增加管理员模块~

pull/1/head
YunaiV 2019-02-27 00:00:37 +08:00
parent e431530107
commit 09004dc000
66 changed files with 1952 additions and 127 deletions

View File

@ -0,0 +1,114 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>admin</artifactId>
<groupId>cn.iocoder.mall</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>admin-application</artifactId>
<properties>
<org.mapstruct.version>1.3.0.Final</org.mapstruct.version>
</properties>
<dependencies>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>admin-service-impl</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>common-framework</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>dubbo</artifactId>
<version>2.6.5</version>
</dependency>
<dependency>
<groupId>com.alibaba.boot</groupId>
<artifactId>dubbo-spring-boot-starter</artifactId>
<version>0.2.1.RELEASE</version>
</dependency>
<dependency>
<groupId>org.apache.curator</groupId>
<artifactId>curator-framework</artifactId>
<version>2.12.0</version>
</dependency>
<dependency>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct</artifactId> <!-- use mapstruct-jdk8 for Java 8 or higher -->
<version>${org.mapstruct.version}</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>2.9.2</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>2.9.2</version>
</dependency>
<dependency>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct</artifactId> <!-- use mapstruct-jdk8 for Java 8 or higher -->
<version>${org.mapstruct.version}</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
</dependency>
</dependencies>
<build>
<plugins>
<!-- 提供给 mapstruct 使用 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.5.1</version>
<configuration>
<source>1.8</source> <!-- or higher, depending on your project -->
<target>1.8</target> <!-- or higher, depending on your project -->
<annotationProcessorPaths>
<path>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct-processor</artifactId>
<version>${org.mapstruct.version}</version>
</path>
</annotationProcessorPaths>
</configuration>
</plugin>
</plugins>
</build>
</project>

View File

@ -0,0 +1,13 @@
package cn.iocoder.mall.admin;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication(scanBasePackages = {"cn.iocoder.mall.admin"})
public class AdminApplication {
public static void main(String[] args) {
SpringApplication.run(AdminApplication.class, args);
}
}

View File

@ -0,0 +1,29 @@
package cn.iocoder.mall.admin.config;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.EnableWebMvc;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@EnableWebMvc
@Configuration
//@Import(value = {GlobalExceptionHandler.class, // 统一全局返回
// ) // TODO 安全拦截器,实现认证和授权功能。
public class MVCConfiguration implements WebMvcConfigurer {
// @Autowired
// private UserSecurityInterceptor securityInterceptor;
//
// @Override
// public void addInterceptors(InterceptorRegistry registry) {
// registry.addInterceptor(securityInterceptor).addPathPatterns("/user/**", "/admin/**"); // 只拦截我们定义的接口
// }
@Override
public void addResourceHandlers(ResourceHandlerRegistry registry) {
// 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决
registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html");
registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/");
}
}

View File

@ -0,0 +1,36 @@
package cn.iocoder.mall.admin.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration
@EnableSwagger2
public class SwaggerConfiguration {
@Bean
public Docket createRestApi() {
return new Docket(DocumentationType.SWAGGER_2)
.apiInfo(apiInfo())
.select()
.apis(RequestHandlerSelectors.basePackage("cn.iocoder.mall.admin.controller"))
.paths(PathSelectors.any())
.build();
}
private ApiInfo apiInfo() {
return new ApiInfoBuilder()
.title("管理员子系统")
.description("管理员子系统")
.termsOfServiceUrl("http://www.iocoder.cn")
.version("1.0.0")
.build();
}
}

View File

@ -0,0 +1,14 @@
package cn.iocoder.mall.admin.controller;
import io.swagger.annotations.Api;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("admin/admin")
@Api("管理员模块")
public class AdminController {
}

View File

@ -0,0 +1,38 @@
package cn.iocoder.mall.admin.controller;
import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.admin.api.OAuth2Service;
import cn.iocoder.mall.admin.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.admin.convert.PassportConvert;
import cn.iocoder.mall.admin.vo.PassportLoginVO;
import com.alibaba.dubbo.config.annotation.Reference;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("admin/passport")
@Api("Admin Passport 模块")
public class PassportController {
@Reference
private OAuth2Service oauth2Service;
@PostMapping("/login")
@ApiOperation(value = "手机号 + 验证码登陆(注册)", notes = "如果手机对应的账号不存在,则会自动创建")
@ApiImplicitParams({
@ApiImplicitParam(name = "username", value = "账号", required = true, example = "15601691300"),
@ApiImplicitParam(name = "password", value = "密码", required = true, example = "future")
})
public CommonResult<PassportLoginVO> login(@RequestParam("username") String username,
@RequestParam("password") String password) {
CommonResult<OAuth2AccessTokenBO> result = oauth2Service.getAccessToken(username, password);
return PassportConvert.INSTANCE.convert(result);
}
}

View File

@ -0,0 +1,21 @@
package cn.iocoder.mall.admin.convert;
import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.admin.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.admin.vo.PassportLoginVO;
import org.mapstruct.Mapper;
import org.mapstruct.Mappings;
import org.mapstruct.factory.Mappers;
@Mapper
public interface PassportConvert {
PassportConvert INSTANCE = Mappers.getMapper(PassportConvert.class);
@Mappings({})
PassportLoginVO convert(OAuth2AccessTokenBO oauth2AccessTokenBO);
@Mappings({})
CommonResult<PassportLoginVO> convert(CommonResult<OAuth2AccessTokenBO> oauth2AccessTokenBO);
}

View File

@ -0,0 +1,43 @@
package cn.iocoder.mall.admin.vo;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
@ApiModel("登陆结果 VO")
public class PassportLoginVO {
@ApiModelProperty(value = "访问令牌", required = true, example = "2e3d7635c15e47e997611707a237859f")
private String accessToken;
@ApiModelProperty(value = "刷新令牌", required = true, example = "d091e7c35bbb4313b0f557a6ef23d033")
private String refreshToken;
@ApiModelProperty(value = "过期时间,单位:秒", required = true, example = "2879")
private Integer expiresIn;
public String getAccessToken() {
return accessToken;
}
public PassportLoginVO setAccessToken(String accessToken) {
this.accessToken = accessToken;
return this;
}
public String getRefreshToken() {
return refreshToken;
}
public PassportLoginVO setRefreshToken(String refreshToken) {
this.refreshToken = refreshToken;
return this;
}
public Integer getExpiresIn() {
return expiresIn;
}
public PassportLoginVO setExpiresIn(Integer expiresIn) {
this.expiresIn = expiresIn;
return this;
}
}

View File

@ -0,0 +1,7 @@
spring:
application:
name: admin-application
# server
server:
port: 8083

53
admin/admin-sdk/pom.xml Normal file
View File

@ -0,0 +1,53 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>admin</artifactId>
<groupId>cn.iocoder.mall</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>application-sdk</artifactId>
<dependencies>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
<version>5.1.5.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>5.1.5.RELEASE</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>dubbo</artifactId>
<version>2.6.5</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
<version>2.5</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>common-framework</artifactId>
<version>1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>admin-service-api</artifactId>
<version>1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
</dependencies>
</project>

