代码

6 years ago · bca3a41edc
parent 43f3cdff2d
commit bca3a41edc
3 changed files with 194 additions and 0 deletions
--- a/代码库/mall-admin/src/main/java/com/sock/mall/config/OssConfig.java
+++ b/代码库/mall-admin/src/main/java/com/sock/mall/config/OssConfig.java
@ -0,0 +1,23 @@
+package com.macro.mall.config;
+
+import com.aliyun.oss.OSSClient;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * Created by macro on 2018/5/17.
+ */
+@Configuration
+public class OssConfig {//阿里云OSS配置类，用来获取基本信息
+    @Value("${aliyun.oss.endpoint}")
+    private String ALIYUN_OSS_ENDPOINT;//OSS端口
+    @Value("${aliyun.oss.accessKeyId}")
+    private String ALIYUN_OSS_ACCESSKEYID;//访问密钥ID
+    @Value("${aliyun.oss.accessKeySecret}")
+    private String ALIYUN_OSS_ACCESSKEYSECRET;//附属密钥
+    @Bean
+    public OSSClient ossClient(){//OSS服务的java客户端，与OSS服务进行交互
+        return new OSSClient(ALIYUN_OSS_ENDPOINT,ALIYUN_OSS_ACCESSKEYID,ALIYUN_OSS_ACCESSKEYSECRET);
+    }
+}
--- a/代码库/mall-admin/src/main/java/com/sock/mall/config/SecurityConfig.java
+++ b/代码库/mall-admin/src/main/java/com/sock/mall/config/SecurityConfig.java
@ -0,0 +1,133 @@
+package com.macro.mall.config;
+
+import com.macro.mall.bo.AdminUserDetails;
+import com.macro.mall.component.JwtAuthenticationTokenFilter;
+import com.macro.mall.component.RestAuthenticationEntryPoint;
+import com.macro.mall.component.RestfulAccessDeniedHandler;
+import com.macro.mall.model.UmsAdmin;
+import com.macro.mall.model.UmsPermission;
+import com.macro.mall.service.UmsAdminService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
+import org.springframework.security.authentication.encoding.PasswordEncoder;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+
+import java.util.List;
+
+
+/**
+ * SpringSecurity的配置
+ * Created by macro on 2018/4/26.
+ */
+@Configuration//Configure方法：用来配置访问资源对应的权限
+@EnableWebSecurity//开启Spring Security:在配置类头上加注解@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled=true)
+public class SecurityConfig extends WebSecurityConfigurerAdapter {//SecurityConfig类
+    @Autowired
+    private UmsAdminService adminService;//服务
+    @Autowired
+    private RestfulAccessDeniedHandler restfulAccessDeniedHandler;//被拒绝者
+    @Autowired
+    private RestAuthenticationEntryPoint restAuthenticationEntryPoint;//重新认证
+
+    @Override
+    protected void configure(HttpSecurity httpSecurity) throws Exception {
+        httpSecurity.csrf()// 由于使用的是JWT，所以不需要csrf
+                .disable()
+                .sessionManagement()// 基于token，因此不需要session
+                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and()
+                .authorizeRequests()
+                .antMatchers(HttpMethod.GET, // 允许对于网站静态资源的无授权访问
+                        "/",
+                        "/*.html",
+                        "/favicon.ico",
+                        "/**/*.html",
+                        "/**/*.css",
+                        "/**/*.js",
+                        "/swagger-resources/**",
+                        "/v2/api-docs/**"
+                )
+                /*permitAll()方法声明允许在未验证时任何访问到的资源和URL，如果不加则连访问/login 都会一直被重定向*/
+                .permitAll()
+                .antMatchers("/admin/login", "/admin/register")// 对登录注册要允许匿名访问
+                .permitAll()
+                .antMatchers(HttpMethod.OPTIONS)//跨域请求会先进行一次options请求
+                .permitAll()
+                .antMatchers("/**")//测试时全部运行访问
+                .permitAll()
+                .anyRequest()// 除上面外的所有请求全部需要鉴权认证
+                .authenticated();
+         /*HttpSecurity类：类似XML配置中的<http>元素，可以配置基于web的安全请求,默认下，它会作用于所有的请求*/
+        // 禁用缓存
+        httpSecurity.headers().cacheControl();
+        // 添加JWT filter
+        httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
+        //添加自定义未授权和未登录结果返回
+        httpSecurity.exceptionHandling()
+                .accessDeniedHandler(restfulAccessDeniedHandler)
+                .authenticationEntryPoint(restAuthenticationEntryPoint);
+    }
+
+    @Override
+    /*只有密码登录才能访问*/
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(userDetailsService())
+                .passwordEncoder(passwordEncoder());
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {//密码编码
+        return new Md5PasswordEncoder();
+    }
+
+    @Bean
+    public UserDetailsService userDetailsService() {
+        //获取登录用户信息
+        return username -> {
+            UmsAdmin admin = adminService.getAdminByUsername(username);
+            if (admin != null) {
+                List<UmsPermission> permissionList = adminService.getPermissionList(admin.getId());
+                return new AdminUserDetails(admin,permissionList);
+            }
+            throw new UsernameNotFoundException("用户名或密码错误");
+        };
+    }
+
+    @Bean
+    public JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter(){
+        return new JwtAuthenticationTokenFilter();//返回新的过滤器类
+    }
+
+    /**
+     * 允许跨域调用的过滤器
+     */
+    @Bean
+    public CorsFilter corsFilter() {
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        CorsConfiguration config = new CorsConfiguration();
+        config.addAllowedOrigin("*");//增加
+        config.setAllowCredentials(true);//设置
+        config.addAllowedHeader("*");
+        config.addAllowedMethod("*");
+        source.registerCorsConfiguration("/**", config);
+        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
+        bean.setOrder(0);
+        return new CorsFilter(source);//返回新的过滤器的值
+    }
+}
--- a/代码库/mall-admin/src/main/java/com/sock/mall/config/Swagger2Config.java
+++ b/代码库/mall-admin/src/main/java/com/sock/mall/config/Swagger2Config.java
@ -0,0 +1,38 @@
+package com.macro.mall.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import springfox.documentation.builders.ApiInfoBuilder;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.service.ApiInfo;
+import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.swagger2.annotations.EnableSwagger2;
+
+/**
+ * Swagger2API文档的配置
+ * Created by macro on 2018/4/26.
+ */
+@Configuration
+@EnableSwagger2
+public class Swagger2Config {//swagger2配置
+    @Bean
+    public Docket createRestApi(){
+        return new Docket(DocumentationType.SWAGGER_2)//标签
+                .apiInfo(apiInfo())
+                .select()
+                .apis(RequestHandlerSelectors.basePackage("com.macro.mall.controller"))
+                .paths(PathSelectors.any())
+                .build();
+    }
+/*自定义返回信息*/
+    private ApiInfo apiInfo() {
+        return new ApiInfoBuilder()
+                .title("mall后台系统")
+                .description("mall后台模块")
+                .contact("macro")
+                .version("1.0")
+                .build();
+    }
+}