diff --git a/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java b/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java index bf8b0a9c..78fa2e33 100644 --- a/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java +++ b/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java @@ -18,6 +18,7 @@ import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; /** + * 切点Pointcut加增强Advice等于切面Aspect * @author Zheng Jie * @date 2018-11-24 */ @@ -51,6 +52,11 @@ public class LogAspect { public Object logAround(ProceedingJoinPoint joinPoint) throws Throwable { Object result; currentTime.set(System.currentTimeMillis()); + /** + * AOP执行顺序Around-->Before--->Around--->After + * 必须使用joinPoint.proceed()来使切点的方法执行,否则的话Before和After则执行不了 + * proceed()方法提供了带参数的重载方法,可以使用后者来达到替换切点方法参数的效果 + */ result = joinPoint.proceed(); Log log = new Log("INFO",System.currentTimeMillis() - currentTime.get()); currentTime.remove(); diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java index 87a1f27e..33a718a4 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java @@ -91,7 +91,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .and() .authorizeRequests() - // 静态资源等等 + // 静态资源等等(对GET请求的静态资源放行) .antMatchers( HttpMethod.GET, "/*.html", @@ -112,7 +112,12 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { .antMatchers("/druid/**").permitAll() // 放行OPTIONS请求 .antMatchers(HttpMethod.OPTIONS, "/**").permitAll() - // 自定义匿名访问所有url放行 : 允许匿名和带权限以及登录用户访问 + /** + * 1 自定义匿名访问所有url放行 : 允许匿名和带权限以及登录用户访问 + * 2 变长参数是 Java 的一个语法糖,本质上还是基于数组的实现 antMatchers(String... antPatterns) + * 相当于 String[] antPatterns + * 3 T[] toArray(T[] a)最好加上泛型的参数,不然会返回Object[]数组,接收方处理起来麻烦 + */ .antMatchers(anonymousUrls.toArray(new String[0])).permitAll() // 所有请求都需要认证 .anyRequest().authenticated() diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java index 6fb9925d..b7c80d1a 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java @@ -96,7 +96,9 @@ public class AuthController { } UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(authUser.getUsername(), password); - + /** + * 通过token获得授权对象 + */ Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); // 生成令牌 diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java index fc9ea698..8f7cda2a 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java @@ -16,7 +16,10 @@ public class JwtAccessDeniedHandler implements AccessDeniedHandler { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException { - //当用户在没有授权的情况下访问受保护的REST资源时,将调用此方法发送403 Forbidden响应 + /** + * 主要是已登录但是没权限的用户尝试访问受保护的资源时 + * 当用户在没有授权的情况下访问受保护的REST资源时,将调用此方法发送403 Forbidden响应 + */ response.sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage()); } } diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java index 6f33d313..c0c52d1e 100644 --- a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java +++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java @@ -19,7 +19,10 @@ public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint { public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException { - // 当用户尝试访问安全的REST资源而不提供任何凭据时,将调用此方法发送401 响应 + /** + * 主要是未登录的用户尝试通过URL来访问资源 + * 当用户尝试访问安全的REST资源而不提供任何凭据时,将调用此方法发送401 响应 + */ response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException==null?"Unauthorized":authException.getMessage()); } } diff --git a/eladmin-system/src/main/resources/config/application-dev.yml b/eladmin-system/src/main/resources/config/application-dev.yml index bd68b197..075d9f5c 100644 --- a/eladmin-system/src/main/resources/config/application-dev.yml +++ b/eladmin-system/src/main/resources/config/application-dev.yml @@ -65,8 +65,8 @@ swagger: # 文件存储路径 file: - path: C:\eladmin\file\ - avatar: C:\eladmin\avatar\ + path: D:\eladmin\file\ + avatar: D:\eladmin\avatar\ # 文件大小 /M maxSize: 100 avatarMaxSize: 5 \ No newline at end of file diff --git a/eladmin-system/src/main/resources/config/application.yml b/eladmin-system/src/main/resources/config/application.yml index fcc71dd0..5bf461b4 100644 --- a/eladmin-system/src/main/resources/config/application.yml +++ b/eladmin-system/src/main/resources/config/application.yml @@ -25,7 +25,7 @@ spring: database: 0 host: 127.0.0.1 port: 6379 - password: + password: 1234 #连接超时时间 timeout: 5000