bugfix:网关鉴权BUG修复

This commit is contained in:
舒洪凡ShuHongFan 2023-10-03 16:23:46 +08:00
parent 8d3d6df5e7
commit 50f0b9fb31
5 changed files with 45 additions and 4 deletions

View File

@ -2,6 +2,7 @@
<project version="4"> <project version="4">
<component name="CompilerConfiguration"> <component name="CompilerConfiguration">
<annotationProcessing> <annotationProcessing>
<profile default="true" name="Default" enabled="true" />
<profile name="Maven default annotation processors profile" enabled="true"> <profile name="Maven default annotation processors profile" enabled="true">
<sourceOutputDir name="target/generated-sources/annotations" /> <sourceOutputDir name="target/generated-sources/annotations" />
<sourceTestOutputDir name="target/generated-test-sources/test-annotations" /> <sourceTestOutputDir name="target/generated-test-sources/test-annotations" />

View File

@ -3,6 +3,7 @@ package com.sl.gateway.filter;
import com.itheima.auth.sdk.dto.AuthUserInfoDTO; import com.itheima.auth.sdk.dto.AuthUserInfoDTO;
import com.itheima.auth.sdk.service.TokenCheckService; import com.itheima.auth.sdk.service.TokenCheckService;
import com.sl.gateway.config.MyConfig; import com.sl.gateway.config.MyConfig;
import com.sl.transport.common.util.JwtUtils;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.cloud.gateway.filter.GatewayFilter; import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;

View File

@ -4,12 +4,14 @@ import com.itheima.auth.sdk.dto.AuthUserInfoDTO;
import com.sl.gateway.config.MyConfig; import com.sl.gateway.config.MyConfig;
import com.sl.gateway.properties.JwtProperties; import com.sl.gateway.properties.JwtProperties;
import com.sl.transport.common.constant.Constants; import com.sl.transport.common.constant.Constants;
import com.sl.transport.common.util.JwtUtils;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.springframework.cloud.gateway.filter.GatewayFilter; import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import javax.annotation.Resource; import javax.annotation.Resource;
import java.util.Map;
/** /**
* 用户端token拦截处理 * 用户端token拦截处理
@ -32,7 +34,21 @@ public class CustomerTokenGatewayFilterFactory extends AbstractGatewayFilterFact
@Override @Override
public AuthUserInfoDTO check(String token) { public AuthUserInfoDTO check(String token) {
// 普通用户的token没有对接权限系统需要自定实现 // 普通用户的token没有对接权限系统需要自定实现
return null; try {
// 基于JwtUtils解析token获取Claims内容
Map<String, Object> claims = JwtUtils.checkToken(jwtProperties.getPublicKey(), token);
// 在解析的内容中获取用户ID
Long userId = (Long) claims.get("userId");
// 封装AuthUserInfoDTO对象返回
AuthUserInfoDTO authUserInfoDTO = new AuthUserInfoDTO();
authUserInfoDTO.setUserId(userId);
return authUserInfoDTO;
} catch (Exception e) {
log.error(">>>>>>>>>>>>>>>>>> 解析用户登录token失败 >>>>>>>>>>>>>>>>");
return null;
}
} }
@Override @Override

