登陆

src/main/java/org/rcisoft/business/system/user/controller/LoginController.java

+package org.rcisoft.business.system.user.controller;
+
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
+import io.swagger.annotations.ApiOperation;
+import org.rcisoft.business.system.user.entity.SysUser;
+import org.rcisoft.business.system.user.service.UserService;
+import org.rcisoft.core.result.Result;
+import org.rcisoft.core.util.ResultGenerator;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * @Author: GaoLiWei
+ * @Date: Created in 10:462018/5/8
+ */
+@Controller
+@RequestMapping("/login")
+public class LoginController {
+
+    @Autowired
+    private UserService userService;
+
+    /**
+     * 登录
+     * @param user
+     * @return
+     */
+    @ApiImplicitParams({@ApiImplicitParam(name = "user", value = "用户名,密码", required = true, dataType = "SysUser")})
+    @PostMapping(value = "${jwt.route.authentication.path}")
+    @ResponseBody
+    public Result login(@RequestBody SysUser user){
+        String username = user.getUserNm();
+        String password = user.getUserPwd();
+        final String token = userService.login(username, password);
+        Result result = ResultGenerator.genSuccessResult(token);
+        return result;
+    }
+
+
+
+
+
+}

src/main/java/org/rcisoft/business/system/user/dao/RelUserRoleRepository.java

@@ -23,5 +23,8 @@ public interface RelUserRoleRepository extends BaseMapper<RelUserRole> {
     List<Map<String,Object>> listMenuBuUserId(@Param("userId") String userId);
 
 
+
+
+
 }
 

src/main/java/org/rcisoft/business/system/user/dao/RoleRepository.java

+package org.rcisoft.business.system.user.dao;
+
+import org.apache.ibatis.annotations.Param;
+import org.rcisoft.business.system.user.entity.SysRole;
+import org.rcisoft.business.system.user.entity.SysUser;
+import org.rcisoft.core.base.BaseMapper;
+import org.springframework.stereotype.Repository;
+
+import java.util.List;
+
+/**
+ * @Author: GaoLiWei
+ * @Date: Created in 10:422018/5/2
+ */
+@Repository
+public interface RoleRepository extends BaseMapper<SysUser>{
+
+    /** 根据用户ID查找用户权限
+     * @param userId
+     * @return
+     */
+    List<SysRole> listRoleByUserId(@Param("userId") String userId);
+}

src/main/java/org/rcisoft/business/system/user/dao/UserRepository.java

 package org.rcisoft.business.system.user.dao;
 
+import org.apache.ibatis.annotations.Param;
 import org.rcisoft.business.system.user.entity.SysUser;
 import org.rcisoft.core.base.BaseMapper;
 import org.springframework.stereotype.Repository;
 
+import java.util.List;
+
 /**
  * @Author: GaoLiWei
  * @Date: Created in 10:422018/5/2
  */
 @Repository
 public interface UserRepository extends BaseMapper<SysUser>{
+
+    /**  根据用户名称查找用户信息
+     * @param userName
+     * @return
+     */
+    List<SysUser> listByUserName(@Param("userName") String userName);
 }

src/main/java/org/rcisoft/business/system/user/entity/SysRole.java

+package org.rcisoft.business.system.user.entity;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import javax.persistence.Entity;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+/**
+ * @Author: GaoLiWei
+ * @Date: Created in 11:072018/5/8
+ */
+@Entity
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+@Table(name = "sys_role")
+public class SysRole {
+
+    @Id
+    private String roleId;
+
+    private String roleNm;
+
+    public String getRoleId() {
+        return roleId;
+    }
+
+    public void setRoleId(String roleId) {
+        this.roleId = roleId;
+    }
+
+    public String getRoleNm() {
+        return roleNm;
+    }
+
+    public void setRoleNm(String roleNm) {
+        this.roleNm = roleNm;
+    }
+}

src/main/java/org/rcisoft/business/system/user/entity/SysUser.java

 package org.rcisoft.business.system.user.entity;
 
