Compare commits
5 Commits
18bb9f9c95
...
dev
| Author | SHA1 | Date | |
|---|---|---|---|
|
ee41e544f5 | ||
|
|
08accdfdd4 | ||
|
|
406f20f7cb | ||
|
|
fb130a65f3 | ||
|
|
8847f3edef |
@@ -16,6 +16,12 @@ wol:
|
||||
password: ${NACOS_PASSWORD:nacos}
|
||||
namespace: ${NACOS_NAMESPACE:public}
|
||||
group: ${NACOS_GROUP:DEFAULT_GROUP}
|
||||
satoken:
|
||||
tokenName: ${SATOKEN_TOKENNAME:Authorization}
|
||||
isConcurrent: ${SATOKEN_ISCONCURRENT:true}
|
||||
isShare: ${SATOKEN_ISSHARE:true}
|
||||
isLog: ${SATOKEN_ISLOG:true}
|
||||
jwtSecretKey: ${SATOKEN_JWTSECRETKEY:abcdefghijklmnopqrstuvwxyz}
|
||||
jasypt:
|
||||
encryptor:
|
||||
password: ${JASYPT_ENCRYPTOR_PASSWORD:}
|
||||
|
||||
@@ -16,3 +16,7 @@ spring:
|
||||
name: ${spring.application.name}
|
||||
username: ${wol.nacos.server.username}
|
||||
password: ${wol.nacos.server.password}
|
||||
config:
|
||||
import:
|
||||
- optional:nacos:${spring.application.name}.${spring.cloud.nacos.config.file-extension}
|
||||
|
||||
|
||||
@@ -1,11 +1,13 @@
|
||||
package com.agileboot.common.satoken.config;
|
||||
|
||||
import cn.dev33.satoken.exception.NotLoginException;
|
||||
import cn.dev33.satoken.filter.SaServletFilter;
|
||||
import cn.dev33.satoken.interceptor.SaInterceptor;
|
||||
import cn.dev33.satoken.router.SaRouter;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.dev33.satoken.util.SaResult;
|
||||
import com.agileboot.common.core.constant.HttpStatus;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.boot.autoconfigure.AutoConfiguration;
|
||||
import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
@@ -17,6 +19,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
*
|
||||
* @author Lion Li
|
||||
*/
|
||||
@Slf4j
|
||||
@AutoConfiguration
|
||||
@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
|
||||
public class SaTokenMvcConfiguration implements WebMvcConfigurer {
|
||||
@@ -41,7 +44,13 @@ public class SaTokenMvcConfiguration implements WebMvcConfigurer {
|
||||
.setAuth(obj -> {
|
||||
SaRouter.match("/**", "/auth/login", StpUtil::checkLogin);
|
||||
})
|
||||
.setError(e -> SaResult.error("认证失败,无法访问系统资源").setCode(HttpStatus.UNAUTHORIZED));
|
||||
.setError(e -> {
|
||||
if (e instanceof NotLoginException) {
|
||||
return SaResult.error(e.getMessage()).setCode(HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
log.error("认证失败'{}',无法访问系统资源", e.getMessage());
|
||||
return SaResult.error("认证失败,无法访问系统资源").setCode(HttpStatus.UNAUTHORIZED);
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -46,7 +46,7 @@ public class SaTokenExceptionHandler {
|
||||
public R<Void> handleNotLoginException(NotLoginException e, HttpServletRequest request) {
|
||||
String requestURI = request.getRequestURI();
|
||||
log.error("请求地址'{}',认证失败'{}',无法访问系统资源", requestURI, e.getMessage());
|
||||
return R.fail(HttpStatus.HTTP_UNAUTHORIZED, "2认证失败,无法访问系统资源");
|
||||
return R.fail(HttpStatus.HTTP_UNAUTHORIZED, "认证失败,无法访问系统资源");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -13,3 +13,14 @@ sa-token:
|
||||
check-same-token: false
|
||||
# token前缀
|
||||
token-prefix: "Bearer"
|
||||
|
||||
# token名称 (同时也是cookie名称)
|
||||
token-name: ${wol.satoken.tokenName}
|
||||
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
|
||||
is-concurrent: ${wol.satoken.isConcurrent}
|
||||
# 在多人登录同一账号时,是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
|
||||
is-share: ${wol.satoken.isShare}
|
||||
# 是否输出操作日志
|
||||
is-log: ${wol.satoken.isLog}
|
||||
# jwt秘钥
|
||||
jwt-secret-key: ${wol.satoken.jwtSecretKey}
|
||||
|
||||
@@ -21,5 +21,9 @@
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-web</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-test</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</project>
|
||||
|
||||
@@ -27,18 +27,3 @@
|
||||
# acquire-timeout: 3000
|
||||
# # 分布式锁的超时时间,默认为 30 秒
|
||||
# expire: 30000
|
||||
|
||||
# Sa-Token配置
|
||||
sa-token:
|
||||
# token名称 (同时也是cookie名称)
|
||||
token-name: Authorization
|
||||
# 开启内网服务调用鉴权(不允许越过gateway访问内网服务 保障服务安全)
|
||||
check-same-token: false
|
||||
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
|
||||
is-concurrent: true
|
||||
# 在多人登录同一账号时,是否共用一个token (为true时所有登录共用一个token, 为false时每次登录新建一个token)
|
||||
is-share: true
|
||||
# 是否输出操作日志
|
||||
is-log: true
|
||||
# jwt秘钥
|
||||
jwt-secret-key: abcdefghijklmnopqrstuvwxyz
|
||||
|
||||
@@ -5,7 +5,5 @@ server:
|
||||
spring:
|
||||
application:
|
||||
name: @application.name@
|
||||
config:
|
||||
import: classpath:base.yml,classpath:nacos.yml
|
||||
profiles:
|
||||
active: dev
|
||||
|
||||
@@ -21,7 +21,10 @@
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-nacos</artifactId>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-redis</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-satoken</artifactId>
