Browse Source

kisso跨域解决,登陆模块搞定,暂未搞定跳转登陆的问题

NorthLan 7 years ago
parent
commit
d32d88deab
21 changed files with 302 additions and 77 deletions
  1. 5 1
      zen-api/src/main/kotlin/com/gxzc/zen/api/sys/mapper/SysUserMapper.kt
  2. 4 0
      zen-api/src/main/kotlin/com/gxzc/zen/api/sys/model/SysUser.kt
  3. 3 3
      zen-api/src/main/kotlin/com/gxzc/zen/api/sys/service/ISysEventOperService.kt
  4. 1 0
      zen-api/src/main/kotlin/com/gxzc/zen/api/sys/service/ISysUserService.kt
  5. 5 0
      zen-api/src/main/kotlin/com/gxzc/zen/api/sys/service/impl/SysUserServiceImpl.kt
  6. 28 19
      zen-api/src/main/resources/mapping/sys/SysUserMapper.xml
  7. 14 0
      zen-core/src/main/kotlin/com/gxzc/zen/common/base/tips/ErrorTip.kt
  8. 14 0
      zen-core/src/main/kotlin/com/gxzc/zen/common/base/tips/SuccessTip.kt
  9. 12 0
      zen-core/src/main/kotlin/com/gxzc/zen/common/base/tips/Tip.kt
  10. 0 30
      zen-core/src/main/kotlin/com/gxzc/zen/common/config/CORSConfiguration.kt
  11. 7 7
      zen-core/src/main/kotlin/com/gxzc/zen/common/config/SwaggerConfig.kt
  12. 11 0
      zen-core/src/main/kotlin/com/gxzc/zen/common/dto/RequestDto.kt
  13. 1 1
      zen-core/src/main/kotlin/com/gxzc/zen/common/dto/ResultDto.kt
  14. 22 0
      zen-core/src/main/kotlin/com/gxzc/zen/common/exception/ZenException.kt
  15. 27 0
      zen-core/src/main/kotlin/com/gxzc/zen/common/exception/ZenExceptionEnum.kt
  16. 47 0
      zen-core/src/main/kotlin/com/gxzc/zen/common/exception/aop/BaseControllerExceptionHandler.kt
  17. 28 0
      zen-umps/src/main/kotlin/com/gxzc/zen/umps/config/CORSFilter.kt
  18. 7 4
      zen-umps/src/main/kotlin/com/gxzc/zen/umps/config/KissoWebAppConfigurer.kt
  19. 51 10
      zen-web/src/main/kotlin/com/gxzc/zen/web/sys/controller/AuthController.kt
  20. 10 1
      zen-web/src/main/kotlin/com/gxzc/zen/web/sys/controller/ExampleController.kt
  21. 5 1
      zen-web/src/main/resources/application-umps.yml

+ 5 - 1
zen-api/src/main/kotlin/com/gxzc/zen/api/sys/mapper/SysUserMapper.kt

@@ -2,7 +2,9 @@ package com.gxzc.zen.api.sys.mapper
 
 import com.gxzc.zen.api.sys.model.SysUser
 import com.gxzc.zen.common.base.BaseMapper
+import org.apache.ibatis.annotations.Param
 import org.springframework.stereotype.Repository
+
 /**
  * <p>
  * 用户管理 Mapper 接口
@@ -12,4 +14,6 @@ import org.springframework.stereotype.Repository
  * @since 2018-02-06
  */
 @Repository
-interface SysUserMapper : BaseMapper<SysUser>
+interface SysUserMapper : BaseMapper<SysUser> {
+    fun selectByAccount(@Param("account") account: String): SysUser
+}

+ 4 - 0
zen-api/src/main/kotlin/com/gxzc/zen/api/sys/model/SysUser.kt

@@ -25,6 +25,10 @@ data class SysUser(
          * 密码
          */
         var password: String? = null,
+        /**
+         * 盐值
+         */
+        var salt: String? = null,
         /**
          * 电话
          */

+ 3 - 3
zen-api/src/main/kotlin/com/gxzc/zen/api/sys/service/ISysEventOperService.kt

@@ -7,7 +7,7 @@ import com.gxzc.zen.common.base.BaseService
  * 操作日志表 服务类
  * </p>
  *
- * @author NorthLan123
- * @since 2018-02-06
- */
+* @author NorthLan123
+* @since 2018-02-06
+*/
 interface ISysEventOperService : BaseService<SysEventOper>

