Skip to content

V
volunteer_service
Commit 227b8f9c authored by cy's avatar cy
Browse files
Options

shiro管理

parent 40696f81
Show whitespace changes
Inline Side-by-side
Showing with 439 additions and 206 deletions
wisenergy-model/src/main/java/cn/wisenergy/model/dto/AccountDto.java
View file @ 227b8f9c
......@@ -29,4 +29,10 @@ public class AccountDto implements Serializable {
@ApiModelProperty(name = "headImage",value = "头像")
private String headImage;
/**
* sessionId
*/
@ApiModelProperty(value = "sessionId", name = "sessionId")
private String sessionId;
}
wisenergy-model/src/main/java/cn/wisenergy/model/enums/LonginType.java 0 → 100644
View file @ 227b8f9c
package cn.wisenergy.model.enums;
public enum LonginType {
/* STUDENT("Student"),
ADMIN("Admin"),
TEACHER("Teacher");
private String type;
private void LoginType(String type) {
this.type = type;
}
@Override
public String toString() {
return this.type.toString();
}*/
ADMIN(1, "admin"),
USER(2, "user"),
STAFF(3, "staff"),
CODE(4, "code");
private Integer code;
private String desc;
LonginType(Integer code, String desc) {
this.code = code;
this.desc = desc;
}
public String getDescription() {
return desc;
}
public Integer getCode() {
return code;
}
public static String getNameByCode(Integer code) {
if (null == code) {
return null;
}
for (SceneType type : SceneType.values()) {
if (type.getCode().intValue() == code.intValue()) {
return type.name();
}
}
return null;
}
}
wisenergy-model/src/main/java/cn/wisenergy/model/vo/StaffVo.java
View file @ 227b8f9c
......@@ -46,4 +46,10 @@ public class StaffVo implements Serializable {
*/
@ApiModelProperty(name = "isDelete", value = "是否禁用")
private Integer isDelete;
/**
* sessionId
*/
@ApiModelProperty(value = "sessionId", name = "sessionId")
private String sessionId;
}
wisenergy-model/src/main/java/cn/wisenergy/model/vo/UserInfoVo.java
View file @ 227b8f9c
......@@ -46,4 +46,10 @@ public class UserInfoVo implements Serializable {
*/
@ApiModelProperty(value = "手机号", name = "phone")
private String phone;
/**
* sessionId
*/
@ApiModelProperty(value = "sessionId", name = "sessionId")
private String sessionId;
}
wisenergy-service/src/main/java/cn/wisenergy/service/app/impl/AccountSerivceImpl.java
View file @ 227b8f9c
......@@ -5,9 +5,11 @@ import cn.wisenergy.common.utils.R;
import cn.wisenergy.mapper.AccountMapper;
import cn.wisenergy.model.app.AccountInfo;
import cn.wisenergy.model.dto.AccountDto;
import cn.wisenergy.model.enums.LonginType;
import cn.wisenergy.model.vo.AccountLoginVo;
import cn.wisenergy.model.vo.UserInfoVo;
import cn.wisenergy.service.app.AccountSerivce;
import cn.wisenergy.service.util.UserToken;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
......@@ -28,6 +30,7 @@ public class AccountSerivceImpl implements AccountSerivce {
@Autowired
private AccountMapper accountMapper;
private static final String ADMIN_LOGIN_TYPE = LonginType.ADMIN.getDescription();
@Override
public R<AccountDto> getAccountInfo(AccountLoginVo accountLoginVo) {
......@@ -41,7 +44,8 @@ public class AccountSerivceImpl implements AccountSerivce {
return R.error("账号或密码为空");
}
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(accountLoginVo.getUserName(),accountLoginVo.getPassword(),"admin" );
UserToken userToken = new UserToken(accountLoginVo.getUserName(), accountLoginVo.getPassword(), ADMIN_LOGIN_TYPE);
//UsernamePasswordToken token = new UsernamePasswordToken(accountLoginVo.getUserName(),accountLoginVo.getPassword(),"admin" );
/*//创建参数容器map
HashMap<String, Object> map = new HashMap<>(4);
......@@ -63,11 +67,12 @@ public class AccountSerivceImpl implements AccountSerivce {
BeanUtils.copyProperties(accountInfo,accountDto);*/
//返回数据
try {
subject.login(token);
subject.login(userToken);
AccountDto accountDto = new AccountDto();
AccountInfo info=(AccountInfo)SecurityUtils.getSubject().getPrincipal();
accountDto.setId(info.getId());
accountDto.setUserName(info.getUserName());
accountDto.setSessionId(subject.getSession().getId().toString());
return R.ok(0, accountDto);
} catch (IncorrectCredentialsException e) {
return R.error(1, "账户密码错误");
......
