bugfix:网关鉴权BUG修复
This commit is contained in:
舒洪凡ShuHongFan
@@ -3,6 +3,7 @@ package com.sl.gateway.filter;
|
||||
import com.itheima.auth.sdk.dto.AuthUserInfoDTO;
|
||||
import com.itheima.auth.sdk.service.TokenCheckService;
|
||||
import com.sl.gateway.config.MyConfig;
|
||||
import com.sl.transport.common.util.JwtUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.cloud.gateway.filter.GatewayFilter;
|
||||
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
|
||||
|
||||
@@ -4,12 +4,14 @@ import com.itheima.auth.sdk.dto.AuthUserInfoDTO;
|
||||
import com.sl.gateway.config.MyConfig;
|
||||
import com.sl.gateway.properties.JwtProperties;
|
||||
import com.sl.transport.common.constant.Constants;
|
||||
import com.sl.transport.common.util.JwtUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.cloud.gateway.filter.GatewayFilter;
|
||||
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* 用户端token拦截处理
|
||||
@@ -32,7 +34,21 @@ public class CustomerTokenGatewayFilterFactory extends AbstractGatewayFilterFact
|
||||
@Override
|
||||
public AuthUserInfoDTO check(String token) {
|
||||
// 普通用户的token没有对接权限系统,需要自定实现
|
||||
return null;
|
||||
try {
|
||||
// 基于JwtUtils解析token获取Claims内容
|
||||
Map<String, Object> claims = JwtUtils.checkToken(jwtProperties.getPublicKey(), token);
|
||||
|
||||
// 在解析的内容中获取用户ID
|
||||
Long userId = (Long) claims.get("userId");
|
||||
|
||||
// 封装AuthUserInfoDTO对象返回
|
||||
AuthUserInfoDTO authUserInfoDTO = new AuthUserInfoDTO();
|
||||
authUserInfoDTO.setUserId(userId);
|
||||
return authUserInfoDTO;
|
||||
} catch (Exception e) {
|
||||
log.error(">>>>>>>>>>>>>>>>>> 解析用户登录token失败 >>>>>>>>>>>>>>>>");
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -1,13 +1,20 @@
|
||||
package com.sl.gateway.filter;
|
||||
|
||||
import cn.hutool.core.collection.CollUtil;
|
||||
import com.itheima.auth.factory.AuthTemplateFactory;
|
||||
import com.itheima.auth.sdk.AuthTemplate;
|
||||
import com.itheima.auth.sdk.common.Result;
|
||||
import com.itheima.auth.sdk.dto.AuthUserInfoDTO;
|
||||
import com.itheima.auth.sdk.service.TokenCheckService;
|
||||
import com.sl.gateway.config.MyConfig;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.cloud.gateway.filter.GatewayFilter;
|
||||
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 后台管理员token拦截处理
|
||||
@@ -17,9 +24,13 @@ public class ManagerTokenGatewayFilterFactory extends AbstractGatewayFilterFacto
|
||||
|
||||
@Resource
|
||||
private MyConfig myConfig;
|
||||
|
||||
@Resource
|
||||
private TokenCheckService tokenCheckService;
|
||||
|
||||
@Value("${role.manager}")
|
||||
private List<Long> managerRoleIds;
|
||||
|
||||
@Override
|
||||
public GatewayFilter apply(Object config) {
|
||||
//由于实现了AuthFilter接口,所以可以传递this对象到TokenGatewayFilter中
|
||||
@@ -34,6 +45,18 @@ public class ManagerTokenGatewayFilterFactory extends AbstractGatewayFilterFacto
|
||||
|
||||
@Override
|
||||
public Boolean auth(String token, AuthUserInfoDTO authUserInfoDTO, String path) {
|
||||
return true;
|
||||
// 获取AuthTemplate对象
|
||||
AuthTemplate authTemplate = AuthTemplateFactory.get(token);
|
||||
|
||||
// 查询登录用户对应的角色id
|
||||
Result<List<Long>> roleByUserId = authTemplate.opsForRole().findRoleByUserId(authUserInfoDTO.getUserId());
|
||||
List<Long> roleIds = roleByUserId.getData();
|
||||
|
||||
// 和配置的访问角色 取交集
|
||||
Collection<Long> intersection = CollUtil.intersection(roleIds, managerRoleIds);
|
||||
|
||||
// 判断是否有交集即可判断出是否有权限
|
||||
return CollUtil.isNotEmpty(intersection);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -34,7 +34,7 @@ public class AuthTemplateTest {
|
||||
public void testLogin() {
|
||||
//登录
|
||||
Result<LoginDTO> result = this.authTemplate.opsForLogin()
|
||||
.token("zhangsan", "123456");
|
||||
.token("sl001", "123456");
|
||||
|
||||
String token = result.getData().getToken().getToken();
|
||||
System.out.println("token为:" + token);
|
||||
@@ -51,7 +51,7 @@ public class AuthTemplateTest {
|
||||
@Test
|
||||
public void checkToken() {
|
||||
//上面方法中生成的token
|
||||
String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDAyNjIxMzAwOTkwMDc2NzA1IiwiYWNjb3VudCI6InpoYW5nc2FuIiwibmFtZSI6IuW8oOS4iSIsIm9yZ2lkIjoxMDAyNjE5NTU4MzU3NDI1OTUzLCJzdGF0aW9uaWQiOjk4MTIyMzcwMzMzNTQxMDYyNSwiYWRtaW5pc3RyYXRvciI6ZmFsc2UsImV4cCI6MTY1OTEzNDA0MH0.WBZaeBvmuw202raw7JvvHnIMpST28d0gv6ufVDenL_iGQwdClucUfd3YPLg9BLoiosaP16SEuB1nM_-HWl8rUA";
|
||||
String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDI1NDI4Njg3MzEyNjg0OTI5IiwiYWNjb3VudCI6InNsMDAxIiwibmFtZSI6IuW8oOaIkOmjniIsIm9yZ2lkIjoxMDI0NzA0ODQ0NDg2NzU2NjQxLCJzdGF0aW9uaWQiOjEwMjQ3MDU0ODk0MzY0OTQ3MjEsImFkbWluaXN0cmF0b3IiOmZhbHNlLCJleHAiOjE2OTYzNjMwNDF9.kOtK7uEGXOqCQIqFYV88ITie-_ppcooX3nrs4ojSYsCB0ir0JBx_eO1WWw5Mqw0K3sVSf6-Rfxu-Dpr-IhRTgA";
|
||||
AuthUserInfoDTO authUserInfo = this.tokenCheckService.parserToken(token);
|
||||
System.out.println(authUserInfo);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user