|
@@ -1,13 +1,12 @@
|
|
|
package cn.gygxzc.tina.config.shiro
|
|
|
|
|
|
-import cn.gygxzc.tina.config.properties.ShiroRedisCacheProperties
|
|
|
+import cn.gygxzc.tina.config.jwt.JwtConfig
|
|
|
+import cn.gygxzc.tina.config.shiro.cache.JwtRedisCache
|
|
|
+import cn.gygxzc.tina.config.shiro.cache.RedisConfiguration
|
|
|
import cn.gygxzc.tina.config.shiro.cache.ShiroRedisSessionDAO
|
|
|
+import cn.gygxzc.tina.config.shiro.filter.*
|
|
|
import cn.gygxzc.tina.config.shiro.realm.ZenShiroRealm
|
|
|
import cn.gygxzc.tina.config.shiro.session.ZenWebSessionManager
|
|
|
-import cn.gygxzc.tina.config.shiro.filter.AjaxAuthorizationFilter
|
|
|
-import cn.gygxzc.tina.config.shiro.filter.UrlPermissionsFilter
|
|
|
-import cn.gygxzc.tina.config.shiro.filter.ZenCorsAnonymousFilter
|
|
|
-import cn.gygxzc.tina.config.shiro.filter.ZenCorsPathMatchingFilter
|
|
|
import org.apache.shiro.authc.credential.HashedCredentialsMatcher
|
|
|
import org.apache.shiro.cache.CacheManager
|
|
|
import org.apache.shiro.mgt.SecurityManager
|
|
@@ -18,8 +17,7 @@ import org.apache.shiro.spring.web.ShiroFilterFactoryBean
|
|
|
import org.apache.shiro.web.filter.authc.AnonymousFilter
|
|
|
import org.apache.shiro.web.mgt.DefaultWebSecurityManager
|
|
|
import org.apache.shiro.web.servlet.SimpleCookie
|
|
|
-import org.springframework.beans.factory.annotation.Autowired
|
|
|
-import org.springframework.boot.context.properties.EnableConfigurationProperties
|
|
|
+import org.springframework.boot.autoconfigure.condition.ConditionalOnClass
|
|
|
import org.springframework.boot.web.servlet.FilterRegistrationBean
|
|
|
import org.springframework.context.annotation.Bean
|
|
|
import org.springframework.context.annotation.Configuration
|
|
@@ -37,13 +35,9 @@ import javax.servlet.Filter
|
|
|
* @url https://noahlan.com
|
|
|
*/
|
|
|
@Configuration
|
|
|
-@EnableConfigurationProperties(ShiroRedisCacheProperties::class)
|
|
|
+@ConditionalOnClass(value = [RedisConfiguration::class])
|
|
|
class ShiroConfig {
|
|
|
|
|
|
- @Autowired
|
|
|
- private lateinit var redisProperties: ShiroRedisCacheProperties
|
|
|
-
|
|
|
-
|
|
|
@Bean("shiroLifecycleBeanPostProcessor")
|
|
|
fun lifecycleBeanPostProcessor(): LifecycleBeanPostProcessor {
|
|
|
return LifecycleBeanPostProcessor()
|
|
@@ -54,7 +48,7 @@ class ShiroConfig {
|
|
|
fun userRealm(cacheManager: CacheManager): ZenShiroRealm {
|
|
|
val shiroRealm = ZenShiroRealm()
|
|
|
.apply {
|
|
|
- isCachingEnabled = redisProperties.isEnable
|
|
|
+ isCachingEnabled = true
|
|
|
isAuthenticationCachingEnabled = true
|
|
|
isAuthorizationCachingEnabled = true
|
|
|
//加密验证方法
|
|
@@ -108,7 +102,8 @@ class ShiroConfig {
|
|
|
|
|
|
@Bean(name = ["shiroFilter"])
|
|
|
@Order(2)
|
|
|
- fun shiroFilter(securityManager: SecurityManager): ShiroFilterFactoryBean {
|
|
|
+ fun shiroFilter(securityManager: SecurityManager,
|
|
|
+ config: JwtConfig, jwtRedisCache: JwtRedisCache): ShiroFilterFactoryBean {
|
|
|
return ShiroFilterFactoryBean().apply {
|
|
|
setSecurityManager(securityManager)
|
|
|
|
|
@@ -117,7 +112,8 @@ class ShiroConfig {
|
|
|
"cors" to ZenCorsPathMatchingFilter(),
|
|
|
"perms" to UrlPermissionsFilter(),
|
|
|
"authc" to AjaxAuthorizationFilter(),
|
|
|
- "anon" to AnonymousFilter()
|
|
|
+ "anon" to AnonymousFilter(),
|
|
|
+ "jwt" to JwtPathMatchingFilter(config, jwtRedisCache)
|
|
|
)
|
|
|
/**
|
|
|
* anon(匿名) org.apache.shiro.web.filter.authc.AnonymousFilter
|
|
@@ -143,6 +139,7 @@ class ShiroConfig {
|
|
|
"/api/**" to "canon", // api 免登陆
|
|
|
"/ws/**" to "canon", // websocket 免登陆
|
|
|
"/" to "canon",
|
|
|
+ "/v1/login/**" to "canon",
|
|
|
////////////////////// 静态资源 /////////////////////
|
|
|
"/v2/api-docs" to "canon",
|
|
|
"/swagger-resources/**" to "anon",
|
|
@@ -154,7 +151,7 @@ class ShiroConfig {
|
|
|
"/**/favicon.*" to "anon",
|
|
|
"/eureka/**" to "anon",
|
|
|
////////////////////// 静态资源 /////////////////////
|
|
|
- "/**" to "cors,authc,perms" // 对于其他未配置的所有url 先设置cors头 再进行登陆判定 最后判定权限
|
|
|
+ "/**" to "cors,jwt,authc" // 对于其他未配置的所有url 先设置cors头 再进行登陆判定 最后判定权限
|
|
|
)
|
|
|
}
|
|
|
}
|