View File

@ -0,0 +1,26 @@
package cn.iocoder.mall.admin.sdk.context;
import java.util.Set;
/**
* Security
*/
public class AdminSecurityContext {
private final Integer adminId;
private final Set<Integer> roleIds;
public AdminSecurityContext(Integer adminId, Set<Integer> roleIds) {
this.adminId = adminId;
this.roleIds = roleIds;
}
public Integer getAdminId() {
return adminId;
}
public Set<Integer> getRoleIds() {
return roleIds;
}
}

View File

@ -0,0 +1,30 @@
package cn.iocoder.mall.admin.sdk.context;
/**
* {@link AdminSecurityContext} Holder
*
* spring security ThreadLocalSecurityContextHolderStrategy
*/
public class AdminSecurityContextHolder {
private static final ThreadLocal<AdminSecurityContext> securityContext = new ThreadLocal<AdminSecurityContext>();
public static void setContext(AdminSecurityContext context) {
securityContext.set(context);
}
public static AdminSecurityContext getContext() {
AdminSecurityContext ctx = securityContext.get();
// 为空时,设置一个空的进去
if (ctx == null) {
ctx = new AdminSecurityContext(null, roleIds);
securityContext.set(ctx);
}
return ctx;
}
public static void clear() {
securityContext.remove();
}
}

View File

@ -0,0 +1,64 @@
package cn.iocoder.mall.admin.sdk.interceptor;
import cn.iocoder.common.framework.exception.ServiceException;
import cn.iocoder.common.framework.util.HttpUtil;
import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.admin.api.OAuth2Service;
import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO;
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContext;
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder;
import com.alibaba.dubbo.config.annotation.Reference;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Set;
/**
*
*/
@Component
public class AdminSecurityInterceptor extends HandlerInterceptorAdapter {
@Reference
private OAuth2Service oauth2Service;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 校验访问令牌是否正确。若正确,返回授权信息
String accessToken = HttpUtil.obtainAccess(request);
OAuth2AuthenticationBO authentication = null;
if (accessToken != null) {
CommonResult<OAuth2AuthenticationBO> result = oauth2Service.checkToken(accessToken);
if (result.isError()) { // TODO 芋艿,如果访问的地址无需登录,这里也不用抛异常
throw new ServiceException(result.getCode(), result.getMessage());
}
authentication = result.getData();
// 添加到 SecurityContext
AdminSecurityContext context = new AdminSecurityContext(authentication.getAdminId(), authentication.getRoleIds());
AdminSecurityContextHolder.setContext(context);
}
// 校验是否需要已授权
checkPermission(request, authentication);
// 返回成功
return super.preHandle(request, response, handler);
}
@Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
// 清空 SecurityContext
AdminSecurityContextHolder.clear();
}
private void checkPermission(HttpServletRequest request, OAuth2AuthenticationBO authentication) {
Integer adminId = authentication != null ? authentication.getAdminId() : null;
Set<Integer> roleIds = authentication != null ? authentication.getRoleIds() : null;
String url = request.getRequestURI();
CommonResult<Boolean> result = oauth2Service.checkPermission(adminId, roleIds, url);
if (result.isError()) {
throw new ServiceException(result.getCode(), result.getMessage());
}
}
}

View File

@ -0,0 +1,6 @@
/**
* SDK 使
*
* 1. {@link cn.iocoder.mall.admin.sdk.interceptor.UserSecurityInterceptor} URL
*/
package cn.iocoder.mall.admin.sdk;

View File

@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>admin</artifactId>
<groupId>cn.iocoder.mall</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>admin-service-api</artifactId>
<dependencies>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>common-framework</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>admin-service-api</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
</dependencies>
</project>

View File

@ -0,0 +1,16 @@
package cn.iocoder.mall.admin.api;
public interface AdminService {
// /**
// * 创建用户。一般在用户注册时,调用该方法
// *
// * TODO 芋艿,此处要传递一些用户注册时的相关信息,例如说 ip、ua、客户端来源等等。用于数据分析、风控等等。
// *
// * @param mobile 手机号
// * @param code 手机验证码
// * @return 用户
// */
// UserBO createUser(String mobile, String code) throws ServiceException;
}

View File

@ -0,0 +1,35 @@
package cn.iocoder.mall.admin.api;
import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.admin.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO;
import java.util.Set;
public interface OAuth2Service {
CommonResult<OAuth2AccessTokenBO> getAccessToken(String username, String password);
/**
* 访( accessToken )
*
* @param accessToken 访
* @return
*/
CommonResult<OAuth2AuthenticationBO> checkToken(String accessToken);
/**
* TODO
*
* @param adminId
* @param roleIds
* @param url URL
* @return
*/
CommonResult<Boolean> checkPermission(Integer adminId, Set<Integer> roleIds, String url);
// TODO @see 刷新 token
// TODO @see 移除 token
}

View File

@ -0,0 +1,4 @@
package cn.iocoder.mall.admin.api;
public interface RoleService {
}

View File

@ -0,0 +1,47 @@
package cn.iocoder.mall.admin.api.bo;
import java.io.Serializable;
public class OAuth2AccessTokenBO implements Serializable {
/**
* 访
*/
private String accessToken;
/**
*
*/
private String refreshToken;
/**
*
*/
private Integer expiresIn;
public String getAccessToken() {
return accessToken;
}
public OAuth2AccessTokenBO setAccessToken(String accessToken) {
this.accessToken = accessToken;
return this;
}
public String getRefreshToken() {
return refreshToken;
}
public OAuth2AccessTokenBO setRefreshToken(String refreshToken) {
this.refreshToken = refreshToken;
return this;
}
public Integer getExpiresIn() {
return expiresIn;
}
public OAuth2AccessTokenBO setExpiresIn(Integer expiresIn) {
this.expiresIn = expiresIn;
return this;
}
}

View File

@ -0,0 +1,35 @@
package cn.iocoder.mall.admin.api.bo;
import java.io.Serializable;
import java.util.Set;
public class OAuth2AuthenticationBO implements Serializable {
/**
*
*/
private Integer adminId;
/**
*
*/
private Set<Integer> roleIds;
public Integer getAdminId() {
return adminId;
}
public OAuth2AuthenticationBO setAdminId(Integer adminId) {
this.adminId = adminId;
return this;
}
public Set<Integer> getRoleIds() {
return roleIds;
}
public OAuth2AuthenticationBO setRoleIds(Set<Integer> roleIds) {
this.roleIds = roleIds;
return this;
}
}