-import com.alibaba.druid.sql.visitor.functions.Char;
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import com.google.common.collect.Lists;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
 import javax.persistence.Entity;
 import javax.persistence.Id;
 import javax.persistence.Table;
+import javax.persistence.Transient;
+import java.util.ArrayList;
+import java.util.List;
 
 /**
 * Created with  on 2018-5-2 10:30:10.
@@ -28,6 +33,35 @@ public class SysUser {
 
      private String userTp;
 
+     /**
+      *  拥有角色列表
+      */
+     @Transient
+     private List<SysRole> roleList = Lists.newArrayList();
+
+     /**
+      * 权限列表
+      * @return
+      */
+     @JsonIgnore
+     public List<SimpleGrantedAuthority> getSimpleAuthorities(){
+          List<SimpleGrantedAuthority> authorities = new ArrayList<SimpleGrantedAuthority>();
+          SimpleGrantedAuthority auth = null;
+          for (SysRole sysRole: roleList) {
+               auth = new SimpleGrantedAuthority(sysRole.getRoleId());
+               authorities.add(auth);
+          }
+          return authorities;
+     }
+
+     public List<SysRole> getRoleList() {
+          return roleList;
+     }
+
+     public void setRoleList(List<SysRole> roleList) {
+          this.roleList = roleList;
+     }
+
      public String getUserId() {
           return userId;
      }

src/main/java/org/rcisoft/business/system/user/service/UserService.java

@@ -14,6 +14,15 @@ import java.util.Map;
  */
 public interface UserService {
 
+
+     /**
+      * 登录
+      * @param username
+      * @param password
+      * @return
+      */
+     String login(String username, String password);
+
      /**  添加系统用户
       * @param sysUser
       * @param sysAdmins

src/main/java/org/rcisoft/business/system/user/service/impl/UserDetailsServiceImpl.java

+package org.rcisoft.business.system.user.service.impl;
+
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.collections4.CollectionUtils;
+import org.rcisoft.business.system.user.dao.RoleRepository;
+import org.rcisoft.business.system.user.dao.UserRepository;
+import org.rcisoft.business.system.user.entity.SysRole;
+import org.rcisoft.business.system.user.entity.SysUser;
+import org.rcisoft.core.util.JwtUserFactory;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Propagation;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * @Author: GaoLiWei
+ * @Date: Created in 11:112018/5/8
+ */
+@Service
+@Transactional(readOnly = true, propagation = Propagation.NOT_SUPPORTED)
+@Slf4j
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+    @Autowired
+    private UserRepository userRepository;
+    @Autowired
+    private RoleRepository roleRepository;
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        //调用持久层从数据库获取用户信息
+
+        List<SysUser> sysUserList = userRepository.listByUserName(username);
+
+        if (sysUserList == null || sysUserList.size() == 0) {
+            throw new UsernameNotFoundException("用户名不存在");
+        }
+        SysUser sysUser = sysUserList.get(0);
+        /*根据用户查询用户权限*/
+        List<SysRole> roles = roleRepository.listRoleByUserId(sysUser.getUserId());
+        if (CollectionUtils.isEmpty(roles)) {
+            roles = Collections.emptyList();
+        }
+        sysUser.setRoleList(roles);
+        return JwtUserFactory.create(sysUser);
+    }
+}

src/main/java/org/rcisoft/business/system/user/service/impl/UserServiceImpl.java

@@ -5,9 +5,18 @@ import org.rcisoft.business.system.user.dao.*;
 import org.rcisoft.business.system.user.entity.*;
 import org.rcisoft.business.system.user.service.UserService;
 import org.rcisoft.common.constants.SysRoleConstant;
+import org.rcisoft.common.constants.UserPassWordConstant;
 import org.rcisoft.common.constants.UserTpConstant;
 import org.rcisoft.core.util.IdGen;
+import org.rcisoft.core.util.JwtUtil;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;
@@ -35,13 +44,31 @@ public class UserServiceImpl implements UserService {
     private RelRoleMenuRepository relRoleMenuRepository;
     @Autowired
     private RelUserRoleRepository relUserRoleRepository;
+    @Autowired
+    private AuthenticationManager authenticationManager;
+    @Autowired
+    private UserDetailsService userDetailsService;
+    @Autowired
+    private PasswordEncoder passwordEncoder;
 
