mirror of
https://gitee.com/youlaitech/youlai-mall.git
synced 2024-12-23 05:00:25 +08:00
fix:网关启动问题
This commit is contained in:
haoxr
parent
2af3e2f493
commit
2f1d7be32b
@ -108,12 +108,8 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
|
||||
|
||||
routeVO.setName(menu.getRouteName()); // 根据name路由跳转 this.$router.push({path:xxx})
|
||||
routeVO.setPath(menu.getRoutePath()); // 根据path路由跳转 this.$router.push({name:xxx})
|
||||
|
||||
if (SystemConstants.ROOT_MENU_ID.equals(parentId)) {
|
||||
routeVO.setComponent("Layout");
|
||||
} else {
|
||||
routeVO.setComponent(menu.getComponent());
|
||||
}
|
||||
routeVO.setRedirect(menu.getRedirect());
|
||||
routeVO.setComponent(menu.getComponent());
|
||||
routeVO.setRedirect(menu.getRedirect());
|
||||
routeVO.setMeta(routeVO.new Meta(
|
||||
menu.getName(),
|
||||
|
||||
@ -93,7 +93,6 @@ public class ResourceServerConfig {
|
||||
}
|
||||
|
||||
/**
|
||||
* @return
|
||||
* @link https://blog.csdn.net/qq_24230139/article/details/105091273
|
||||
* ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication
|
||||
* 需要把jwt的Claim中的authorities加入
|
||||
|
||||
@ -3,13 +3,10 @@ package com.youlai.gateway.security;
|
||||
import cn.hutool.core.collection.CollectionUtil;
|
||||
import cn.hutool.core.convert.Convert;
|
||||
import cn.hutool.core.util.StrUtil;
|
||||
import cn.hutool.json.JSON;
|
||||
import cn.hutool.json.JSONObject;
|
||||
import cn.hutool.json.JSONUtil;
|
||||
import com.youlai.common.constant.AuthConstants;
|
||||
import com.youlai.common.constant.GlobalConstants;
|
||||
import com.youlai.gateway.component.AdminRoleLocalCache;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.data.redis.core.RedisTemplate;
|
||||
@ -36,16 +33,17 @@ import java.util.Set;
|
||||
* @date 2020-05-01
|
||||
*/
|
||||
@Component
|
||||
@AllArgsConstructor
|
||||
@RequiredArgsConstructor
|
||||
@Slf4j
|
||||
public class ResourceServerManager implements ReactiveAuthorizationManager<AuthorizationContext> {
|
||||
|
||||
private RedisTemplate redisTemplate;
|
||||
private AdminRoleLocalCache adminRoleLocalCache;
|
||||
private final RedisTemplate redisTemplate;
|
||||
private final AdminRoleLocalCache adminRoleLocalCache;
|
||||
|
||||
// 是否演示环境
|
||||
@Value("${demo}")
|
||||
private Boolean isDemoEnv;
|
||||
|
||||
@Override
|
||||
public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
|
||||
ServerHttpRequest request = authorizationContext.getExchange().getRequest();
|
||||
@ -72,11 +70,11 @@ public class ResourceServerManager implements ReactiveAuthorizationManager<Autho
|
||||
String restfulPath = request.getMethodValue() + ":" + path;
|
||||
log.info("请求方法:RESTFul请求路径:{}", restfulPath);
|
||||
Map<String, Object> permRolesRules = (Map<String, Object>) adminRoleLocalCache.getCache(GlobalConstants.URL_PERM_ROLES_KEY);
|
||||
if (isDemoEnv){
|
||||
if (isDemoEnv) {
|
||||
// 缓存取【URL权限标识->角色集合】权限规则
|
||||
if(null==permRolesRules){
|
||||
if (null == permRolesRules) {
|
||||
permRolesRules = redisTemplate.opsForHash().entries(GlobalConstants.URL_PERM_ROLES_KEY);
|
||||
adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY,permRolesRules);
|
||||
adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY, permRolesRules);
|
||||
}
|
||||
}
|
||||
|
||||
@ -84,16 +82,19 @@ public class ResourceServerManager implements ReactiveAuthorizationManager<Autho
|
||||
Set<String> hasPermissionRoles = CollectionUtil.newHashSet(); // 【声明定义】有权限的角色集合
|
||||
boolean needToCheck = false; // 【声明定义】是否需要被拦截检查的请求,如果缓存中权限规则中没有任何URL权限标识和此次请求的URL匹配,默认不需要被鉴权
|
||||
|
||||
for (Map.Entry<String, Object> permRoles : permRolesRules.entrySet()) {
|
||||
String perm = permRoles.getKey(); // 缓存权限规则的键:URL权限标识
|
||||
if (pathMatcher.match(perm, restfulPath)) {
|
||||
List<String> roles = Convert.toList(String.class, permRoles.getValue()); // 缓存权限规则的值:有请求路径访问权限的角色集合
|
||||
hasPermissionRoles.addAll(Convert.toList(String.class, roles));
|
||||
if (needToCheck == false) {
|
||||
needToCheck = true;
|
||||
if (CollectionUtil.isNotEmpty(permRolesRules)) {
|
||||
for (Map.Entry<String, Object> ruleEntry : permRolesRules.entrySet()) {
|
||||
String perm = ruleEntry.getKey(); // 缓存权限规则的键:URL权限标识
|
||||
if (pathMatcher.match(perm, restfulPath)) {
|
||||
List<String> roles = Convert.toList(String.class, ruleEntry.getValue()); // 缓存权限规则的值:有请求路径访问权限的角色集合
|
||||
hasPermissionRoles.addAll(Convert.toList(String.class, roles));
|
||||
if (needToCheck == false) {
|
||||
needToCheck = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
log.info("拥有接口访问权限的角色:{}", hasPermissionRoles.toString());
|
||||
// 没有设置权限规则放行;注:如果默认想拦截所有的请求请移除needToCheck变量逻辑即可,根据需求定制
|
||||
if (needToCheck == false) {
|
||||
|
||||
@ -7,6 +7,7 @@ import com.nimbusds.jose.JWSObject;
|
||||
import com.youlai.common.constant.AuthConstants;
|
||||
import com.youlai.common.result.ResultCode;
|
||||
import com.youlai.gateway.util.ResponseUtils;
|
||||
import lombok.RequiredArgsConstructor;
|
||||
import lombok.SneakyThrows;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.logging.log4j.util.Strings;
|
||||
@ -30,11 +31,11 @@ import reactor.core.publisher.Mono;
|
||||
* @date 2020-06-12
|
||||
*/
|
||||
@Component
|
||||
@RequiredArgsConstructor
|
||||
@Slf4j
|
||||
public class SecurityGlobalFilter implements GlobalFilter, Ordered {
|
||||
|
||||
@Autowired
|
||||
private RedisTemplate redisTemplate;
|
||||
private final RedisTemplate redisTemplate;
|
||||
|
||||
// 是否演示环境
|
||||
@Value("${demo}")
|
||||
|
||||
Loading…
Reference in New Issue
Block a user