View File

@ -0,0 +1,43 @@
package cn.iocoder.mall.admin.api.constant;
/**
*
*
* 使 1-002-000-000
*/
public enum AdminErrorCodeEnum {
// ========== OAUTH2 模块 ==========
OAUTH2_UNKNOWN(1002001000, "未知错误"), // 预留
// OAUTH2_INVALID_GRANT_BAD_CREDENTIALS(1001001001, "密码不正确"), // 暂时没用到
// OAUTH2_INVALID_GRANT_USERNAME_NOT_FOUND(1001001002, "账号不存在"), // 暂时没用到
// OAUTH2_INVALID_GRANT(1001001010, ""), // 预留
OAUTH_INVALID_TOKEN_NOT_FOUND(1002001011, "访问令牌不存在"),
OAUTH_INVALID_TOKEN_EXPIRED(1002001012, "访问令牌已过期"),
OAUTH_INVALID_TOKEN_INVALID(1002001013, "访问令牌已失效"),
OAUTH_INVALID_PERMISSION(1002001014, "没有该操作权限"), // TODO 芋艿,临时放在 OAUTH2 模块理论来说OAUTH2 只做认证,不做鉴权。
OAUTH_INVALID_TOKEN(1002001020, ""), // 预留
// ========== 管理员模块 ==========
ADMIN_USERNAME_NOT_REGISTERED(1002002000, "账号不存在"),
ADMIN_PASSWORD_ERROR(1002002001, "密码不正确"),
ADMIN_IS_DISABLE(1002002002, "账号被禁用");
private final int code;
private final String message;
AdminErrorCodeEnum(int code, String message) {
this.code = code;
this.message = message;
}
public int getCode() {
return code;
}
public String getMessage() {
return message;
}
}

View File

@ -0,0 +1,77 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>admin</artifactId>
<groupId>cn.iocoder.mall</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>admin-service-impl</artifactId>
<properties>
<org.mapstruct.version>1.3.0.Final</org.mapstruct.version>
</properties>
<dependencies>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>dubbo</artifactId>
<version>2.6.5</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>admin-service-api</artifactId>
<version>1.0-SNAPSHOT</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.0.0</version>
</dependency>
<dependency>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct</artifactId>
<version>${org.mapstruct.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
<!-- 提供给 mapstruct 使用 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.5.1</version>
<configuration>
<source>1.8</source> <!-- or higher, depending on your project -->
<target>1.8</target> <!-- or higher, depending on your project -->
<annotationProcessorPaths>
<path>
<groupId>org.mapstruct</groupId>
<artifactId>mapstruct-processor</artifactId>
<version>${org.mapstruct.version}</version>
</path>
</annotationProcessorPaths>
</configuration>
</plugin>
</plugins>
</build>
</project>

View File

@ -0,0 +1,14 @@
package cn.iocoder.mall.admin.config;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.transaction.annotation.EnableTransactionManagement;
@Configuration
@MapperScan("cn.iocoder.mall.admin.dao") // 扫描对应的 Mapper 接口
@EnableTransactionManagement(proxyTargetClass = true) // 启动事务管理。为什么使用 proxyTargetClass 参数,参见 https://blog.csdn.net/huang_550/article/details/76492600
public class DatabaseConfiguration {
// 数据源,使用 HikariCP
}

View File

@ -0,0 +1,26 @@
package cn.iocoder.mall.admin.config;
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
import org.springframework.boot.context.event.ApplicationReadyEvent;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.event.EventListener;
@Configuration
public class ServiceExceptionConfiguration {
@EventListener(ApplicationReadyEvent.class) // 可参考 https://www.cnblogs.com/ssslinppp/p/7607509.html
public void initMessages() {
// 从 service_exception_message.properties 加载错误码的方案
// Properties properties;
// try {
// properties = PropertiesLoaderUtils.loadAllProperties("classpath:service_exception_message.properties");
// } catch (IOException e) {
// throw new RuntimeException(e);
// }
for (AdminErrorCodeEnum item : AdminErrorCodeEnum.values()) {
ServiceExceptionUtil.put(item.getCode(), item.getMessage());
}
}
}

View File

@ -0,0 +1,35 @@
package cn.iocoder.mall.admin.convert;
import cn.iocoder.mall.admin.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO;
import cn.iocoder.mall.admin.dataobject.AdminRoleDO;
import cn.iocoder.mall.admin.dataobject.OAuth2AccessTokenDO;
import org.mapstruct.Mapper;
import org.mapstruct.Mapping;
import org.mapstruct.Mappings;
import org.mapstruct.factory.Mappers;
import java.util.List;
@Mapper
public interface OAuth2Convert {
OAuth2Convert INSTANCE = Mappers.getMapper(OAuth2Convert.class);
@Mappings({
@Mapping(source = "id", target = "accessToken")
})
OAuth2AccessTokenBO convertToAccessToken(OAuth2AccessTokenDO oauth2AccessTokenDO);
default OAuth2AccessTokenBO convertToAccessTokenWithExpiresIn(OAuth2AccessTokenDO oauth2AccessTokenDO) {
return this.convertToAccessToken(oauth2AccessTokenDO)
.setExpiresIn(Math.max((int) ((oauth2AccessTokenDO.getExpiresTime().getTime() - System.currentTimeMillis()) / 1000), 0));
}
@Mappings({
@Mapping(source = "oauth2AccessTokenDO.id", target = "accessToken"),
@Mapping(source = "adminRoleDOs.roleId", target = "roleIds")
})
OAuth2AuthenticationBO convertToAuthentication(OAuth2AccessTokenDO oauth2AccessTokenDO, List<AdminRoleDO> adminRoleDOs);
}

View File

@ -0,0 +1,12 @@
package cn.iocoder.mall.admin.dao;
import cn.iocoder.mall.admin.dataobject.AdminDO;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;
@Repository
public interface AdminMapper {
AdminDO selectByUsername(@Param("username") String username);
}

View File

@ -0,0 +1,14 @@
package cn.iocoder.mall.admin.dao;
import cn.iocoder.mall.admin.dataobject.AdminRoleDO;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface AdminRoleMapper {
List<AdminRoleDO> selectByAdminId(@Param("adminId") Integer adminId);
}

View File

@ -0,0 +1,13 @@
package cn.iocoder.mall.admin.dao;
import cn.iocoder.mall.admin.dataobject.OAuth2AccessTokenDO;
import org.springframework.stereotype.Repository;
@Repository
public interface OAuth2AccessTokenMapper {
void insert(OAuth2AccessTokenDO entity);
OAuth2AccessTokenDO selectByTokenId(String tokenId);
}

View File

@ -0,0 +1,11 @@
package cn.iocoder.mall.admin.dao;
import cn.iocoder.mall.admin.dataobject.OAuth2RefreshTokenDO;
import org.springframework.stereotype.Repository;
@Repository
public interface OAuth2RefreshTokenMapper {
void insert(OAuth2RefreshTokenDO entity);
}

View File

@ -0,0 +1,14 @@
package cn.iocoder.mall.admin.dao;
import cn.iocoder.mall.admin.dataobject.RoleResourceDO;
import org.apache.ibatis.annotations.Param;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface RoleResourceMapper {
List<RoleResourceDO> selectByResourceHandler(@Param("resourceHandler") String resourceHandler);
}

View File

@ -0,0 +1,100 @@
package cn.iocoder.mall.admin.dataobject;
import java.util.Date;
/**
*
*/
public class AdminDO {
/**
* -
*/
public static final Integer STATUS_ENABLE = 1;
/**
* -
*/
public static final Integer STATUS_DISABLE = 2;
/**
*
*/
private Integer id;
/**
*
*/
private String username;
/**
*
*/
private String nickname;
/**
*
*
* TODO MD5
*/
private String password;
/**
*
*/
private Date createTime;
/**
*
*/
private Integer status;
public Integer getId() {
return id;
}
public AdminDO setId(Integer id) {
this.id = id;
return this;
}
public String getUsername() {
return username;
}
public AdminDO setUsername(String username) {
this.username = username;
return this;
}
public String getNickname() {
return nickname;
}
public AdminDO setNickname(String nickname) {
this.nickname = nickname;
return this;
}
public String getPassword() {
return password;
}
public AdminDO setPassword(String password) {
this.password = password;
return this;
}
public Date getCreateTime() {
return createTime;
}
public AdminDO setCreateTime(Date createTime) {
this.createTime = createTime;
return this;
}
public Integer getStatus() {
return status;
}
public AdminDO setStatus(Integer status) {
this.status = status;
return this;
}
}