 
+    @Override
+    public String login(String username, String password) {
+        UsernamePasswordAuthenticationToken upToken = new UsernamePasswordAuthenticationToken(username, password);
+        //进入到 UserDetailsService(UserDetailServiceImpl)  loadUserByUsername 方法
+        final Authentication authentication = authenticationManager.authenticate(upToken);
+        UserDetails userDetails = (UserDetails)authentication.getPrincipal();
+        final String token = JwtUtil.generateToken(userDetails);
+        SecurityContextHolder.getContext().setAuthentication(authentication);
+        return token;
+    }
+
     @Override
     public String saveUser(SysUser sysUser, SysAdmins sysAdmins, SysOwner sysOwner, SysPrincipal sysPrincipal) {
         String result = "添加失败";
 
         String userId = IdGen.uuid();
+        sysUser.setUserPwd(passwordEncoder.encode(UserPassWordConstant.PASSWORD));
         sysUser.setUserId(userId);
 
         String userTp = sysUser.getUserTp();

src/main/java/org/rcisoft/common/constants/UserPassWordConstant.java

+package org.rcisoft.common.constants;
+
+/**
+ * @Author: GaoLiWei
+ * @Date: Created in 14:292018/5/8
+ */
+public class UserPassWordConstant {
+
+    /**
+     * 默认用户密码
+     */
+    public static final String PASSWORD = "12345678";
+}

src/main/java/org/rcisoft/config/SecurityConfig.java

@@ -77,7 +77,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .antMatchers("/swagger-resources/**").permitAll()
                 .antMatchers("/api-docs/**").permitAll()
                 .antMatchers("/buildtp/**").permitAll()  //登录注册等请求过滤
-                .antMatchers("/auth/**").permitAll()  //登录注册等请求过滤
+                .antMatchers("/login/**").permitAll()  //登录注册等请求过滤
                 .antMatchers("/code/**").permitAll()  //登录注册等请求过滤
                 .antMatchers("/excelUtil/**").permitAll()//excel类
                 .antMatchers("/**/**").permitAll()
@@ -93,6 +93,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .and()
                 .exceptionHandling()  //验证不通过的配置
                 .authenticationEntryPoint(new RestAuthenticationEntryPoint())
+                //登出配置
+                .and()
+                    .logout().logoutUrl("/login/logout").logoutSuccessUrl("/login/logout")
         ;
         http   //添加前置过滤器
                 .addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);

src/main/java/org/rcisoft/core/security/RestAuthenticationEntryPoint.java

@@ -23,6 +23,7 @@ public class RestAuthenticationEntryPoint  implements AuthenticationEntryPoint {
      * @throws IOException
      * @throws ServletException
      */
+    @Override
     public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException {
         // 捕获AuthenticationException中的message，并封装成自定义异常抛出
         response.setCharacterEncoding("utf-8");

src/main/java/org/rcisoft/core/service/impl/JwtUserDetailServiceImpl.java

@@ -19,7 +19,7 @@ import java.util.List;
  * Created by lcy on 17/11/21.
  */
 @Service
-public class JwtUserDetailServiceImpl implements UserDetailsService {
+public class JwtUserDetailServiceImpl {
 
     @Autowired
     private SysUserMapper sysUserMapper;
@@ -27,20 +27,21 @@ public class JwtUserDetailServiceImpl implements UserDetailsService {
     @Autowired
     private SysRoleRepository sysRoleRepository;
 