wisenergy-service/src/main/java/cn/wisenergy/service/app/impl/StaffUserVipServiceImpl.java
View file @ 227b8f9c
......@@ -8,10 +8,12 @@ import cn.wisenergy.model.app.*;
import cn.wisenergy.model.dto.UserCommitDto;
import cn.wisenergy.model.dto.UserDto;
import cn.wisenergy.model.dto.UserInfoDto;
import cn.wisenergy.model.enums.LonginType;
import cn.wisenergy.model.vo.*;
import cn.wisenergy.service.app.StaffUserVipService;
import cn.wisenergy.service.common.UserVipManager;
import cn.wisenergy.service.common.VolunteerManager;
import cn.wisenergy.service.util.UserToken;
import com.alibaba.excel.EasyExcel;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
......@@ -71,6 +73,7 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
//初始密码
private static final String PASSWORD = "123456";
private static final String STAFF_LOGIN_TYPE = LonginType.STAFF.getDescription();
@Override
public R<StaffVo> staffLogin(StaffLoginVo loginVo) {
......@@ -98,9 +101,10 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(loginVo.getPassword() );
UsernamePasswordToken token = new UsernamePasswordToken(loginVo.getLoginName(), credentialsSalt,"staff");
UserToken userToken = new UserToken(loginVo.getLoginName(), credentialsSalt, STAFF_LOGIN_TYPE);
//UsernamePasswordToken token = new UsernamePasswordToken(loginVo.getLoginName(), credentialsSalt,"staff");
try {
subject.login(token);
subject.login(userToken);
QueryWrapper<Staff> objectQueryWrapper = new QueryWrapper<>();
objectQueryWrapper.eq("login_name",loginVo.getLoginName());
Staff staffInfo = staffMapper.selectOne(objectQueryWrapper);
......@@ -110,6 +114,7 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
staffVo.setStaffName(staffInfo.getStaffName());
staffVo.setPhone(staffInfo.getPhone());
staffVo.setSex(staffInfo.getSex());
staffVo.setSessionId(subject.getSession().getId().toString());
return R.ok(0, staffVo);
} catch (IncorrectCredentialsException e) {
return R.error(1, "账户密码错误");
......@@ -120,8 +125,6 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
} catch (Exception e) {
return R.error(1, "系统异常");
}
}
@Override
......@@ -180,10 +183,10 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
Integer rechargeTimes = 0;
//支付宝充值总金额
Double alipayMoney = null;
Double alipayMoney = 0.0;
//微信充值总金额
Double weChatMoney = null;
Double weChatMoney = 0.0;
if (!CollectionUtils.isEmpty(byId)) {
......
