!120 在操作日志中记录用户登录成功&退出日志

Merge pull request !120 from zhangran/master

pig-auth/pom.xml

@@ -78,6 +78,11 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-undertow</artifactId>
 		</dependency>
+		<!-- log -->
+		<dependency>
+			<groupId>com.pig4cloud</groupId>
+			<artifactId>pig-common-log</artifactId>
+		</dependency>
 	</dependencies>
 
 	<build>

pig-auth/src/main/java/com/pig4cloud/pig/auth/endpoint/PigTokenEndpoint.java

@@ -19,9 +19,12 @@ package com.pig4cloud.pig.auth.endpoint;
 import cn.hutool.core.map.MapUtil;
 import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
+import com.pig4cloud.pig.auth.handler.PigLogoutSuccessEventHandler;
 import com.pig4cloud.pig.common.core.constant.CacheConstants;
 import com.pig4cloud.pig.common.core.constant.CommonConstants;
 import com.pig4cloud.pig.common.core.util.R;
+import com.pig4cloud.pig.common.core.util.SpringContextHolder;
+import com.pig4cloud.pig.common.log.event.SysLogEvent;
 import com.pig4cloud.pig.common.security.annotation.Inner;
 import com.pig4cloud.pig.common.security.util.SecurityUtils;
 import lombok.RequiredArgsConstructor;
@@ -35,6 +38,8 @@ import org.springframework.data.redis.serializer.JdkSerializationRedisSerializer
 import org.springframework.data.redis.serializer.RedisSerializer;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 import org.springframework.http.HttpHeaders;
+import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
+import org.springframework.security.authentication.event.LogoutSuccessEvent;
 import org.springframework.security.oauth2.common.OAuth2AccessToken;
 import org.springframework.security.oauth2.common.OAuth2RefreshToken;
 import org.springframework.security.oauth2.provider.AuthorizationRequest;
@@ -142,6 +147,9 @@ public class PigTokenEndpoint {
 		// 清空 refresh token
 		OAuth2RefreshToken refreshToken = accessToken.getRefreshToken();
 		tokenStore.removeRefreshToken(refreshToken);
+
+		//处理自定义退出事件，保存相关日志
+		SpringContextHolder.publishEvent(new LogoutSuccessEvent(auth2Authentication));
 		return R.ok();
 	}
 

pig-auth/src/main/java/com/pig4cloud/pig/auth/handler/PigAuthenticationFailureEvenHandler.java

@@ -16,6 +16,11 @@
 
 package com.pig4cloud.pig.auth.handler;
 
+import com.pig4cloud.pig.admin.api.entity.SysLog;
+import com.pig4cloud.pig.common.core.util.SpringContextHolder;
+import com.pig4cloud.pig.common.log.event.SysLogEvent;
+import com.pig4cloud.pig.common.log.util.LogTypeEnum;
+import com.pig4cloud.pig.common.log.util.SysLogUtils;
 import com.pig4cloud.pig.common.security.handler.AbstractAuthenticationFailureEvenHandler;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.Authentication;
@@ -39,6 +44,15 @@ public class PigAuthenticationFailureEvenHandler extends AbstractAuthenticationF
 	@Override
 	public void handle(AuthenticationException authenticationException, Authentication authentication) {
 		log.info("用户：{} 登录失败，异常：{}", authentication.getPrincipal(), authenticationException.getLocalizedMessage());
+		SysLog logVo = SysLogUtils.getSysLog();
+		logVo.setTitle("登录失败");
+		logVo.setType(LogTypeEnum.ERROR.getType());
+		logVo.setException(authenticationException.getMessage());
+		// 发送异步日志事件
+		Long startTime = System.currentTimeMillis();
+		Long endTime = System.currentTimeMillis();
+		logVo.setTime(endTime - startTime);
+		SpringContextHolder.publishEvent(new SysLogEvent(logVo));
 	}
 
 }

pig-auth/src/main/java/com/pig4cloud/pig/auth/handler/PigAuthenticationSuccessEventHandler.java

@@ -16,6 +16,10 @@
 
 package com.pig4cloud.pig.auth.handler;
 