+ 1 - 0
zen-api/src/main/kotlin/com/gxzc/zen/api/sys/service/ISysUserService.kt

@@ -13,4 +13,5 @@ import com.gxzc.zen.common.base.BaseService
  */
 interface ISysUserService : BaseService<SysUser> {
     fun getUserByIdCacheable(id: Long): SysUser
+    fun getUserByAccountCacheable(account: String): SysUser?
 }

+ 5 - 0
zen-api/src/main/kotlin/com/gxzc/zen/api/sys/service/impl/SysUserServiceImpl.kt

@@ -19,6 +19,11 @@ import org.springframework.stereotype.Service
 @Service
 class SysUserServiceImpl : ServiceImpl<SysUserMapper, SysUser>(), ISysUserService {
 
+    @Cacheable(CACHEKEYS.USER, key = "'account_' + #account")
+    override fun getUserByAccountCacheable(account: String): SysUser? {
+        return baseMapper.selectByAccount(account)
+    }
+
     @Cacheable(CACHEKEYS.USER)
     override fun getUserByIdCacheable(id: Long): SysUser {
         return baseMapper.selectById(id)

+ 28 - 19
zen-api/src/main/resources/mapping/sys/SysUserMapper.xml

@@ -4,25 +4,34 @@
 
     <!-- 通用查询映射结果 -->
     <resultMap id="BaseResultMap" type="com.gxzc.zen.api.sys.model.SysUser">
-    <result column="id" property="id" />
-    <result column="enable" property="enable" />
-    <result column="remark" property="remark" />
-    <result column="create_time" property="createTime" />
-    <result column="create_by" property="createBy" />
-    <result column="update_time" property="updateTime" />
-    <result column="update_by" property="updateBy" />
-        <result column="account" property="account" />
-        <result column="username" property="username" />
-        <result column="password" property="password" />
-        <result column="phone" property="phone" />
-        <result column="email" property="email" />
-        <result column="position" property="position" />
-        <result column="address" property="address" />
-        <result column="staff_no" property="staffNo" />
-        <result column="ext1" property="ext1" />
-        <result column="ext2" property="ext2" />
-        <result column="ext3" property="ext3" />
-        <result column="ext4" property="ext4" />
+        <result column="id" property="id"/>
+        <result column="enable" property="enable"/>
+        <result column="remark" property="remark"/>
+        <result column="create_time" property="createTime"/>
+        <result column="create_by" property="createBy"/>
+        <result column="update_time" property="updateTime"/>
+        <result column="update_by" property="updateBy"/>
+        <result column="account" property="account"/>
+        <result column="username" property="username"/>
+        <result column="password" property="password"/>
+        <result column="salt" property="salt"/>
+        <result column="phone" property="phone"/>
+        <result column="email" property="email"/>
+        <result column="position" property="position"/>
+        <result column="address" property="address"/>
+        <result column="staff_no" property="staffNo"/>
+        <result column="ext1" property="ext1"/>
+        <result column="ext2" property="ext2"/>
+        <result column="ext3" property="ext3"/>
+        <result column="ext4" property="ext4"/>
     </resultMap>
 
+    <select id="selectByAccount" resultMap="BaseResultMap">
+        SELECT *
+        FROM sys_user
+        WHERE
+          account = #{account}
+        LIMIT 1
+    </select>
+
 </mapper>

+ 14 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/base/tips/ErrorTip.kt

@@ -0,0 +1,14 @@
+package com.gxzc.zen.common.base.tips
+
+/**
+ * 返回给前台的错误提示
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+class ErrorTip : Tip {
+    constructor(code: Int, msg: String) {
+        this.code = code
+        this.message = msg
+    }
+}

+ 14 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/base/tips/SuccessTip.kt

@@ -0,0 +1,14 @@
+package com.gxzc.zen.common.base.tips
+
+/**
+ *
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+class SuccessTip : Tip {
+    constructor() {
+        this.code = 200
+        this.message = "success"
+    }
+}

+ 12 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/base/tips/Tip.kt

@@ -0,0 +1,12 @@
+package com.gxzc.zen.common.base.tips
+
+/**
+ * 返回给前台的提示(最终转化为json形式)
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+abstract class Tip {
+    var code: Int = 0
+    var message: String? = null
+}

+ 0 - 30
zen-core/src/main/kotlin/com/gxzc/zen/common/config/CORSConfiguration.kt

