuthUtil.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/AuthUtil.java @@ -3,6 +3,7 @@ package cn.estsh.i3plus.core.apiservice.auth; import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil; import cn.estsh.i3plus.platform.common.util.CommonConstWords; import cn.estsh.i3plus.pojo.platform.bean.SessionUser; +import cn.estsh.impp.framework.boot.util.ImppRedis; import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.math.NumberUtils; import org.apache.shiro.SecurityUtils; @@ -12,6 +13,7 @@ import org.apache.shiro.subject.Subject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; /** @@ -24,14 +26,22 @@ import javax.servlet.http.HttpServletRequest; public class AuthUtil { public static final Logger LOGGER = LoggerFactory.getLogger(AuthUtil.class); + /** + * 缓存 + */ + @Resource(name="redisSession") + private ImppRedis redisSession; + //登陆,保存会话对象 public static SessionUser login(AuthenticationToken token){ Subject subject = SecurityUtils.getSubject(); subject.login(token); SessionUser sessionUser = (SessionUser) subject.getPrincipal(); + //使用了redis,此处不需要防止 if(sessionUser != null){ - setSessionUser(sessionUser.getUserType(),sessionUser); + //userType为CommonEnumUtil.USER_TYPE.xxx.getCode() + setSessionUser(sessionUser); } return sessionUser; @@ -39,33 +49,32 @@ public class AuthUtil { /** * 退出,移除会话中对象 - * @param CONST_USER CommonConstWords.SESSION_USER,SESSION_ADMIN,SESSION_SA */ - public static void logout(String CONST_USER){ + public static void logout(){ Session session = SecurityUtils.getSubject().getSession(false); if(session != null) { - session.removeAttribute(CONST_USER); + session.removeAttribute(CommonConstWords.SESSION_USER); + session.touch(); + session.stop(); } } /** * 保存会话中用户 - * @param key CommonConstWords.SESSION_USER,SESSION_ADMIN,SESSION_SA * @param user * @return */ - public static void setSessionUser(String key,SessionUser user){ - SecurityUtils.getSubject().getSession(true).setAttribute(key,user); + public static void setSessionUser(SessionUser user){ + SecurityUtils.getSubject().getSession(true).setAttribute(CommonConstWords.SESSION_USER,user); } /** * 获取会话中用户 - * @param key * @return */ - public static SessionUser getSessionUser(String key){ + public static SessionUser getSessionUser(){ Session session = SecurityUtils.getSubject().getSession(false); if(session != null){ - return (SessionUser) session.getAttribute(key); + return (SessionUser) session.getAttribute(CommonConstWords.SESSION_USER); }else{ return null; } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroEhCacheImpl.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroEhCacheImpl.java deleted file mode 100644 index 74f49a5..0000000 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroEhCacheImpl.java +++ /dev/null @@ -1,88 +0,0 @@ -package cn.estsh.i3plus.core.apiservice.auth; - -import cn.estsh.i3plus.platform.common.util.CommonConstWords; -import cn.estsh.impp.framework.boot.util.ImppRedis; -import org.apache.shiro.cache.Cache; -import org.apache.shiro.cache.CacheException; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.stereotype.Service; - -import javax.annotation.Resource; -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; -import java.util.Set; - -/** - * @Description : - * @Reference : - * @Author : alwaysfrin - * @CreateDate : 2018-10-16 11:24 - * @Modify: - **/ -@Service -public class ShiroEhCacheImpl implements Cache { - public static final Logger LOGGER = LoggerFactory.getLogger(ShiroEhCacheImpl.class); - - /** - * 缓存 - */ - @Autowired - @Qualifier("redisSession") - private ImppRedis imppRedis; - - @Override - public V get(K o) throws CacheException { - System.out.println("================"+imppRedis); - LOGGER.info("【ehcache获取】{}",o); - return (V) imppRedis.getObject(o); - } - - @Override - public V put(K key, V value) throws CacheException { - LOGGER.info("【ehcache放入】{}:{}",key,value); - V oldObj = get(key); - imppRedis.putObject(key.toString(),value, 18000); - return