Browse Source

添加跨域验证问题

NorthLan 7 years ago
parent
commit
e637ddd050

+ 30 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/config/CORSConfiguration.kt

@@ -0,0 +1,30 @@
+package com.gxzc.zen.common.config
+
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.web.servlet.config.annotation.CorsRegistry
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
+
+
+/**
+ * 跨域请求全局配置
+ * @author NorthLan
+ * @date 2018/2/28
+ * @url https://noahlan.com
+ */
+@Configuration
+class CORSConfiguration {
+
+    @Bean
+    fun CORSConfigurer(): WebMvcConfigurer {
+        return object : WebMvcConfigurerAdapter() {
+            override fun addCorsMappings(registry: CorsRegistry) {
+                registry.addMapping("/**")
+                        .allowedOrigins("http://localhost:8080")
+                        .allowedMethods("GET", "POST", "DELETE", "PUT", "OPTIONS")
+                        .allowCredentials(true).maxAge(3600)
+            }
+        }
+    }
+}

+ 68 - 0
zen-core/src/main/kotlin/com/gxzc/zen/common/config/SwaggerConfig.kt

@@ -0,0 +1,68 @@
+package com.gxzc.zen.common.config
+
+import io.swagger.annotations.ApiOperation
+import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty
+import org.springframework.context.annotation.Bean
+import org.springframework.context.annotation.Configuration
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
+import springfox.documentation.builders.ApiInfoBuilder
+import springfox.documentation.builders.PathSelectors
+import springfox.documentation.builders.RequestHandlerSelectors
+import springfox.documentation.service.ApiInfo
+import springfox.documentation.service.ApiKey
+import springfox.documentation.service.Contact
+import springfox.documentation.spi.DocumentationType
+import springfox.documentation.spring.web.plugins.Docket
+import springfox.documentation.swagger2.annotations.EnableSwagger2
+
+
+/**
+ * swagger-ui 配置
+ * @author NorthLan
+ * @date 2018/2/10
+ * @url https://noahlan.com
+ */
+@Configuration
+@EnableSwagger2
+@ConditionalOnProperty(prefix = "zen", name = ["swagger-open"], havingValue = "true")
+class SwaggerConfig : WebMvcConfigurerAdapter() {
+
+    override fun addResourceHandlers(registry: ResourceHandlerRegistry?) {
+        registry?.let {
+            it.addResourceHandler("swagger-ui.html")
+                    .addResourceLocations("classpath:/META-INF/resources/")
+            it.addResourceHandler("/webjars*")
+                    .addResourceLocations("classpath:/META-INF/resources/webjars/")
+        }
+    }
+
+
+    @Bean
+    fun createApi(): Docket {
+        return Docket(DocumentationType.SWAGGER_2)
+                .groupName("v2")
+                .apiInfo(apiInfo())
+                .select()
+                .apis(RequestHandlerSelectors.withClassAnnotation(ApiOperation::class.java))
+                .paths(PathSelectors.ant("/api/v2/**"))
+                .build()
+//                .securitySchemes()
+    }
+
+    @Suppress("UNUSED")
+    private fun apiKey(): ApiKey {
+        return ApiKey("Bearer ", "Authorization", "header")
+    }
+
+    private fun apiInfo(): ApiInfo {
+        return ApiInfoBuilder()
+                .title("Zen Doc")
+                .description("Zen Api Document")
+                .termsOfServiceUrl("")
+                .contact(Contact("NorthLan", "https://noahlan.com", "lan6995@gmail.com"))
+                .version("2.0")
+                .license("!!!private!!!")
+                .build()
+    }
+}

+ 5 - 2
zen-umps/src/main/kotlin/com/gxzc/zen/umps/config/KissoAuthorization.kt

@@ -10,10 +10,13 @@ import com.gxzc.zen.umps.util.PermissionUtil
 import org.apache.commons.lang3.StringUtils
 import org.springframework.cache.CacheManager
 
