From fa1d9cb794174354ed9eea52f3b0915af280d172 Mon Sep 17 00:00:00 2001 From: gitee Date: Fri, 11 Apr 2025 17:58:57 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E8=AE=A4=E8=AF=81=E6=8E=88?= =?UTF-8?q?=E6=9D=83=E4=BB=A3=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ai/service/hub/config/SecurityConfig.java | 7 ++- .../hub/controller/SysUserController.java | 6 +-- .../hub/filter/JwtAuthenticationFilter.java | 8 +-- .../ai/service/hub/service/SysAppService.java | 6 +++ .../service/hub/service/SysUserService.java | 7 +++ .../hub/service/impl/SysAppServiceImpl.java | 4 ++ .../hub/service/impl/SysUserServiceImpl.java | 4 ++ ...rvice.java => UserDetailsServiceImpl.java} | 49 ++++++++++--------- 8 files changed, 57 insertions(+), 34 deletions(-) rename src/main/java/com/supervision/ai/service/hub/service/impl/{SysUserService.java => UserDetailsServiceImpl.java} (54%) diff --git a/src/main/java/com/supervision/ai/service/hub/config/SecurityConfig.java b/src/main/java/com/supervision/ai/service/hub/config/SecurityConfig.java index 4aae160..90791c2 100644 --- a/src/main/java/com/supervision/ai/service/hub/config/SecurityConfig.java +++ b/src/main/java/com/supervision/ai/service/hub/config/SecurityConfig.java @@ -1,11 +1,9 @@ package com.supervision.ai.service.hub.config; import com.supervision.ai.service.hub.filter.JwtAuthenticationFilter; -import com.supervision.ai.service.hub.service.impl.SysUserService; import io.jsonwebtoken.SignatureAlgorithm; import io.jsonwebtoken.security.Keys; import lombok.RequiredArgsConstructor; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.authentication.AuthenticationManager; @@ -17,6 +15,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer; import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.SecurityFilterChain; @@ -30,7 +29,7 @@ import java.util.Base64; public class SecurityConfig { private final JwtAuthenticationFilter jwtAuthenticationFilter; - private final SysUserService sysUserService; + private final UserDetailsService userDetailsService; @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { @@ -56,7 +55,7 @@ public class SecurityConfig { public AuthenticationProvider authenticationProvider() { // 使用DaoAuthenticationProvider,并注入自定义的UserDetailsService和PasswordEncoder DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider(); - authProvider.setUserDetailsService(sysUserService); // 从数据库读取用户进行认证 + authProvider.setUserDetailsService(userDetailsService); // 从数据库读取用户进行认证 authProvider.setPasswordEncoder(passwordEncoder()); // 使用BCrypt密码器验证密码 return authProvider; } diff --git a/src/main/java/com/supervision/ai/service/hub/controller/SysUserController.java b/src/main/java/com/supervision/ai/service/hub/controller/SysUserController.java index 113856a..2454037 100644 --- a/src/main/java/com/supervision/ai/service/hub/controller/SysUserController.java +++ b/src/main/java/com/supervision/ai/service/hub/controller/SysUserController.java @@ -1,9 +1,7 @@ package com.supervision.ai.service.hub.controller; -import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; -import com.supervision.ai.service.hub.domain.SysApp; import com.supervision.ai.service.hub.domain.SysUser; -import com.supervision.ai.service.hub.service.impl.SysUserService; +import com.supervision.ai.service.hub.service.SysUserService; import lombok.RequiredArgsConstructor; import org.springframework.http.ResponseEntity; import org.springframework.security.core.Authentication; @@ -31,7 +29,7 @@ public class SysUserController { public ResponseEntity getCurrentUserDetails() { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); String username = authentication.getName(); - SysUser user = sysUserService.getOne(new