View File

@ -0,0 +1,65 @@
package cn.iocoder.mall.admin.dataobject;
import java.util.Date;
/**
* {@link AdminDO} {@link RoleDO}
*/
public class AdminRoleDO {
/**
*
*/
private Integer id;
/**
* ({@link AdminDO}
*/
private Integer adminId;
/**
* ({@link RoleDO}
*/
private Integer roleId;
/**
*
*/
private Date createTime;
// TODO 芋艿 删除状态
public Integer getId() {
return id;
}
public AdminRoleDO setId(Integer id) {
this.id = id;
return this;
}
public Integer getAdminId() {
return adminId;
}
public AdminRoleDO setAdminId(Integer adminId) {
this.adminId = adminId;
return this;
}
public Integer getRoleId() {
return roleId;
}
public AdminRoleDO setRoleId(Integer roleId) {
this.roleId = roleId;
return this;
}
public Date getCreateTime() {
return createTime;
}
public AdminRoleDO setCreateTime(Date createTime) {
this.createTime = createTime;
return this;
}
}

View File

@ -0,0 +1,86 @@
package cn.iocoder.mall.admin.dataobject;
import java.util.Date;
public class OAuth2AccessTokenDO {
/**
* 访
*/
private String id;
/**
*
*/
private String refreshToken;
/**
*
*/
private Integer adminId;
/**
*
*/
private Date expiresTime;
/**
*
*/
private Boolean valid;
/**
*
*/
private Date createTime;
public String getId() {
return id;
}
public OAuth2AccessTokenDO setId(String id) {
this.id = id;
return this;
}
public String getRefreshToken() {
return refreshToken;
}
public OAuth2AccessTokenDO setRefreshToken(String refreshToken) {
this.refreshToken = refreshToken;
return this;
}
public Integer getAdminId() {
return adminId;
}
public OAuth2AccessTokenDO setAdminId(Integer adminId) {
this.adminId = adminId;
return this;
}
public Date getExpiresTime() {
return expiresTime;
}
public OAuth2AccessTokenDO setExpiresTime(Date expiresTime) {
this.expiresTime = expiresTime;
return this;
}
public Boolean getValid() {
return valid;
}
public OAuth2AccessTokenDO setValid(Boolean valid) {
this.valid = valid;
return this;
}
public Date getCreateTime() {
return createTime;
}
public OAuth2AccessTokenDO setCreateTime(Date createTime) {
this.createTime = createTime;
return this;
}
}

View File

@ -0,0 +1,78 @@
package cn.iocoder.mall.admin.dataobject;
import java.util.Date;
/**
*
*
* idx_uid
*/
public class OAuth2RefreshTokenDO {
/**
*
*/
private String id;
/**
*
*/
private Integer adminId;
/**
*
*/
private Boolean valid;
/**
*
*/
private Date expiresTime;
/**
*
*/
private Date createTime;
public String getId() {
return id;
}
public OAuth2RefreshTokenDO setId(String id) {
this.id = id;
return this;
}
public Integer getAdminId() {
return adminId;
}
public OAuth2RefreshTokenDO setAdminId(Integer adminId) {
this.adminId = adminId;
return this;
}
public Boolean getValid() {
return valid;
}
public OAuth2RefreshTokenDO setValid(Boolean valid) {
this.valid = valid;
return this;
}
public Date getExpiresTime() {
return expiresTime;
}
public OAuth2RefreshTokenDO setExpiresTime(Date expiresTime) {
this.expiresTime = expiresTime;
return this;
}
public Date getCreateTime() {
return createTime;
}
public OAuth2RefreshTokenDO setCreateTime(Date createTime) {
this.createTime = createTime;
return this;
}
}

View File

@ -0,0 +1,129 @@
package cn.iocoder.mall.admin.dataobject;
import java.util.Date;
/**
*
*/
public class ResourceDO {
/**
* -
*/
public static final Integer TYPE_MENU = 1;
/**
* -
*
*
*/
public static final Integer TYPE_OPERATION = 2;
/**
*
*/
private Integer id;
/**
*
*/
private String name;
/**
*
*/
private Integer type;
/**
*
*/
private Integer sort;
/**
*
*/
private String displayName;
/**
*
*/
private Date createTime;
/**
* ({@link ResourceDO#id})
*/
private Integer pid;
/**
*
*
* handler URL
* handler URL url url
*/
private String handler;
public Integer getId() {
return id;
}
public ResourceDO setId(Integer id) {
this.id = id;
return this;
}
public String getName() {
return name;
}
public ResourceDO setName(String name) {
this.name = name;
return this;
}
public Integer getType() {
return type;
}
public ResourceDO setType(Integer type) {
this.type = type;
return this;
}
public Integer getSort() {
return sort;
}
public ResourceDO setSort(Integer sort) {
this.sort = sort;
return this;
}
public String getDisplayName() {
return displayName;
}
public ResourceDO setDisplayName(String displayName) {
this.displayName = displayName;
return this;
}
public Date getCreateTime() {
return createTime;
}
public ResourceDO setCreateTime(Date createTime) {
this.createTime = createTime;
return this;
}
public Integer getPid() {
return pid;
}
public ResourceDO setPid(Integer pid) {
this.pid = pid;
return this;
}
public String getHandler() {
return handler;
}
public ResourceDO setHandler(String handler) {
this.handler = handler;
return this;
}
}

View File

@ -0,0 +1,63 @@
package cn.iocoder.mall.admin.dataobject;
import java.util.Date;
/**
*
*/
public class RoleDO {
/**
* -
*/
public static final Integer STATUS_ENABLE = 1;
/**
* -
*/
public static final Integer STATUS_DISABLE = 2;
/**
*
*/
private Integer id;
/**
*
*/
private String name;
/**
*
*/
private Date createTime;
/**
*
*/
private Integer status;
public String getName() {
return name;
}
public RoleDO setName(String name) {
this.name = name;
return this;
}
public Date getCreateTime() {
return createTime;
}
public RoleDO setCreateTime(Date createTime) {
this.createTime = createTime;
return this;
}
public Integer getStatus() {
return status;
}
public RoleDO setStatus(Integer status) {
this.status = status;
return this;
}
}

View File

@ -0,0 +1,65 @@
package cn.iocoder.mall.admin.dataobject;
import java.util.Date;
/**
* {@link RoleDO} {@link ResourceDO}
*/
public class RoleResourceDO {
/**
*
*/
private Integer id;
/**
* ({@link RoleDO}
*/
private Integer roleId;
/**
* ({@link ResourceDO}
*/
private Integer resourceId;
/**
*
*/
private Date createTime;
// TODO 芋艿 删除状态
public Integer getId() {
return id;
}
public RoleResourceDO setId(Integer id) {
this.id = id;
return this;
}
public Integer getRoleId() {
return roleId;
}
public RoleResourceDO setRoleId(Integer roleId) {
this.roleId = roleId;
return this;
}
public Date getCreateTime() {
return createTime;
}
public RoleResourceDO setCreateTime(Date createTime) {
this.createTime = createTime;
return this;
}
public Integer getResourceId() {
return resourceId;
}
public RoleResourceDO setResourceId(Integer resourceId) {
this.resourceId = resourceId;
return this;
}
}

