feat: 开发中...
This commit is contained in:
@@ -1,17 +1,15 @@
|
||||
package cn.hamster3.application.blog.config;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ServletException;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import jakarta.servlet.http.HttpSession;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.cache.Cache;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContext;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.filter.OncePerRequestFilter;
|
||||
|
||||
@@ -19,30 +17,23 @@ import java.io.IOException;
|
||||
|
||||
@Slf4j
|
||||
@Component
|
||||
public class AuthTokenFilter extends OncePerRequestFilter {
|
||||
@Resource(name = "userCache")
|
||||
private Cache userCache;
|
||||
|
||||
public AuthTokenFilter() {
|
||||
public class AuthenticationFilter extends OncePerRequestFilter {
|
||||
public AuthenticationFilter() {
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doFilterInternal(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain) throws ServletException, IOException {
|
||||
String token = request.getHeader("token");
|
||||
log.info("request token: {}", token);
|
||||
if (token == null || token.isBlank()) {
|
||||
HttpSession session = request.getSession(false);
|
||||
if (session == null) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
UserDetails user = userCache.get(token, UserDetails.class);
|
||||
if (user == null) {
|
||||
Authentication authentication = (Authentication) session.getAttribute("authenticate");
|
||||
if (authentication == null) {
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
SecurityContext context = SecurityContextHolder.getContext();
|
||||
UsernamePasswordAuthenticationToken authentication = UsernamePasswordAuthenticationToken.authenticated(
|
||||
user, "", user.getAuthorities()
|
||||
);
|
||||
context.setAuthentication(authentication);
|
||||
filterChain.doFilter(request, response);
|
||||
}
|
||||
@@ -1,15 +1,12 @@
|
||||
package cn.hamster3.application.blog.config;
|
||||
|
||||
import jakarta.annotation.Resource;
|
||||
import org.springframework.cache.Cache;
|
||||
import org.springframework.cache.concurrent.ConcurrentMapCache;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.ProviderManager;
|
||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.cache.SpringCacheBasedUserCache;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
|
||||
@@ -18,11 +15,6 @@ public class WebConfig {
|
||||
@Resource
|
||||
private UserDetailsService userDetailsService;
|
||||
|
||||
@Bean(name = "userCache")
|
||||
public Cache getUserCache() {
|
||||
return new ConcurrentMapCache("user-cache");
|
||||
}
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder getPasswordEncoder() {
|
||||
return new BCryptPasswordEncoder(5);
|
||||
@@ -33,7 +25,6 @@ public class WebConfig {
|
||||
DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
|
||||
provider.setPasswordEncoder(getPasswordEncoder());
|
||||
provider.setUserDetailsService(userDetailsService);
|
||||
provider.setUserCache(new SpringCacheBasedUserCache(new ConcurrentMapCache("user-cache")));
|
||||
return new ProviderManager(provider);
|
||||
}
|
||||
|
||||
|
||||
@@ -18,7 +18,6 @@ public class DevSecurityConfig {
|
||||
.anyRequest().permitAll())
|
||||
.cors().and()
|
||||
.csrf().disable()
|
||||
.formLogin().and()
|
||||
.httpBasic().and()
|
||||
.build();
|
||||
}
|
||||
@@ -32,6 +31,7 @@ public class DevSecurityConfig {
|
||||
.allowedOriginPatterns("*")
|
||||
.allowedMethods("*")
|
||||
.allowedHeaders("*")
|
||||
.exposedHeaders("*")
|
||||
.allowCredentials(true)
|
||||
.maxAge(3600);
|
||||
}
|
||||
|
||||
@@ -4,12 +4,10 @@ import cn.hamster3.application.blog.service.ISettingService;
|
||||
import cn.hamster3.application.blog.vo.PageableVO;
|
||||
import cn.hamster3.application.blog.vo.ResponseVO;
|
||||
import cn.hamster3.application.blog.vo.setting.SettingInfoResponseVO;