wisenergy-service/src/main/java/cn/wisenergy/service/app/impl/UserLoginServiceImpl.java
View file @ 227b8f9c
......@@ -7,6 +7,7 @@ import cn.wisenergy.mapper.UserLimitMapper;
import cn.wisenergy.mapper.UsersMapper;
import cn.wisenergy.model.app.LoginRecord;
import cn.wisenergy.model.app.User;
import cn.wisenergy.model.enums.LonginType;
import cn.wisenergy.model.enums.OperationTypeEnum;
import cn.wisenergy.model.enums.SourceType;
import cn.wisenergy.model.vo.UpdatePasswordVo;
......@@ -18,6 +19,7 @@ import cn.wisenergy.service.app.UserLoginService;
import cn.wisenergy.service.cache.RedisService;
import cn.wisenergy.service.common.Common;
import cn.wisenergy.service.common.VolunteerManager;
import cn.wisenergy.service.util.UserToken;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
......@@ -71,6 +73,9 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
private static final int ERROR_CODE = 1;
private static final String USER_LOGIN_TYPE = LonginType.USER.getDescription();
private static final String CODE_LOGIN_TYPE = LonginType.CODE.getDescription();
@Transactional(rollbackFor = Exception.class)
@Override
public R<UserInfoVo> register(UserRegisterVo userVo) {
......@@ -156,15 +161,15 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
return R.ok(userInfoVo);*/
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(userVo.getPassword() + userVo.getPhone());
UsernamePasswordToken token = new UsernamePasswordToken(userVo.getPhone(), credentialsSalt,"user");
UserToken userToken = new UserToken(userVo.getPhone(), userVo.getCode(), CODE_LOGIN_TYPE);
try {
subject.login(token);
subject.login(userToken);
//3、构造返回参数
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.setUserId(user.getId());
userInfoVo.setUserName(user.getUserName());
userInfoVo.setPhone(user.getPhone());
userInfoVo.setSessionId(subject.getSession().getId().toString());
//3、保存操作记录
LoginRecord loginRecord = new LoginRecord();
......@@ -203,14 +208,16 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(userVo.getPassword() + userVo.getPhone());
UsernamePasswordToken token = new UsernamePasswordToken(userVo.getPhone(), credentialsSalt,"user");
UserToken userToken = new UserToken(userVo.getPhone(), credentialsSalt, USER_LOGIN_TYPE);
try {
subject.login(token);
subject.login(userToken);
//3、构造返回参数
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.setUserId(user.getId());
userInfoVo.setUserName(user.getUserName());
userInfoVo.setPhone(user.getPhone());
userInfoVo.setSessionId(subject.getSession().getId().toString());
//3、保存操作记录
LoginRecord loginRecord = new LoginRecord();
......@@ -275,9 +282,10 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
User user = usersMapper.selectOne(queryWrapper);
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(userLoginVo.getPassword() + userLoginVo.getPhone());
UsernamePasswordToken token = new UsernamePasswordToken(userLoginVo.getPhone(), credentialsSalt,"user");
UserToken userToken = new UserToken(userLoginVo.getPhone(), credentialsSalt, USER_LOGIN_TYPE);
try {
subject.login(token);
subject.login(userToken);
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.setUserId(user.getId());
userInfoVo.setPhone(user.getPhone());
......
wisenergy-service/src/main/java/cn/wisenergy/service/util/UserToken.java 0 → 100644
View file @ 227b8f9c
package cn.wisenergy.service.util;
import org.apache.shiro.authc.UsernamePasswordToken;
public class UserToken extends UsernamePasswordToken {
//登录类型
private String loginType;
public UserToken(final String username, final String password,String loginType) {
super(username,password);
this.loginType = loginType;
}
public String getLoginType() {
return loginType;
}
public void setLoginType(String loginType) {
this.loginType = loginType;
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/admin/controller/app/StaffUserVipController.java
View file @ 227b8f9c
......@@ -51,9 +51,8 @@ public class StaffUserVipController {
@ApiOperation(value = "查询Vip客户(查询所有vip客户就不用传staffId)",notes = "查询Vip客户(查询所有vip客户就不用传staffId)",httpMethod = "POST")
@ApiModelProperty(name = "queryVo",value = "vip客户信息",dataType = "UserVipQueryVo")
@PostMapping("/getList")
public R<PageInfo<UserInfoDto>> getUserVipList(@RequestBody UserVipQueryVo queryVo){
public R<PageInfo<UserInfoDto>> getUserVipList(@RequestBody UserVipQueryVo queryVo,HttpServletResponse response){
log.info("StaffUserVipController[].addUserVip[].input.param:"+queryVo);
return staffUserVipService.getList(queryVo);
}
......