View File

@ -0,0 +1 @@
package cn.iocoder.mall.admin;

View File

@ -0,0 +1,50 @@
package cn.iocoder.mall.admin.service;
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.admin.api.AdminService;
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
import cn.iocoder.mall.admin.dao.AdminMapper;
import cn.iocoder.mall.admin.dao.AdminRoleMapper;
import cn.iocoder.mall.admin.dataobject.AdminDO;
import cn.iocoder.mall.admin.dataobject.AdminRoleDO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.DigestUtils;
import java.util.List;
@Service
@com.alibaba.dubbo.config.annotation.Service
public class AdminServiceImpl implements AdminService {
@Autowired
private AdminMapper adminMapper;
@Autowired
private AdminRoleMapper adminRoleMapper;
public CommonResult<AdminDO> validAdmin(String username, String password) {
AdminDO admin = adminMapper.selectByUsername(username);
// 账号不存在
if (admin == null) {
return ServiceExceptionUtil.error(AdminErrorCodeEnum.ADMIN_USERNAME_NOT_REGISTERED.getCode());
}
// 密码不正确
if (DigestUtils.md5DigestAsHex(password.getBytes()).equals(admin.getPassword())) {
return ServiceExceptionUtil.error(AdminErrorCodeEnum.ADMIN_PASSWORD_ERROR.getCode());
}
// 账号被禁用
if (AdminDO.STATUS_DISABLE.equals(admin.getStatus())) {
return ServiceExceptionUtil.error(AdminErrorCodeEnum.ADMIN_IS_DISABLE.getCode());
}
// 校验成功,返回管理员。并且,去掉一些非关键字段,考虑安全性。
admin.setPassword(null);
admin.setStatus(null);
return CommonResult.success(admin);
}
public List<AdminRoleDO> getAdminRoles(Integer adminId) {
return adminRoleMapper.selectByAdminId(adminId);
}
}

View File

@ -0,0 +1,123 @@
package cn.iocoder.mall.admin.service;
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.admin.api.OAuth2Service;
import cn.iocoder.mall.admin.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO;
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
import cn.iocoder.mall.admin.convert.OAuth2Convert;
import cn.iocoder.mall.admin.dao.OAuth2AccessTokenMapper;
import cn.iocoder.mall.admin.dao.OAuth2RefreshTokenMapper;
import cn.iocoder.mall.admin.dataobject.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import java.util.*;
@Service
@com.alibaba.dubbo.config.annotation.Service
public class OAuth2ServiceImpl implements OAuth2Service {
/**
* 访
*/
@Value("${modules.oauth2-code-service.access-token-expire-time-millis}")
private int accessTokenExpireTimeMillis;
/**
*
*/
@Value("${modules.oauth2-code-service.refresh-token-expire-time-millis}")
private int refreshTokenExpireTimeMillis;
@Autowired
private AdminServiceImpl adminService;
@Autowired
private OAuth2AccessTokenMapper oauth2AccessTokenMapper;
@Autowired
private OAuth2RefreshTokenMapper oauth2RefreshTokenMapper;
@Autowired
private RoleServiceImpl roleService;
@Override
public CommonResult<OAuth2AccessTokenBO> getAccessToken(String username, String password) {
CommonResult<AdminDO> adminResult = adminService.validAdmin(username, password);
// 校验失败,返回错误结果
if (adminResult.isError()) {
return CommonResult.error(adminResult);
}
AdminDO admin = adminResult.getData();
// 创建刷新令牌
OAuth2RefreshTokenDO oauth2RefreshTokenDO = createOAuth2RefreshToken(admin.getId());
// 创建访问令牌
OAuth2AccessTokenDO oauth2AccessTokenDO = createOAuth2AccessToken(admin.getId(), oauth2RefreshTokenDO.getId());
// 转换返回
return CommonResult.success(OAuth2Convert.INSTANCE.convertToAccessTokenWithExpiresIn(oauth2AccessTokenDO));
}
@Override
public CommonResult<OAuth2AuthenticationBO> checkToken(String accessToken) {
OAuth2AccessTokenDO accessTokenDO = oauth2AccessTokenMapper.selectByTokenId(accessToken);
if (accessTokenDO == null) { // 不存在
return ServiceExceptionUtil.error(AdminErrorCodeEnum.OAUTH_INVALID_TOKEN_NOT_FOUND.getCode());
}
if (accessTokenDO.getExpiresTime().getTime() < System.currentTimeMillis()) { // 已过期
return ServiceExceptionUtil.error(AdminErrorCodeEnum.OAUTH_INVALID_TOKEN_EXPIRED.getCode());
}
if (!accessTokenDO.getValid()) { // 无效
return ServiceExceptionUtil.error(AdminErrorCodeEnum.OAUTH_INVALID_TOKEN_INVALID.getCode());
}
// 获得管理员拥有的角色
List<AdminRoleDO> adminRoleDOs = adminService.getAdminRoles(accessTokenDO.getAdminId());
return CommonResult.success(OAuth2Convert.INSTANCE.convertToAuthentication(accessTokenDO, adminRoleDOs));
}
@Override
public CommonResult<Boolean> checkPermission(Integer adminId, Set<Integer> roleIds, String url) {
// 避免传入的是空集合
if (roleIds == null) {
roleIds = Collections.emptySet();
}
// 校验权限
List<RoleResourceDO> roleResourceDOs = roleService.getRoleByResourceHandler(url);
if (roleResourceDOs.isEmpty()) { // 任何角色,都可以访问
return CommonResult.success(true);
}
for (RoleResourceDO roleResourceDO : roleResourceDOs) {
if (roleIds.contains(roleResourceDO.getId())) {
return CommonResult.success(true);
}
}
// 没有权限,返回错误
return ServiceExceptionUtil.error(AdminErrorCodeEnum.OAUTH_INVALID_PERMISSION.getCode());
}
private OAuth2AccessTokenDO createOAuth2AccessToken(Integer adminId, String refreshToken) {
OAuth2AccessTokenDO accessToken = new OAuth2AccessTokenDO().setId(generateAccessToken())
.setRefreshToken(refreshToken)
.setAdminId(adminId)
.setExpiresTime(new Date(System.currentTimeMillis() + accessTokenExpireTimeMillis))
.setValid(true);
oauth2AccessTokenMapper.insert(accessToken);
return accessToken;
}
private OAuth2RefreshTokenDO createOAuth2RefreshToken(Integer adminId) {
OAuth2RefreshTokenDO refreshToken = new OAuth2RefreshTokenDO().setId(generateRefreshToken())
.setAdminId(adminId)
.setExpiresTime(new Date(System.currentTimeMillis() + refreshTokenExpireTimeMillis))
.setValid(true);
oauth2RefreshTokenMapper.insert(refreshToken);
return refreshToken;
}
private String generateAccessToken() {
return UUID.randomUUID().toString().replaceAll("-", "");
}
private String generateRefreshToken() {
return UUID.randomUUID().toString().replaceAll("-", "");
}
}

