From 27e1748457a4bb33391a909b96553693561a6e22 Mon Sep 17 00:00:00 2001 From: lihongbiao <964708803@qq.com> Date: Wed, 16 Jul 2025 12:01:41 +0800 Subject: [PATCH] =?UTF-8?q?b=E7=AB=AF=E6=B3=A8=E9=87=8A?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/security/TokenProvider.java | 48 ++--- .../security/service/BOnlineUserService.java | 38 ++-- .../security/service/BUserDetailsService.java | 54 +++--- .../security/service/dto/JwtCustomerDto.java | 164 +++++++++--------- .../controller/CnCustomerController.java | 97 +++++------ 5 files changed, 198 insertions(+), 203 deletions(-) diff --git a/aircraft-system/src/main/java/com/aircraft/modules/security/security/TokenProvider.java b/aircraft-system/src/main/java/com/aircraft/modules/security/security/TokenProvider.java index 37e7faf..b5a16c4 100644 --- a/aircraft-system/src/main/java/com/aircraft/modules/security/security/TokenProvider.java +++ b/aircraft-system/src/main/java/com/aircraft/modules/security/security/TokenProvider.java @@ -18,7 +18,7 @@ package com.aircraft.modules.security.security; import cn.hutool.core.date.DateField; import cn.hutool.core.date.DateUtil; import cn.hutool.core.util.IdUtil; -import com.aircraft.modules.security.service.dto.JwtCustomerDto; +//import com.aircraft.modules.security.service.dto.JwtCustomerDto; import io.jsonwebtoken.*; import io.jsonwebtoken.io.Decoders; import io.jsonwebtoken.security.Keys; @@ -87,29 +87,29 @@ public class TokenProvider implements InitializingBean { .compact(); } - /** - * 创建Token 设置永不过期, - * Token 的时间有效性转到Redis 维护 - * @param user / - * @return / - */ - public String createToken(JwtCustomerDto user) { - // 设置参数 - Map claims = new HashMap<>(6); - // 设置用户ID - claims.put(AUTHORITIES_UID_KEY, user.getUser().getId()); - // 设置UUID,确保每次Token不一样 - claims.put(AUTHORITIES_UUID_KEY, IdUtil.simpleUUID()); - // 直接调用 Jwts.builder() 创建新实例 - return Jwts.builder() - // 设置自定义 Claims - .setClaims(claims) - // 设置主题 - .setSubject(user.getUsername()) - // 使用预生成的签名密钥和算法签名 - .signWith(signingKey, SignatureAlgorithm.HS512) - .compact(); - } +// /** +// * 创建Token 设置永不过期, +// * Token 的时间有效性转到Redis 维护 +// * @param user / +// * @return / +// */ +// public String createToken(JwtCustomerDto user) { +// // 设置参数 +// Map claims = new HashMap<>(6); +// // 设置用户ID +// claims.put(AUTHORITIES_UID_KEY, user.getUser().getId()); +// // 设置UUID,确保每次Token不一样 +// claims.put(AUTHORITIES_UUID_KEY, IdUtil.simpleUUID()); +// // 直接调用 Jwts.builder() 创建新实例 +// return Jwts.builder() +// // 设置自定义 Claims +// .setClaims(claims) +// // 设置主题 +// .setSubject(user.getUsername()) +// // 使用预生成的签名密钥和算法签名 +// .signWith(signingKey, SignatureAlgorithm.HS512) +// .compact(); +// } /** * 依据Token 获取鉴权信息 diff --git a/aircraft-system/src/main/java/com/aircraft/modules/security/service/BOnlineUserService.java b/aircraft-system/src/main/java/com/aircraft/modules/security/service/BOnlineUserService.java index 004f905..fe1a57f 100644 --- a/aircraft-system/src/main/java/com/aircraft/modules/security/service/BOnlineUserService.java +++ b/aircraft-system/src/main/java/com/aircraft/modules/security/service/BOnlineUserService.java @@ -1,19 +1,19 @@ -package com.aircraft.modules.security.service; - -import com.aircraft.modules.security.service.dto.JwtCustomerDto; -import com.aircraft.modules.security.service.dto.JwtUserDto; -import org.springframework.stereotype.Service; - -import javax.servlet.http.HttpServletRequest; - -@Service -public class BOnlineUserService { - public void save(JwtCustomerDto user, String token, HttpServletRequest request) { - // 实现B端在线用户存储逻辑 - // 可存入不同redis前缀的键值对 - } - - public void kickOutForUsername(String username) { - // B端踢人逻辑 - } -} \ No newline at end of file +//package com.aircraft.modules.security.service; +// +//import com.aircraft.modules.security.service.dto.JwtCustomerDto; +//import com.aircraft.modules.security.service.dto.JwtUserDto; +//import org.springframework.stereotype.Service; +// +//import