LambdaQueryWrapper().eq(SysUser::getUserName, username)); + SysUser user = sysUserService.getByUsername(username); if (user == null) { return ResponseEntity.status(404).body("用户不存在"); } diff --git a/src/main/java/com/supervision/ai/service/hub/filter/JwtAuthenticationFilter.java b/src/main/java/com/supervision/ai/service/hub/filter/JwtAuthenticationFilter.java index af77fcd..25f4660 100644 --- a/src/main/java/com/supervision/ai/service/hub/filter/JwtAuthenticationFilter.java +++ b/src/main/java/com/supervision/ai/service/hub/filter/JwtAuthenticationFilter.java @@ -1,6 +1,5 @@ package com.supervision.ai.service.hub.filter; -import com.supervision.ai.service.hub.service.impl.SysUserService; import com.supervision.ai.service.hub.util.JwtUtils; import jakarta.servlet.FilterChain; import jakarta.servlet.ServletException; @@ -11,6 +10,7 @@ import lombok.RequiredArgsConstructor; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; import org.springframework.stereotype.Component; import org.springframework.web.filter.OncePerRequestFilter; @@ -23,7 +23,7 @@ import java.io.IOException; public class JwtAuthenticationFilter extends OncePerRequestFilter { private final JwtUtils jwtUtils; - private final SysUserService sysUserService; + private final UserDetailsService userDetailsService; @Override protected void doFilterInternal(HttpServletRequest request, @NonNull HttpServletResponse response, @@ -44,9 +44,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { // 如果成功提取到用户名,并且当前没有已认证的用户 if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) { // 根据用户名从数据库加载用户信息 - UserDetails userDetails = sysUserService.loadUserByUsername(username); + UserDetails userDetails = userDetailsService.loadUserByUsername(username); // 验证Token的有效性(是否未过期) - if (jwtUtils.isTokenExpired(token)) { + if (!jwtUtils.isTokenExpired(token)) { // 将用户信息封装到Authentication对象中,标记为已认证 UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); diff --git a/src/main/java/com/supervision/ai/service/hub/service/SysAppService.java b/src/main/java/com/supervision/ai/service/hub/service/SysAppService.java index 2f68b85..71c26c9 100644 --- a/src/main/java/com/supervision/ai/service/hub/service/SysAppService.java +++ b/src/main/java/com/supervision/ai/service/hub/service/SysAppService.java @@ -10,4 +10,10 @@ import com.baomidou.mybatisplus.extension.service.IService; */ public interface SysAppService extends IService { + /** + * 根据应用名称查询应用 + * @param appName 应用名称 + * @return SysApp + */ + SysApp getByAppName(String appName); } diff --git a/src/main/java/com/supervision/ai/service/hub/service/SysUserService.java b/src/main/java/com/supervision/ai/service/hub/service/SysUserService.java index df870b3..0c48816 100644 --- a/src/main/java/com/supervision/ai/service/hub/service/SysUserService.java +++ b/src/main/java/com/supervision/ai/service/hub/service/SysUserService.java @@ -10,4 +10,11 @@ import com.baomidou.mybatisplus.extension.service.IService; */ public interface SysUserService extends IService { + + /** + * 根据用户名查询用户 + * @param username 用户名 + * @return SysUser + */ + SysUser getByUsername(String username); } diff --git a/src/main/java/com/supervision/ai/service/hub/service/impl/SysAppServiceImpl.java b/src/main/java/com/supervision/ai/service/hub/service/impl/SysAppServiceImpl.java index da03148..feda79c 100644 --- a/src/main/java/com/supervision/ai/service/hub/service/impl/SysAppServiceImpl.java +++ b/src/main/java/com/supervision/ai/service/hub/service/impl/SysAppServiceImpl.java @@ -15,6 +15,10 @@ import org.springframework.stereotype.Service; public class SysAppServiceImpl extends ServiceImpl implements SysAppService{ + @Override + public SysApp getByAppName(String appName) { + return