View File

@ -0,0 +1,22 @@
package cn.iocoder.mall.admin.service;
import cn.iocoder.mall.admin.api.RoleService;
import cn.iocoder.mall.admin.dao.RoleResourceMapper;
import cn.iocoder.mall.admin.dataobject.RoleResourceDO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
@Service
@com.alibaba.dubbo.config.annotation.Service
public class RoleServiceImpl implements RoleService {
@Autowired
private RoleResourceMapper roleResourceMapper;
public List<RoleResourceDO> getRoleByResourceHandler(String resourceHandler) {
return roleResourceMapper.selectByResourceHandler(resourceHandler);
}
}

View File

@ -0,0 +1,4 @@
##################### 业务模块 #####################
## OAuth2CodeService
modules.oauth2-code-service.access-token-expire-time-millis = 2880000
modules.oauth2-code-service.refresh-token-expire-time-millis = 43200000

View File

@ -0,0 +1,32 @@
spring:
# datasource
datasource:
url: jdbc:mysql://127.0.0.1:33061/mall_admin?useSSL=false
driver-class-name: com.mysql.jdbc.Driver
username: root
password: 123456
# server
server:
port: 8083
# mybatis
mybatis:
config-location: classpath:mybatis-config.xml
mapper-locations: classpath:mapper/*.xml
type-aliases-package: cn.iocoder.mall.admin.dataobject
# dubbo
dubbo:
application:
name: admin-service
registry:
address: zookeeper://127.0.0.1:2181
protocol:
port: -1
name: dubbo
scan:
base-packages: cn.iocoder.mall.admin.service
demo:
service:
version: 1.0.0

View File

@ -0,0 +1,20 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.admin.dao.AdminMapper">
<!--<insert id="insert" parameterType="UserDO" useGeneratedKeys="true" keyProperty="id">-->
<!--INSERT INTO users (-->
<!--id, mobile, create_time-->
<!--) VALUES (-->
<!--#{id}, #{mobile}, #{createTime}-->
<!--)-->
<!--</insert>-->
<select id="selectByUsername" parameterType="String" resultType="AdminDO">
SELECT
id, username, nickname, password, status
FROM admin
WHERE username = #{username}
</select>
</mapper>

View File

@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.admin.dao.AdminRoleMapper">
<!--<insert id="insert" parameterType="UserDO" useGeneratedKeys="true" keyProperty="id">-->
<!--INSERT INTO users (-->
<!--id, mobile, create_time-->
<!--) VALUES (-->
<!--#{id}, #{mobile}, #{createTime}-->
<!--)-->
<!--</insert>-->
<select id="selectByAdminId" parameterType="Integer" resultType="AdminRoleDO">
SELECT
ar.id, ar.admin_id, ar.role_id
FROM admin a, admin_role ar
WHERE a.id = #{adminId}
AND a.id = ar.admin_id
</select>
</mapper>

View File

@ -0,0 +1,22 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.admin.dao.OAuth2AccessTokenMapper">
<insert id="insert" parameterType="OAuth2AccessTokenDO">
INSERT INTO oauth2_access_token (
id, refresh_token, admin_id, valid, expires_time,
create_time
) VALUES (
#{id}, #{refreshToken}, #{adminId}, #{valid}, #{expiresTime},
#{createTime}
)
</insert>
<select id="selectByTokenId" parameterType="String" resultType="OAuth2AccessTokenDO">
SELECT
id, admin_id, valid, expires_time
FROM oauth2_access_token
WHERE id = #{id}
</select>
</mapper>

View File

@ -0,0 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.admin.dao.OAuth2RefreshTokenMapper">
<insert id="insert" parameterType="OAuth2RefreshTokenDO">
INSERT INTO oauth2_refresh_token (
id, admin_id, valid, expires_time, create_time
) VALUES (
#{id}, #{adminId}, #{valid}, #{expiresTime}, #{createTime}
)
</insert>
</mapper>

View File

@ -0,0 +1,21 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.admin.dao.RoleResourceMapper">
<!--<insert id="insert" parameterType="UserDO" useGeneratedKeys="true" keyProperty="id">-->
<!--INSERT INTO users (-->
<!--id, mobile, create_time-->
<!--) VALUES (-->
<!--#{id}, #{mobile}, #{createTime}-->
<!--)-->
<!--</insert>-->
<select id="selectByResourceHandler" parameterType="String" resultType="RoleResourceDO">
SELECT
rr.id, rr.role_id, rr.resouce_id
FROM resouce r, role_resource rr
WHERE r.handler = #{resourceHandler}
AND r.id = rr.resource_id
</select>
</mapper>

View File

@ -0,0 +1,19 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<settings>
<!-- 使用驼峰命名法转换字段。 -->
<setting name="mapUnderscoreToCamelCase" value="true"/>
</settings>
<typeAliases>
<typeAlias alias="Integer" type="java.lang.Integer"/>
<typeAlias alias="Long" type="java.lang.Long"/>
<typeAlias alias="HashMap" type="java.util.HashMap"/>
<typeAlias alias="LinkedHashMap" type="java.util.LinkedHashMap"/>
<typeAlias alias="ArrayList" type="java.util.ArrayList"/>
<typeAlias alias="LinkedList" type="java.util.LinkedList"/>
</typeAliases>
</configuration>

22
admin/pom.xml Normal file
View File

@ -0,0 +1,22 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>mall-parent</artifactId>
<groupId>cn.iocoder.mall</groupId>
<version>1.0-SNAPSHOT</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>admin</artifactId>
<packaging>pom</packaging>
<modules>
<module>admin-application</module>
<module>admin-sdk</module>
<module>admin-service-api</module>
<module>admin-service-impl</module>
</modules>
</project>

View File

@ -0,0 +1,21 @@
package cn.iocoder.common.framework.util;
import org.springframework.util.StringUtils;
import javax.servlet.http.HttpServletRequest;
public class HttpUtil {
public static String obtainAccess(HttpServletRequest request) {
String authorization = request.getHeader("Authorization");
if (!StringUtils.hasText(authorization)) {
return null;
}
int index = authorization.indexOf("Bearer ");
if (index == -1) { // 未找到
return null;
}
return authorization.substring(index + 7).trim();
}
}

View File

@ -18,6 +18,7 @@
<module>order</module> <module>order</module>
<module>user</module> <module>user</module>
<module>common</module> <module>common</module>
<module>admin</module>
</modules> </modules>
<packaging>pom</packaging> <packaging>pom</packaging>

