From 7caff277d39c2e17f62f3abd95797b31fb964d0a Mon Sep 17 00:00:00 2001 From: shijie <648688341@qq.com> Date: Thu, 29 Oct 2020 11:07:57 +0800 Subject: [PATCH] =?UTF-8?q?=E5=8A=A0=E5=AF=86openId?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../financial/hrauth/controller/UserLoginController.java | 2 ++ .../financial/hrauth/filter/MyAuthenticationFilter.java | 1 + .../hrauth/handle/AdminAuthenticationProvider.java | 3 +++ .../hrauth/handle/AdminAuthenticationSuccessHandler.java | 3 +++ .../UrlFilterInvocationSecurityMetadataSource.java | 3 +++ .../financial/hrauth/service/impl/UserServiceImpl.java | 9 ++++++--- .../financial/hrms/feign/HrmsAuthFeignService.java | 2 +- .../daqing/financial/gateway/config/ApiGlobalFilter.java | 6 +++++- 8 files changed, 24 insertions(+), 5 deletions(-) diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java index 34a35d54..21bdab41 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java @@ -8,6 +8,7 @@ import com.daqing.framework.domain.hrms.UserEntity; import com.daqing.framework.domain.hrms.request.*; import com.daqing.framework.model.response.ResponseResult; import com.daqing.framework.util.JwtUtils; +import com.daqing.framework.util.RedisUtil; import com.daqing.framework.util.SendUtil; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; @@ -129,6 +130,7 @@ public class UserLoginController implements UserLoginControllerApi { long times = 86400; //生成jwt String token = JwtUtils.createJWT(user.getId()+"","token", times); + RedisUtil.setEx("dq:token:"+token,String.valueOf(user.getId()),times); // state 当前用户的页面地址,需要拼接 http:// 这样才不会站内跳转 response.sendRedirect("http://www.huorantech.cn/dq/index.html#/Dashboard?token="+token); //response.sendRedirect(state+"?token="+token+"&head_img="+user.getHeadImg()+"&name="+URLEncoder.encode(user.getName(),"UTF-8")); diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/filter/MyAuthenticationFilter.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/filter/MyAuthenticationFilter.java index fab5713f..e1f78677 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/filter/MyAuthenticationFilter.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/filter/MyAuthenticationFilter.java @@ -42,6 +42,7 @@ public class MyAuthenticationFilter extends OncePerRequestFilter { protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { System.out.println("请求头类型: " + request.getContentType()); String token = request.getHeader("token"); + log.info("访问鉴权token============================="); if ((request.getContentType() == null && request.getContentLength() > 0) || (request.getContentType() != null && !request.getContentType().contains(Constants.REQUEST_HEADERS_CONTENT_TYPE))) { filterChain.doFilter(request, response); return; diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationProvider.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationProvider.java index 3f612a81..efc951ae 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationProvider.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationProvider.java @@ -7,6 +7,7 @@ import com.daqing.framework.domain.hrms.request.LoginRequest; import com.daqing.framework.domain.hrms.response.LoginResponse; import com.daqing.framework.model.response.ResponseResult; import lombok.SneakyThrows; +import lombok.extern.slf4j.Slf4j; import org.apache.commons.collections4.MapUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationProvider; @@ -24,6 +25,7 @@ import javax.annotation.Resource; * @author : zhengqing * @date : 2019/10/12 14:49 */ +@Slf4j @Component public class AdminAuthenticationProvider implements AuthenticationProvider { @@ -37,6 +39,7 @@ public class AdminAuthenticationProvider implements AuthenticationProvider { @SneakyThrows @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { + log.info("来了authenticate~~~~"); MyAuthenticationToken authRequest=(MyAuthenticationToken)authentication; String tenDayEffective= MapUtils.getString(authRequest.getParam(),"tenDayEffective","1"); String type= MapUtils.getString(authRequest.getParam(),"type","1"); diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationSuccessHandler.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationSuccessHandler.java index ae4d9e8c..af6480b8 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationSuccessHandler.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/AdminAuthenticationSuccessHandler.java @@ -3,6 +3,7 @@ package com.daqing.financial.hrauth.handle; import com.daqing.financial.hrauth.model.ApiResult; import com.daqing.financial.hrauth.util.ResponseUtils; import com.daqing.framework.domain.hrms.UserEntity; +import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.stereotype.Component; @@ -19,12 +20,14 @@ import java.io.IOException; * @author : zhengqing * @date : 2019/10/12 15:31 */ +@Slf4j @Component public class AdminAuthenticationSuccessHandler implements AuthenticationSuccessHandler { @Override public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse response, Authentication auth) throws IOException, ServletException { UserEntity user = new UserEntity(); + log.info("来了认证成功处理~~~~~~~~~~~~~~~~~~~~~~~~~~"); SecurityUser securityUser = ((SecurityUser) auth.getPrincipal()); user.setAccount(securityUser.getCurrentUserInfo().getAccount()); user.setToken(securityUser.getCurrentUserInfo().getToken()); diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/UrlFilterInvocationSecurityMetadataSource.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/UrlFilterInvocationSecurityMetadataSource.java index b9133c45..f581d105 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/UrlFilterInvocationSecurityMetadataSource.