oldObj; - } - - @Override - public V remove(K o) throws CacheException { - V oldObj = get(o); - //删除 - imppRedis.deleteKey(o.toString()); - - return oldObj; - } - - @Override - public void clear() throws CacheException { - Set keySet = keys(); - for(String key : keySet){ - imppRedis.deleteKey(key); - } - } - - @Override - public int size() { - return keys().size(); - } - - @Override - public Set keys() { - return imppRedis.getKeysSet(CommonConstWords.CACHE_SESSION_PREFX + "*"); - } - - @Override - public Collection values() { - List list = new ArrayList<>(); - Set keySet = keys(); - for (K s : keySet) { - list.add(get(s)); - } - return list; - } -} diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroRedisCacheImpl.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroRedisCacheImpl.java deleted file mode 100644 index 93eeddf..0000000 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroRedisCacheImpl.java +++ /dev/null @@ -1,84 +0,0 @@ -package cn.estsh.i3plus.core.apiservice.auth; - -import cn.estsh.i3plus.platform.common.util.CommonConstWords; -import cn.estsh.impp.framework.boot.util.ImppRedis; -import org.apache.shiro.cache.Cache; -import org.apache.shiro.cache.CacheException; -import org.apache.shiro.session.mgt.SimpleSession; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - -import javax.annotation.Resource; -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; -import java.util.Set; - -/** - * @Description : - * @Reference : - * @Author : alwaysfrin - * @CreateDate : 2018-10-16 11:24 - * @Modify: - **/ -@Service -public class ShiroRedisCacheImpl implements Cache { - public static final Logger LOGGER = LoggerFactory.getLogger(ShiroRedisCacheImpl.class); - - /** - * 缓存 - */ - @Resource(name="redisSession") - private ImppRedis imppRedis; - - @Override - public V get(K o) throws CacheException { - return (V) imppRedis.getObject(o); - } - - @Override - public V put(K key, V value) throws CacheException { - V oldObj = get(key); - imppRedis.putObject(key.toString(),value, 18000); - return oldObj; - } - - @Override - public V remove(K o) throws CacheException { - V oldObj = get(o); - //删除 - imppRedis.deleteKey(o.toString()); - - return oldObj; - } - - @Override - public void clear() throws CacheException { - Set keySet = keys(); - for(String key : keySet){ - imppRedis.deleteKey(key); - } - } - - @Override - public int size() { - return keys().size(); - } - - @Override - public Set keys() { - return imppRedis.getKeysSet(CommonConstWords.CACHE_SESSION_PREFX + "*"); - } - - @Override - public Collection values() { - List list = new ArrayList<>(); - Set keySet = keys(); - for (K s : keySet) { - list.add(get(s)); - } - return list; - } -} diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroRedisCacheManager.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroRedisCacheManager.java deleted file mode 100644 index 03ca692..0000000 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroRedisCacheManager.java +++ /dev/null @@ -1,29 +0,0 @@ -package cn.estsh.i3plus.core.apiservice.auth; - -import cn.estsh.impp.framework.boot.util.ImppRedis; -import org.apache.shiro.cache.Cache; -import org.apache.shiro.cache.CacheException; -import org.apache.shiro.cache.CacheManager; -import org.springframework.beans.factory.annotation.Autowired; - -/** - * @Description : 授权缓存管理 - * @Reference : - * @Author : alwaysfrin - * @CreateDate : 2018-10-16 13:26 - * @Modify: - **/ -public class ShiroRedisCacheManager implements CacheManager { - - @Autowired - private ShiroRedisCacheImpl redisCacheImpl; - - @Autowired - private ShiroRedisCacheImpl ehCacheImpl; - - @Override - public Cache getCache(String s) throws CacheException { - //return redisCacheImpl; - return ehCacheImpl; - } -} diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDao.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDao.java deleted file mode 100644 index 0f1eaea..0000000 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDao.java +++ /dev/null @@ -1,99 +0,0 @@ -package cn.estsh.i3plus.core.apiservice.auth; - -import cn.estsh.i3plus.platform.common.util.CommonConstWords; -import cn.estsh.impp.framework.boot.util.ImppRedis; -import com.alibaba.fastjson.JSONObject; -import org.apache.shiro.session.Session; -import org.apache.shiro.session.UnknownSessionException; -import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Autowired; - -import javax.annotation.Resource; -import java.io.Serializable; -import java.util.Collection; -import java.util.HashSet; -import java.util.Set; - -/** - * @Description : redisshiro保存会话 - * @Reference : - * @Author : alwaysfrin - * @CreateDate : 2018-10-16 10:28 - * @Modify: - **/ -public class ShiroSessionRedisDao extends EnterpriseCacheSessionDAO { - public static final Logger LOGGER = LoggerFactory.getLogger(ShiroSessionRedisDao.class); - public static final int EXPIRE_TIME = 1800; //会话保存时间 - - /** - * 缓存 - */ - @Resource(name="redisSession") - private ImppRedis imppRedis; - - @Override - public void update(Session session) throws UnknownSessionException { - this.saveSession(session); - } - - private void saveSession(Session session) { - if (session == null) { - LOGGER.info("要存入的session为空"); - return; - }else { - LOGGER.info("【保存session至redis:{}】",CommonConstWords.CACHE_SESSION_PREFX + session.getId()); - //设置会话过期时间 - imppRedis.putObject(CommonConstWords.CACHE_SESSION_PREFX + session.getId(),session,EXPIRE_TIME); - } - } - - @Override - public void delete(Session session) { - if (session == null) { - LOGGER.error("删除的session为空"); - return; - }else { - LOGGER.error("【删除session-redis:{}】",CommonConstWords.CACHE_SESSION_PREFX + session.getId()); - //设置会话过期时间 - imppRedis.deleteKey(CommonConstWords.CACHE_SESSION_PREFX + session.getId().toString()); - } - } - - @Override - protected Serializable doCreate(Session session) { - Serializable sessionId = this.generateSessionId(session); - this.assignSessionId(session, sessionId); - this.saveSession(session); - return sessionId; - } - - @Override - protected Session doReadSession(Serializable sessionId) { - if(sessionId == null){ - LOGGER.error("【session不存在:{}】",sessionId); - return null; - } - Object obj = imppRedis.getObject(CommonConstWords.CACHE_SESSION_PREFX + sessionId.toString()); - if(obj == null){ - return null; - }else { - return (Session) obj; - } - } - - /** - * 获取存活的sessions - */ - @Override - public Collection getActiveSessions() { - Set sessions = new HashSet<>(); - Set keys = imppRedis.getKeysSet(CommonConstWords.CACHE_SESSION_PREFX + "*"); - LOGGER.info("【所有活动的key:{}】",keys.size()); - for(String key:keys){ - sessions.add((Session)imppRedis.getObject(key)); - } - return sessions; - } -} diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDaoImpl.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDaoImpl.java new file mode 100644 index 0000000..cd9fc23 --- /dev/null +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/ShiroSessionRedisDaoImpl.java @@ -0,0 +1,151 @@ +package cn.estsh.i3plus.core.apiservice.auth; + +import cn.estsh.i3plus.platform.common.util.CommonConstWords; +import cn.estsh.impp.framework.boot.util.ImppRedis; +import com.alibaba.fastjson.JSONObject; +import org.apache.shiro.cache.Cache; +import org.apache.shiro.cache.CacheManager; +import org.apache.shiro.cache.ehcache.EhCacheManager; +import org.apache.shiro.session.Session; +import org.apache.shiro.session.UnknownSessionException; +import org.apache.shiro.session.mgt.eis.EnterpriseCacheSessionDAO; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; + +import javax.annotation.Resource; +import java.io.Serializable; +import java.util.Collection; +import java.util.HashSet; +import java.util.Set; + +/** + * @Description : redisshiro保存会话 + * @Reference : 使用了ehcache做本地缓存,避免频繁读写redis,进行序列化和反序列化。 + * 但需要注意,本地缓存在微服的情况下可能会出现脏数据。建议在登陆时一次性放入,后续若修改则需要同时更新缓存。 + * @Author : alwaysfrin + * @CreateDate : 2018-10-16 10:28 + * @Modify: + **/ +public class ShiroSessionRedisDaoImpl extends EnterpriseCacheSessionDAO { + public static final Logger LOGGER = LoggerFactory.getLogger(ShiroSessionRedisDaoImpl.class); + public static final int EXPIRE_TIME = 30 * 60; //会话保存时间 单位秒 + + public static final String LOCAL_SESSION_CACHE = "redis-shiro-session-cache"; + + /** + * 缓存 + */ + @Resource(name="redisSession") + private ImppRedis redisSession; + + //本地缓存 + private Cache localCache; + + private CacheManager localCacheManager; + public void setLocalCacheManager(CacheManager localCacheManager) { + this.localCacheManager = localCacheManager; + this.localCache = localCacheManager.getCache(LOCAL_SESSION_CACHE); + } + + @Override + public void update(Session session) throws UnknownSessionException { + LOGGER.info("【更新缓存 : {}】{}",session,session.getId()); + this.saveSession(session); + } + + private void saveSession(Session session) { + if (session == null) { + LOGGER.error("【要存入的session为空】"); + }else { + //LOGGER.info("【保存session至redis,id:{}】{}",session.getId(),session); + //设置会话过期时间 + redisSession.putObject(session.getId().toString(),session,EXPIRE_TIME); + + //放入本地缓存 + localCache.put(session.getId(),session); + LOGGER.info("【保存session至redis,id:{}】{}",session.getId(),session); + } + } + + @Override + protected Session getCachedSession(Serializable sessionId) { + //先从本地获取,若本地没有,再从redis中获取 + Session s = (Session) localCache.get(sessionId); + if(s == null) { + s = (Session) redisSession.getObject(sessionId.toString()); + + LOGGER.info("【本地缓存不存在,redis获取:{}】{}", sessionId, s); + if(s != null) { + //放入本地缓存 + localCache.put(sessionId, s); + LOGGER.info("【放入本地缓存:{}】{}", sessionId, s); + } + }else{ + //LOGGER.info("【本地缓存获取:{}】{}", sessionId, s); + } + + return s; + } + + @Override + public void delete(Session session) { + if (session == null) { + }else { + LOGGER.error("【删除session-redis:{}】",session.getId()); + //redis删除 + redisSession.deleteKey(session.getId().toString()); + //本地缓存删除 + localCache.remove(session.getId()); + } + } + + @Override + protected Serializable doCreate(Session session) { + LOGGER.info("【doCreate并保存:{}】",session); + Serializable sessionId = this.generateSessionId(session); + this.assignSessionId(session, sessionId); + this.saveSession(session); + + return sessionId; + } + + @Override + protected Session doReadSession(Serializable sessionId) { + Session session = null; + if(sessionId != null) { + //先从本地缓存读取 + Object obj = localCache.get(sessionId); + + if(obj == null) { + LOGGER.info("【doReadSession-本地缓存不存在不存在:{}】", sessionId); + obj = redisSession.getObject(sessionId.toString()); + if (obj == null) { + LOGGER.info("【doReadSession不存在:{}】", sessionId); + } else { + LOGGER.info("【doReadSession:{}】", sessionId); + session = (Session) obj; + } + }else{ + LOGGER.info("【doReadSession-本地缓存获取:{}】", sessionId); + session = (Session) obj; + } + } + + return session; + } + + /** + * 获取存活的sessions + */ + @Override + public Collection getActiveSessions() { + Set sessions = new HashSet<>(); + Set keys = redisSession.getKeysSet("*"); + LOGGER.info("【所有活动的key:{}】",keys.size()); + for(String key:keys){ + sessions.add((Session)redisSession.getObject(key)); + } + return sessions; + } +} diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/AdminFilter.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/AdminFilter.java index 667b10a..28dc938 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/AdminFilter.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/AdminFilter.java @@ -5,6 +5,7 @@ import cn.estsh.i3plus.core.apiservice.configuration.ShiroAuthConfiguration; import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil; import cn.estsh.i3plus.platform.common.util.CommonConstWords; import cn.estsh.i3plus.pojo.model.busi.ResultBean; +import cn.estsh.i3plus.pojo.platform.bean.SessionUser; import com.alibaba.fastjson.JSONObject; import org.apache.shiro.web.filter.AccessControlFilter; import org.slf4j.Logger; @@ -28,7 +29,12 @@ public class AdminFilter extends AccessControlFilter { @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception { - return AuthUtil.getSessionUser(CommonConstWords.SESSION_ADMIN) != null; + SessionUser sessionUser = AuthUtil.getSessionUser(); + if(sessionUser != null && CommonEnumUtil.USER_TYPE.ADMIN.getCode().equals(sessionUser.getUserType())){ + return true; + }else{ + return false; + } } @Override diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/SaAdminFilter.