View File

@ -1,7 +1,7 @@
package cn.iocoder.mall.user.config; package cn.iocoder.mall.user.config;
import cn.iocoder.common.framework.config.GlobalExceptionHandler; import cn.iocoder.common.framework.config.GlobalExceptionHandler;
import cn.iocoder.mall.user.sdk.interceptor.SecurityInterceptor; import cn.iocoder.mall.user.sdk.interceptor.UserSecurityInterceptor;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Import;
@ -13,11 +13,11 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@EnableWebMvc @EnableWebMvc
@Configuration @Configuration
@Import(value = {GlobalExceptionHandler.class, // 统一全局返回 @Import(value = {GlobalExceptionHandler.class, // 统一全局返回
SecurityInterceptor.class}) // 安全拦截器,实现认证和授权功能。 UserSecurityInterceptor.class}) // 安全拦截器,实现认证和授权功能。
public class MVCConfiguration implements WebMvcConfigurer { public class MVCConfiguration implements WebMvcConfigurer {
@Autowired @Autowired
private SecurityInterceptor securityInterceptor; private UserSecurityInterceptor securityInterceptor;
@Override @Override
public void addInterceptors(InterceptorRegistry registry) { public void addInterceptors(InterceptorRegistry registry) {

View File

@ -46,7 +46,7 @@ public class PassportController {
}) })
public CommonResult<MobileRegisterVO> mobileRegister(@RequestParam("mobile") String mobile, public CommonResult<MobileRegisterVO> mobileRegister(@RequestParam("mobile") String mobile,
@RequestParam("code") String code) { @RequestParam("code") String code) {
CommonResult<OAuth2AccessTokenBO> result = oauth2Service.getAccessToken2(mobile, code); CommonResult<OAuth2AccessTokenBO> result = oauth2Service.getAccessToken(mobile, code);
return PassportConvert.INSTANCE.convert(result); return PassportConvert.INSTANCE.convert(result);
} }

View File

@ -1,7 +1,7 @@
package cn.iocoder.mall.user.controller; package cn.iocoder.mall.user.controller;
import cn.iocoder.common.framework.vo.CommonResult; import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.user.sdk.context.SecurityContextHolder; import cn.iocoder.mall.user.sdk.context.UserSecurityContextHolder;
import cn.iocoder.mall.user.vo.UserInfoVO; import cn.iocoder.mall.user.vo.UserInfoVO;
import io.swagger.annotations.Api; import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiOperation;
@ -18,7 +18,7 @@ public class UserController {
@ApiOperation(value = "用户信息") @ApiOperation(value = "用户信息")
public CommonResult<UserInfoVO> info() { public CommonResult<UserInfoVO> info() {
// TODO 芋艿,正在实现中 // TODO 芋艿,正在实现中
UserInfoVO user = new UserInfoVO().setId(SecurityContextHolder.getContext().getUid()); UserInfoVO user = new UserInfoVO().setId(UserSecurityContextHolder.getContext().getUid());
return CommonResult.success(user); return CommonResult.success(user);
} }

View File

@ -1,30 +0,0 @@
package cn.iocoder.mall.user.sdk.context;
/**
* {@link SecurityContext} Holder
*
* spring security ThreadLocalSecurityContextHolderStrategy
*/
public class SecurityContextHolder {
private static final ThreadLocal<SecurityContext> securityContext = new ThreadLocal<SecurityContext>();
public static void setContext(SecurityContext context) {
securityContext.set(context);
}
public static SecurityContext getContext() {
SecurityContext ctx = securityContext.get();
// 为空时,设置一个空的进去
if (ctx == null) {
ctx = new SecurityContext(null);
securityContext.set(ctx);
}
return ctx;
}
public static void clear() {
securityContext.remove();
}
}

View File

@ -1,13 +1,13 @@
package cn.iocoder.mall.user.sdk.context; package cn.iocoder.mall.user.sdk.context;
/** /**
* Security * User Security
*/ */
public class SecurityContext { public class UserSecurityContext {
private final Long uid; private final Long uid;
public SecurityContext(Long uid) { public UserSecurityContext(Long uid) {
this.uid = uid; this.uid = uid;
} }

View File

@ -0,0 +1,30 @@
package cn.iocoder.mall.user.sdk.context;
/**
* {@link UserSecurityContext} Holder
*
* spring security ThreadLocalSecurityContextHolderStrategy
*/
public class UserSecurityContextHolder {
private static final ThreadLocal<UserSecurityContext> securityContext = new ThreadLocal<UserSecurityContext>();
public static void setContext(UserSecurityContext context) {
securityContext.set(context);
}
public static UserSecurityContext getContext() {
UserSecurityContext ctx = securityContext.get();
// 为空时,设置一个空的进去
if (ctx == null) {
ctx = new UserSecurityContext(null);
securityContext.set(ctx);
}
return ctx;
}
public static void clear() {
securityContext.remove();
}
}

View File

@ -1,15 +1,15 @@
package cn.iocoder.mall.user.sdk.interceptor; package cn.iocoder.mall.user.sdk.interceptor;
import cn.iocoder.common.framework.exception.ServiceException; import cn.iocoder.common.framework.exception.ServiceException;
import cn.iocoder.common.framework.util.HttpUtil;
import cn.iocoder.common.framework.vo.CommonResult; import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.user.sdk.annotation.PermitAll; import cn.iocoder.mall.user.sdk.annotation.PermitAll;
import cn.iocoder.mall.user.sdk.context.SecurityContext; import cn.iocoder.mall.user.sdk.context.UserSecurityContext;
import cn.iocoder.mall.user.sdk.context.SecurityContextHolder; import cn.iocoder.mall.user.sdk.context.UserSecurityContextHolder;
import cn.iocoder.mall.user.service.api.OAuth2Service; import cn.iocoder.mall.user.service.api.OAuth2Service;
import cn.iocoder.mall.user.service.api.bo.OAuth2AuthenticationBO; import cn.iocoder.mall.user.service.api.bo.OAuth2AuthenticationBO;
import com.alibaba.dubbo.config.annotation.Reference; import com.alibaba.dubbo.config.annotation.Reference;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod; import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
@ -21,7 +21,7 @@ import javax.servlet.http.HttpServletResponse;
* *
*/ */
@Component @Component
public class SecurityInterceptor extends HandlerInterceptorAdapter { public class UserSecurityInterceptor extends HandlerInterceptorAdapter {
@Reference @Reference
private OAuth2Service oauth2Service; private OAuth2Service oauth2Service;
@ -29,7 +29,7 @@ public class SecurityInterceptor extends HandlerInterceptorAdapter {
@Override @Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 校验访问令牌是否正确。若正确,返回授权信息 // 校验访问令牌是否正确。若正确,返回授权信息
String accessToken = obtainAccess(request); String accessToken = HttpUtil.obtainAccess(request);
OAuth2AuthenticationBO authentication = null; OAuth2AuthenticationBO authentication = null;
if (accessToken != null) { if (accessToken != null) {
CommonResult<OAuth2AuthenticationBO> result = oauth2Service.checkToken(accessToken); CommonResult<OAuth2AuthenticationBO> result = oauth2Service.checkToken(accessToken);
@ -38,8 +38,8 @@ public class SecurityInterceptor extends HandlerInterceptorAdapter {
} }
authentication = result.getData(); authentication = result.getData();
// 添加到 SecurityContext // 添加到 SecurityContext
SecurityContext context = new SecurityContext(authentication.getUid()); UserSecurityContext context = new UserSecurityContext(authentication.getUid());
SecurityContextHolder.setContext(context); UserSecurityContextHolder.setContext(context);
} }
// 校验是否需要已授权 // 校验是否需要已授权
HandlerMethod method = (HandlerMethod) handler; HandlerMethod method = (HandlerMethod) handler;
@ -53,19 +53,7 @@ public class SecurityInterceptor extends HandlerInterceptorAdapter {
@Override @Override
public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) { public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
// 清空 SecurityContext // 清空 SecurityContext
SecurityContextHolder.clear(); UserSecurityContextHolder.clear();
}
private String obtainAccess(HttpServletRequest request) {
String authorization = request.getHeader("Authorization");
if (!StringUtils.hasText(authorization)) {
return null;
}
int index = authorization.indexOf("Bearer ");
if (index == -1) { // 未找到
return null;
}
return authorization.substring(index + 7).trim();
} }
} }