View File

@ -1,13 +1,20 @@
package com.sl.gateway.filter; package com.sl.gateway.filter;
import cn.hutool.core.collection.CollUtil;
import com.itheima.auth.factory.AuthTemplateFactory;
import com.itheima.auth.sdk.AuthTemplate;
import com.itheima.auth.sdk.common.Result;
import com.itheima.auth.sdk.dto.AuthUserInfoDTO; import com.itheima.auth.sdk.dto.AuthUserInfoDTO;
import com.itheima.auth.sdk.service.TokenCheckService; import com.itheima.auth.sdk.service.TokenCheckService;
import com.sl.gateway.config.MyConfig; import com.sl.gateway.config.MyConfig;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.gateway.filter.GatewayFilter; import org.springframework.cloud.gateway.filter.GatewayFilter;
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory; import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import javax.annotation.Resource; import javax.annotation.Resource;
import java.util.Collection;
import java.util.List;
/** /**
* 后台管理员token拦截处理 * 后台管理员token拦截处理
@ -17,9 +24,13 @@ public class ManagerTokenGatewayFilterFactory extends AbstractGatewayFilterFacto
@Resource @Resource
private MyConfig myConfig; private MyConfig myConfig;
@Resource @Resource
private TokenCheckService tokenCheckService; private TokenCheckService tokenCheckService;
@Value("${role.manager}")
private List<Long> managerRoleIds;
@Override @Override
public GatewayFilter apply(Object config) { public GatewayFilter apply(Object config) {
//由于实现了AuthFilter接口所以可以传递this对象到TokenGatewayFilter中 //由于实现了AuthFilter接口所以可以传递this对象到TokenGatewayFilter中
@ -34,6 +45,18 @@ public class ManagerTokenGatewayFilterFactory extends AbstractGatewayFilterFacto
@Override @Override
public Boolean auth(String token, AuthUserInfoDTO authUserInfoDTO, String path) { public Boolean auth(String token, AuthUserInfoDTO authUserInfoDTO, String path) {
return true; // 获取AuthTemplate对象
AuthTemplate authTemplate = AuthTemplateFactory.get(token);
// 查询登录用户对应的角色id
Result<List<Long>> roleByUserId = authTemplate.opsForRole().findRoleByUserId(authUserInfoDTO.getUserId());
List<Long> roleIds = roleByUserId.getData();
// 和配置的访问角色 取交集
Collection<Long> intersection = CollUtil.intersection(roleIds, managerRoleIds);
// 判断是否有交集即可判断出是否有权限
return CollUtil.isNotEmpty(intersection);
} }
} }

View File

@ -34,7 +34,7 @@ public class AuthTemplateTest {
public void testLogin() { public void testLogin() {
//登录 //登录
Result<LoginDTO> result = this.authTemplate.opsForLogin() Result<LoginDTO> result = this.authTemplate.opsForLogin()
.token("zhangsan", "123456"); .token("sl001", "123456");
String token = result.getData().getToken().getToken(); String token = result.getData().getToken().getToken();
System.out.println("token为" + token); System.out.println("token为" + token);
@ -51,7 +51,7 @@ public class AuthTemplateTest {
@Test @Test
public void checkToken() { public void checkToken() {
//上面方法中生成的token //上面方法中生成的token
String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDAyNjIxMzAwOTkwMDc2NzA1IiwiYWNjb3VudCI6InpoYW5nc2FuIiwibmFtZSI6IuW8oOS4iSIsIm9yZ2lkIjoxMDAyNjE5NTU4MzU3NDI1OTUzLCJzdGF0aW9uaWQiOjk4MTIyMzcwMzMzNTQxMDYyNSwiYWRtaW5pc3RyYXRvciI6ZmFsc2UsImV4cCI6MTY1OTEzNDA0MH0.WBZaeBvmuw202raw7JvvHnIMpST28d0gv6ufVDenL_iGQwdClucUfd3YPLg9BLoiosaP16SEuB1nM_-HWl8rUA"; String token = "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIxMDI1NDI4Njg3MzEyNjg0OTI5IiwiYWNjb3VudCI6InNsMDAxIiwibmFtZSI6IuW8oOaIkOmjniIsIm9yZ2lkIjoxMDI0NzA0ODQ0NDg2NzU2NjQxLCJzdGF0aW9uaWQiOjEwMjQ3MDU0ODk0MzY0OTQ3MjEsImFkbWluaXN0cmF0b3IiOmZhbHNlLCJleHAiOjE2OTYzNjMwNDF9.kOtK7uEGXOqCQIqFYV88ITie-_ppcooX3nrs4ojSYsCB0ir0JBx_eO1WWw5Mqw0K3sVSf6-Rfxu-Dpr-IhRTgA";
AuthUserInfoDTO authUserInfo = this.tokenCheckService.parserToken(token); AuthUserInfoDTO authUserInfo = this.tokenCheckService.parserToken(token);
System.out.println(authUserInfo); System.out.println(authUserInfo);