+import com.pig4cloud.pig.admin.api.entity.SysLog;
+import com.pig4cloud.pig.common.core.util.SpringContextHolder;
+import com.pig4cloud.pig.common.log.event.SysLogEvent;
+import com.pig4cloud.pig.common.log.util.SysLogUtils;
 import com.pig4cloud.pig.common.security.handler.AbstractAuthenticationSuccessEventHandler;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.Authentication;
@@ -38,6 +42,13 @@ public class PigAuthenticationSuccessEventHandler extends AbstractAuthentication
 	@Override
 	public void handle(Authentication authentication) {
 		log.info("用户：{} 登录成功", authentication.getPrincipal());
+		SysLog logVo = SysLogUtils.getSysLog();
+		logVo.setTitle("登录成功");
+		// 发送异步日志事件
+		Long startTime = System.currentTimeMillis();
+		Long endTime = System.currentTimeMillis();
+		logVo.setTime(endTime - startTime);
+		SpringContextHolder.publishEvent(new SysLogEvent(logVo));
 	}
 
 }

pig-auth/src/main/java/com/pig4cloud/pig/auth/handler/PigLogoutSuccessEventHandler.java

@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2020 pig4cloud Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.pig4cloud.pig.auth.handler;
+
+import com.pig4cloud.pig.admin.api.entity.SysLog;
+import com.pig4cloud.pig.common.core.util.SpringContextHolder;
+import com.pig4cloud.pig.common.log.event.SysLogEvent;
+import com.pig4cloud.pig.common.log.util.SysLogUtils;
+import com.pig4cloud.pig.common.security.handler.AbstractLogoutSuccessEventHandler;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails;
+import org.springframework.stereotype.Component;
+
+/**
+ * @author zhangran
+ * @date 2021/6/23
+ */
+@Slf4j
+@Component
+public class PigLogoutSuccessEventHandler extends AbstractLogoutSuccessEventHandler {
+
+	/**
+	 * 处理退出成功方法
+	 * <p>
+	 * 获取到登录的authentication 对象
+	 *
+	 * @param authentication 登录对象
+	 */
+	@Override
+	public void handle(Authentication authentication) {
+		log.info("用户：{} 退出成功", authentication.getPrincipal());
+		SysLog logVo = SysLogUtils.getSysLog();
+		logVo.setTitle("退出成功");
+		OAuth2AuthenticationDetails authenticationDetails = (OAuth2AuthenticationDetails) authentication.getDetails();
+		logVo.setParams(authenticationDetails == null ? null : authenticationDetails.getTokenValue());
+		// 发送异步日志事件
+		Long startTime = System.currentTimeMillis();
+		Long endTime = System.currentTimeMillis();
+		logVo.setTime(endTime - startTime);
+		SpringContextHolder.publishEvent(new SysLogEvent(logVo));
+	}
+
+}

pig-common/pig-common-security/src/main/java/com/pig4cloud/pig/common/security/handler/AbstractLogoutSuccessEventHandler.java

@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2020 pig4cloud Authors. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.pig4cloud.pig.common.security.handler;
+
+import cn.hutool.core.collection.CollUtil;
+import org.springframework.context.ApplicationListener;
+import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
+import org.springframework.security.authentication.event.LogoutSuccessEvent;
+import org.springframework.security.core.Authentication;
+
+/**
+ * @author zhangran
+ * @date 2021/6/23 退出成功事件处理器
+ */
+public abstract class AbstractLogoutSuccessEventHandler
+		implements ApplicationListener<LogoutSuccessEvent> {
+
+	/**
+	 * Handle an application event.
+	 * @param event the event to respond to
+	 */
+	@Override
+	public void onApplicationEvent(LogoutSuccessEvent event) {
+		Authentication authentication = (Authentication) event.getSource();
+		if (CollUtil.isNotEmpty(authentication.getAuthorities())) {
+			handle(authentication);
+		}
+	}
+
+	/**
+	 * 处理退出成功方法
+	 * <p>
+	 * 获取到登录的authentication 对象
+	 * @param authentication 登录对象
+	 */
+	public abstract void handle(Authentication authentication);
+
+}