From cb63b30f373bad38c1d0cfc340ca79d6e880b91b Mon Sep 17 00:00:00 2001
From: Nick <1528282042@qq.com>
Date: Mon, 30 Mar 2020 09:32:34 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E9=85=8D=E7=BD=AE=EF=BC=8C?=
 =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E7=AC=94=E8=AE=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/main/java/me/zhengjie/aspect/LogAspect.java      | 6 ++++++
 .../zhengjie/modules/security/config/SecurityConfig.java | 9 +++++++--
 .../zhengjie/modules/security/rest/AuthController.java   | 4 +++-
 .../security/security/JwtAccessDeniedHandler.java        | 5 ++++-
 .../security/security/JwtAuthenticationEntryPoint.java   | 5 ++++-
 .../src/main/resources/config/application-dev.yml        | 4 ++--
 eladmin-system/src/main/resources/config/application.yml | 2 +-
 7 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java b/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java
index bf8b0a9c..78fa2e33 100644
--- a/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java
+++ b/eladmin-logging/src/main/java/me/zhengjie/aspect/LogAspect.java
@@ -18,6 +18,7 @@ import org.springframework.stereotype.Component;
 import javax.servlet.http.HttpServletRequest;
 
 /**
+ * 切点Pointcut加增强Advice等于切面Aspect
  * @author Zheng Jie
  * @date 2018-11-24
  */
@@ -51,6 +52,11 @@ public class LogAspect {
     public Object logAround(ProceedingJoinPoint joinPoint) throws Throwable {
         Object result;
         currentTime.set(System.currentTimeMillis());
+        /**
+         * AOP执行顺序Around-->Before--->Around--->After
+         * 必须使用joinPoint.proceed()来使切点的方法执行,否则的话Before和After则执行不了
+         * proceed()方法提供了带参数的重载方法，可以使用后者来达到替换切点方法参数的效果
+         */
         result = joinPoint.proceed();
         Log log = new Log("INFO",System.currentTimeMillis() - currentTime.get());
         currentTime.remove();
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java
index 87a1f27e..33a718a4 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java
@@ -91,7 +91,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
                 .and()
                 .authorizeRequests()
-                // 静态资源等等
+                // 静态资源等等（对GET请求的静态资源放行）
                 .antMatchers(
                         HttpMethod.GET,
                         "/*.html",
@@ -112,7 +112,12 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 .antMatchers("/druid/**").permitAll()
                 // 放行OPTIONS请求
                 .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
-                // 自定义匿名访问所有url放行 ： 允许匿名和带权限以及登录用户访问
+                /**
+                 * 1 自定义匿名访问所有url放行 ： 允许匿名和带权限以及登录用户访问
+                 * 2 变长参数是 Java 的一个语法糖，本质上还是基于数组的实现 antMatchers(String... antPatterns)
+                 * 相当于 String[] antPatterns
+                 * 3 T[] toArray(T[] a)最好加上泛型的参数，不然会返回Object[]数组,接收方处理起来麻烦
+                */
                 .antMatchers(anonymousUrls.toArray(new String[0])).permitAll()
                 // 所有请求都需要认证
                 .anyRequest().authenticated()
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java
index 6fb9925d..b7c80d1a 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java
@@ -96,7 +96,9 @@ public class AuthController {
         }
         UsernamePasswordAuthenticationToken authenticationToken =
                 new UsernamePasswordAuthenticationToken(authUser.getUsername(), password);
-
+        /**
+         * 通过token获得授权对象
+         */
         Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
         SecurityContextHolder.getContext().setAuthentication(authentication);
         // 生成令牌
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java
index fc9ea698..8f7cda2a 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java
@@ -16,7 +16,10 @@ public class JwtAccessDeniedHandler implements AccessDeniedHandler {
 
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
-      //当用户在没有授权的情况下访问受保护的REST资源时，将调用此方法发送403 Forbidden响应
+      /**
+       * 主要是已登录但是没权限的用户尝试访问受保护的资源时
+       * 当用户在没有授权的情况下访问受保护的REST资源时，将调用此方法发送403 Forbidden响应
+       */
       response.sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
    }
 }
diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java
index 6f33d313..c0c52d1e 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAuthenticationEntryPoint.java
@@ -19,7 +19,10 @@ public class JwtAuthenticationEntryPoint implements AuthenticationEntryPoint {
     public void commence(HttpServletRequest request,
                          HttpServletResponse response,
                          AuthenticationException authException) throws IOException {
-        // 当用户尝试访问安全的REST资源而不提供任何凭据时，将调用此方法发送401 响应
+        /**
+         * 主要是未登录的用户尝试通过URL来访问资源
+         * 当用户尝试访问安全的REST资源而不提供任何凭据时，将调用此方法发送401 响应
+         */
         response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException==null?"Unauthorized":authException.getMessage());
     }
 }
diff --git a/eladmin-system/src/main/resources/config/application-dev.yml b/eladmin-system/src/main/resources/config/application-dev.yml
index bd68b197..075d9f5c 100644
--- a/eladmin-system/src/main/resources/config/application-dev.yml
+++ b/eladmin-system/src/main/resources/config/application-dev.yml
@@ -65,8 +65,8 @@ swagger:
 
 # 文件存储路径
 file:
-  path: C:\eladmin\file\
-  avatar: C:\eladmin\avatar\
+  path: D:\eladmin\file\
+  avatar: D:\eladmin\avatar\
   # 文件大小 /M
   maxSize: 100
   avatarMaxSize: 5
\ No newline at end of file
diff --git a/eladmin-system/src/main/resources/config/application.yml b/eladmin-system/src/main/resources/config/application.yml
index fcc71dd0..5bf461b4 100644
--- a/eladmin-system/src/main/resources/config/application.yml
+++ b/eladmin-system/src/main/resources/config/application.yml
@@ -25,7 +25,7 @@ spring:
     database: 0
     host: 127.0.0.1
     port: 6379
-    password:
+    password: 1234
     #连接超时时间
     timeout: 5000