修改认证授权代码

src/main/java/com/supervision/ai/service/hub/config/SecurityConfig.java

@@ -1,11 +1,9 @@
 package com.supervision.ai.service.hub.config;
 
 import com.supervision.ai.service.hub.filter.JwtAuthenticationFilter;
-import com.supervision.ai.service.hub.service.impl.SysUserService;
 import io.jsonwebtoken.SignatureAlgorithm;
 import io.jsonwebtoken.security.Keys;
 import lombok.RequiredArgsConstructor;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -17,6 +15,7 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
@@ -30,7 +29,7 @@ import java.util.Base64;
 public class SecurityConfig {
 
     private final JwtAuthenticationFilter jwtAuthenticationFilter;
-    private final SysUserService sysUserService;
+    private final UserDetailsService userDetailsService;
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
@@ -56,7 +55,7 @@ public class SecurityConfig {
     public AuthenticationProvider authenticationProvider() {
         // 使用DaoAuthenticationProvider，并注入自定义的UserDetailsService和PasswordEncoder
         DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
-        authProvider.setUserDetailsService(sysUserService);  // 从数据库读取用户进行认证
+        authProvider.setUserDetailsService(userDetailsService);  // 从数据库读取用户进行认证
         authProvider.setPasswordEncoder(passwordEncoder());  // 使用BCrypt密码器验证密码
         return authProvider;
     }

src/main/java/com/supervision/ai/service/hub/controller/SysUserController.java

@@ -1,9 +1,7 @@
 package com.supervision.ai.service.hub.controller;
 
-import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.supervision.ai.service.hub.domain.SysApp;
 import com.supervision.ai.service.hub.domain.SysUser;
-import com.supervision.ai.service.hub.service.impl.SysUserService;
+import com.supervision.ai.service.hub.service.SysUserService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.Authentication;
@@ -31,7 +29,7 @@ public class SysUserController {
     public ResponseEntity<?> getCurrentUserDetails() {
         Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
         String username = authentication.getName();
-        SysUser user = sysUserService.getOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getUserName, username));
+        SysUser user = sysUserService.getByUsername(username);
         if (user == null) {
             return ResponseEntity.status(404).body("用户不存在");
         }

src/main/java/com/supervision/ai/service/hub/filter/JwtAuthenticationFilter.java

@@ -1,6 +1,5 @@
 package com.supervision.ai.service.hub.filter;
 
-import com.supervision.ai.service.hub.service.impl.SysUserService;
 import com.supervision.ai.service.hub.util.JwtUtils;
 import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
@@ -11,6 +10,7 @@ import lombok.RequiredArgsConstructor;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;
@@ -23,7 +23,7 @@ import java.io.IOException;
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
     private final JwtUtils jwtUtils;
-    private final SysUserService sysUserService;
+    private final UserDetailsService userDetailsService;
 
     @Override
     protected void doFilterInternal(HttpServletRequest request, @NonNull HttpServletResponse response,
@@ -44,9 +44,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
             // 如果成功提取到用户名，并且当前没有已认证的用户
             if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
                 // 根据用户名从数据库加载用户信息
-                UserDetails userDetails = sysUserService.loadUserByUsername(username);
+                UserDetails userDetails = userDetailsService.loadUserByUsername(username);
                 // 验证Token的有效性（是否未过期）
-                if (jwtUtils.isTokenExpired(token)) {
+                if (!jwtUtils.isTokenExpired(token)) {
                     // 将用户信息封装到Authentication对象中，标记为已认证
                     UsernamePasswordAuthenticationToken authToken =
                             new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());

src/main/java/com/supervision/ai/service/hub/service/SysAppService.java

@@ -10,4 +10,10 @@ import com.baomidou.mybatisplus.extension.service.IService;
 */
 public interface SysAppService extends IService<SysApp> {
 