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/config/ShiroConfig.java
View file @ 227b8f9c
......@@ -2,7 +2,14 @@ package cn.wisenergy.web.shir.config;
import cn.wisenergy.web.shir.cache.MySessionManager;
import cn.wisenergy.web.shir.filter.KickoutSessionControlFilter;
import cn.wisenergy.web.shir.realm.Realm;
import cn.wisenergy.web.shir.realm.AdminRealm;
import cn.wisenergy.web.shir.realm.CodeRealm;
import cn.wisenergy.web.shir.realm.StaffRealm;
import cn.wisenergy.web.shir.realm.UserRealm;
import cn.wisenergy.web.shir.util.UserModularRealmAuthenticator;
import org.apache.shiro.authc.pam.AtLeastOneSuccessfulStrategy;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
......@@ -15,7 +22,9 @@ import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.Filter;
import java.util.ArrayList;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@Configuration
......@@ -74,7 +83,7 @@ public class ShiroConfig {
filterChainDefinitionMap.put("/upload_flowChart/**", "anon");//图片地址
filterChainDefinitionMap.put("/webSocket/**", "anon");//socket
filterChainDefinitionMap.put("/message/**", "anon");//消息推送接口
//filterChainDefinitionMap.put("/**", "authc");
filterChainDefinitionMap.put("/**", "authc");
filterChainDefinitionMap.put("/account/**", "kickout");
filterChainDefinitionMap.put("/banner/**", "kickout");
filterChainDefinitionMap.put("/pic/**", "kickout");
......@@ -98,7 +107,13 @@ public class ShiroConfig {
@Bean
public DefaultWebSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(getRealm());
securityManager.setAuthenticator(modularRealmAuthenticator());
List<Realm> realms = new ArrayList<>();
realms.add(adminRealm());
realms.add(userRealm());
realms.add(staffRealm());
realms.add(codeRealm());
securityManager.setRealms(realms);
// 自定义session管理 使用redis
securityManager.setSessionManager(sessionManager());
// 自定义缓存实现 使用redis
......@@ -109,21 +124,34 @@ public class ShiroConfig {
/**
* 创建Realm
*/
@Bean("Realm")
public Realm getRealm(){
Realm shiroRealm = new Realm();
shiroRealm.setCachingEnabled(true);
//启用身份验证缓存,即缓存AuthenticationInfo信息,默认false 启用需开启remaberme
// shiroRealm.setAuthenticationCachingEnabled(true);
//缓存AuthenticationInfo信息的缓存名称 在ehcache-shiro.xml中有对应缓存的配置
shiroRealm.setAuthenticationCacheName("authenticationCache");
//启用授权缓存,即缓存AuthorizationInfo信息,默认false
shiroRealm.setAuthorizationCachingEnabled(true);
//配置自定义密码比较器
/*shiroRealm.setCredentialsMatcher(new PasswordMatcher());*/
return new Realm();
@Bean
public ModularRealmAuthenticator modularRealmAuthenticator(){
//自己重写的ModularRealmAuthenticator
UserModularRealmAuthenticator modularRealmAuthenticator = new UserModularRealmAuthenticator();
modularRealmAuthenticator.setAuthenticationStrategy(new AtLeastOneSuccessfulStrategy());
return modularRealmAuthenticator;
}
@Bean
public AdminRealm adminRealm() {
AdminRealm adminRealm = new AdminRealm();
return adminRealm;
}
@Bean
public StaffRealm staffRealm() {
StaffRealm staffRealm = new StaffRealm();
return staffRealm;
}
@Bean
public CodeRealm codeRealm() {
CodeRealm adminShiroRealm = new CodeRealm();
return adminShiroRealm;
}
@Bean
public UserRealm userRealm() {
UserRealm userRealm = new UserRealm();
return userRealm;
}
/**
* 开启shrio注解
......