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/handle/UrlFilterInvocationSecurityMetadataSource.java @@ -8,6 +8,7 @@ import com.daqing.financial.hrauth.enums.Constants; import com.daqing.framework.domain.hrms.PermissionEntity; import com.daqing.framework.domain.hrms.RoleEntity; import com.daqing.framework.domain.hrms.RolePermissionEntity; +import lombok.extern.slf4j.Slf4j; import org.springframework.security.access.ConfigAttribute; import org.springframework.security.access.SecurityConfig; import org.springframework.security.core.context.SecurityContextHolder; @@ -27,6 +28,7 @@ import java.util.List; * @description : 执行完之后到 `UrlAccessDecisionManager` 中认证权限 * @date : 2019/10/15 14:36 */ +@Slf4j @Component public class UrlFilterInvocationSecurityMetadataSource implements FilterInvocationSecurityMetadataSource { @@ -46,6 +48,7 @@ public class UrlFilterInvocationSecurityMetadataSource implements FilterInvocati */ @Override public Collection getAttributes(Object object) throws IllegalArgumentException { + log.info("来了返回url所需要的用户权限信息~~~~~~~~~~~~~~~~~~~~"); // 获取当前请求url String beforeRequestUrl = ((FilterInvocation) object).getRequestUrl(); String requestUrl = null; diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java index 4b35ead3..604abfa1 100644 --- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java +++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserServiceImpl.java @@ -12,6 +12,7 @@ import com.daqing.framework.domain.hrms.UserEntity; import com.daqing.framework.domain.hrms.request.LoginRequest; import com.daqing.framework.domain.hrms.response.LoginResponse; import com.daqing.framework.model.response.ResponseResult; +import com.daqing.framework.util.Md5Util; import com.daqing.framework.util.RedisUtil; import lombok.extern.slf4j.Slf4j; import org.apache.commons.collections4.MapUtils; @@ -58,16 +59,18 @@ public class UserServiceImpl extends ServiceImpl imple String accessToken = (String)baseMap.get("access_token"); String openId = (String) baseMap.get("openid"); + //对code(回调过来的openid)加密 + String md5OpenId = Md5Util.md5(openId); log.info("accessToken========> "+accessToken+"openId========> "+openId+"code=======> "+code); - UserEntity dbUser = userMapper.findByOpenid(openId); + UserEntity dbUser = userMapper.findByOpenid(md5OpenId); if(dbUser!=null && dbUser.getPhoneAccount()!=null) { //dbUser不为空,存在直接让它登录 log.info("来了微信扫码登录~~~~~~~~~~~~~~~~~~~~~~~~~~~"); LoginRequest loginRequest = new LoginRequest(); loginRequest.setTenDayEffective(1); loginRequest.setType(2); - loginRequest.setWechatId(openId); + loginRequest.setWechatId(md5OpenId); ResponseResult login = userLoginService.login(loginRequest); LoginResponse data = (LoginResponse) login.getData(); @@ -81,7 +84,7 @@ public class UserServiceImpl extends ServiceImpl imple if(dbUser == null){//openId不存在,返回绑定手机号页面,须另写绑定手机号接口 log.info("dbUser为空,openId不存在,请先绑定手机号哦~~~"); try { - response.sendRedirect("http://www.huorantech.cn/dq/index.html#/bind-phone?matched="+openId);//跳转绑定手机号页面 + response.sendRedirect("http://www.huorantech.cn/dq/index.html#/bind-phone?matched="+md5OpenId);//跳转绑定手机号页面 } catch (IOException e) { e.printStackTrace(); } diff --git a/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/feign/HrmsAuthFeignService.java b/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/feign/HrmsAuthFeignService.java index b218420f..93bad8c1 100644 --- a/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/feign/HrmsAuthFeignService.java +++ b/dq-financial-hrms/src/main/java/com/daqing/financial/hrms/feign/HrmsAuthFeignService.java @@ -9,7 +9,7 @@ import org.springframework.web.bind.annotation.GetMapping; * @auther River * @date 2020/10/12 17:58 */ -@FeignClient("dq-financial-hrms-auth") +@FeignClient(name = "dq-financial-hrms-auth",contextId = "example") public interface HrmsAuthFeignService { // @GetMapping("/hrms/auth/userlogin/getWeChatConfig") diff --git a/dq-govern-gateway/src/main/java/com/daqing/financial/gateway/config/ApiGlobalFilter.java b/dq-govern-gateway/src/main/java/com/daqing/financial/gateway/config/ApiGlobalFilter.java index 38dd9af0..4b443a1a 100644 --- a/dq-govern-gateway/src/main/java/com/daqing/financial/gateway/config/ApiGlobalFilter.java +++ b/dq-govern-gateway/src/main/java/com/daqing/financial/gateway/config/ApiGlobalFilter.java @@ -2,6 +2,7 @@ package com.daqing.financial.gateway.config; import com.alibaba.fastjson.JSONObject; import com.daqing.framework.util.JwtUtils; +import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Value; import org.springframework.cloud.gateway.filter.GatewayFilterChain; @@ -22,7 +23,7 @@ import reactor.core.publisher.Mono; import java.nio.charset.StandardCharsets; import java.util.List; - +@Slf4j @Component @PropertySource(value = "classpath:jwt.properties") public class ApiGlobalFilter implements GlobalFilter, Ordered { @@ -42,10 +43,13 @@ public class ApiGlobalFilter implements GlobalFilter, Ordered { @Override public Mono filter(ServerWebExchange exchange, GatewayFilterChain chain) { String requestUrl = exchange.getRequest().getPath().toString(); + log.info("requestUrl========================="+requestUrl); boolean status = CollectionUtils.contains(ignoreUrl.iterator(), requestUrl); + log.info("status========================"+status); if (!status){ String token = exchange.getRequest().getHeaders().getFirst("token"); + log.info("token1======================="+token); ServerHttpResponse response = exchange.getResponse(); //没有数据 if (StringUtils.isBlank(token)) {