Commit cf1696e0d6f148445bb21dca6f066d8e07bc3234
1 parent
d46fc9de
修复使用jwt后导致的用户管理功能异常
Showing
9 changed files
with
29 additions
and
122 deletions
README.md
| @@ -117,7 +117,8 @@ QQ群不再接受新成员直接进入,希望大家多多参考文档,用户 | @@ -117,7 +117,8 @@ QQ群不再接受新成员直接进入,希望大家多多参考文档,用户 | ||
| 117 | # 授权协议 | 117 | # 授权协议 |
| 118 | 本项目自有代码使用宽松的MIT协议,在保留版权信息的情况下可以自由应用于各自商用、非商业的项目。 但是本项目也零碎的使用了一些其他的开源代码,在商用的情况下请自行替代或剔除; 由于使用本项目而产生的商业纠纷或侵权行为一概与本项目及开发者无关,请自行承担法律风险。 在使用本项目代码时,也应该在授权协议中同时表明本项目依赖的第三方库的协议 | 118 | 本项目自有代码使用宽松的MIT协议,在保留版权信息的情况下可以自由应用于各自商用、非商业的项目。 但是本项目也零碎的使用了一些其他的开源代码,在商用的情况下请自行替代或剔除; 由于使用本项目而产生的商业纠纷或侵权行为一概与本项目及开发者无关,请自行承担法律风险。 在使用本项目代码时,也应该在授权协议中同时表明本项目依赖的第三方库的协议 |
| 119 | 119 | ||
| 120 | -# 付费技术支持 | 120 | +# 技术支持 |
| 121 | +建议加入[知识星球](https://t.zsxq.com/0drbw002x)可以获取更多的教程以及更加及时的回复。 | ||
| 121 | 如果项目需要一对一的技术支持,或者棘手的问题需要解决,请发送邮件到648540858@qq.com | 122 | 如果项目需要一对一的技术支持,或者棘手的问题需要解决,请发送邮件到648540858@qq.com |
| 122 | 123 | ||
| 123 | # 致谢 | 124 | # 致谢 |
src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
| @@ -2,6 +2,8 @@ package com.genersoft.iot.vmp.conf.security; | @@ -2,6 +2,8 @@ package com.genersoft.iot.vmp.conf.security; | ||
| 2 | 2 | ||
| 3 | import com.genersoft.iot.vmp.conf.UserSetting; | 3 | import com.genersoft.iot.vmp.conf.UserSetting; |
| 4 | import com.genersoft.iot.vmp.conf.security.dto.JwtUser; | 4 | import com.genersoft.iot.vmp.conf.security.dto.JwtUser; |
| 5 | +import com.genersoft.iot.vmp.storager.dao.dto.Role; | ||
| 6 | +import com.genersoft.iot.vmp.storager.dao.dto.User; | ||
| 5 | import org.apache.commons.lang3.StringUtils; | 7 | import org.apache.commons.lang3.StringUtils; |
| 6 | import org.springframework.beans.factory.annotation.Autowired; | 8 | import org.springframework.beans.factory.annotation.Autowired; |
| 7 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; | 9 | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
| @@ -75,7 +77,13 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { | @@ -75,7 +77,13 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { | ||
| 75 | } | 77 | } |
| 76 | 78 | ||
| 77 | // 构建UsernamePasswordAuthenticationToken,这里密码为null,是因为提供了正确的JWT,实现自动登录 | 79 | // 构建UsernamePasswordAuthenticationToken,这里密码为null,是因为提供了正确的JWT,实现自动登录 |
| 78 | - UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, jwtUser.getPassword(), new ArrayList<>() ); | 80 | + User user = new User(); |
| 81 | + user.setUsername(jwtUser.getUserName()); | ||
| 82 | + user.setPassword(jwtUser.getPassword()); | ||
| 83 | + Role role = new Role(); | ||
| 84 | + role.setId(jwtUser.getRoleId()); | ||
| 85 | + user.setRole(role); | ||
| 86 | + UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user, jwtUser.getPassword(), new ArrayList<>() ); | ||
| 79 | SecurityContextHolder.getContext().setAuthentication(token); | 87 | SecurityContextHolder.getContext().setAuthentication(token); |
| 80 | chain.doFilter(request, response); | 88 | chain.doFilter(request, response); |
| 81 | } | 89 | } |
src/main/java/com/genersoft/iot/vmp/conf/security/JwtUtils.java
| @@ -37,7 +37,7 @@ public class JwtUtils { | @@ -37,7 +37,7 @@ public class JwtUtils { | ||
| 37 | */ | 37 | */ |
| 38 | public static final long expirationTime = 30; | 38 | public static final long expirationTime = 30; |
| 39 | 39 | ||
| 40 | - public static String createToken(String username, String password) { | 40 | + public static String createToken(String username, String password, Integer roleId) { |
| 41 | try { | 41 | try { |
| 42 | /** | 42 | /** |
| 43 | * “iss” (issuer) 发行人 | 43 | * “iss” (issuer) 发行人 |
| @@ -64,6 +64,7 @@ public class JwtUtils { | @@ -64,6 +64,7 @@ public class JwtUtils { | ||
| 64 | //添加自定义参数,必须是字符串类型 | 64 | //添加自定义参数,必须是字符串类型 |
| 65 | claims.setClaim("username", username); | 65 | claims.setClaim("username", username); |
| 66 | claims.setClaim("password", password); | 66 | claims.setClaim("password", password); |
| 67 | + claims.setClaim("roleId", roleId); | ||
| 67 | 68 | ||
| 68 | //jws | 69 | //jws |
| 69 | JsonWebSignature jws = new JsonWebSignature(); | 70 | JsonWebSignature jws = new JsonWebSignature(); |
| @@ -118,8 +119,10 @@ public class JwtUtils { | @@ -118,8 +119,10 @@ public class JwtUtils { | ||
| 118 | 119 | ||
| 119 | String username = (String) claims.getClaimValue("username"); | 120 | String username = (String) claims.getClaimValue("username"); |
| 120 | String password = (String) claims.getClaimValue("password"); | 121 | String password = (String) claims.getClaimValue("password"); |
| 122 | + Long roleId = (Long) claims.getClaimValue("roleId"); | ||
| 121 | jwtUser.setUserName(username); | 123 | jwtUser.setUserName(username); |
| 122 | jwtUser.setPassword(password); | 124 | jwtUser.setPassword(password); |
| 125 | + jwtUser.setRoleId(roleId.intValue()); | ||
| 123 | 126 | ||
| 124 | return jwtUser; | 127 | return jwtUser; |
| 125 | } catch (InvalidJwtException e) { | 128 | } catch (InvalidJwtException e) { |
src/main/java/com/genersoft/iot/vmp/conf/security/LoginFailureHandler.java deleted
100644 → 0
| 1 | -package com.genersoft.iot.vmp.conf.security; | ||
| 2 | - | ||
| 3 | -import com.fasterxml.jackson.databind.ObjectMapper; | ||
| 4 | -import org.slf4j.Logger; | ||
| 5 | -import org.slf4j.LoggerFactory; | ||
| 6 | -import org.springframework.beans.factory.annotation.Autowired; | ||
| 7 | -import org.springframework.security.authentication.*; | ||
| 8 | -import org.springframework.security.core.AuthenticationException; | ||
| 9 | -import org.springframework.security.web.authentication.AuthenticationFailureHandler; | ||
| 10 | -import org.springframework.stereotype.Component; | ||
| 11 | - | ||
| 12 | -import javax.servlet.ServletException; | ||
| 13 | -import javax.servlet.http.HttpServletRequest; | ||
| 14 | -import javax.servlet.http.HttpServletResponse; | ||
| 15 | -import java.io.IOException; | ||
| 16 | -import java.util.HashMap; | ||
| 17 | -import java.util.Map; | ||
| 18 | - | ||
| 19 | -@Component | ||
| 20 | -public class LoginFailureHandler implements AuthenticationFailureHandler { | ||
| 21 | - | ||
| 22 | - private final static Logger logger = LoggerFactory.getLogger(LoginFailureHandler.class); | ||
| 23 | - | ||
| 24 | - @Autowired | ||
| 25 | - private ObjectMapper objectMapper; | ||
| 26 | - | ||
| 27 | - @Override | ||
| 28 | - public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException { | ||
| 29 | - | ||
| 30 | - String username = request.getParameter("username"); | ||
| 31 | - if (e instanceof AccountExpiredException) { | ||
| 32 | - // 账号过期 | ||
| 33 | - logger.info("[登录失败] - 用户[{}]账号过期", username); | ||
| 34 | - | ||
| 35 | - } else if (e instanceof BadCredentialsException) { | ||
| 36 | - // 密码错误 | ||
