WinTeachTeam
/
IESExtension
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

doc: 补充文档

Browse Source
11111
winter 1 year ago
parent f0a9ba9243
commit a16e8f8de8
4 changed files with 64 additions and 5 deletions
Show Stats Download Patch File Download Diff File

5
pom.xml
Unescape View File

@ -28,7 +28,10 @@
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId> <artifactId>spring-boot-starter-security</artifactId>
</dependency> </dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
<!-- Spring Security OAuth2 resource server --> <!-- Spring Security OAuth2 resource server -->
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>

50
src/main/java/cn/teammodel/aop/LogInterceptor.java
Unescape View File

@ -0,0 +1,50 @@
package cn.teammodel.aop;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.stereotype.Component;
import org.springframework.util.StopWatch;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.servlet.http.HttpServletRequest;
import java.util.UUID;
@Aspect
@Component
@Slf4j
public class LogInterceptor {
/**
*
*/
@Around("execution(* cn.teammodel.controller.*.*(..))")
public Object doInterceptor(ProceedingJoinPoint point) throws Throwable {
// 计时
StopWatch stopWatch = new StopWatch();
stopWatch.start();
// 获取请求路径
RequestAttributes requestAttributes = RequestContextHolder.currentRequestAttributes();
HttpServletRequest httpServletRequest = ((ServletRequestAttributes) requestAttributes).getRequest();
// 生成请求唯一 id
String requestId = UUID.randomUUID().toString();
String url = httpServletRequest.getRequestURI();
// 获取请求参数
Object[] args = point.getArgs();
String reqParam = "[" + StringUtils.join(args, ", ") + "]";
// 输出请求日志
log.info("request startid: {}, path: {}, ip: {}, params: {}", requestId, url,
httpServletRequest.getRemoteHost(), reqParam);
// 执行原方法
Object result = point.proceed();
// 输出响应日志
stopWatch.stop();
long totalTimeMillis = stopWatch.getTotalTimeMillis();
log.info("request end, id: {}, cost: {}ms", requestId, totalTimeMillis);
return result;
}
}

6
src/main/java/cn/teammodel/controller/HelloController.java
Unescape View File

@ -17,4 +17,10 @@ public class HelloController {
System.out.println(SecurityContextHolder.getContext().getAuthentication()); System.out.println(SecurityContextHolder.getContext().getAuthentication());
return new R(200, "success","hello world"); return new R(200, "success","hello world");
} }
@GetMapping("public/free")
@PreAuthorize("permitAll()")
public R free() {
System.out.println(SecurityContextHolder.getContext().getAuthentication());
return new R(200, "success","hello world");
}
} }

8
src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java
Unescape View File

@ -17,7 +17,6 @@ import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.nio.file.AccessDeniedException;
import java.util.Collection; import java.util.Collection;
/** /**
@ -40,10 +39,11 @@ public class AuthInnerTokenFilter extends OncePerRequestFilter {
// 验证 authToken 合法 // 验证 authToken 合法
TmdUserDetail tmdUserDetail = jwtTokenUtil.getValidUserDetail(request); TmdUserDetail tmdUserDetail = jwtTokenUtil.getValidUserDetail(request);
if (tmdUserDetail == null) { if (tmdUserDetail == null) {
log.error("authToken authentication failed"); log.error("authToken authentication failed: {}", request.getHeader("x-auth-authToken"));
throw new AccessDeniedException("无权限"); SecurityContextHolder.clearContext(); // 验证失败不应该在此处抛出异常,应该维护好 context 的值,以便整个过滤器链正常运行
filterChain.doFilter(request, response);
return;
} }
System.out.println(tmdUserDetail.getUser());
// 组装 authToken 的 jwt 进 authentication // 组装 authToken 的 jwt 进 authentication
Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities(); Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
UsernamePasswordAuthenticationToken finalAuthentication = new UsernamePasswordAuthenticationToken(tmdUserDetail, null, authorities); UsernamePasswordAuthenticationToken finalAuthentication = new UsernamePasswordAuthenticationToken(tmdUserDetail, null, authorities);

Write Preview
Loading…
Cancel
Save