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/filter/KickoutSessionControlFilter.java
View file @ 227b8f9c
......@@ -8,14 +8,19 @@ import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import org.apache.logging.log4j.ThreadContext;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.session.ExpiredSessionException;
import org.apache.shiro.session.InvalidSessionException;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionKey;
import org.apache.shiro.session.mgt.SessionKey;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
......@@ -64,47 +69,60 @@ public class KickoutSessionControlFilter extends AccessControlFilter {
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
Subject subject = getSubject(request, response);
Map<String, Object> map = new HashMap<>();
//判断是否登录
if (!subject.isAuthenticated() && !subject.isRemembered()) {
return true;
}
Session session = subject.getSession();
long timeout = session.getTimeout();
session.setTimeout(3600*2);
Serializable sessionId;
Serializable sessionId = null;
String username = null;
Deque<Serializable> deque = null;
try {
//客户端
User user = (User) SecurityUtils.getSubject().getPrincipal();
user.getPhone();
username=user.getPhone();
sessionId = session.getId();
//读取缓存 没有就存入
cache.get(username);
//读取缓存没有就存入
deque = cache.get(username);
} catch (Exception e) {
try {
PrincipalCollection principals = subject.getPrincipals();
//管理端
sessionId = session.getId();
AccountInfo accountInfo = (AccountInfo) SecurityUtils.getSubject().getPrincipal();
username = accountInfo.getUserName();
sessionId = session.getId();
//读取缓存 没有就存入
cache.get(username);
//读取缓存,没有就存入
deque = cache.get(username);
} catch (Exception en) {
try {
//员工端
Staff staff = (Staff) SecurityUtils.getSubject().getPrincipal();
username = staff.getLoginName();
sessionId = session.getId();
//读取缓存 没有就存入
cache.get(username);
//读取缓存,没有就存入
deque = cache.get(username);
} catch (Exception es) {
map.put("status", "1001");
map.put("message", "登录已超时,请重新登录!");
out(response, map);
//退出登录
subject.logout();
return false;
}
}
}
//30分钟(1800000毫秒)
//session.setTimeout(1800000);
//5分钟
session.setTimeout(300000);
//如果此用户没有session队列,也就是还没有登录过,缓存中没有
//就new一个空队列,不然deque对象为空,会报空指针
if (deque == null) {
deque = new LinkedList<Serializable>();
deque = new LinkedList<>();
}
//如果队列里没有此sessionId,且用户没有被踢出;放入队列
if (!deque.contains(sessionId) && session.getAttribute("kickout") == null) {
......@@ -133,7 +151,7 @@ public class KickoutSessionControlFilter extends AccessControlFilter {
//设置会话的kickout属性表示踢出了
kickoutSession.setAttribute("kickout", true);
}
} catch (Exception e) {//ignore exception
} catch (Exception e) {
}
}
//如果被踢出了,直接退出,重定向到踢出后的地址
......@@ -143,12 +161,13 @@ public class KickoutSessionControlFilter extends AccessControlFilter {
try {
//退出登录
subject.logout();
} catch (Exception e) { //ignore
} catch (Exception e) {
}
saveRequest(request);
map.put("status", "1002");
map.put("message", "您已经在其他地方登录,请重新登录。如有疑问请联系管理员!");
out(response, map);
return false;
}
return true;
}
......@@ -168,4 +187,5 @@ public class KickoutSessionControlFilter extends AccessControlFilter {
return null != request.getHeader("identity") && request.getHeader("identity").equals("miniprogram");
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/realm/AdminRealm.java 0 → 100644
View file @ 227b8f9c
package cn.wisenergy.web.shir.realm;
import cn.wisenergy.common.utils.Md5Util;
import cn.wisenergy.mapper.AccountMapper;
import cn.wisenergy.model.app.AccountInfo;
import cn.wisenergy.service.util.UserToken;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
public class AdminRealm extends AuthorizingRealm {
@Autowired
private AccountMapper accountMapper;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UserToken userToken = (UserToken)token;
String userName=userToken.getUsername();
QueryWrapper<AccountInfo> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("user_name", userName);
queryWrapper.eq("is_delete", 0);
AccountInfo accountInfo = accountMapper.selectOne(queryWrapper);
if (accountInfo == null) {
return null;
}
String password = Md5Util.digestMD5(accountInfo.getPassword());
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
accountInfo,
password,
accountInfo.getUserName()
);
return authenticationInfo;
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/realm/CodeRealm.java 0 → 100644
View file @ 227b8f9c
