mirror of
https://gitee.com/youlaitech/youlai-mall.git
synced 2024-12-23 21:04:29 +08:00
fix:网关启动问题
This commit is contained in:
parent
2af3e2f493
commit
2f1d7be32b
@ -108,12 +108,8 @@ public class SysMenuServiceImpl extends ServiceImpl<SysMenuMapper, SysMenu> impl
|
|||||||
|
|
||||||
routeVO.setName(menu.getRouteName()); // 根据name路由跳转 this.$router.push({path:xxx})
|
routeVO.setName(menu.getRouteName()); // 根据name路由跳转 this.$router.push({path:xxx})
|
||||||
routeVO.setPath(menu.getRoutePath()); // 根据path路由跳转 this.$router.push({name:xxx})
|
routeVO.setPath(menu.getRoutePath()); // 根据path路由跳转 this.$router.push({name:xxx})
|
||||||
|
routeVO.setRedirect(menu.getRedirect());
|
||||||
if (SystemConstants.ROOT_MENU_ID.equals(parentId)) {
|
routeVO.setComponent(menu.getComponent());
|
||||||
routeVO.setComponent("Layout");
|
|
||||||
} else {
|
|
||||||
routeVO.setComponent(menu.getComponent());
|
|
||||||
}
|
|
||||||
routeVO.setRedirect(menu.getRedirect());
|
routeVO.setRedirect(menu.getRedirect());
|
||||||
routeVO.setMeta(routeVO.new Meta(
|
routeVO.setMeta(routeVO.new Meta(
|
||||||
menu.getName(),
|
menu.getName(),
|
||||||
|
@ -93,7 +93,6 @@ public class ResourceServerConfig {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @return
|
|
||||||
* @link https://blog.csdn.net/qq_24230139/article/details/105091273
|
* @link https://blog.csdn.net/qq_24230139/article/details/105091273
|
||||||
* ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication
|
* ServerHttpSecurity没有将jwt中authorities的负载部分当做Authentication
|
||||||
* 需要把jwt的Claim中的authorities加入
|
* 需要把jwt的Claim中的authorities加入
|
||||||
|
@ -3,13 +3,10 @@ package com.youlai.gateway.security;
|
|||||||
import cn.hutool.core.collection.CollectionUtil;
|
import cn.hutool.core.collection.CollectionUtil;
|
||||||
import cn.hutool.core.convert.Convert;
|
import cn.hutool.core.convert.Convert;
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import cn.hutool.json.JSON;
|
|
||||||
import cn.hutool.json.JSONObject;
|
|
||||||
import cn.hutool.json.JSONUtil;
|
|
||||||
import com.youlai.common.constant.AuthConstants;
|
import com.youlai.common.constant.AuthConstants;
|
||||||
import com.youlai.common.constant.GlobalConstants;
|
import com.youlai.common.constant.GlobalConstants;
|
||||||
import com.youlai.gateway.component.AdminRoleLocalCache;
|
import com.youlai.gateway.component.AdminRoleLocalCache;
|
||||||
import lombok.AllArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.data.redis.core.RedisTemplate;
|
import org.springframework.data.redis.core.RedisTemplate;
|
||||||
@ -36,16 +33,17 @@ import java.util.Set;
|
|||||||
* @date 2020-05-01
|
* @date 2020-05-01
|
||||||
*/
|
*/
|
||||||
@Component
|
@Component
|
||||||
@AllArgsConstructor
|
@RequiredArgsConstructor
|
||||||
@Slf4j
|
@Slf4j
|
||||||
public class ResourceServerManager implements ReactiveAuthorizationManager<AuthorizationContext> {
|
public class ResourceServerManager implements ReactiveAuthorizationManager<AuthorizationContext> {
|
||||||
|
|
||||||
private RedisTemplate redisTemplate;
|
private final RedisTemplate redisTemplate;
|
||||||
private AdminRoleLocalCache adminRoleLocalCache;
|
private final AdminRoleLocalCache adminRoleLocalCache;
|
||||||
|
|
||||||
// 是否演示环境
|
// 是否演示环境
|
||||||
@Value("${demo}")
|
@Value("${demo}")
|
||||||
private Boolean isDemoEnv;
|
private Boolean isDemoEnv;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
|
public Mono<AuthorizationDecision> check(Mono<Authentication> mono, AuthorizationContext authorizationContext) {
|
||||||
ServerHttpRequest request = authorizationContext.getExchange().getRequest();
|
ServerHttpRequest request = authorizationContext.getExchange().getRequest();
|
||||||
@ -72,11 +70,11 @@ public class ResourceServerManager implements ReactiveAuthorizationManager<Autho
|
|||||||
String restfulPath = request.getMethodValue() + ":" + path;
|
String restfulPath = request.getMethodValue() + ":" + path;