|
||||
import cn.hamster3.application.blog.vo.setting.SettingUpdateRequireVO;
|
||||
import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.Parameter;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import jakarta.annotation.Resource;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.data.domain.PageRequest;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
@@ -27,7 +25,7 @@ public class SettingController {
|
||||
return settingService.getSettingInfo(id);
|
||||
}
|
||||
|
||||
@GetMapping("/{id}/content/")
|
||||
@GetMapping(value = "/{id}/content/")
|
||||
@Operation(summary = "获取网站设置")
|
||||
public ResponseVO<String> getSettingContent(@Parameter(description = "设置ID") @PathVariable String id) {
|
||||
return settingService.getSettingContent(id);
|
||||
@@ -42,13 +40,13 @@ public class SettingController {
|
||||
return settingService.getSettingInfoList(PageRequest.of(page, Math.max(size, 100)));
|
||||
}
|
||||
|
||||
@PutMapping("/{id}/")
|
||||
@PutMapping(value = "/{id}/", consumes = MediaType.TEXT_PLAIN_VALUE)
|
||||
@Operation(summary = "更改网站设置")
|
||||
public ResponseVO<Void> updateSetting(
|
||||
@Parameter(description = "设置ID") @PathVariable String id,
|
||||
@RequestBody @Valid SettingUpdateRequireVO requireVO
|
||||
@Parameter(description = "设置内容") @RequestBody String content
|
||||
) {
|
||||
return settingService.updateSetting(id, requireVO);
|
||||
return settingService.updateSetting(id, content);
|
||||
}
|
||||
|
||||
@DeleteMapping("/{id}/")
|
||||
|
||||
@@ -13,7 +13,7 @@ import io.swagger.v3.oas.annotations.Operation;
|
||||
import io.swagger.v3.oas.annotations.Parameter;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import jakarta.annotation.Resource;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.data.domain.PageRequest;
|
||||
import org.springframework.http.MediaType;
|
||||
@@ -30,8 +30,8 @@ public class UserController {
|
||||
|
||||
@PostMapping("/login")
|
||||
@Operation(summary = "登录用户")
|
||||
public ResponseVO<Void> loginUser(@RequestBody @Valid UserLoginRequireVO requireVO, HttpServletResponse response) {
|
||||
return userService.loginUser(requireVO, response);
|
||||
public ResponseVO<Void> loginUser(HttpServletRequest request, @RequestBody @Valid UserLoginRequireVO requireVO) {
|
||||
return userService.loginUser(request, requireVO);
|
||||
}
|
||||
|
||||
@GetMapping("/current")
|
||||
|
||||
@@ -3,7 +3,6 @@ package cn.hamster3.application.blog.service;
|
||||
import cn.hamster3.application.blog.vo.PageableVO;
|
||||
import cn.hamster3.application.blog.vo.ResponseVO;
|
||||
import cn.hamster3.application.blog.vo.setting.SettingInfoResponseVO;
|
||||
import cn.hamster3.application.blog.vo.setting.SettingUpdateRequireVO;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
|
||||
@@ -14,7 +13,7 @@ public interface ISettingService {
|
||||
|
||||
@NotNull ResponseVO<PageableVO<SettingInfoResponseVO>> getSettingInfoList(@NotNull Pageable pageable);
|
||||
|
||||
@NotNull ResponseVO<Void> updateSetting(@NotNull String id, @NotNull SettingUpdateRequireVO requireVO);
|
||||
@NotNull ResponseVO<Void> updateSetting(@NotNull String id, @NotNull String content);
|
||||
|
||||
@NotNull ResponseVO<Void> deleteSetting(@NotNull String id);
|
||||
}
|
||||
|
||||
@@ -8,14 +8,14 @@ import cn.hamster3.application.blog.vo.user.UserCreateRequireVO;
|
||||
import cn.hamster3.application.blog.vo.user.UserInfoResponseVO;
|
||||
import cn.hamster3.application.blog.vo.user.UserLoginRequireVO;
|
||||
import cn.hamster3.application.blog.vo.user.UserUpdateRequireVO;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
|
||||
import java.util.UUID;
|
||||
|
||||
public interface IUserService {
|
||||
@NotNull ResponseVO<Void> loginUser(@NotNull UserLoginRequireVO requireVO, @NotNull HttpServletResponse response);
|
||||
