From bca3a41edc96111d2720f5a4de90e138f69aa955 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=8E=8B=E7=9A=93=E9=9B=AF?= <18868469283@qq.com>
Date: Thu, 10 Jan 2019 09:58:48 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BB=A3=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/com/sock/mall/config/OssConfig.java  |  23 +++
 .../com/sock/mall/config/SecurityConfig.java  | 133 ++++++++++++++++++
 .../com/sock/mall/config/Swagger2Config.java  |  38 +++++
 3 files changed, 194 insertions(+)
 create mode 100644 ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/OssConfig.java
 create mode 100644 ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/SecurityConfig.java
 create mode 100644 ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/Swagger2Config.java

diff --git a/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/OssConfig.java b/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/OssConfig.java
new file mode 100644
index 0000000..dddc53a
--- /dev/null
+++ b/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/OssConfig.java
@@ -0,0 +1,23 @@
+package com.macro.mall.config;
+
+import com.aliyun.oss.OSSClient;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * Created by macro on 2018/5/17.
+ */
+@Configuration
+public class OssConfig {//°¢ÀïÔÆOSSÅäÖÃÀà£¬ÓÃÀ´»ñÈ¡»ù±¾ÐÅÏ¢
+    @Value("${aliyun.oss.endpoint}")
+    private String ALIYUN_OSS_ENDPOINT;//OSS¶Ë¿Ú
+    @Value("${aliyun.oss.accessKeyId}")
+    private String ALIYUN_OSS_ACCESSKEYID;//·ÃÎÊÃÜÔ¿ID
+    @Value("${aliyun.oss.accessKeySecret}")
+    private String ALIYUN_OSS_ACCESSKEYSECRET;//¸½ÊôÃÜÔ¿
+    @Bean
+    public OSSClient ossClient(){//OSS·þÎñµÄjava¿Í»§¶Ë£¬ÓëOSS·þÎñ½øÐÐ½»»¥
+        return new OSSClient(ALIYUN_OSS_ENDPOINT,ALIYUN_OSS_ACCESSKEYID,ALIYUN_OSS_ACCESSKEYSECRET);
+    }
+}
\ No newline at end of file
diff --git a/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/SecurityConfig.java b/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/SecurityConfig.java
new file mode 100644
index 0000000..5069ac1
--- /dev/null
+++ b/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/SecurityConfig.java
@@ -0,0 +1,133 @@
+package com.macro.mall.config;
+
+import com.macro.mall.bo.AdminUserDetails;
+import com.macro.mall.component.JwtAuthenticationTokenFilter;
+import com.macro.mall.component.RestAuthenticationEntryPoint;
+import com.macro.mall.component.RestfulAccessDeniedHandler;
+import com.macro.mall.model.UmsAdmin;
+import com.macro.mall.model.UmsPermission;
+import com.macro.mall.service.UmsAdminService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
+import org.springframework.security.authentication.encoding.Md5PasswordEncoder;
+import org.springframework.security.authentication.encoding.PasswordEncoder;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+
+import java.util.List;
+
+
+/**
+ * SpringSecurityµÄÅäÖÃ
+ * Created by macro on 2018/4/26.
+ */
+@Configuration//Configure·½·¨£ºÓÃÀ´ÅäÖÃ·ÃÎÊ×ÊÔ´¶ÔÓ¦µÄÈ¨ÏÞ
+@EnableWebSecurity//¿ªÆôSpring Security:ÔÚÅäÖÃÀàÍ·ÉÏ¼Ó×¢½â@EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled=true)
+public class SecurityConfig extends WebSecurityConfigurerAdapter {//SecurityConfigÀà
+    @Autowired
+    private UmsAdminService adminService;//·þÎñ
+    @Autowired
+    private RestfulAccessDeniedHandler restfulAccessDeniedHandler;//±»¾Ü¾øÕß
+    @Autowired
+    private RestAuthenticationEntryPoint restAuthenticationEntryPoint;//ÖØÐÂÈÏÖ¤
+
+    @Override
+    protected void configure(HttpSecurity httpSecurity) throws Exception {
+        httpSecurity.csrf()// ÓÉÓÚÊ¹ÓÃµÄÊÇJWT£¬ËùÒÔ²»ÐèÒªcsrf
+                .disable()
+                .sessionManagement()// »ùÓÚtoken£¬Òò´Ë²»ÐèÒªsession
+                .sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and()
+                .authorizeRequests()
+                .antMatchers(HttpMethod.GET, // ÔÊÐí¶ÔÓÚÍøÕ¾¾²Ì¬×ÊÔ´µÄÎÞÊÚÈ¨·ÃÎÊ
+                        "/",
+                        "/*.html",
+                        "/favicon.ico",
+                        "/**/*.html",
+                        "/**/*.css",
+                        "/**/*.js",
+                        "/swagger-resources/**",
+                        "/v2/api-docs/**"
+                )