|
||||
|
||||
@@ -8,6 +8,7 @@ import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.dev33.satoken.util.SaResult;
|
||||
import com.agileboot.common.core.constant.HttpStatus;
|
||||
import com.agileboot.common.satoken.utils.LoginHelper;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
@@ -18,6 +19,7 @@ import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||
*
|
||||
* @author Lion Li
|
||||
*/
|
||||
@Slf4j
|
||||
@Configuration
|
||||
public class SaTokenConfig {
|
||||
|
||||
@@ -35,26 +37,28 @@ public class SaTokenConfig {
|
||||
.setAuth(obj -> {
|
||||
// 登录校验 -- 拦截所有路由
|
||||
SaRouter.match("/**", "/auth/login", StpUtil::checkLogin)
|
||||
.check(r -> {
|
||||
ServerHttpRequest request = SaReactorSyncHolder.getExchange().getRequest();
|
||||
// 检查是否登录 是否有token
|
||||
StpUtil.checkLogin();
|
||||
|
||||
// 检查 header 与 param 里的 clientid 与 token 里的是否一致
|
||||
String headerCid = request.getHeaders().getFirst(LoginHelper.CLIENT_KEY);
|
||||
String paramCid = request.getQueryParams().getFirst(LoginHelper.CLIENT_KEY);
|
||||
String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
|
||||
if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {
|
||||
// token 无效
|
||||
throw NotLoginException.newInstance(StpUtil.getLoginType(),
|
||||
"-100", "客户端ID与Token不匹配",
|
||||
StpUtil.getTokenValue());
|
||||
}
|
||||
});
|
||||
// .check(r -> {
|
||||
// ServerHttpRequest request = SaReactorSyncHolder.getExchange().getRequest();
|
||||
// // 检查是否登录 是否有token
|
||||
// StpUtil.checkLogin();
|
||||
//
|
||||
// // 检查 header 与 param 里的 clientid 与 token 里的是否一致
|
||||
// String headerCid = request.getHeaders().getFirst(LoginHelper.CLIENT_KEY);
|
||||
// String paramCid = request.getQueryParams().getFirst(LoginHelper.CLIENT_KEY);
|
||||
// String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
|
||||
// if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {
|
||||
// // token 无效
|
||||
// throw NotLoginException.newInstance(StpUtil.getLoginType(),
|
||||
// "-100", "客户端ID与Token不匹配",
|
||||
// StpUtil.getTokenValue());
|
||||
// }
|
||||
// })
|
||||
;
|
||||
}).setError(e -> {
|
||||
if (e instanceof NotLoginException) {
|
||||
return SaResult.error(e.getMessage()).setCode(HttpStatus.UNAUTHORIZED);
|
||||
}
|
||||
log.error("认证失败'{}',无法访问系统资源", e.getMessage());
|
||||
return SaResult.error("认证失败,无法访问系统资源").setCode(HttpStatus.UNAUTHORIZED);
|
||||
});
|
||||
}
|
||||
|
||||
@@ -9,3 +9,7 @@ spring:
|
||||
uri: lb://wol-auth
|
||||
predicates:
|
||||
- Path=/auth/**
|
||||
- id: wol-module-codegen
|
||||
uri: lb://wol-module-codegen
|
||||
predicates:
|
||||
- Path=/codegen/**
|
||||
|
||||
@@ -7,10 +7,13 @@ server:
|
||||
spring:
|
||||
application:
|
||||
name: @application.name@
|
||||
config:
|
||||
import: classpath:base.yml,classpath:nacos.yml
|
||||
profiles:
|
||||
active: dev
|
||||
main:
|
||||
# 允许Bean定义覆盖,解决redisTemplate冲突
|
||||
# 响应式环境(Gateway):Redisson 的 Bean 和自定义 Bean 同时加载,产生冲突
|
||||
# 在 WebFlux(Gateway)和 Servlet(Auth)环境中,自动配置的策略不同
|
||||
allow-bean-definition-overriding: true
|
||||
#logging:
|
||||
# level:
|
||||
# com.alibaba.cloud.nacos: DEBUG
|
||||
|
||||
@@ -12,18 +12,6 @@
|
||||
<artifactId>agileboot-system-base</artifactId>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-web</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-mybatis</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-domain</artifactId>
|
||||
</dependency>
|
||||
<!-- 获取系统信息 -->
|
||||
<dependency>
|
||||
<groupId>com.github.oshi</groupId>
|
||||
|
||||
@@ -15,5 +15,31 @@
|
||||
<module>wol-module-ai</module>
|
||||
</modules>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-nacos</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-satoken</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-web</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-mybatis</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-redis</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-domain</artifactId>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
</project>
|
||||
|
||||
@@ -17,15 +17,6 @@
|
||||
</properties>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-web</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.agileboot</groupId>
|
||||
<artifactId>wol-common-mybatis</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- Freemarker模板引擎 -->
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
|
||||
@@ -3,5 +3,3 @@ server:
|
||||
spring:
|
||||
application:
|
||||
name: @application.name@
|
||||
config:
|
||||
import: classpath:base.yml
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
spring:
|
||||
application:
|
||||
name: @application.name@
|
||||
config:
|
||||
import: classpath:base.yml,classpath:nacos.yml
|
||||
Reference in New Issue
Block a user