@NotNull ResponseVO<Void> loginUser(@NotNull HttpServletRequest request, @NotNull UserLoginRequireVO requireVO);
|
||||
|
||||
@NotNull ResponseVO<UserInfoResponseVO> getCurrentUserInfo();
|
||||
|
||||
|
||||
@@ -8,7 +8,6 @@ import cn.hamster3.application.blog.util.BlogUtils;
|
||||
import cn.hamster3.application.blog.vo.PageableVO;
|
||||
import cn.hamster3.application.blog.vo.ResponseVO;
|
||||
import cn.hamster3.application.blog.vo.setting.SettingInfoResponseVO;
|
||||
import cn.hamster3.application.blog.vo.setting.SettingUpdateRequireVO;
|
||||
import jakarta.annotation.Resource;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
@@ -50,7 +49,7 @@ public class SettingService implements ISettingService {
|
||||
}
|
||||
|
||||
@Override
|
||||
public @NotNull ResponseVO<Void> updateSetting(@NotNull String id, @NotNull SettingUpdateRequireVO requireVO) {
|
||||
public @NotNull ResponseVO<Void> updateSetting(@NotNull String id, @NotNull String content) {
|
||||
ResponseVO<Void> check = BlogUtils.checkAdminPermission();
|
||||
if (check != null) {
|
||||
return check;
|
||||
@@ -58,10 +57,10 @@ public class SettingService implements ISettingService {
|
||||
if (!settingRepo.existsByIdIgnoreCase(id)) {
|
||||
SettingEntity entity = new SettingEntity();
|
||||
entity.setId(id);
|
||||
entity.setContent(requireVO.getContent());
|
||||
entity.setContent(content);
|
||||
settingRepo.save(entity);
|
||||
} else {
|
||||
settingRepo.updateContentByIdIgnoreCase(requireVO.getContent(), id);
|
||||
settingRepo.updateContentByIdIgnoreCase(content, id);
|
||||
}
|
||||
return ResponseVO.success();
|
||||
}
|
||||
|
||||
@@ -20,10 +20,10 @@ import cn.hamster3.application.blog.vo.user.UserInfoResponseVO;
|
||||
import cn.hamster3.application.blog.vo.user.UserLoginRequireVO;
|
||||
import cn.hamster3.application.blog.vo.user.UserUpdateRequireVO;
|
||||
import jakarta.annotation.Resource;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpSession;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.jetbrains.annotations.NotNull;
|
||||
import org.springframework.cache.Cache;
|
||||
import org.springframework.data.domain.Pageable;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
@@ -52,14 +52,11 @@ public class UserService implements IUserService {
|
||||
private BlogRepository blogRepo;
|
||||
@Resource
|
||||
private AttachRepository attachRepo;
|
||||
|
||||
@Resource(name = "userCache")
|
||||
private Cache userCache;
|
||||
@Resource
|
||||
private AuthenticationManager authenticationManager;
|
||||
|
||||
@Override
|
||||
public @NotNull ResponseVO<Void> loginUser(@NotNull UserLoginRequireVO requireVO, @NotNull HttpServletResponse response) {
|
||||
public @NotNull ResponseVO<Void> loginUser(@NotNull HttpServletRequest request, @NotNull UserLoginRequireVO requireVO) {
|
||||
Authentication authenticate = authenticationManager.authenticate(
|
||||
new UsernamePasswordAuthenticationToken(requireVO.getEmail(), requireVO.getPassword())
|
||||
);
|
||||
@@ -67,9 +64,8 @@ public class UserService implements IUserService {
|
||||
if (!authenticate.isAuthenticated()) {
|
||||
return ResponseVO.failed("login failed.");
|
||||
}
|
||||
UUID uuid = UUID.randomUUID();
|
||||
userCache.put(uuid.toString(), authenticate.getPrincipal());
|
||||
response.addHeader("token", uuid.toString());
|
||||
HttpSession session = request.getSession();
|
||||
session.setAttribute("authenticate", authenticate);
|
||||
return ResponseVO.success();
|
||||
}
|
||||
|
||||
|
||||
@@ -22,7 +22,6 @@ public class BlogUtils {
|
||||
@NotNull
|
||||
public static Optional<BlogUser> getCurrentUser() {
|
||||
Authentication authentication = getCurrentAuthentication();
|
||||
log.info("==============================");
|
||||
if (authentication == null) {
|
||||
log.info("current user authentication: null");
|
||||
return Optional.empty();
|
||||
|
||||
Reference in New Issue
Block a user