this.lambdaQuery().eq(SysApp::getAppName, appName).one(); + } } diff --git a/src/main/java/com/supervision/ai/service/hub/service/impl/SysUserServiceImpl.java b/src/main/java/com/supervision/ai/service/hub/service/impl/SysUserServiceImpl.java index 6369535..529fae4 100644 --- a/src/main/java/com/supervision/ai/service/hub/service/impl/SysUserServiceImpl.java +++ b/src/main/java/com/supervision/ai/service/hub/service/impl/SysUserServiceImpl.java @@ -15,6 +15,10 @@ import org.springframework.stereotype.Service; public class SysUserServiceImpl extends ServiceImpl implements SysUserService{ + @Override + public SysUser getByUsername(String username) { + return this.lambdaQuery().eq(SysUser::getUserName, username).one(); + } } diff --git a/src/main/java/com/supervision/ai/service/hub/service/impl/SysUserService.java b/src/main/java/com/supervision/ai/service/hub/service/impl/UserDetailsServiceImpl.java similarity index 54% rename from src/main/java/com/supervision/ai/service/hub/service/impl/SysUserService.java rename to src/main/java/com/supervision/ai/service/hub/service/impl/UserDetailsServiceImpl.java index 8b995ec..001c005 100644 --- a/src/main/java/com/supervision/ai/service/hub/service/impl/SysUserService.java +++ b/src/main/java/com/supervision/ai/service/hub/service/impl/UserDetailsServiceImpl.java @@ -1,10 +1,11 @@ package com.supervision.ai.service.hub.service.impl; -import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; -import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.supervision.ai.service.hub.domain.SysApp; import com.supervision.ai.service.hub.domain.SysUser; -import com.supervision.ai.service.hub.mapper.SysUserMapper; +import com.supervision.ai.service.hub.service.SysAppService; +import com.supervision.ai.service.hub.service.SysUserService; +import lombok.RequiredArgsConstructor; +import lombok.extern.slf4j.Slf4j; import org.springframework.security.authentication.DisabledException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.User; @@ -18,31 +19,35 @@ import java.util.List; import static com.supervision.ai.service.hub.constant.UserConstant.USER_STATUS_DISABLED; +@Slf4j @Service -public class SysUserService extends ServiceImpl implements UserDetailsService { - - /** - * 根据用户名加载用户信息 - * Spring Security 会调用该方法来获取用户信息 - * - * @param username 用户名 - * @return UserDetails - * @throws UsernameNotFoundException 用户名未找到异常 - */ +@RequiredArgsConstructor +public class UserDetailsServiceImpl implements UserDetailsService { + + private final SysUserService sysUserService; + + private final SysAppService sysAppService; + @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { - SysUser user = this.getOne(new LambdaQueryWrapper().eq(SysUser::getUserName, username)); - if (user == null) { - throw new UsernameNotFoundException("用户不存在: " + username); - } - if (USER_STATUS_DISABLED.equals(user.getStatus())) { - throw new DisabledException("用户已被禁用"); - } + + // 由于sys_app表数据较少,所以优先从sys_app表中查询 + SysApp sysApp = sysAppService.getByAppName(username); + // 将查询到的用户信息组装成UserDetails对象 // **扩展点**:如需加载用户角色权限,可在此处查询 sys_user_role 表关联的角色,并将角色加入 authorities 列表 List authorities = Collections.emptyList(); // 使用Spring Security提供的User对象作为UserDetails返回 - return new User(user.getUserName(), user.getPassword(), authorities); + if (null == sysApp){ + SysUser user = sysUserService.getByUsername(username); + if (user == null) { + throw new UsernameNotFoundException("用户不存在: " + username); + } + if (USER_STATUS_DISABLED.equals(user.getStatus())) { + throw new DisabledException("用户已被禁用"); + } + return new User(user.getUserName(), user.getPassword(), authorities); + } + return new User(sysApp.getAppName(), sysApp.getPassword(), authorities); } - }