代码优化，接口放行统一使用@AnonymousAccess，邮箱验证优化

2019-11-29 10:05:38 +08:00 · 2019-11-29 10:05:38 +08:00 · faa93f4bf8
parent a635009499
commit faa93f4bf8
7 changed files with 16 additions and 33 deletions
--- a/eladmin-common/src/main/java/me/zhengjie/annotation/Query.java
+++ b/eladmin-common/src/main/java/me/zhengjie/annotation/Query.java
@ -61,10 +61,8 @@ public @interface Query {
     * 适用于简单连接查询，复杂的请自定义该注解，或者使用sql查询
     */
    enum Join {
-        /** jie 2019-6-4 13:18:30 左连接 */
+        /** jie 2019-6-4 13:18:30 左右连接 */
-        LEFT
+        LEFT, RIGHT
        /** jie 2019-6-4 13:18:30 右连接 */
        , RIGHT
    }
 }
--- a/eladmin-common/src/main/java/me/zhengjie/config/ElPermissionConfig.java
+++ b/eladmin-common/src/main/java/me/zhengjie/config/ElPermissionConfig.java
@ -14,11 +14,6 @@ import java.util.stream.Collectors;
 public class ElPermissionConfig {
    public Boolean check(String ...permissions){
        // 如果是匿名访问的，就放行
        String anonymous = "anonymous";
        if(Arrays.asList(permissions).contains(anonymous)){
            return true;
        }
        // 获取当前用户的所有权限
        List<String> elPermissions = SecurityUtils.getUserDetails().getAuthorities().stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList());
        // 判断当前用户的所有权限是否包含接口上定义的权限
--- a/eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java
+++ b/eladmin-common/src/main/java/me/zhengjie/utils/EncryptUtils.java
@ -1,6 +1,5 @@
 package me.zhengjie.utils;
 import org.springframework.util.DigestUtils;
 import javax.crypto.Cipher;
 import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactory;
--- a/eladmin-common/src/main/java/me/zhengjie/utils/ValidationUtil.java
+++ b/eladmin-common/src/main/java/me/zhengjie/utils/ValidationUtil.java
@ -2,6 +2,7 @@ package me.zhengjie.utils;
 import cn.hutool.core.util.ObjectUtil;
 import me.zhengjie.exception.BadRequestException;
 import org.hibernate.validator.internal.constraintvalidators.hv.EmailValidator;
 /**
 * 验证工具
@ -23,11 +24,7 @@ public class ValidationUtil{
    /**
     * 验证是否为邮箱
     */
-    public static boolean isEmail(String string) {
+    public static boolean isEmail(String email) {
-        if (string == null){
+        return new EmailValidator().isValid(email, null);
            return false;
        }
        String regEx1 = "^([a-z0-9A-Z]+[-|.]?)+[a-z0-9A-Z]@([a-z0-9A-Z]+(-[a-z0-9A-Z]+)?\\.)+[a-zA-Z]{2,}$";
        return string.matches(regEx1);
    }
 }
--- a/eladmin-system/src/main/java/me/zhengjie/modules/monitor/rest/LimitController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/monitor/rest/LimitController.java
@ -4,11 +4,9 @@ import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import me.zhengjie.annotation.AnonymousAccess;
 import me.zhengjie.annotation.Limit;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 import java.util.concurrent.atomic.AtomicInteger;
 /**
@ -26,7 +24,7 @@ public class LimitController {
     * 测试限流注解，下面配置说明该接口 60秒内最多只能访问 10次，保存到redis的键名为 limit_test，
     */
    @GetMapping
-    @PreAuthorize("@el.check('anonymous')")
+    @AnonymousAccess
    @ApiOperation("测试")
    @Limit(key = "test", period = 60, count = 10, name = "testLimit", prefix = "limit")
    public int testLimit() {
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java
@ -6,7 +6,6 @@ import org.springframework.context.ApplicationContext;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@ -48,34 +47,31 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    GrantedAuthorityDefaults grantedAuthorityDefaults() {
-        // Remove the ROLE_ prefix
+        // 去除 ROLE_ 前缀
        return new GrantedAuthorityDefaults("");
    }
    @Bean
    public PasswordEncoder passwordEncoder() {
        // 密码加密方式
        return new BCryptPasswordEncoder();
    }
    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
-        // 搜寻 匿名标记 url： PreAuthorize("hasAnyRole('anonymous')") 和 PreAuthorize("@el.check('anonymous')") 和 AnonymousAccess
+        // 搜寻匿名标记 url： @AnonymousAccess
        Map<RequestMappingInfo, HandlerMethod> handlerMethodMap = applicationContext.getBean(RequestMappingHandlerMapping.class).getHandlerMethods();
        Set<String> anonymousUrls = new HashSet<>();
        for (Map.Entry<RequestMappingInfo, HandlerMethod> infoEntry : handlerMethodMap.entrySet()) {
            HandlerMethod handlerMethod = infoEntry.getValue();
            AnonymousAccess anonymousAccess = handlerMethod.getMethodAnnotation(AnonymousAccess.class);
-            PreAuthorize preAuthorize = handlerMethod.getMethodAnnotation(PreAuthorize.class);
+            if (null != anonymousAccess) {
            if (null != preAuthorize && preAuthorize.value().toLowerCase().contains("anonymous")) {
                anonymousUrls.addAll(infoEntry.getKey().getPatternsCondition().getPatterns());
            } else if (null != anonymousAccess && null == preAuthorize) {
                anonymousUrls.addAll(infoEntry.getKey().getPatternsCondition().getPatterns());
            }
        }
        httpSecurity
                // 禁用 CSRF
                .csrf().disable()
                .addFilterBefore(corsFilter, UsernamePasswordAuthenticationFilter.class)
                // 授权异常
                .exceptionHandling()
@ -95,6 +91,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                .and()
                .authorizeRequests()
                // 静态资源等等
                .antMatchers(
                        HttpMethod.GET,
                        "/*.html",
@ -103,24 +100,23 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                        "/**/*.js",
                        "/webSocket/**"
                ).permitAll()
-                // swagger start
+                // swagger 文档
                .antMatchers("/swagger-ui.html").permitAll()
                .antMatchers("/swagger-resources/**").permitAll()
                .antMatchers("/webjars/**").permitAll()
                .antMatchers("/*/api-docs").permitAll()
                // swagger end
                // 文件
                .antMatchers("/avatar/**").permitAll()
                .antMatchers("/file/**").permitAll()
                // 阿里巴巴 druid
                .antMatchers("/druid/**").permitAll()
                // 放行OPTIONS请求
                .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()
-                // 自定义匿名访问所有url放行 ： 允许 匿名和带权限以及登录用户访问
+                // 自定义匿名访问所有url放行 ： 允许匿名和带权限以及登录用户访问
                .antMatchers(anonymousUrls.toArray(new String[0])).permitAll()
                // 所有请求都需要认证
                .anyRequest().authenticated()
-                .and()
+                .and().apply(securityConfigurerAdapter());
                .apply(securityConfigurerAdapter());
    }
    private TokenConfigurer securityConfigurerAdapter() {
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthController.java
@ -97,8 +97,8 @@ public class AuthController {
        return ResponseEntity.ok(jwtUser);
    }
    @ApiOperation("获取验证码")
    @AnonymousAccess
    @ApiOperation("获取验证码")
    @GetMapping(value = "/code")
    public ResponseEntity getCode(){
        // 算术类型 https://gitee.com/whvse/EasyCaptcha