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/SaAdminFilter.java index 40238fb..89c521d 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/SaAdminFilter.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/SaAdminFilter.java @@ -2,8 +2,10 @@ package cn.estsh.i3plus.core.apiservice.auth.filter; import cn.estsh.i3plus.core.apiservice.auth.AuthUtil; import cn.estsh.i3plus.core.apiservice.configuration.ShiroAuthConfiguration; +import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil; import cn.estsh.i3plus.platform.common.util.CommonConstWords; import cn.estsh.i3plus.pojo.model.busi.ResultBean; +import cn.estsh.i3plus.pojo.platform.bean.SessionUser; import com.alibaba.fastjson.JSONObject; import org.apache.shiro.web.filter.AccessControlFilter; import org.slf4j.Logger; @@ -27,7 +29,12 @@ public class SaAdminFilter extends AccessControlFilter { @Override protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception { - return AuthUtil.getSessionUser(CommonConstWords.SESSION_ADMIN) != null; + SessionUser sessionUser = AuthUtil.getSessionUser(); + if(sessionUser != null && CommonEnumUtil.USER_TYPE.SA.getCode().equals(sessionUser.getUserType())){ + return true; + }else{ + return false; + } } @Override diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/UserFilter.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/UserFilter.java index c9a2f6d..74560c1 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/UserFilter.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/filter/UserFilter.java @@ -30,12 +30,12 @@ public class UserFilter extends AccessControlFilter { @Override protected boolean isAccessAllowed(ServletRequest servletRequest, ServletResponse response, Object mappedValue) throws Exception { - SessionUser sessionUser = AuthUtil.getSessionUser(CommonEnumUtil.USER_TYPE.USER.getCode()); + SessionUser sessionUser = AuthUtil.getSessionUser(); if (sessionUser != null) { - LOGGER.info("===用户已授权==={}",sessionUser); + LOGGER.info("===用户已登陆==={}",sessionUser); return true; } else { - LOGGER.info("===用户未授权==={}",sessionUser); + LOGGER.info("===用户未登陆==={}",sessionUser); return false; } } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/AdminAuthRealm.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/AdminAuthRealm.java index aa31e58..76afb3b 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/AdminAuthRealm.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/AdminAuthRealm.java @@ -45,7 +45,7 @@ public class AdminAuthRealm extends AuthorizingRealm { @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { //管理员令牌 - SessionUser sessionUser = systemUserService.checkAdminLogin((AdminToken) authenticationToken); + SessionUser sessionUser = systemUserService.queryCheckAdminLogin((AdminToken) authenticationToken); LOGGER.info("管理员令牌验证:{}",sessionUser); return new SimpleAuthenticationInfo(sessionUser,((AdminToken) authenticationToken).getLoginPwd(),this.getName()); } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/SaAuthRealm.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/SaAuthRealm.java index d0c30df..4e9cd49 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/SaAuthRealm.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/SaAuthRealm.java @@ -44,7 +44,7 @@ public class SaAuthRealm extends AuthorizingRealm { @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { //管理员令牌 - SessionUser sessionUser = systemUserService.checkSaAdminLogin((SaAdminToken) authenticationToken); + SessionUser sessionUser = systemUserService.queryCheckSaAdminLogin((SaAdminToken) authenticationToken); LOGGER.info("超级管理员令牌验证:{}",sessionUser); return new SimpleAuthenticationInfo(sessionUser,((SaAdminToken) authenticationToken).getLoginPwd(),this.getName()); } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/UserAuthRealm.