feat(auth): replace JWT with Sa-Token, add auth context and interceptor
This commit is contained in:
@@ -57,6 +57,11 @@
|
||||
<groupId>org.springframework.security</groupId>
|
||||
<artifactId>spring-security-crypto</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>cn.dev33</groupId>
|
||||
<artifactId>sa-token-spring-boot3-starter</artifactId>
|
||||
<version>1.39.0</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.projectlombok</groupId>
|
||||
<artifactId>lombok</artifactId>
|
||||
|
||||
@@ -0,0 +1,34 @@
|
||||
package com.sino.mci.admin.security;
|
||||
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import lombok.Data;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public class AuthContext {
|
||||
|
||||
@Data
|
||||
public static class AuthUser {
|
||||
private Long userId;
|
||||
private String tenantCode;
|
||||
private String username;
|
||||
private List<String> roleCodes;
|
||||
}
|
||||
|
||||
public static AuthUser get() {
|
||||
if (!StpUtil.isLogin()) {
|
||||
return null;
|
||||
}
|
||||
AuthUser user = new AuthUser();
|
||||
user.setUserId(StpUtil.getLoginIdAsLong());
|
||||
user.setTenantCode((String) StpUtil.getSession().get("tenantCode"));
|
||||
user.setUsername((String) StpUtil.getSession().get("username"));
|
||||
user.setRoleCodes((List<String>) StpUtil.getSession().get("roleCodes"));
|
||||
return user;
|
||||
}
|
||||
|
||||
public static String currentTenantCode() {
|
||||
AuthUser user = get();
|
||||
return user == null ? null : user.getTenantCode();
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,28 @@
|
||||
package com.sino.mci.admin.security;
|
||||
|
||||
import cn.dev33.satoken.exception.SaTokenException;
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.servlet.HandlerInterceptor;
|
||||
|
||||
@Component
|
||||
public class AuthInterceptor implements HandlerInterceptor {
|
||||
|
||||
@Override
|
||||
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
|
||||
String path = request.getRequestURI();
|
||||
if (path.contains("/api/v1/account/login")) {
|
||||
return true;
|
||||
}
|
||||
|
||||
try {
|
||||
StpUtil.checkLogin();
|
||||
} catch (SaTokenException e) {
|
||||
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,21 @@
|
||||
package com.sino.mci.config;
|
||||
|
||||
import com.sino.mci.admin.security.AuthInterceptor;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
|
||||
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
||||
|
||||
@Configuration
|
||||
@RequiredArgsConstructor
|
||||
public class WebConfig implements WebMvcConfigurer {
|
||||
|
||||
private final AuthInterceptor authInterceptor;
|
||||
|
||||
@Override
|
||||
public void addInterceptors(InterceptorRegistry registry) {
|
||||
registry.addInterceptor(authInterceptor)
|
||||
.addPathPatterns("/msg-platform/api/v1/**", "/api/v1/**")
|
||||
.excludePathPatterns("/msg-platform/api/v1/account/login", "/api/v1/account/login");
|
||||
}
|
||||
}
|
||||
@@ -21,6 +21,16 @@ mybatis-plus:
|
||||
logic-delete-value: 1
|
||||
logic-not-delete-value: 0
|
||||
|
||||
sa-token:
|
||||
token-name: Authorization
|
||||
token-prefix: Bearer
|
||||
timeout: 86400
|
||||
active-timeout: -1
|
||||
is-concurrent: true
|
||||
is-share: true
|
||||
token-style: uuid
|
||||
is-log: false
|
||||
|
||||
management:
|
||||
endpoints:
|
||||
web:
|
||||
|
||||
Reference in New Issue
Block a user