package cn.wisenergy.web.shir.realm;
import cn.wisenergy.mapper.UsersMapper;
import cn.wisenergy.model.app.User;
import cn.wisenergy.model.enums.SourceType;
import cn.wisenergy.service.cache.RedisService;
import cn.wisenergy.service.common.CachePrefix;
import cn.wisenergy.service.util.UserToken;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
public class CodeRealm extends AuthorizingRealm {
@Autowired
private UsersMapper usersMapper;
@Autowired
private RedisService redisService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UserToken userToken = (UserToken)token;
String userName=userToken.getUsername();
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", userName);
queryWrapper.eq("is_delete", 0);
User userInfo = usersMapper.selectOne(queryWrapper);
if (userInfo == null) {
return null;
}
String source = SourceType.getByCode(userInfo.getSource());
//获取短信验证码key
String key = CachePrefix.SMS_CODE.getPrefix() + source + "_" + userInfo.getPhone();
String code = redisService.get(key).toString();
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo,
code,
userInfo.getPhone()
);
return authenticationInfo;
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/realm/Realm.java deleted 100644 → 0
View file @ 40696f81
package cn.wisenergy.web.shir.realm;
import cn.wisenergy.common.utils.Md5Util;
import cn.wisenergy.mapper.AccountMapper;
import cn.wisenergy.mapper.StaffMapper;
import cn.wisenergy.mapper.UsersMapper;
import cn.wisenergy.model.app.AccountInfo;
import cn.wisenergy.model.app.Staff;
import cn.wisenergy.model.app.User;
import cn.wisenergy.model.enums.SceneType;
import cn.wisenergy.model.enums.SourceType;
import cn.wisenergy.service.cache.RedisService;
import cn.wisenergy.service.common.CachePrefix;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
public class Realm extends AuthorizingRealm {
@Autowired
private UsersMapper usersMapper;
@Autowired
private AccountMapper accountMapper;
@Autowired
private StaffMapper staffMapper;
@Autowired
private RedisService redisService;
/**
* 执行授权逻辑
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
return null;
}
/**
* 执行认证逻辑
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken tok = (UsernamePasswordToken) token;
//管理端登录
if (tok.getHost().equals("admin")) {
QueryWrapper<AccountInfo> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("user_name", tok.getUsername());
queryWrapper.eq("is_delete", 0);
AccountInfo accountInfo = accountMapper.selectOne(queryWrapper);
if (accountInfo == null) {
return null;
}
String password = Md5Util.digestMD5(accountInfo.getPassword());
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
accountInfo,
password,
accountInfo.getUserName()
);
return authenticationInfo;
}
//密码登录
else if (tok.getHost().equals("user")) {
//通过username从数据库中查找 User对象
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", tok.getUsername());
queryWrapper.eq("is_delete", 0);
User userInfo = usersMapper.selectOne(queryWrapper);
if (userInfo == null) {
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo,
userInfo.getPassword(),
userInfo.getPhone()
);
return authenticationInfo;
}
//短信验证码登录
else if (tok.getHost().equals("code")) {
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", tok.getUsername());
queryWrapper.eq("is_delete", 0);
User userInfo = usersMapper.selectOne(queryWrapper);
if (userInfo == null) {
return null;
}
String source = SourceType.getByCode(userInfo.getSource());
//获取短信验证码key
String key = CachePrefix.SMS_CODE.getPrefix() + source + "_" + userInfo.getPhone();
String code = redisService.get(key).toString();
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo,
code,
userInfo.getPhone()
);
return authenticationInfo;
}
//员工端登录
else {
QueryWrapper<Staff> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("login_name", tok.getUsername());
queryWrapper.eq("is_delete", 0);
Staff staff = staffMapper.selectOne(queryWrapper);
if (staff == null) {
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
staff,
staff.getPassword(),
staff.getLoginName()
);
return authenticationInfo;
}
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/realm/StaffRealm.java 0 → 100644
View file @ 227b8f9c
package cn.wisenergy.web.shir.realm;
import cn.wisenergy.mapper.StaffMapper;
import cn.wisenergy.model.app.Staff;
import cn.wisenergy.service.util.UserToken;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
public class StaffRealm extends AuthorizingRealm {