|
||||||
log.info("请求方法:RESTFul请求路径:{}", restfulPath);
|
log.info("请求方法:RESTFul请求路径:{}", restfulPath);
|
||||||
Map<String, Object> permRolesRules = (Map<String, Object>) adminRoleLocalCache.getCache(GlobalConstants.URL_PERM_ROLES_KEY);
|
Map<String, Object> permRolesRules = (Map<String, Object>) adminRoleLocalCache.getCache(GlobalConstants.URL_PERM_ROLES_KEY);
|
||||||
if (isDemoEnv){
|
if (isDemoEnv) {
|
||||||
// 缓存取【URL权限标识->角色集合】权限规则
|
// 缓存取【URL权限标识->角色集合】权限规则
|
||||||
if(null==permRolesRules){
|
if (null == permRolesRules) {
|
||||||
permRolesRules = redisTemplate.opsForHash().entries(GlobalConstants.URL_PERM_ROLES_KEY);
|
permRolesRules = redisTemplate.opsForHash().entries(GlobalConstants.URL_PERM_ROLES_KEY);
|
||||||
adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY,permRolesRules);
|
adminRoleLocalCache.setLocalCache(GlobalConstants.URL_PERM_ROLES_KEY, permRolesRules);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -84,16 +82,19 @@ public class ResourceServerManager implements ReactiveAuthorizationManager<Autho
|
|||||||
Set<String> hasPermissionRoles = CollectionUtil.newHashSet(); // 【声明定义】有权限的角色集合
|
Set<String> hasPermissionRoles = CollectionUtil.newHashSet(); // 【声明定义】有权限的角色集合
|
||||||
boolean needToCheck = false; // 【声明定义】是否需要被拦截检查的请求,如果缓存中权限规则中没有任何URL权限标识和此次请求的URL匹配,默认不需要被鉴权
|
boolean needToCheck = false; // 【声明定义】是否需要被拦截检查的请求,如果缓存中权限规则中没有任何URL权限标识和此次请求的URL匹配,默认不需要被鉴权
|
||||||
|
|
||||||
for (Map.Entry<String, Object> permRoles : permRolesRules.entrySet()) {
|
if (CollectionUtil.isNotEmpty(permRolesRules)) {
|
||||||
String perm = permRoles.getKey(); // 缓存权限规则的键:URL权限标识
|
for (Map.Entry<String, Object> ruleEntry : permRolesRules.entrySet()) {
|
||||||
if (pathMatcher.match(perm, restfulPath)) {
|
String perm = ruleEntry.getKey(); // 缓存权限规则的键:URL权限标识
|
||||||
List<String> roles = Convert.toList(String.class, permRoles.getValue()); // 缓存权限规则的值:有请求路径访问权限的角色集合
|
if (pathMatcher.match(perm, restfulPath)) {
|
||||||
hasPermissionRoles.addAll(Convert.toList(String.class, roles));
|
List<String> roles = Convert.toList(String.class, ruleEntry.getValue()); // 缓存权限规则的值:有请求路径访问权限的角色集合
|
||||||
if (needToCheck == false) {
|
hasPermissionRoles.addAll(Convert.toList(String.class, roles));
|
||||||
needToCheck = true;
|
if (needToCheck == false) {
|
||||||
|
needToCheck = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
log.info("拥有接口访问权限的角色:{}", hasPermissionRoles.toString());
|
log.info("拥有接口访问权限的角色:{}", hasPermissionRoles.toString());
|
||||||
// 没有设置权限规则放行;注:如果默认想拦截所有的请求请移除needToCheck变量逻辑即可,根据需求定制
|
// 没有设置权限规则放行;注:如果默认想拦截所有的请求请移除needToCheck变量逻辑即可,根据需求定制
|
||||||
if (needToCheck == false) {
|
if (needToCheck == false) {
|
||||||
|
@ -7,6 +7,7 @@ import com.nimbusds.jose.JWSObject;
|
|||||||
import com.youlai.common.constant.AuthConstants;
|
import com.youlai.common.constant.AuthConstants;
|
||||||
import com.youlai.common.result.ResultCode;
|
import com.youlai.common.result.ResultCode;
|
||||||
import com.youlai.gateway.util.ResponseUtils;
|
import com.youlai.gateway.util.ResponseUtils;
|
||||||
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.SneakyThrows;
|
import lombok.SneakyThrows;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.apache.logging.log4j.util.Strings;
|
import org.apache.logging.log4j.util.Strings;
|
||||||
@ -30,11 +31,11 @@ import reactor.core.publisher.Mono;
|
|||||||
* @date 2020-06-12
|
* @date 2020-06-12
|
||||||
*/
|
*/
|
||||||
@Component
|
@Component
|
||||||
|
@RequiredArgsConstructor
|
||||||
@Slf4j
|
@Slf4j
|
||||||
public class SecurityGlobalFilter implements GlobalFilter, Ordered {
|
public class SecurityGlobalFilter implements GlobalFilter, Ordered {
|
||||||
|
|
||||||
@Autowired
|
private final RedisTemplate redisTemplate;
|
||||||
private RedisTemplate redisTemplate;
|
|
||||||
|
|
||||||
// 是否演示环境
|
// 是否演示环境
|
||||||
@Value("${demo}")
|
@Value("${demo}")
|
||||||
|
Loading…
Reference in New Issue
Block a user