| 37 | - logger.info("[登录失败] - 用户[{}]密码/SIP服务器ID 错误", username); | ||
| 38 | - | ||
| 39 | - } else if (e instanceof CredentialsExpiredException) { | ||
| 40 | - // 密码过期 | ||
| 41 | - logger.info("[登录失败] - 用户[{}]密码过期", username); | ||
| 42 | - | ||
| 43 | - } else if (e instanceof DisabledException) { | ||
| 44 | - // 用户被禁用 | ||
| 45 | - logger.info("[登录失败] - 用户[{}]被禁用", username); | ||
| 46 | - | ||
| 47 | - } else if (e instanceof LockedException) { | ||
| 48 | - // 用户被锁定 | ||
| 49 | - logger.info("[登录失败] - 用户[{}]被锁定", username); | ||
| 50 | - | ||
| 51 | - } else if (e instanceof InternalAuthenticationServiceException) { | ||
| 52 | - // 内部错误 | ||
| 53 | - logger.error(String.format("[登录失败] - [%s]内部错误", username), e); | ||
| 54 | - | ||
| 55 | - } else { | ||
| 56 | - // 其他错误 | ||
| 57 | - logger.error(String.format("[登录失败] - [%s]其他错误", username), e); | ||
| 58 | - } | ||
| 59 | - Map<String, Object> map = new HashMap<>(); | ||
| 60 | - map.put("code","0"); | ||
| 61 | - map.put("msg","登录失败"); | ||
| 62 | - response.setContentType("application/json;charset=UTF-8"); | ||
| 63 | - response.getWriter().write(objectMapper.writeValueAsString(map)); | ||
| 64 | - } | ||
| 65 | -} |
src/main/java/com/genersoft/iot/vmp/conf/security/LoginSuccessHandler.java deleted
100644 → 0
| 1 | -package com.genersoft.iot.vmp.conf.security; | ||
| 2 | - | ||
| 3 | -import org.slf4j.Logger; | ||
| 4 | -import org.slf4j.LoggerFactory; | ||
| 5 | -import org.springframework.security.core.Authentication; | ||
| 6 | -import org.springframework.security.web.authentication.AuthenticationSuccessHandler; | ||
| 7 | -import org.springframework.stereotype.Component; | ||
| 8 | - | ||
| 9 | -import javax.servlet.ServletException; | ||
| 10 | -import javax.servlet.http.HttpServletRequest; | ||
| 11 | -import javax.servlet.http.HttpServletResponse; | ||
| 12 | -import java.io.IOException; | ||
| 13 | - | ||
| 14 | -/** | ||
| 15 | - * @author lin | ||
| 16 | - */ | ||
| 17 | -@Component | ||
| 18 | -public class LoginSuccessHandler implements AuthenticationSuccessHandler { | ||
| 19 | - | ||
| 20 | - private final static Logger logger = LoggerFactory.getLogger(LoginSuccessHandler.class); | ||
| 21 | - | ||
| 22 | - @Override | ||
| 23 | - public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException { | ||
| 24 | -// String username = request.getParameter("username"); | ||
| 25 | -// httpServletResponse.setContentType("application/json;charset=UTF-8"); | ||
| 26 | -// // 生成JWT,并放置到请求头中 | ||
| 27 | -// String jwt = JwtUtils.createToken(authentication.getName(), ); | ||
| 28 | -// httpServletResponse.setHeader(JwtUtils.getHeader(), jwt); | ||
| 29 | -// ServletOutputStream outputStream = httpServletResponse.getOutputStream(); | ||
| 30 | -// outputStream.write(JSON.toJSONString(ErrorCode.SUCCESS).getBytes(StandardCharsets.UTF_8)); | ||
| 31 | -// outputStream.flush(); | ||
| 32 | -// outputStream.close(); | ||
| 33 | - | ||
| 34 | -// logger.info("[登录成功] - [{}]", username); | ||
| 35 | - } | ||
| 36 | -} |
src/main/java/com/genersoft/iot/vmp/conf/security/SecurityUtils.java
| @@ -53,14 +53,10 @@ public class SecurityUtils { | @@ -53,14 +53,10 @@ public class SecurityUtils { | ||
| 53 | Authentication authentication = getAuthentication(); | 53 | Authentication authentication = getAuthentication(); |