@@ -1,30 +0,0 @@
-package com.gxzc.zen.common.config
-
-import org.springframework.context.annotation.Bean
-import org.springframework.context.annotation.Configuration
-import org.springframework.web.servlet.config.annotation.CorsRegistry
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
-
-
-/**
- * 跨域请求全局配置
- * @author NorthLan
- * @date 2018/2/28
- * @url https://noahlan.com
- */
-@Configuration
-class CORSConfiguration {
-
-    @Bean
-    fun CORSConfigurer(): WebMvcConfigurer {
-        return object : WebMvcConfigurerAdapter() {
-            override fun addCorsMappings(registry: CorsRegistry) {
-                registry.addMapping("/**")
-                        .allowedOrigins("http://localhost:8080")
-                        .allowedMethods("GET", "POST", "DELETE", "PUT", "OPTIONS")
-                        .allowCredentials(true).maxAge(3600)
-            }
-        }
-    }
-}

+ 7 - 7
zen-core/src/main/kotlin/com/gxzc/zen/common/config/SwaggerConfig.kt

@@ -28,8 +28,8 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2
 @ConditionalOnProperty(prefix = "zen", name = ["swagger-open"], havingValue = "true")
 class SwaggerConfig : WebMvcConfigurerAdapter() {
 
-    override fun addResourceHandlers(registry: ResourceHandlerRegistry?) {
-        registry?.let {
+    override fun addResourceHandlers(registry: ResourceHandlerRegistry) {
+        registry.let {
             it.addResourceHandler("swagger-ui.html")
                     .addResourceLocations("classpath:/META-INF/resources/")
             it.addResourceHandler("/webjars*")
@@ -45,15 +45,15 @@ class SwaggerConfig : WebMvcConfigurerAdapter() {
                 .apiInfo(apiInfo())
                 .select()
                 .apis(RequestHandlerSelectors.withClassAnnotation(ApiOperation::class.java))
-                .paths(PathSelectors.ant("/api/v2/**"))
+                // .paths(PathSelectors.ant("/api/v2/**"))
                 .build()
 //                .securitySchemes()
     }
 
-    @Suppress("UNUSED")
-    private fun apiKey(): ApiKey {
-        return ApiKey("Bearer ", "Authorization", "header")
-    }
+//    @Suppress("UNUSED")
+//    private fun apiKey(): ApiKey {
+//        return ApiKey("Bearer ", "Authorization", "header")
+//    }
 
     private fun apiInfo(): ApiInfo {
         return ApiInfoBuilder()

+ 11 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/dto/RequestDto.kt

@@ -0,0 +1,11 @@
+package com.gxzc.zen.common.dto
+
+/**
+ * 请求 数据传输对象
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+class RequestDto {
+    var data = mutableMapOf<String, Any>()
+}

+ 1 - 1
zen-core/src/main/kotlin/com/gxzc/zen/common/dto/ResultDto.kt

@@ -6,7 +6,7 @@ import java.util.*
 
 
 /**
- * 基础 数据传输对象
+ * 回执 数据传输对象
  * @author NorthLan
  * @date 2018/2/1
  * @url https://noahlan.com

+ 22 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/exception/ZenException.kt

@@ -0,0 +1,22 @@
+package com.gxzc.zen.common.exception
+
+/**
+ * 业务异常的封装基类
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+open class ZenException : RuntimeException {
+    var code: Int = 0
+    override var message: String
+
+    constructor(code: Int, msg: String) {
+        this.code = code
+        this.message = msg
+    }
+
+    constructor(zenExceptionEnum: ZenExceptionEnum) {
+        this.code = zenExceptionEnum.code
+        this.message = zenExceptionEnum.msg
+    }
+}

+ 27 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/exception/ZenExceptionEnum.kt

@@ -0,0 +1,27 @@
+package com.gxzc.zen.common.exception
+
+/**
+ * 基本业务异常的枚举
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+enum class ZenExceptionEnum(val code: Int, val msg: String) {
+    /**
+     * Auth
+     */
+    AUTH_ACCOUNT_NOT_EXISTS(400, "账号不存在"),
+    AUTH_PASSWORD_ERROR(400, "密码错误"),
+
+    /**
+     * 文件上传
+     */
+    FILE_READING_ERROR(400, "FILE_READING_ERROR!"),
+    FILE_NOT_FOUND(400, "FILE_NOT_FOUND!"),
+
+    /**
+     * 错误的请求
+     */
+    REQUEST_NULL(400, "请求有错误"),
+    SERVER_ERROR(500, "服务器异常");
+}

+ 47 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/exception/aop/BaseControllerExceptionHandler.kt