View File

@ -1,6 +1,6 @@
/** /**
* SDK 使 * SDK 使
* *
* 1. {@link } * 1. {@link cn.iocoder.mall.user.sdk.interceptor.UserSecurityInterceptor} URL
*/ */
package cn.iocoder.mall.user.sdk; package cn.iocoder.mall.user.sdk;

View File

@ -1,27 +1,13 @@
package cn.iocoder.mall.user.service.api; package cn.iocoder.mall.user.service.api;
import cn.iocoder.common.framework.exception.ServiceException;
import cn.iocoder.common.framework.vo.CommonResult; import cn.iocoder.common.framework.vo.CommonResult;
import cn.iocoder.mall.user.service.api.bo.OAuth2AccessTokenBO; import cn.iocoder.mall.user.service.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.user.service.api.bo.OAuth2AuthenticationBO; import cn.iocoder.mall.user.service.api.bo.OAuth2AuthenticationBO;
public interface OAuth2Service { public interface OAuth2Service {
/** CommonResult<OAuth2AccessTokenBO> getAccessToken(String mobile, String code);
* 使 + 访
*
*
*
* @param mobile
* @param code
* @return
*/
@Deprecated
OAuth2AccessTokenBO getAccessToken(String mobile, String code)
throws ServiceException;
CommonResult<OAuth2AccessTokenBO> getAccessToken2(String mobile, String code);
/** /**
* 访( accessToken ) * 访( accessToken )

View File

@ -47,31 +47,7 @@ public class MobileCodeServiceImpl implements MobileCodeService {
* @param code * @param code
* @return * @return
*/ */
public MobileCodeDO validLastMobileCode(String mobile, String code) { public CommonResult<MobileCodeDO> validLastMobileCode(String mobile, String code) {
MobileCodeDO mobileCodePO = mobileCodeMapper.selectLast1ByMobile(mobile);
if (mobileCodePO == null) { // 若验证码不存在,抛出异常
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_NOT_FOUND.getCode());
}
if (System.currentTimeMillis() - mobileCodePO.getCreateTime().getTime() >= codeExpireTimes) { // 验证码已过期
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_EXPIRED.getCode());
}
if (mobileCodePO.getUsed()) { // 验证码已使用
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_USED.getCode());
}
if (!mobileCodePO.getCode().equals(code)) {
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_NOT_CORRECT.getCode());
}
return mobileCodePO;
}
/**
*
*
* @param mobile
* @param code
* @return
*/
public CommonResult<MobileCodeDO> validLastMobileCode2(String mobile, String code) {
MobileCodeDO mobileCodePO = mobileCodeMapper.selectLast1ByMobile(mobile); MobileCodeDO mobileCodePO = mobileCodeMapper.selectLast1ByMobile(mobile);
if (mobileCodePO == null) { // 若验证码不存在,抛出异常 if (mobileCodePO == null) { // 若验证码不存在,抛出异常
return ServiceExceptionUtil.error(UserErrorCodeEnum.MOBILE_CODE_NOT_FOUND.getCode()); return ServiceExceptionUtil.error(UserErrorCodeEnum.MOBILE_CODE_NOT_FOUND.getCode());

View File

@ -52,29 +52,9 @@ public class OAuth2ServiceImpl implements OAuth2Service {
@Override @Override
@Transactional @Transactional
public OAuth2AccessTokenBO getAccessToken(String mobile, String code) { public CommonResult<OAuth2AccessTokenBO> getAccessToken(String mobile, String code) {
// 校验手机号的最后一个手机验证码是否有效
MobileCodeDO mobileCodeDO = mobileCodeService.validLastMobileCode(mobile, code);
// 获取用户
UserDO userDO = userService.getUser(mobile);
if (userDO == null) { // 用户不存在
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.USER_MOBILE_NOT_REGISTERED.getCode());
}
// 创建刷新令牌
OAuth2RefreshTokenDO oauth2RefreshTokenDO = createOAuth2RefreshToken(userDO.getId());
// 创建访问令牌
OAuth2AccessTokenDO oauth2AccessTokenDO = createOAuth2AccessToken(userDO.getId(), oauth2RefreshTokenDO.getId());
// 标记已使用
mobileCodeService.useMobileCode(mobileCodeDO.getId(), userDO.getId());
// 转换返回
return OAuth2Convert.INSTANCE.convertToAccessTokenWithExpiresIn(oauth2AccessTokenDO);
}
@Override
@Transactional
public CommonResult<OAuth2AccessTokenBO> getAccessToken2(String mobile, String code) {
// 校验传入的 mobile 和 code 是否合法 // 校验传入的 mobile 和 code 是否合法
CommonResult<MobileCodeDO> result = mobileCodeService.validLastMobileCode2(mobile, code); CommonResult<MobileCodeDO> result = mobileCodeService.validLastMobileCode(mobile, code);
if (result.isError()) { if (result.isError()) {
return CommonResult.error(result); return CommonResult.error(result);
} }

View File

@ -4,17 +4,17 @@
<insert id="insert" parameterType="OAuth2AccessTokenDO"> <insert id="insert" parameterType="OAuth2AccessTokenDO">
INSERT INTO oauth2_access_token ( INSERT INTO oauth2_access_token (
id, refresh_token, uid, valid, expires_time, id, refresh_token, adminId, valid, expires_time,
create_time create_time
) VALUES ( ) VALUES (
#{id}, #{refreshToken}, #{uid}, #{valid}, #{expiresTime}, #{id}, #{refreshToken}, #{adminId}, #{valid}, #{expiresTime},
#{createTime} #{createTime}
) )
</insert> </insert>
<select id="selectByTokenId" parameterType="String" resultType="OAuth2AccessTokenDO"> <select id="selectByTokenId" parameterType="String" resultType="OAuth2AccessTokenDO">
SELECT SELECT
id, uid, valid, expires_time id, adminId, valid, expires_time
FROM oauth2_access_token FROM oauth2_access_token
WHERE id = #{id} WHERE id = #{id}
</select> </select>

View File

@ -4,9 +4,9 @@
<insert id="insert" parameterType="OAuth2RefreshTokenDO"> <insert id="insert" parameterType="OAuth2RefreshTokenDO">
INSERT INTO oauth2_refresh_token ( INSERT INTO oauth2_refresh_token (
id, uid, valid, expires_time, create_time id, adminId, valid, expires_time, create_time
) VALUES ( ) VALUES (
#{id}, #{uid}, #{valid}, #{expiresTime}, #{createTime} #{id}, #{adminId}, #{valid}, #{expiresTime}, #{createTime}
) )
</insert> </insert>