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/UserAuthRealm.java index e2b8b36..3099ce4 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/UserAuthRealm.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/auth/realm/UserAuthRealm.java @@ -43,8 +43,8 @@ public class UserAuthRealm extends AuthorizingRealm { @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { //管理员令牌 - SessionUser sessionUser = systemUserService.checkUserLogin((UserToken) authenticationToken); - LOGGER.info("用户令牌验证:{}",sessionUser); + SessionUser sessionUser = systemUserService.queryCheckUserLogin((UserToken) authenticationToken); + LOGGER.info("{}-用户令牌验证:{}",this.getName(),sessionUser); return new SimpleAuthenticationInfo(sessionUser,((UserToken) authenticationToken).getLoginPwd(),this.getName()); } } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/configuration/ShiroAuthConfiguration.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/configuration/ShiroAuthConfiguration.java index e2d76d5..5163000 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/configuration/ShiroAuthConfiguration.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/configuration/ShiroAuthConfiguration.java @@ -1,7 +1,6 @@ package cn.estsh.i3plus.core.apiservice.configuration; -import cn.estsh.i3plus.core.apiservice.auth.ShiroRedisCacheManager; -import cn.estsh.i3plus.core.apiservice.auth.ShiroSessionRedisDao; +import cn.estsh.i3plus.core.apiservice.auth.ShiroSessionRedisDaoImpl; import cn.estsh.i3plus.core.apiservice.auth.filter.AdminFilter; import cn.estsh.i3plus.core.apiservice.auth.filter.SaAdminFilter; import cn.estsh.i3plus.core.apiservice.auth.filter.UserFilter; @@ -12,6 +11,7 @@ import cn.estsh.i3plus.core.apiservice.auth.realm.UserAuthRealm; import cn.estsh.i3plus.platform.common.enumutil.CommonEnumUtil; import cn.estsh.impp.framework.boot.configuration.RedisConfig; import org.apache.shiro.authc.pam.ModularRealmAuthenticator; +import org.apache.shiro.cache.Cache; import org.apache.shiro.cache.CacheManager; import org.apache.shiro.cache.ehcache.EhCacheManager; import org.apache.shiro.codec.Base64; @@ -53,8 +53,11 @@ public class ShiroAuthConfiguration { //三种登陆请求 public static String USER_LOGIN_URI = "/login"; + public static String USER_FILTER_URI = "/operate/*"; public static String ADMIN_LOGIN_URI = "/adlogin"; + public static String ADMIN_FILTER_URI = "/adoerate/*"; public static String SAADMIN_LOGIN_URI = "/salogin"; + public static String SAADMIN_FILTER_URI = "/saoerate/*"; @Bean public AdminAuthRealm adminAuthRealm(){ @@ -153,6 +156,12 @@ public class ShiroAuthConfiguration { filterChain.put(USER_LOGIN_URI, "anon"); filterChain.put(ADMIN_LOGIN_URI, "anon"); filterChain.put(SAADMIN_LOGIN_URI, "anon"); + + //需要过滤的路径 + filterChain.put(USER_FILTER_URI, "user_filter"); + filterChain.put(ADMIN_FILTER_URI, "admin_filter"); + filterChain.put(SAADMIN_FILTER_URI, "saadmin_filter"); + factoryBean.setFilterChainDefinitionMap(filterChain); LOGGER.info("【shiro过滤】加载完成..."); @@ -163,7 +172,7 @@ public class ShiroAuthConfiguration { * 缓存管理 * @return */ - @Bean(name = "cacheShiroManager") + @Bean(name = "ehCacheManager") public CacheManager getEhCacheManage() { LOGGER.info("【shiro-加载缓存cacheManager】"); EhCacheManager em = new EhCacheManager(); @@ -175,21 +184,25 @@ public class ShiroAuthConfiguration { public DefaultWebSessionManager getSessionManage() { LOGGER.info("【shiro-加载sessionManager】"); DefaultWebSessionManager sessionManager = new