@@ -0,0 +1,47 @@
+package com.gxzc.zen.common.exception.aop
+
+import com.gxzc.zen.common.base.tips.ErrorTip
+import com.gxzc.zen.common.exception.ZenException
+import com.gxzc.zen.common.exception.ZenExceptionEnum
+import org.slf4j.LoggerFactory
+import org.springframework.http.HttpStatus
+import org.springframework.web.bind.annotation.ControllerAdvice
+import org.springframework.web.bind.annotation.ExceptionHandler
+import org.springframework.web.bind.annotation.ResponseBody
+import org.springframework.web.bind.annotation.ResponseStatus
+
+/**
+ * 全局的的异常拦截器(拦截所有的控制器)(带有@RequestMapping注解的方法上都会拦截)
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+@ControllerAdvice
+class BaseControllerExceptionHandler {
+    companion object {
+        private val logger = LoggerFactory.getLogger(BaseControllerExceptionHandler::class.java)
+    }
+
+
+    /**
+     * 系统业务异常
+     */
+    @ExceptionHandler(ZenException::class)
+    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+    @ResponseBody // Convert to Json
+    fun zenException(e: ZenException): ErrorTip {
+        logger.error("系统异常:", e)
+        return ErrorTip(e.code, e.message)
+    }
+
+    /**
+     * 未知的运行时异常
+     */
+    @ExceptionHandler(RuntimeException::class)
+    @ResponseStatus(HttpStatus.INTERNAL_SERVER_ERROR)
+    @ResponseBody
+    fun runtimeException(e: RuntimeException): ErrorTip {
+        logger.error("运行时异常:", e)
+        return ErrorTip(ZenExceptionEnum.SERVER_ERROR.code, e.message!!)
+    }
+}

+ 28 - 0
zen-umps/src/main/kotlin/com/gxzc/zen/umps/config/CORSFilter.kt

@@ -0,0 +1,28 @@
+package com.gxzc.zen.umps.config
+
+import org.springframework.stereotype.Component
+import org.springframework.web.filter.OncePerRequestFilter
+import javax.servlet.FilterChain
+import javax.servlet.http.HttpServletRequest
+import javax.servlet.http.HttpServletResponse
+
+/**
+ *
+ * @author NorthLan
+ * @date 2018/3/1
+ * @url https://noahlan.com
+ */
+@Component
+class CORSFilter : OncePerRequestFilter() {
+    override fun doFilterInternal(request: HttpServletRequest, response: HttpServletResponse, filterChain: FilterChain) {
+        response.let {
+            it.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"))
+            it.setHeader("Access-Control-Allow-Credentials", "true")
+            it.setHeader("Access-Control-Allow-Methods", "POST, GET, PUT, OPTIONS, DELETE")
+            it.setHeader("Access-Control-Max-Age", "3600")
+            it.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept")
+        }
+
+        filterChain.doFilter(request, response)
+    }
+}

+ 7 - 4
zen-umps/src/main/kotlin/com/gxzc/zen/umps/config/KissoWebAppConfigurer.kt

@@ -20,7 +20,7 @@ class KissoWebAppConfigurer : WebMvcConfigurerAdapter() {
         registry.addInterceptor(SSOSpringInterceptor())
                 .addPathPatterns("/**")
                 .excludePathPatterns(
-                        "/auth/**",
+                        "/auth/login",
                         "/swagger-ui.html",       // swagger-ui html
                         "/v2/api-docs",           // swagger
                         "/webjars/**",            // swagger-ui webjars
@@ -28,16 +28,19 @@ class KissoWebAppConfigurer : WebMvcConfigurerAdapter() {
                         "/configuration/**"      // swagger configuration
                 )
         // 权限拦截
-        registry.addInterceptor(SSOPermissionInterceptor().also { it.authorization = KissoAuthorization() })
+        registry.addInterceptor(SSOPermissionInterceptor().also {
+            it.authorization = KissoAuthorization()
+            it.isNothingAnnotationPass = true
+        })
                 .addPathPatterns("/**")
                 .excludePathPatterns(
-                        "/auth/**",
+                        "/auth/login",
                         "/swagger-ui.html",       // swagger-ui html
                         "/v2/api-docs",           // swagger
                         "/webjars/**",            // swagger-ui webjars
                         "/swagger-resources/**",  // swagger-ui resources
                         "/configuration/**"      // swagger configuration
                 )
-        super.addInterceptors(registry)
+//        super.addInterceptors(registry)
     }
 }

+ 51 - 10
zen-web/src/main/kotlin/com/gxzc/zen/web/sys/controller/AuthController.kt