@Autowired
private StaffMapper staffMapper;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UserToken userToken = (UserToken)token;
String userName=userToken.getUsername();
QueryWrapper<Staff> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("login_name", userName);
queryWrapper.eq("is_delete", 0);
Staff staff = staffMapper.selectOne(queryWrapper);
if (staff == null) {
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
staff,
staff.getPassword(),
staff.getLoginName()
);
return authenticationInfo;
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/realm/UserRealm.java 0 → 100644
View file @ 227b8f9c
package cn.wisenergy.web.shir.realm;
import cn.wisenergy.mapper.UsersMapper;
import cn.wisenergy.model.app.User;
import cn.wisenergy.service.util.UserToken;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
public class UserRealm extends AuthorizingRealm {
@Autowired
private UsersMapper usersMapper;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UserToken userToken = (UserToken)token;
String userName=userToken.getUsername();
//通过username从数据库中查找 User对象
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", userName);
queryWrapper.eq("is_delete", 0);
User userInfo = usersMapper.selectOne(queryWrapper);
if (userInfo == null) {
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo,
userInfo.getPassword(),
userInfo.getPhone()
);
return authenticationInfo;
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/util/ShiroUtils.java
View file @ 227b8f9c
package cn.wisenergy.web.shir.util;
import cn.wisenergy.model.app.User;
import cn.wisenergy.web.shir.realm.Realm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.Authenticator;
import org.apache.shiro.authc.LogoutAware;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.mgt.RealmSecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.support.DefaultSubjectContext;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.crazycake.shiro.RedisSessionDAO;
......@@ -141,31 +138,4 @@ public class ShiroUtils {
return null;
}
/**
* @param principal
* @title 刷新用户权限 重新授权
* @desc principal为用户的认证信息
*/
public static void reloadAuthorizing(Object principal) throws Exception {
RealmSecurityManager rsm = (RealmSecurityManager) SecurityUtils.getSecurityManager();
Realm myShiroRealm = (Realm) rsm.getRealms().iterator().next();
Subject subject = SecurityUtils.getSubject();
if (subject != null) {
String realmName = subject.getPrincipals().getRealmNames().iterator().next();
SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, realmName);
subject.runAs(principals);
if (myShiroRealm.isAuthenticationCachingEnabled()) {
myShiroRealm.getAuthenticationCache().remove(principals);
}
if (myShiroRealm.isAuthorizationCachingEnabled()) {
// 删除指定用户shiro权限
myShiroRealm.getAuthorizationCache().remove(principals);
}
// 刷新权限
subject.releaseRunAs();
}
}
}
wisenergy-web-admin/src/main/java/cn/wisenergy/web/shir/util/UserModularRealmAuthenticator.java 0 → 100644
View file @ 227b8f9c
package cn.wisenergy.web.shir.util;
import cn.wisenergy.service.util.UserToken;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
import org.apache.shiro.realm.Realm;
import java.util.ArrayList;
import java.util.Collection;
public class UserModularRealmAuthenticator extends ModularRealmAuthenticator {
private static final Logger logger = LoggerFactory.getLogger(UserModularRealmAuthenticator.class);
@Override
protected AuthenticationInfo doAuthenticate(AuthenticationToken authenticationToken)
throws AuthenticationException {
logger.info("UserModularRealmAuthenticator:method doAuthenticate() execute ");
// 判断getRealms()是否返回为空
assertRealmsConfigured();
// 强制转换回自定义的CustomizedToken
UserToken userToken = (UserToken) authenticationToken;
// 登录类型
String loginType = userToken.getLoginType();
// 所有Realm
Collection<Realm> realms = getRealms();
// 登录类型对应的所有Realm
Collection<Realm> typeRealms = new ArrayList<>();
for (Realm realm : realms) {
if (realm.getName().contains(loginType));
typeRealms.add(realm);
}
// 判断是单Realm还是多Realm
if (typeRealms.size() == 1){
logger.info("doSingleRealmAuthentication() execute ");
return doSingleRealmAuthentication(((ArrayList<Realm>) typeRealms).get(0), userToken);
}
else{
logger.info("doMultiRealmAuthentication() execute ");
return doMultiRealmAuthentication(typeRealms, userToken);
}
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment