Skip to content

Commit

Permalink
ajax请求菜单显示
Browse files Browse the repository at this point in the history
  • Loading branch information
fangp committed May 6, 2018
1 parent e239de8 commit 593fcc8
Show file tree
Hide file tree
Showing 41 changed files with 1,078 additions and 32 deletions.
9 changes: 8 additions & 1 deletion api-gateway/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,13 @@
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-ribbon</artifactId>
</dependency>

<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-oauth2</artifactId>
</dependency>
</dependencies>
</project>
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,13 @@
import org.springframework.boot.SpringApplication;
import org.springframework.cloud.client.SpringCloudApplication;
import org.springframework.cloud.netflix.zuul.EnableZuulProxy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;

/**
* Created by fp295 on 2018/4/10.
*/
@EnableZuulProxy
@EnableResourceServer
@SpringCloudApplication
public class ApiGatewayApplication {
public static void main(String[] args){
Expand Down
32 changes: 32 additions & 0 deletions api-gateway/src/main/java/com/peng/gateway/config/CorsConfig.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
package com.peng.gateway.config;

import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

/**
* Created by fp295 on 2018/5/6.
*/
@Order(2)
@Configuration
public class CorsConfig {

@Bean
public FilterRegistrationBean corsFilter() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
CorsConfiguration config = new CorsConfiguration();
config.setAllowCredentials(true);
config.addAllowedOrigin("*");
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
}
}
18 changes: 18 additions & 0 deletions api-gateway/src/main/resources/application.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,21 @@ zuul:
main-data:
path: /main-data/api/**
serviceId: main-data
proxy:
auth:
routes:
main-data: oauth2
security:
ignored: |
/css/**,/js/**,/favicon.ico,/webjars/**,/images/**,
/hystrix.stream/**,/info,/error,/health,/env,/metrics,/trace,/dump,
/jolokia,/configprops,/activiti,/logfile,/refresh,/flyway,/liquibase,/loggers
oauth2:
resource:
jwt:
key-uri: http://127.0.0.1:21001/auth/oauth/token_key
id: ${spring.application.name}
serviceId: ${spring.application.name}
management:
security:
enabled: false
1 change: 1 addition & 0 deletions auth-center/auth-center-api/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
<artifactId>main-data-api</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>

</dependencies>


Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,8 @@ public FilterRegistrationBean corsFilter() {
config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
CorsFilter corsFilter = new CorsFilter(source);
return new FilterRegistrationBean(corsFilter);
FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return bean;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -71,7 +71,7 @@ public UserDetails loadUserByUsername(String username) throws UsernameNotFoundEx
List<GrantedAuthority> authorities = convertToAuthorities(baseUser, roles);

// 存储菜单到redis
if(baseModuleResourceListResponseData.getCode() == ResponseCode.SUCCESS.getCode() && baseModuleResourceListResponseData.getData() != null){
if( ResponseCode.SUCCESS.getCode().equals(baseModuleResourceListResponseData.getCode()) && baseModuleResourceListResponseData.getData() != null){
resourcesTemplate.delete(baseUser.getId() + "-menu");
baseModuleResourceListResponseData.getData().forEach(e -> {
resourcesTemplate.opsForList().leftPush(baseUser.getId() + "-menu", e);
Expand Down
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
security:
ignored: |
/css/**,/js/**,/favicon.ico,/webjars/**,/images/**,
/hystrix.stream/**,/info,/error,/health,/env,/metrics,/trace,/dump,
/jolokia,/configprops,/activiti,/logfile,/refresh,/flyway,/liquibase,/loggers,/druid/**,
/oauth/deleteToken
server:
context-path: /auth
port: 21001
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
package com.peng.auth.spring.boot.autoconfigure;

import com.peng.auth.api.token.JwtAccessToken;
import org.springframework.boot.autoconfigure.security.oauth2.resource.JwtAccessTokenConverterConfigurer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;

/**
* Created by fp295 on 2018/5/6.
*/
@Configuration
public class AuthResourcesAutoConfiguration implements JwtAccessTokenConverterConfigurer {

@Bean
public JwtAccessTokenConverter jwtAccessTokenConverter() {
return new JwtAccessToken();
}

@Override
public void configure(JwtAccessTokenConverter jwtAccessTokenConverter) {
jwtAccessTokenConverter.setAccessTokenConverter(jwtAccessTokenConverter());
}
}
Original file line number Diff line number Diff line change
@@ -1,16 +1,20 @@
package com.peng.auth.spring.boot.autoconfigure.config;

import com.peng.auth.spring.boot.autoconfigure.utils.AccessTokenUtils;
import com.peng.main.api.mapper.model.BaseModuleResources;
import com.peng.main.api.mapper.model.BaseRole;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.security.access.AccessDecisionManager;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.authentication.InsufficientAuthenticationException;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.FilterInvocation;
import org.springframework.util.AntPathMatcher;

import java.util.Collection;
import java.util.*;
import java.util.stream.Collectors;

/**
* Created by fp295 on 2018/4/29.
Expand All @@ -23,13 +27,105 @@ public class AccessDecisionManagerIml implements AccessDecisionManager {

private AntPathMatcher matcher = new AntPathMatcher();

private String ignored;
private String[] ignoreds;

private String url;

private String httpMethod;


@Override
public void decide(Authentication authentication, Object o, Collection<ConfigAttribute> collection) throws AccessDeniedException, InsufficientAuthenticationException {
// 请求路径
url = getUrl(o);
// http 方法
httpMethod = getMethod(o);

// 不拦截的请求
for(String path : ignoreds){
String temp = path.trim();
if (matcher.match(temp, url)) {
return;
}
}

// URL 鉴权
Iterator<BaseRole> iterator = accessTokenUtils.getRoleInfo().iterator();
while (iterator.hasNext())
{ BaseRole baseRole = iterator.next();
if (baseRole.getModules().size() > 0 && checkSubModule(baseRole.getModules())) {
return;
}
}

throw new AccessDeniedException("无权限!");

}

/**
* 获取请求中的url
*/
private String getUrl(Object o) {
//获取当前访问url
String url = ((FilterInvocation)o).getRequestUrl();
int firstQuestionMarkIndex = url.indexOf("?");
if (firstQuestionMarkIndex != -1) {
return url.substring(0, firstQuestionMarkIndex);
}
return url;
}

private String getMethod(Object o) {
return ((FilterInvocation)o).getRequest().getMethod();
}

// 检查子模块权限
private boolean checkSubModule(List<BaseModuleResources> modules) {

Iterator<BaseModuleResources> iterator = modules.iterator();
while (iterator.hasNext())
{
BaseModuleResources e = iterator.next();
if (e.getIsOperating() == 1 && e.getModulePath() != null && !"".equals(e.getModulePath())) {
if (matchUrl(url, e.getModulePath()) && httpMethod.toUpperCase().equals(e.getHttpMethod().toUpperCase())) {
return true;
}
}

// 递归检查子模块的权限
if (e.getSubModules().size() > 0) {
if (checkSubModule(e.getSubModules())) {
return true;
}
}
}
return false;
}

private boolean matchUrl(String url, String modulePath) {

List urls = Arrays.asList(url.split("/")).stream().filter(e -> !"".equals(e)).collect(Collectors.toList());
Collections.reverse(urls);

List paths = Arrays.asList(modulePath.split("/")).stream().filter(e -> !"".equals(e)).collect(Collectors.toList());
Collections.reverse(paths);

// 如果数量不相等
if (urls.size() != paths.size()) {
return false;
}

for(int i = 0; i < paths.size(); i++){
// 如果是 PathVariable 则忽略
String item = (String) paths.get(i);
if (item.charAt(0) != '{' && item.charAt(item.length() - 1) != '}') {
// 如果有不等于的,则代表 URL 不匹配
if (!item.equals(urls.get(i))) {
return false;
}
}
}
return true;
}

@Override
Expand All @@ -41,4 +137,11 @@ public boolean supports(ConfigAttribute configAttribute) {
public boolean supports(Class<?> aClass) {
return true;
}

public void setIgnored(String ignored) {
if(ignored != null && !"".equals(ignored))
this.ignoreds = ignored.split(",");
else
this.ignoreds = new String[]{};
}
}
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
com.peng.auth.spring.boot.autoconfigure.AuthResourcesAutoConfiguration,\
com.peng.auth.spring.boot.autoconfigure.config.WebSecurityConfig,\
com.peng.auth.spring.boot.autoconfigure.utils.AccessTokenUtils,\
com.peng.auth.spring.boot.autoconfigure.config.RedisAuthConfiguration
28 changes: 28 additions & 0 deletions auth-center/auth-spring-boot-starter/pom.xml
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>auth-center</artifactId>
<groupId>com.github.peng</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>

<artifactId>auth-spring-boot-starter</artifactId>

<dependencies>
<!-- Spring Boot 自动装配 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-autoconfigure</artifactId>
</dependency>

<dependency>
<groupId>com.github.peng</groupId>
<artifactId>auth-spring-boot-autoconfigure</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
</dependencies>

</project>
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
provides: auth-spring-boot-autoconfigure
1 change: 1 addition & 0 deletions auth-center/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@
<module>auth-center-provider</module>
<module>auth-center-api</module>
<module>auth-spring-boot-autoconfigure</module>
<module>auth-spring-boot-starter</module>
</modules>
<artifactId>auth-center</artifactId>

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,10 @@
import javax.persistence.Column;
import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Transient;
import java.io.Serializable;
import java.util.Date;
import java.util.List;

@Table(name = "base_module_resources")
public class BaseModuleResources implements Serializable {
Expand Down Expand Up @@ -51,6 +53,9 @@ public class BaseModuleResources implements Serializable {
@Column(name = "UPDATE_DATE")
private Date updateDate;

@Transient
private List<BaseModuleResources> subModules;

/**
* @return ID
*/
Expand Down Expand Up @@ -236,4 +241,12 @@ public Date getUpdateDate() {
public void setUpdateDate(Date updateDate) {
this.updateDate = updateDate;
}

public List<BaseModuleResources> getSubModules() {
return subModules;
}

public void setSubModules(List<BaseModuleResources> subModules) {
this.subModules = subModules;
}
}
Loading

0 comments on commit 593fcc8

Please sign in to comment.