DefaultWebSessionManager(); - sessionManager.setGlobalSessionTimeout(1800000); sessionManager.setSessionValidationScheduler(getExecutorServiceSessionValidationScheduler()); sessionManager.setSessionValidationSchedulerEnabled(true); sessionManager.setDeleteInvalidSessions(true); sessionManager.setSessionIdCookieEnabled(true); sessionManager.setSessionIdCookie(getSessionIdCookie()); - sessionManager.setSessionDAO(shiroSessionRedisDao()); + sessionManager.setSessionDAO(getShiroSessionRedisDaoImpl()); + sessionManager.setGlobalSessionTimeout(30 * 60 * 1000); //30分钟有效期(以sessionDao中的有效时间为准) // 可以添加session 创建、删除的监听器 return sessionManager; } @Bean - public ShiroSessionRedisDao shiroSessionRedisDao(){ - ShiroSessionRedisDao shiroSessionRedisDao = new ShiroSessionRedisDao(); + public ShiroSessionRedisDaoImpl getShiroSessionRedisDaoImpl(){ + LOGGER.info("【shiro-加载缓存redisSessionManager】"); + ShiroSessionRedisDaoImpl shiroSessionRedisDao = new ShiroSessionRedisDaoImpl(); + + LOGGER.info("【shiro-加载缓存cacheManager】"); + shiroSessionRedisDao.setLocalCacheManager(getEhCacheManage() ); return shiroSessionRedisDao; } @@ -201,7 +214,7 @@ public class ShiroAuthConfiguration { public ExecutorServiceSessionValidationScheduler getExecutorServiceSessionValidationScheduler() { LOGGER.info("【shiro-加载sessionValidationScheduler】"); ExecutorServiceSessionValidationScheduler scheduler = new ExecutorServiceSessionValidationScheduler(); - scheduler.setInterval(900000); + scheduler.setInterval(3 * 60 * 1000); //每3分钟执行一次验证 return scheduler; } @@ -211,6 +224,7 @@ public class ShiroAuthConfiguration { SimpleCookie cookie = new SimpleCookie("sid"); cookie.setHttpOnly(true); cookie.setMaxAge(-1); + return cookie; } } diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoAuthController.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoAuthController.java index 9949a18..9a0e891 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoAuthController.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoAuthController.java @@ -1,9 +1,13 @@ package cn.estsh.i3plus.core.apiservice.controller; import cn.estsh.i3plus.core.api.iservice.busi.ISystemUserService; +import cn.estsh.i3plus.core.apiservice.auth.AuthUtil; import cn.estsh.i3plus.platform.common.tool.EncryptTool; +import cn.estsh.i3plus.platform.common.util.CommonConstWords; import cn.estsh.i3plus.pojo.factory.bean.MachineFactory; import cn.estsh.i3plus.pojo.model.busi.ResultBean; +import cn.estsh.i3plus.pojo.platform.bean.SessionUser; +import cn.estsh.impp.framework.boot.exception.ImppBusiException; import cn.estsh.impp.framework.boot.util.ImppRedis; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; @@ -28,7 +32,7 @@ import java.security.NoSuchAlgorithmException; @RestController @Api(description="登陆授权demo") public class DemoAuthController { - private static final Logger LOGGER = LoggerFactory.getLogger(DemoAuthController.class); + public static final Logger LOGGER = LoggerFactory.getLogger(DemoAuthController.class); @Autowired private ISystemUserService systemUserService; /** @@ -42,12 +46,48 @@ public class DemoAuthController { public ResultBean login(String loginName,String loginPwd,String languageCode){ LOGGER.info("用户登陆:{},{},{}",loginName,loginPwd,languageCode); try { - systemUserService.userLogin(loginName,EncryptTool.hexMD5(loginPwd),languageCode); + SessionUser sUser = systemUserService.queryUserLogin(loginName,loginPwd,languageCode); + LOGGER.info("会员登陆:{}",sUser); + AuthUtil.setSessionObject("languageCode",languageCode); return new ResultBean(true,""); - } catch (Exception e) { - e.printStackTrace(); + } catch (ImppBusiException e) { + return new ResultBean(false,e.getErrorDetail() + ",so:" + e.getErrorSolution()); + } + } + + /** + * + * @return + */ + @GetMapping(value="/logout") + @ApiOperation(value="登出",notes="登出") + public ResultBean logout(){ + LOGGER.info("用户退出..."); + try { + AuthUtil.logout(); + return new ResultBean(true,""); + } catch (ImppBusiException e) { + return new ResultBean(false,e.getErrorDetail() + ",so:" + e.getErrorSolution()); + } + } + + /** + * + * @return + */ + @GetMapping(value="/get-user-info") + @ApiOperation(value="登出",notes="登出") + public