github
/
eladmin
mirror of https://github.com/elunez/eladmin
1
0
Fork 0
Code Issues Releases Wiki Activity

代码优化

pull/217/head
dqjdda 2019-11-27 20:57:49 +08:00
parent 2ecb82a55a
commit fe812f1c88
4 changed files with 42 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
eladmin-common/src/main/java/me/zhengjie/exception/handler/GlobalExceptionHandler.java
View File

@ -32,16 +32,6 @@ public class GlobalExceptionHandler {
return buildResponseEntity(ApiError.error(e.getMessage())); return buildResponseEntity(ApiError.error(e.getMessage()));
} }
/**
* 访AccessDeniedException
*/
@ExceptionHandler(AccessDeniedException.class)
public ResponseEntity handleAccessDeniedException(AccessDeniedException e){
// 打印堆栈信息
log.error(ThrowableUtil.getStackTrace(e));
return buildResponseEntity(ApiError.error(FORBIDDEN.value(),e.getMessage()));
}
/** /**
* *
*/ */

28
eladmin-system/src/main/java/me/zhengjie/config/ConfigurerAdapter.java
View File

@ -1,12 +1,14 @@
package me.zhengjie.config; package me.zhengjie.config;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;
import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import java.nio.file.Paths;
/** /**
* WebMvcConfigurer * WebMvcConfigurer
@ -24,20 +26,22 @@ public class ConfigurerAdapter implements WebMvcConfigurer {
@Value("${file.avatar}") @Value("${file.avatar}")
private String avatar; private String avatar;
@Override @Bean
public void addCorsMappings(CorsRegistry registry) { public CorsFilter corsFilter() {
registry.addMapping("/**") UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
.allowCredentials(true) CorsConfiguration config = new CorsConfiguration();
.allowedHeaders("*") config.setAllowCredentials(true);
.allowedOrigins("*") config.addAllowedOrigin("*");
.allowedMethods("GET","POST","PUT","DELETE"); config.addAllowedHeader("*");
config.addAllowedMethod("*");
source.registerCorsConfiguration("/**", config);
return new CorsFilter(source);
} }
@Override @Override
public void addResourceHandlers(ResourceHandlerRegistry registry) { public void addResourceHandlers(ResourceHandlerRegistry registry) {
String avatarUtl = Paths.get(avatar).normalize().toUri().toASCIIString(); String avatarUtl = "file:" + avatar.replace("\\","/");
String pathUtl = Paths.get(path).normalize().toUri().toASCIIString(); String pathUtl = "file:" + path.replace("\\","/");
registry.addResourceHandler("/avatar/**").addResourceLocations(avatarUtl).setCachePeriod(0); registry.addResourceHandler("/avatar/**").addResourceLocations(avatarUtl).setCachePeriod(0);
registry.addResourceHandler("/file/**").addResourceLocations(pathUtl).setCachePeriod(0); registry.addResourceHandler("/file/**").addResourceLocations(pathUtl).setCachePeriod(0);
registry.addResourceHandler("/**").addResourceLocations("classpath:/META-INF/resources/").setCachePeriod(0); registry.addResourceHandler("/**").addResourceLocations("classpath:/META-INF/resources/").setCachePeriod(0);

7
eladmin-system/src/main/java/me/zhengjie/modules/security/config/SecurityConfig.java
View File

@ -1,6 +1,7 @@
package me.zhengjie.modules.security.config; package me.zhengjie.modules.security.config;
import me.zhengjie.annotation.AnonymousAccess; import me.zhengjie.annotation.AnonymousAccess;
import me.zhengjie.modules.security.security.JwtAccessDeniedHandler;
import me.zhengjie.modules.security.security.JwtAuthenticationEntryPoint; import me.zhengjie.modules.security.security.JwtAuthenticationEntryPoint;
import me.zhengjie.modules.security.security.JwtAuthorizationTokenFilter; import me.zhengjie.modules.security.security.JwtAuthorizationTokenFilter;
import me.zhengjie.modules.security.service.JwtUserDetailsServiceImpl; import me.zhengjie.modules.security.service.JwtUserDetailsServiceImpl;
@ -39,6 +40,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final JwtAuthenticationEntryPoint unauthorizedHandler; private final JwtAuthenticationEntryPoint unauthorizedHandler;
private final JwtAccessDeniedHandler accessDeniedHandler;
private final JwtUserDetailsServiceImpl jwtUserDetailsService; private final JwtUserDetailsServiceImpl jwtUserDetailsService;
private final ApplicationContext applicationContext; private final ApplicationContext applicationContext;
@ -49,8 +52,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${jwt.header}") @Value("${jwt.header}")
private String tokenHeader; private String tokenHeader;
public SecurityConfig(JwtAuthenticationEntryPoint unauthorizedHandler, JwtUserDetailsServiceImpl jwtUserDetailsService, JwtAuthorizationTokenFilter authenticationTokenFilter, ApplicationContext applicationContext) { public SecurityConfig(JwtAuthenticationEntryPoint unauthorizedHandler, JwtAccessDeniedHandler accessDeniedHandler, JwtUserDetailsServiceImpl jwtUserDetailsService, JwtAuthorizationTokenFilter authenticationTokenFilter, ApplicationContext applicationContext) {
this.unauthorizedHandler = unauthorizedHandler; this.unauthorizedHandler = unauthorizedHandler;
this.accessDeniedHandler = accessDeniedHandler;
this.jwtUserDetailsService = jwtUserDetailsService; this.jwtUserDetailsService = jwtUserDetailsService;
this.authenticationTokenFilter = authenticationTokenFilter; this.authenticationTokenFilter = authenticationTokenFilter;
this.applicationContext = applicationContext; this.applicationContext = applicationContext;
@ -100,6 +104,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
.csrf().disable() .csrf().disable()
// 授权异常 // 授权异常
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and() .exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
.exceptionHandling().accessDeniedHandler(accessDeniedHandler).and()
// 不创建会话 // 不创建会话
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and() .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
// 过滤请求 // 过滤请求

19
eladmin-system/src/main/java/me/zhengjie/modules/security/security/JwtAccessDeniedHandler.java Normal file
View File

@ -0,0 +1,19 @@
package me.zhengjie.modules.security.security;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@Component
public class JwtAccessDeniedHandler implements AccessDeniedHandler {
@Override
public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException {
//当用户在没有授权的情况下访问受保护的REST资源时将调用此方法发送403 Forbidden响应
response.sendError(HttpServletResponse.SC_FORBIDDEN, accessDeniedException.getMessage());
}
}