+/**
+ * Kisso权限验证
+ * 支持多级权限
+ * 精确到按钮级别
+ */
 class KissoAuthorization : SSOAuthorization {
-
     private val cacheManager = SpringContextHolder.getBean(CacheManager::class.java)
-
     private val permissionService = SpringContextHolder.getBean(ISysPermissionService::class.java)
 
     override fun isPermitted(token: SSOToken?, permission: String?): Boolean {

+ 22 - 4
zen-umps/src/main/kotlin/com/gxzc/zen/umps/config/KissoWebAppConfigurer.kt

@@ -7,19 +7,37 @@ import org.springframework.web.bind.annotation.ControllerAdvice
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
 
+/**
+ * kisso配置
+ * 跳过 swagger-ui 验证
+ */
 @ControllerAdvice
 @Configuration
 class KissoWebAppConfigurer : WebMvcConfigurerAdapter() {
 
     override fun addInterceptors(registry: InterceptorRegistry) {
-        //登录拦截
+        // 登录拦截
         registry.addInterceptor(SSOSpringInterceptor())
                 .addPathPatterns("/**")
-                .excludePathPatterns("/login")
-        //权限拦截
+                .excludePathPatterns(
+                        "/auth/**",
+                        "/swagger-ui.html",       // swagger-ui html
+                        "/v2/api-docs",           // swagger
+                        "/webjars/**",            // swagger-ui webjars
+                        "/swagger-resources/**",  // swagger-ui resources
+                        "/configuration/**"      // swagger configuration
+                )
+        // 权限拦截
         registry.addInterceptor(SSOPermissionInterceptor().also { it.authorization = KissoAuthorization() })
                 .addPathPatterns("/**")
-                .excludePathPatterns("/login")
+                .excludePathPatterns(
+                        "/auth/**",
+                        "/swagger-ui.html",       // swagger-ui html
+                        "/v2/api-docs",           // swagger
+                        "/webjars/**",            // swagger-ui webjars
+                        "/swagger-resources/**",  // swagger-ui resources
+                        "/configuration/**"      // swagger configuration
+                )
         super.addInterceptors(registry)
     }
 }

+ 27 - 0
zen-web/src/main/kotlin/com/gxzc/zen/web/sys/controller/AuthController.kt

@@ -0,0 +1,27 @@
+package com.gxzc.zen.web.sys.controller
+
+import com.gxzc.zen.common.base.BaseController
+import com.gxzc.zen.common.dto.ResultDto
+import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RestController
+import javax.servlet.http.Cookie
+
+/**
+ * 身份验证相关控制器
+ * @author NorthLan
+ * @date 2018/2/10
+ * @url https://noahlan.com
+ */
+@RestController
+@RequestMapping("auth")
+class AuthController : BaseController() {
+
+    @PostMapping("login")
+    fun login(): ResultDto {
+        val req = getRequest()
+        val cks = req.cookies
+        getResponse().addCookie(Cookie("test", "testCookie"))
+        return ResultDto(1, null, "a")
+    }
+}

+ 1 - 1
zen-web/src/main/kotlin/com/gxzc/zen/controller/ExampleController.kt → zen-web/src/main/kotlin/com/gxzc/zen/web/sys/controller/ExampleController.kt

@@ -1,4 +1,4 @@
-package com.gxzc.zen.controller
+package com.gxzc.zen.web.sys.controller
 
 import com.baomidou.kisso.annotation.Action
 import com.baomidou.kisso.annotation.Login

+ 1 - 1
zen-web/src/main/resources/application-orm.yml

@@ -1,5 +1,5 @@
 orm:
-  multi-datasource-enable: true # 多数据源开关
+  multi-datasource-enable: false # 多数据源开关
 
 ################## Alibaba Druid 配置 ##################
 spring:

+ 5 - 1
zen-web/src/main/resources/application.yml

@@ -1,12 +1,16 @@
+################### 服务端 配置 ####################
 server:
   port: 8082
 
+################## 各种奇怪的开关 ###################
+zen:
+  swagger-open: true # swagger-ui是否开启
 
 ###################  spring配置  ###################
 spring:
   profiles:
     active: dev
-    include: orm-local,mq,cache,umps,platform,job
+    include: orm,mq,cache,umps,platform,job
 #  redis:
 #    host: localhost
 #    port: 6379