1、优化

Former-commit-id: fe9eeaa6585b317ba9be778752e00180f26e37fc
5 years ago · cc16980059
parent 83f5b8dc44
commit cc16980059
4 changed files with 36 additions and 20 deletions
--- a/src/main/resources/modules/SpringBoot/java/action/ajax/system/UserAjax.java
+++ b/src/main/resources/modules/SpringBoot/java/action/ajax/system/UserAjax.java
@ -86,7 +86,7 @@ public class UserAjax{
        if (request.getUsername().equals(admin)) {//超级管理员登录
            String generatePwd = MD5Util.generatePwd(request.getPassword());
            if (!generatePwd.equals(pwd)) {
-                response.addError(ErrorType.BUSINESS_ERROR, "登录密码错误");
+                response.addError(ErrorType.BUSINESS_ERROR, "用户名或密码错误!");
            } else {
                Date current = new Date();
                Calendar instance = Calendar.getInstance();
@ -96,7 +96,7 @@ public class UserAjax{
                TokensCreateRequest tokensCreateRequest = new TokensCreateRequest();
                tokensCreateRequest.setToken(UUID.randomUUID().toString());
                tokensCreateRequest.setUserId(0L);
-                tokensCreateRequest.setUserName("超级管理员");
+                tokensCreateRequest.setUserName(admin);
                tokensCreateRequest.setLoginTime(current);
                tokensCreateRequest.setValidTime(instance.getTime());
                tokensCreateRequest.setValid(true);
--- a/src/main/resources/modules/SpringBoot/java/config/SecurityConfig.java
+++ b/src/main/resources/modules/SpringBoot/java/config/SecurityConfig.java
@ -10,12 +10,19 @@ import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
+import ${basePackage}.frame.auth.LocalData;
 import ${basePackage}.frame.base.Token;
 import ${basePackage}.frame.utils.CookieUtil;
-import ${basePackage}.frame.auth.LocalData;
-import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
-
-import javax.servlet.*;
+import ${basePackage}.module.system.mgr.TokensManager;
+import ${basePackage}.module.system.req.TokensBuildRequest;
+import ${basePackage}.module.system.rsp.TokensBuildResponse;
+
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
 import javax.servlet.http.HttpServletRequest;
 import java.io.IOException;
 import java.util.regex.Matcher;
@ -31,6 +38,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
    private String[] excluded;
    @Value("${r"${spring.mvc.static-path-pattern}"}")
    private String[] staticPath;
+    @Value("${r'${web.login.page}'}")
+    private String loginPage;

    @Override
    public void configure(WebSecurity web) throws Exception {
@ -42,7 +51,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                .and()
                .addFilterBefore(new TokenFilter(), FilterSecurityInterceptor.class)// 过滤器用于处理Token
-                .authorizeRequests()
+                .formLogin().loginPage(loginPage)
+                .and().authorizeRequests()
                .antMatchers(excluded).permitAll()// 放行排除的URL
                .antMatchers(included).access("@Authorization.hasPermission(request,authentication)")// 需要权限的URL
                .and().cors()
@ -77,15 +87,16 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                LocalData.setToken(LocalData.getTempToken());
            } else {
                // 组装Token ~ 这边根据实际的业务组装Token
-                Token token1 = new Token();
-                token1.setId(1L);
-                token1.setUserId(1L);
-                token1.setUserName("admin");
-                //继承临时Token
-                token1.addResourceSet(LocalData.getTempToken());
-                //管理员特有资源(这边请用正则表达式)
-                token1.putResource(".*");
-                LocalData.setToken(token1);
+                TokensManager tokensManager = LocalData.getBean(TokensManager.class);
+                TokensBuildRequest tokensBuildRequest = new TokensBuildRequest();
+                tokensBuildRequest.setToken(token);
+                TokensBuildResponse tokensBuildResponse = tokensManager.build(tokensBuildRequest, LocalData.getSysToken());
+                if (tokensBuildResponse.hasError()) {
+                    LocalData.setToken(LocalData.getTempToken());
+                } else {
+                    Token token_ = tokensBuildResponse.getToken();
+                    LocalData.setToken(token_);
+                }
            }

            // Action
--- a/src/main/resources/modules/SpringBoot/java/frame/auth/LocalData.java
+++ b/src/main/resources/modules/SpringBoot/java/frame/auth/LocalData.java
@ -1,10 +1,11 @@
 package ${basePackage}.frame.auth;

-import ${basePackage}.frame.base.Token;
 import org.springframework.context.ApplicationContext;
+import org.springframework.core.env.Environment;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 import org.springframework.web.context.support.WebApplicationContextUtils;
+import ${basePackage}.frame.base.Token;

 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@ -27,8 +28,7 @@ public class LocalData {
        temp = new Token();
        temp.setId(-1);
        temp.setUserId(-1);
-        temp.setUserName("游客");
-        temp.putResource("ajax.system.admin.login");
+        temp.setUserName("临时");
        system = new Token();
        system.setId(0);
        system.setUserId(0);
@ -85,4 +85,9 @@ public class LocalData {
    public static <T> T getBean(Class<T> t) {
        return getApplicationContext().getBean(t);
    }
+
+    public static String getProp(String key) {
+        Environment env = getBean(Environment.class);
+        return env.getProperty(key,"");
+    }
 }
--- a/src/main/resources/modules/SpringBoot/java/module/system/mgr/TokensManagerImpl.java
+++ b/src/main/resources/modules/SpringBoot/java/module/system/mgr/TokensManagerImpl.java
@ -215,8 +215,8 @@ public class TokensManagerImpl implements TokensManager {
                newToken.setId(0);
                newToken.setUserId(0);
                newToken.setUserName(admin);
+                newToken.putResource(".*");
            } else {
-                response.addError(ErrorType.BUSINESS_ERROR, "token");
                newToken.setId(tokens.getId());
                newToken.setUserId(tokens.getUserId());
                newToken.setUserName(tokens.getUserName());