@@ -1,11 +1,21 @@
 package com.gxzc.zen.web.sys.controller
 
+import com.baomidou.kisso.SSOHelper
+import com.baomidou.kisso.annotation.Action
+import com.baomidou.kisso.annotation.Login
+import com.baomidou.kisso.common.encrypt.MD5Salt
+import com.baomidou.kisso.security.token.SSOToken
+import com.gxzc.zen.api.sys.service.ISysUserService
 import com.gxzc.zen.common.base.BaseController
+import com.gxzc.zen.common.dto.RequestDto
 import com.gxzc.zen.common.dto.ResultDto
-import org.springframework.web.bind.annotation.PostMapping
-import org.springframework.web.bind.annotation.RequestMapping
-import org.springframework.web.bind.annotation.RestController
-import javax.servlet.http.Cookie
+import com.gxzc.zen.common.exception.ZenException
+import com.gxzc.zen.common.exception.ZenExceptionEnum
+import io.swagger.annotations.ApiOperation
+import org.slf4j.LoggerFactory
+import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.http.ResponseEntity
+import org.springframework.web.bind.annotation.*
 
 /**
  * 身份验证相关控制器
@@ -16,12 +26,43 @@ import javax.servlet.http.Cookie
 @RestController
 @RequestMapping("auth")
 class AuthController : BaseController() {
+    companion object {
+        private val logger = LoggerFactory.getLogger(AuthController::class.java)
+    }
+
+    @Autowired
+    private lateinit var userService: ISysUserService
+
+    @Login(action = Action.Skip)
+    @ApiOperation(value = "登录")
+    @PostMapping("/login")
+    fun login(@RequestBody data: RequestDto): ResponseEntity<*> {
+        // 验证输入合法性
+        val account = data.data["account"]?.toString()?.trim()
+        val password = data.data["password"]?.toString()
+
+        if (account.isNullOrEmpty() || password.isNullOrEmpty()) {
+            throw ZenException(ZenExceptionEnum.REQUEST_NULL)
+        }
+        // 验证账号密码
+        val user = userService.getUserByAccountCacheable(account!!)
+                ?: throw ZenException(ZenExceptionEnum.AUTH_ACCOUNT_NOT_EXISTS)
+        // 对密码进行盐值处理比对
+        if (user.password != MD5Salt.md5SaltEncode(user.salt, password)) {
+            throw ZenException(ZenExceptionEnum.AUTH_PASSWORD_ERROR)
+        }
+
+        // 生成登陆 token->cookie
+        SSOHelper.setCookie(getRequest(), getResponse(), SSOToken.create().setId(user.id), true)
+
+        // redirectURL
+        return ResponseEntity.ok(ResultDto(200, "success", data.data["redirectURL"]))
+    }
 
-    @PostMapping("login")
-    fun login(): ResultDto {
-        val req = getRequest()
-        val cks = req.cookies
-        getResponse().addCookie(Cookie("test", "testCookie"))
-        return ResultDto(1, null, "a")
+    @ApiOperation(value = "登出")
+    @DeleteMapping("/logout")
+    fun logout(): ResponseEntity<*> {
+        SSOHelper.logout(getRequest(), getResponse())
+        return ResponseEntity.ok(null)
     }
 }

+ 10 - 1
zen-web/src/main/kotlin/com/gxzc/zen/web/sys/controller/ExampleController.kt

@@ -1,10 +1,12 @@
 package com.gxzc.zen.web.sys.controller
 
+import com.baomidou.kisso.SSOHelper
 import com.baomidou.kisso.annotation.Action
 import com.baomidou.kisso.annotation.Login
 import com.baomidou.kisso.annotation.Permission
 import com.gxzc.zen.api.sys.service.ISysPermissionService
 import com.gxzc.zen.api.sys.service.ISysUserService
+import com.gxzc.zen.common.base.BaseController
 import org.slf4j.LoggerFactory
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.cache.CacheManager
@@ -13,7 +15,7 @@ import org.springframework.web.bind.annotation.RestController
 
 
 @RestController
-class ExampleController {
+class ExampleController : BaseController() {
     companion object {
         private val logger = LoggerFactory.getLogger(ExampleController::class.java)
     }
@@ -37,6 +39,13 @@ class ExampleController {
 //        sysUserService.selectListCacheable()
     }
 
+    @GetMapping("testLogin")
+    // @Login(action = Action.Skip)
+    fun testLogin() {
+        logger.info("test")
+
+    }
+
     @GetMapping("testCache")
     @Login(action = Action.Skip)
     @Permission("user:crud")

+ 5 - 1
zen-web/src/main/resources/application-umps.yml

@@ -1,4 +1,8 @@
 kisso:
   config:
     signKey: C691d971EJ3H376G81 # 对称加密使用
-    cookieName: ks # cookie名称
+    cookieName: ks # cookie名称
+    cookieDomain: zen.com
+    cookiePath: /
+    cookieMaxage: 604800
+    cookieHttponly: false