-    @Override
-    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-        //调用持久层从数据库获取用户信息
-
-        List<SysUser> sysUserList = sysUserMapper.queryUserByName(username);
-
-        if (sysUserList == null || sysUserList.size() == 0)
-            throw new UsernameNotFoundException("用户名不存在");
-        SysUser sysUser = sysUserList.get(0);
-        /*根据用户查询用户权限*/
-        List<SysRole> roles = sysRoleRepository.findRolesByUserId(sysUser.getBusinessId());
-        if (CollectionUtils.isEmpty(roles))
-            roles = Collections.emptyList();
-        sysUser.setRoleList(roles);
-        return JwtUserFactory.create(sysUser);
-    }
+//    @Override
+//    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+//        //调用持久层从数据库获取用户信息
+//
+//        List<SysUser> sysUserList = sysUserMapper.queryUserByName(username);
+//
+//        if (sysUserList == null || sysUserList.size() == 0)
+//            throw new UsernameNotFoundException("用户名不存在");
+//        SysUser sysUser = sysUserList.get(0);
+//        /*根据用户查询用户权限*/
+//        List<SysRole> roles = sysRoleRepository.findRolesByUserId(sysUser.getBusinessId());
+//        if (CollectionUtils.isEmpty(roles))
+//            roles = Collections.emptyList();
+//        sysUser.setRoleList(roles);
+//       // return JwtUserFactory.create(sysUser);
+//        return null;
+//    }
 }

src/main/java/org/rcisoft/core/util/JwtUserFactory.java

 package org.rcisoft.core.util;
 
+import org.rcisoft.business.system.user.entity.SysUser;
 import org.rcisoft.core.model.JwtUser;
-import org.rcisoft.sys.user.entity.SysUser;
+
 
 /**
  * Created by lcy on 17/11/21.
@@ -15,9 +16,9 @@ public final class JwtUserFactory {
      */
     public static JwtUser create(SysUser user){
         return new JwtUser(
-                user.getBusinessId(),
-                user.getLoginName(),
-                user.getPassword(),
+                user.getUserId(),
+                user.getUserNm(),
+                user.getUserPwd(),
                 user.getSimpleAuthorities()
         );
     }

src/main/java/org/rcisoft/core/util/JwtUtil.java

@@ -51,8 +51,7 @@ public class JwtUtil {
         JwtUser jwtUser = (JwtUser)userDetails;
         Map<String,Object> map = new HashedMap();
         map.put(userDetails.getUsername(),userDetails);
-        map.put(UserUtil.USER_ID,jwtUser.getBusinessId());
-        map.put(UserUtil.USER_USERNAME,jwtUser.getUsername());
+        map.put("role",jwtUser.getAuthorities());
         String token = jwtBean.generateToken(userDetails.getUsername(),map);
         return token;
     }
@@ -69,9 +68,11 @@ public class JwtUtil {
         boolean usernameValid = userDetails.getUsername().equals(tokenUserDetails.get("username"));
         boolean passwordValid = userDetails.getPassword().equals(tokenUserDetails.get("password"));
         if(usernameValid||passwordValid) // ?? &&
+        {
             return true;
-        else
+        } else {
             return false;
+        }
     }
     /*
         获取 user claims

src/main/resources/mapper/sys/system/user/RoleMapper.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
+<mapper namespace="org.rcisoft.business.system.user.dao.RoleRepository">
+
+
+    <select id="listRoleByUserId" resultType="org.rcisoft.business.system.user.entity.SysRole">
+       SELECT sr.ROLE_ID AS roleId, sr.ROLE_NM AS roleNm FROM  rel_user_role rur
+       LEFT JOIN sys_role sr ON rur.ROLE_ID = sr.ROLE_ID
+       WHERE rur.USER_ID=#{userId}
+    </select>
+</mapper>
\ No newline at end of file

src/main/resources/mapper/sys/system/user/UserMapper.xml

@@ -3,4 +3,9 @@
 <mapper namespace="org.rcisoft.business.system.user.dao.UserRepository">
 
 
+    <select id="listByUserName" resultType="org.rcisoft.business.system.user.entity.SysUser">
+        SELECT USER_ID AS userId, USER_NM AS userNm, USER_PWD AS userPwd, USER_TP AS userTp FROM sys_user
+        WHERE USER_NM = #{userName}
+    </select>
+
 </mapper>
\ No newline at end of file