ResultBean getUserInfo(){ + LOGGER.info("获取用户信息...lang:{}",AuthUtil.getSessionAttribute("languageCode")); + try { + SessionUser sUser = AuthUtil.getSessionUser(); + LOGGER.info("用户:{}",sUser); + + return new ResultBean(true,"",sUser); + } catch (ImppBusiException e) { + return new ResultBean(false,e.getErrorDetail() + ",so:" + e.getErrorSolution()); } } @@ -57,7 +97,7 @@ public class DemoAuthController { LOGGER.info("管理员登陆:{},{},{}",loginName,loginPwd,languageCode); try { - systemUserService.adminLogin(loginName,EncryptTool.hexMD5(loginPwd),languageCode); + systemUserService.queryAdminLogin(loginName,EncryptTool.hexMD5(loginPwd),languageCode); return new ResultBean(true,""); } catch (Exception e) { diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoSystemController.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoSystemController.java index e59d0f3..8550c3d 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoSystemController.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/DemoSystemController.java @@ -21,10 +21,7 @@ import org.springframework.amqp.rabbit.core.RabbitTemplate; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.i18n.LocaleContextHolder; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PutMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import java.io.IOException; diff --git a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SystemUserService.java b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SystemUserService.java index 4f77ad2..2619b6e 100644 --- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SystemUserService.java +++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SystemUserService.java @@ -35,7 +35,7 @@ public class SystemUserService implements ISystemUserService { private SysUserRepository sysUserRDao; @Override - public SessionUser userLogin(String loginName, String loginPwd, String languageCode) { + public SessionUser queryUserLogin(String loginName, String loginPwd, String languageCode) { //生成令牌 UserToken ut = new UserToken(loginName,loginPwd,languageCode); //token验证 @@ -43,7 +43,7 @@ public class SystemUserService implements ISystemUserService { } @Override - public SessionUser adminLogin(String loginName, String loginPwd, String languageCode) { + public SessionUser queryAdminLogin(String loginName, String loginPwd, String languageCode) { //生成令牌 AdminToken adminToken = new AdminToken(loginName,loginPwd,languageCode); //token验证 @@ -51,15 +51,16 @@ public class SystemUserService implements ISystemUserService { } @Override - public SessionUser checkUserLogin(UserToken userToken) { + public SessionUser queryCheckUserLogin(UserToken userToken) { //验证用户 SysUser user = getUserLoginInfo(userToken.getLoginName(),userToken.getLoginPwd()); + LOGGER.info("【验证用户checkUserLogin】{}",user); //未抛异常,封装用户 return packSessionUser(user,CommonEnumUtil.USER_TYPE.USER.getCode(),userToken.getLanguageCode()); } @Override - public SessionUser checkAdminLogin(AdminToken adminToken) { + public SessionUser queryCheckAdminLogin(AdminToken adminToken) { //验证用户 SysUser user = getUserLoginInfo(adminToken.getLoginName(),adminToken.getLoginPwd()); //未抛异常,封装用户 @@ -67,7 +68,7 @@ public class SystemUserService implements ISystemUserService { } @Override - public SessionUser checkSaAdminLogin(SaAdminToken saAdminToken) { + public SessionUser queryCheckSaAdminLogin(SaAdminToken saAdminToken) { //SysUser user = getUserLoginInfo(saAdminToken.getLoginName(),saAdminToken.getLoginPwd()); SysUser user = null; /** @@ -103,6 +104,13 @@ public class SystemUserService implements ISystemUserService { // .setErrorDetail("登陆密码错误") // .setErrorSolution("重新输入") // .build(); + }else if(!"123".equals(pwd)){ + throw ImppExceptionBuilder.newInstance() + .setSystemID(CommonEnumUtil.SOFT_TYPE.IMPP.getCode()) + .setErrorCode(ImppExceptionEnum.LOGIN_EXCEPTION.getCode()) + .setErrorDetail("登陆密码错误") + .setErrorSolution("重新输入") + .build(); } return user;