javax.servlet.http.HttpServletRequest; +// +//@Service +//public class BOnlineUserService { +// public void save(JwtCustomerDto user, String token, HttpServletRequest request) { +// // 实现B端在线用户存储逻辑 +// // 可存入不同redis前缀的键值对 +// } +// +// public void kickOutForUsername(String username) { +// // B端踢人逻辑 +// } +//} \ No newline at end of file diff --git a/aircraft-system/src/main/java/com/aircraft/modules/security/service/BUserDetailsService.java b/aircraft-system/src/main/java/com/aircraft/modules/security/service/BUserDetailsService.java index aa4f693..e34af4a 100644 --- a/aircraft-system/src/main/java/com/aircraft/modules/security/service/BUserDetailsService.java +++ b/aircraft-system/src/main/java/com/aircraft/modules/security/service/BUserDetailsService.java @@ -1,27 +1,27 @@ -package com.aircraft.modules.security.service; - -import com.aircraft.modules.security.service.dto.JwtCustomerDto; -import com.aircraft.modules.security.service.dto.JwtUserDto; -import com.aircraft.modules.system.domain.CnCustomer; -import com.aircraft.modules.system.service.CnCustomerService; -import lombok.RequiredArgsConstructor; -import lombok.extern.slf4j.Slf4j; -import org.springframework.security.core.userdetails.UserDetailsService; -import org.springframework.stereotype.Service; - -@Slf4j -@RequiredArgsConstructor -@Service("bUserDetailsService") -public class BUserDetailsService implements UserDetailsService { - - private final CnCustomerService cnCustomerService; - - @Override - public JwtCustomerDto loadUserByUsername(String phone) { - // 查询B端用户表(如b_user) - CnCustomer customer = cnCustomerService.findByphone(phone); - // 转换JwtUserDto(包含权限信息) -// return convertToJwtUser(customer); - return null; - } -} \ No newline at end of file +//package com.aircraft.modules.security.service; +// +//import com.aircraft.modules.security.service.dto.JwtCustomerDto; +//import com.aircraft.modules.security.service.dto.JwtUserDto; +//import com.aircraft.modules.system.domain.CnCustomer; +//import com.aircraft.modules.system.service.CnCustomerService; +//import lombok.RequiredArgsConstructor; +//import lombok.extern.slf4j.Slf4j; +//import org.springframework.security.core.userdetails.UserDetailsService; +//import org.springframework.stereotype.Service; +// +//@Slf4j +//@RequiredArgsConstructor +//@Service("bUserDetailsService") +//public class BUserDetailsService implements UserDetailsService { +// +// private final CnCustomerService cnCustomerService; +// +// @Override +// public JwtCustomerDto loadUserByUsername(String phone) { +// // 查询B端用户表(如b_user) +// CnCustomer customer = cnCustomerService.findByphone(phone); +// // 转换JwtUserDto(包含权限信息) +//// return convertToJwtUser(customer); +// return null; +// } +//} \ No newline at end of file diff --git a/aircraft-system/src/main/java/com/aircraft/modules/security/service/dto/JwtCustomerDto.java b/aircraft-system/src/main/java/com/aircraft/modules/security/service/dto/JwtCustomerDto.java index b30a3e4..ddba8ee 100644 --- a/aircraft-system/src/main/java/com/aircraft/modules/security/service/dto/JwtCustomerDto.java +++ b/aircraft-system/src/main/java/com/aircraft/modules/security/service/dto/JwtCustomerDto.java @@ -1,82 +1,82 @@ -/* - * Copyright 2019-2025 Zheng Jie - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.aircraft.modules.security.service.dto; - -import com.aircraft.modules.system.domain.CnCustomer; -import com.aircraft.modules.system.domain.Dept; -import com.aircraft.modules.system.domain.EmEmployees; -import com.aircraft.utils.enums.UserTypeEnum; -import com.alibaba.fastjson2.annotation.JSONField; -import io.swagger.annotations.ApiModelProperty; -import lombok.AllArgsConstructor; -import lombok.Getter; -import org.springframework.security.core.userdetails.UserDetails; - -import java.util.ArrayList; -import java.util.List; -import java.util.Set; -import java.util.stream.Collectors; - -/** - * @author Zheng Jie - * @date 2018-11-23 - */ -@Getter -@AllArgsConstructor -public class JwtCustomerDto implements UserDetails { - - @ApiModelProperty(value = "用户") - private LoginUserDto user; - - @ApiModelProperty(value = "角色") - private final List authorities; - - @Override - @JSONField(serialize = false) - public String getPassword() { - return user.getPassword(); - } - - @Override - @JSONField(serialize = false) - public String getUsername() { - return user.getUsername(); - } - - @JSONField(serialize = false) - @Override - public boolean isAccountNonExpired() { - return true; - } - - @JSONField(serialize = false) - @Override - public boolean isAccountNonLocked() { - return true; - } - - @JSONField(serialize = false) - @Override - public boolean isCredentialsNonExpired() { - return true; - } - - @Override - @JSONField(serialize = false) - public boolean isEnabled() { - return user.getEnabled(); - } -} +///* +// * Copyright 2019-2025 Zheng Jie +// * +// * Licensed under the Apache License, Version 2.0 (the "License"); +// * you may not use this file except in compliance with the License. +// * You may obtain a copy of the License at +// * +// * http://www.apache.org/licenses/LICENSE-2.0 +// * +// * Unless required by applicable law or agreed to in writing, software +// * distributed under the License is distributed on an "AS IS" BASIS, +// * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// * See the License for the specific language governing permissions and +// * limitations under the License. +// */ +//package com.aircraft.modules.security.service.dto; +// +//import com.aircraft.modules.system.domain.CnCustomer; +//import com.aircraft.modules.system.domain.Dept; +//import com.aircraft.modules.system.domain.EmEmployees; +//import com.aircraft.utils.enums.UserTypeEnum; +//import com.alibaba.fastjson2.annotation.JSONField; +//import io.swagger.annotations.ApiModelProperty; +//import lombok.AllArgsConstructor; +//import lombok.Getter; +//import org.springframework.security.core.userdetails.UserDetails; +// +//import java.util.ArrayList; +//import java.util.List; +//import java.util.Set; +//import java.util.stream.Collectors; +// +///** +// * @author Zheng Jie +// * @date 2018-11-23 +// */ +//@Getter +//@AllArgsConstructor +//public class JwtCustomerDto implements UserDetails { +// +// @ApiModelProperty(value = "用户") +// private LoginUserDto user; +// +// @ApiModelProperty(value = "角色") +// private final List authorities; +// +// @Override +// @JSONField(serialize = false) +// public String getPassword() { +// return user.getPassword(); +// } +// +// @Override +// @JSONField(serialize = false) +// public String getUsername() { +// return user.getUsername(); +// } +// +// @JSONField(serialize = false) +// @Override +// public boolean isAccountNonExpired() { +// return true; +// } +// +// @JSONField(serialize = false) +// @Override +// public boolean isAccountNonLocked() { +// return true; +// } +// +// @JSONField(serialize = false) +// @Override +// public boolean isCredentialsNonExpired() { +// return true; +// } +// +// @Override +// @JSONField(serialize = false) +// public boolean isEnabled() { +// return user.getEnabled(); +// } +//} diff --git a/aircraft-system/src/main/java/com/aircraft/modules/system/controller/CnCustomerController.java b/aircraft-system/src/main/java/com/aircraft/modules/system/controller/CnCustomerController.java index 62eaed3..251973e 100644 --- a/aircraft-system/src/main/java/com/aircraft/modules/system/controller/CnCustomerController.java +++ b/aircraft-system/src/main/java/com/aircraft/modules/system/controller/CnCustomerController.java @@ -9,13 +9,8 @@ import com.aircraft.modules.security.config.BLoginProperties; import com.aircraft.modules.security.config.LoginProperties; import com.aircraft.modules.security.config.SecurityProperties; import com.aircraft.modules.security.security.TokenProvider; -import com.aircraft.modules.security.service.BOnlineUserService; -import com.aircraft.modules.security.service.BUserDetailsService; import