| 54 | if(authentication!=null){ | 54 | if(authentication!=null){ |
| 55 | Object principal = authentication.getPrincipal(); | 55 | Object principal = authentication.getPrincipal(); |
| 56 | - if(principal!=null && !"anonymousUser".equals(principal)){ | ||
| 57 | -// LoginUser user = (LoginUser) authentication.getPrincipal(); | 56 | + if(principal!=null && !"anonymousUser".equals(principal.toString())){ |
| 58 | 57 | ||
| 59 | - String username = (String) principal; | ||
| 60 | - User user = new User(); | ||
| 61 | - user.setUsername(username); | ||
| 62 | - LoginUser loginUser = new LoginUser(user, LocalDateTime.now()); | ||
| 63 | - return loginUser; | 58 | + User user = (User) principal; |
| 59 | + return new LoginUser(user, LocalDateTime.now()); | ||
| 64 | } | 60 | } |
| 65 | } | 61 | } |
| 66 | return null; | 62 | return null; |
src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
| @@ -47,16 +47,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { | @@ -47,16 +47,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { | ||
| 47 | * 登出成功的处理 | 47 | * 登出成功的处理 |
| 48 | */ | 48 | */ |
| 49 | @Autowired | 49 | @Autowired |
| 50 | - private LoginFailureHandler loginFailureHandler; | ||
| 51 | - /** | ||
| 52 | - * 登录成功的处理 | ||
| 53 | - */ | ||
| 54 | - @Autowired | ||
| 55 | - private LoginSuccessHandler loginSuccessHandler; | ||
| 56 | - /** | ||
| 57 | - * 登出成功的处理 | ||
| 58 | - */ | ||
| 59 | - @Autowired | ||
| 60 | private LogoutHandler logoutHandler; | 50 | private LogoutHandler logoutHandler; |
| 61 | /** | 51 | /** |
| 62 | * 未登录的处理 | 52 | * 未登录的处理 |
src/main/java/com/genersoft/iot/vmp/conf/security/dto/JwtUser.java
| @@ -25,6 +25,8 @@ public class JwtUser { | @@ -25,6 +25,8 @@ public class JwtUser { | ||
| 25 | 25 | ||
| 26 | private String password; | 26 | private String password; |
| 27 | 27 | ||
| 28 | + private int roleId; | ||
| 29 | + | ||
| 28 | private TokenStatus status; | 30 | private TokenStatus status; |
| 29 | 31 | ||
| 30 | public String getUserName() { | 32 | public String getUserName() { |
| @@ -50,4 +52,12 @@ public class JwtUser { | @@ -50,4 +52,12 @@ public class JwtUser { | ||
| 50 | public void setPassword(String password) { | 52 | public void setPassword(String password) { |
| 51 | this.password = password; | 53 | this.password = password; |
| 52 | } | 54 | } |
| 55 | + | ||
| 56 | + public int getRoleId() { | ||
| 57 | + return roleId; | ||
| 58 | + } | ||
| 59 | + | ||
| 60 | + public void setRoleId(int roleId) { | ||
| 61 | + this.roleId = roleId; | ||
| 62 | + } | ||
| 53 | } | 63 | } |
src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java
| @@ -57,7 +57,7 @@ public class UserController { | @@ -57,7 +57,7 @@ public class UserController { | ||
| 57 | if (user == null) { | 57 | if (user == null) { |
| 58 | throw new ControllerException(ErrorCode.ERROR100.getCode(), "用户名或密码错误"); | 58 | throw new ControllerException(ErrorCode.ERROR100.getCode(), "用户名或密码错误"); |
| 59 | }else { | 59 | }else { |
| 60 | - String jwt = JwtUtils.createToken(username, password); | 60 | + String jwt = JwtUtils.createToken(username, password, user.getRole().getId()); |
| 61 | response.setHeader(JwtUtils.getHeader(), jwt); | 61 | response.setHeader(JwtUtils.getHeader(), jwt); |
| 62 | user.setAccessToken(jwt); | 62 | user.setAccessToken(jwt); |
| 63 | } | 63 | } |