+    /**
+     * 根据应用名称查询应用
+     * @param appName 应用名称
+     * @return SysApp
+     */
+    SysApp getByAppName(String appName);
 }

src/main/java/com/supervision/ai/service/hub/service/SysUserService.java

@@ -10,4 +10,11 @@ import com.baomidou.mybatisplus.extension.service.IService;
 */
 public interface SysUserService extends IService<SysUser> {
 
+
+    /**
+     * 根据用户名查询用户
+     * @param username 用户名
+     * @return SysUser
+     */
+    SysUser getByUsername(String username);
 }

src/main/java/com/supervision/ai/service/hub/service/impl/SysAppServiceImpl.java

@@ -15,6 +15,10 @@ import org.springframework.stereotype.Service;
 public class SysAppServiceImpl extends ServiceImpl<SysAppMapper, SysApp>
     implements SysAppService{
 
+    @Override
+    public SysApp getByAppName(String appName) {
+        return this.lambdaQuery().eq(SysApp::getAppName, appName).one();
+    }
 }
 
 

src/main/java/com/supervision/ai/service/hub/service/impl/SysUserServiceImpl.java

@@ -15,6 +15,10 @@ import org.springframework.stereotype.Service;
 public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser>
     implements SysUserService{
 
+    @Override
+    public SysUser getByUsername(String username) {
+        return this.lambdaQuery().eq(SysUser::getUserName, username).one();
+    }
 }
 
 

src/main/java/com/supervision/ai/service/hub/service/impl/UserDetailsServiceImpl.java

@@ -1,10 +1,11 @@
 package com.supervision.ai.service.hub.service.impl;
 
-import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.supervision.ai.service.hub.domain.SysApp;
 import com.supervision.ai.service.hub.domain.SysUser;
-import com.supervision.ai.service.hub.mapper.SysUserMapper;
+import com.supervision.ai.service.hub.service.SysAppService;
+import com.supervision.ai.service.hub.service.SysUserService;
+import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.userdetails.User;
@@ -18,31 +19,35 @@ import java.util.List;
 
 import static com.supervision.ai.service.hub.constant.UserConstant.USER_STATUS_DISABLED;
 
+@Slf4j
 @Service
-public class SysUserService extends ServiceImpl<SysUserMapper, SysUser> implements UserDetailsService {
-
-    /**
-     * 根据用户名加载用户信息
-     * Spring Security 会调用该方法来获取用户信息
-     *
-     * @param username 用户名
-     * @return UserDetails
-     * @throws UsernameNotFoundException 用户名未找到异常
-     */
+@RequiredArgsConstructor
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+    private final SysUserService sysUserService;
+
+    private final SysAppService sysAppService;
+
     @Override
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-        SysUser user = this.getOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getUserName, username));
-        if (user == null) {
-            throw new UsernameNotFoundException("用户不存在: " + username);
-        }
-        if (USER_STATUS_DISABLED.equals(user.getStatus())) {
-            throw new DisabledException("用户已被禁用");
-        }
+
+        // 由于sys_app表数据较少，所以优先从sys_app表中查询
+        SysApp sysApp = sysAppService.getByAppName(username);
+
         // 将查询到的用户信息组装成UserDetails对象
         // **扩展点**：如需加载用户角色权限，可在此处查询 sys_user_role 表关联的角色，并将角色加入 authorities 列表
         List<GrantedAuthority> authorities = Collections.emptyList();
         // 使用Spring Security提供的User对象作为UserDetails返回
-        return new User(user.getUserName(), user.getPassword(), authorities);
+        if (null == sysApp){
+            SysUser user = sysUserService.getByUsername(username);
+            if (user == null) {
+                throw new UsernameNotFoundException("用户不存在: " + username);
+            }
+            if (USER_STATUS_DISABLED.equals(user.getStatus())) {
+                throw new DisabledException("用户已被禁用");
+            }
+            return new User(user.getUserName(), user.getPassword(), authorities);
+        }
+        return new User(sysApp.getAppName(), sysApp.getPassword(), authorities);
     }
-
 }