com.aircraft.modules.security.service.OnlineUserService; import com.aircraft.modules.security.service.UserDetailsServiceImpl; -import com.aircraft.modules.security.service.dto.AuthUserDto; -import com.aircraft.modules.security.service.dto.JwtCustomerDto; -import com.aircraft.modules.security.service.dto.JwtUserDto; import com.aircraft.modules.system.domain.CnCustomer; import com.aircraft.modules.system.service.CnCustomerService; import com.aircraft.utils.PageResult; @@ -75,9 +70,9 @@ public class CnCustomerController { private final LoginProperties loginProperties; private final PasswordEncoder passwordEncoder; private final UserDetailsServiceImpl userDetailsService; - private final BUserDetailsService bUserDetailsService; - private final BLoginProperties bLoginProperties; - private final BOnlineUserService bOnlineUserService; +// private final BUserDetailsService bUserDetailsService; +// private final BLoginProperties bLoginProperties; +// private final BOnlineUserService bOnlineUserService; @Log("分页查询客户") @ApiOperation(value = "分页查询客户", notes = "分页查询客户") @@ -202,48 +197,48 @@ public class CnCustomerController { // return ResponseEntity.ok(authInfo); // } - @Log("B端用户登录") - @ApiOperation("B端登录授权") - @AnonymousPostMapping(value = "/b/login") - public ResponseEntity loginB(@Validated @RequestBody AuthUserDto authUser, - HttpServletRequest request) throws Exception { - - // 1. 密码解密(与后台相同) - String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword()); - - // 3. 使用B端专属服务加载用户 ★核心修改★ - // 假设:BUserDetailsService 是专门为B端实现的UserDetailsService - JwtCustomerDto jwtUser = bUserDetailsService.loadUserByUsername(authUser.getUsername()); - - // 4. 密码验证(保持相同逻辑) - if (!passwordEncoder.matches(password, jwtUser.getPassword())) { - throw new BadRequestException("登录密码错误"); - } - - // 5. 设置认证信息 - Authentication authentication = new UsernamePasswordAuthenticationToken( - jwtUser, null, jwtUser.getAuthorities() - ); - SecurityContextHolder.getContext().setAuthentication(authentication); - - // 6. 生成令牌(复用相同机制) - String token = tokenProvider.createToken(jwtUser); - - // 7. 返回信息(可调整返回字段) - Map authInfo = new HashMap<>(2) {{ - put("token", properties.getTokenStartWith() + token); - put("user", jwtUser); // 返回B端用户信息 - }}; - - // 8. 单设备登录控制(可选) - if (bLoginProperties.isSingleLogin()) { // B端专属配置 - bOnlineUserService.kickOutForUsername(authUser.getUsername()); - } - - // 9. 保存B端在线用户 ★核心修改★ - bOnlineUserService.save(jwtUser, token, request); - - return ResponseEntity.ok(authInfo); - } +// @Log("B端用户登录") +// @ApiOperation("B端登录授权") +// @AnonymousPostMapping(value = "/b/login") +// public ResponseEntity loginB(@Validated @RequestBody AuthUserDto authUser, +// HttpServletRequest request) throws Exception { +// +// // 1. 密码解密(与后台相同) +// String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword()); +// +// // 3. 使用B端专属服务加载用户 ★核心修改★ +// // 假设:BUserDetailsService 是专门为B端实现的UserDetailsService +// JwtCustomerDto jwtUser = bUserDetailsService.loadUserByUsername(authUser.getUsername()); +// +// // 4. 密码验证(保持相同逻辑) +// if (!passwordEncoder.matches(password, jwtUser.getPassword())) { +// throw new BadRequestException("登录密码错误"); +// } +// +// // 5. 设置认证信息 +// Authentication authentication = new UsernamePasswordAuthenticationToken( +// jwtUser, null, jwtUser.getAuthorities() +// ); +// SecurityContextHolder.getContext().setAuthentication(authentication); +// +// // 6. 生成令牌(复用相同机制) +// String token = tokenProvider.createToken(jwtUser); +// +// // 7. 返回信息(可调整返回字段) +// Map authInfo = new HashMap<>(2) {{ +// put("token", properties.getTokenStartWith() + token); +// put("user", jwtUser); // 返回B端用户信息 +// }}; +// +// // 8. 单设备登录控制(可选) +// if (bLoginProperties.isSingleLogin()) { // B端专属配置 +// bOnlineUserService.kickOutForUsername(authUser.getUsername()); +// } +// +// // 9. 保存B端在线用户 ★核心修改★ +// bOnlineUserService.save(jwtUser, token, request); +// +// return ResponseEntity.ok(authInfo); +// } }