+                /*permitAll()·½·¨ÉùÃ÷ÔÊÐíÔÚÎ´ÑéÖ¤Ê±ÈÎºÎ·ÃÎÊµ½µÄ×ÊÔ´ºÍURL£¬Èç¹û²»¼ÓÔòÁ¬·ÃÎÊ/login ¶¼»áÒ»Ö±±»ÖØ¶¨Ïò*/
+                .permitAll()
+                .antMatchers("/admin/login", "/admin/register")// ¶ÔµÇÂ¼×¢²áÒªÔÊÐíÄäÃû·ÃÎÊ
+                .permitAll()
+                .antMatchers(HttpMethod.OPTIONS)//¿çÓòÇëÇó»áÏÈ½øÐÐÒ»´ÎoptionsÇëÇó
+                .permitAll()
+                .antMatchers("/**")//²âÊÔÊ±È«²¿ÔËÐÐ·ÃÎÊ
+                .permitAll()
+                .anyRequest()// ³ýÉÏÃæÍâµÄËùÓÐÇëÇóÈ«²¿ÐèÒª¼øÈ¨ÈÏÖ¤
+                .authenticated();
+         /*HttpSecurityÀà£ºÀàËÆXMLÅäÖÃÖÐµÄ<http>ÔªËØ£¬¿ÉÒÔÅäÖÃ»ùÓÚwebµÄ°²È«ÇëÇó,Ä¬ÈÏÏÂ£¬Ëü»á×÷ÓÃÓÚËùÓÐµÄÇëÇó*/
+        // ½ûÓÃ»º´æ
+        httpSecurity.headers().cacheControl();
+        // Ìí¼ÓJWT filter
+        httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
+        //Ìí¼Ó×Ô¶¨ÒåÎ´ÊÚÈ¨ºÍÎ´µÇÂ¼½á¹û·µ»Ø
+        httpSecurity.exceptionHandling()
+                .accessDeniedHandler(restfulAccessDeniedHandler)
+                .authenticationEntryPoint(restAuthenticationEntryPoint);
+    }
+
+    @Override
+    /*Ö»ÓÐÃÜÂëµÇÂ¼²ÅÄÜ·ÃÎÊ*/
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(userDetailsService())
+                .passwordEncoder(passwordEncoder());
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {//ÃÜÂë±àÂë
+        return new Md5PasswordEncoder();
+    }
+
+    @Bean
+    public UserDetailsService userDetailsService() {
+        //»ñÈ¡µÇÂ¼ÓÃ»§ÐÅÏ¢
+        return username -> {
+            UmsAdmin admin = adminService.getAdminByUsername(username);
+            if (admin != null) {
+                List<UmsPermission> permissionList = adminService.getPermissionList(admin.getId());
+                return new AdminUserDetails(admin,permissionList);
+            }
+            throw new UsernameNotFoundException("ÓÃ»§Ãû»òÃÜÂë´íÎó");
+        };
+    }
+
+    @Bean
+    public JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter(){
+        return new JwtAuthenticationTokenFilter();//·µ»ØÐÂµÄ¹ýÂËÆ÷Àà
+    }
+
+    /**
+     * ÔÊÐí¿çÓòµ÷ÓÃµÄ¹ýÂËÆ÷
+     */
+    @Bean
+    public CorsFilter corsFilter() {
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        CorsConfiguration config = new CorsConfiguration();
+        config.addAllowedOrigin("*");//Ôö¼Ó
+        config.setAllowCredentials(true);//ÉèÖÃ
+        config.addAllowedHeader("*");
+        config.addAllowedMethod("*");
+        source.registerCorsConfiguration("/**", config);
+        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
+        bean.setOrder(0);
+        return new CorsFilter(source);//·µ»ØÐÂµÄ¹ýÂËÆ÷µÄÖµ
+    }
+}
diff --git a/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/Swagger2Config.java b/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/Swagger2Config.java
new file mode 100644
index 0000000..d5f372b
--- /dev/null
+++ b/ä»£ç åº“/mall-admin/src/main/java/com/sock/mall/config/Swagger2Config.java
@@ -0,0 +1,38 @@
+package com.macro.mall.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import springfox.documentation.builders.ApiInfoBuilder;
+import springfox.documentation.builders.PathSelectors;
+import springfox.documentation.builders.RequestHandlerSelectors;
+import springfox.documentation.service.ApiInfo;
+import springfox.documentation.spi.DocumentationType;
+import springfox.documentation.spring.web.plugins.Docket;
+import springfox.documentation.swagger2.annotations.EnableSwagger2;
+
+/**
+ * Swagger2APIÎÄµµµÄÅäÖÃ
+ * Created by macro on 2018/4/26.
+ */
+@Configuration
+@EnableSwagger2
+public class Swagger2Config {//swagger2ÅäÖÃ
+    @Bean
+    public Docket createRestApi(){
+        return new Docket(DocumentationType.SWAGGER_2)//±êÇ©
+                .apiInfo(apiInfo())
+                .select()
+                .apis(RequestHandlerSelectors.basePackage("com.macro.mall.controller"))
+                .paths(PathSelectors.any())
+                .build();
+    }
+/*×Ô¶¨Òå·µ»ØÐÅÏ¢*/
+    private ApiInfo apiInfo() {
+        return new ApiInfoBuilder()
+                .title("mallºóÌ¨ÏµÍ³")
+                .description("mallºóÌ¨Ä£¿é")
+                .contact("macro")
+                .version("1.0")
+                .build();
+    }
+}
\ No newline at end of file