From f3d0835d8218aa16e9d1bf226d32a2c7364307bb Mon Sep 17 00:00:00 2001 From: haoran <18775438303@163.com> Date: Thu, 17 Apr 2025 15:19:36 +0800 Subject: [PATCH] =?UTF-8?q?refactor(sk-module-data):=20=E9=87=8D=E6=9E=84?= =?UTF-8?q?=E8=AE=A4=E8=AF=81=E9=80=BB=E8=BE=91=EF=BC=8C=E4=BD=BF=E7=94=A8?= =?UTF-8?q?=E6=8B=A6=E6=88=AA=E5=99=A8=E6=9B=BF=E4=BB=A3=E8=BF=87=E6=BB=A4?= =?UTF-8?q?=E5=99=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 移除 AuthFilter 类,改用 AuthInterceptor拦截器实现认证逻辑 - 新增 AuthInterceptor 类,用于拦截请求并进行身份验证 - 在 FinanceController 中添加 RequiresAuth 注解,标识需要认证的方法 - 新增 RequiresAuth 注解,用于标记需要认证的方法或类 - 新增 WebConfig 配置类,注册 AuthInterceptor 拦截器 --- .../module/data/config/AuthInterceptor.java | 72 +++++++++++++++++++ .../sk/module/data/config/RequiresAuth.java | 15 ++++ .../org/sk/module/data/config/WebConfig.java | 22 ++++++ .../admin/finance/FinanceController.java | 4 +- .../org/sk/module/data/filter/AuthFilter.java | 59 --------------- 5 files changed, 111 insertions(+), 61 deletions(-) create mode 100644 sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/AuthInterceptor.java create mode 100644 sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/RequiresAuth.java create mode 100644 sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/WebConfig.java delete mode 100644 sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/filter/AuthFilter.java diff --git a/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/AuthInterceptor.java b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/AuthInterceptor.java new file mode 100644 index 000000000..38a99122d --- /dev/null +++ b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/AuthInterceptor.java @@ -0,0 +1,72 @@ +package org.sk.module.data.config; + +import org.sk.module.data.dal.mapper.auth.AuthClientMapper; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.HandlerInterceptor; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +/** + * 认证拦截器 + * @author haoran + */ +@Component +public class AuthInterceptor implements HandlerInterceptor { + + @Autowired + private AuthClientMapper authClientMapper; + + /** + * 预处理HTTP请求,检查是否需要认证,并根据认证结果决定是否放行请求。 + * + * @param request HTTP请求对象,包含请求的详细信息 + * @param response HTTP响应对象,用于设置响应状态和内容 + * @param handler 处理请求的处理器对象,可能是HandlerMethod或其他类型 + * @return 如果请求可以继续处理,返回true;如果请求被拦截,返回false + * @throws Exception 如果处理过程中发生异常 + */ + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { + if (!(handler instanceof HandlerMethod)) { + // 不是处理方法(如资源处理器),直接放行 + return true; + } + + HandlerMethod handlerMethod = (HandlerMethod) handler; + + // 检查方法或类上的@RequiresAuth注解 + RequiresAuth methodAnnotation = handlerMethod.getMethodAnnotation(RequiresAuth.class); + RequiresAuth classAnnotation = handlerMethod.getBeanType().getAnnotation(RequiresAuth.class); + + if (methodAnnotation == null && classAnnotation == null) { + // 无需认证,放行 + return true; + } + + // 执行认证逻辑 + String id = request.getHeader("X-Id"); + String secretKey = request.getHeader("X-Secret-Key"); + + if (isValid(id, secretKey)) { + return true; + } else { + response.setStatus(HttpServletResponse.SC_FORBIDDEN); + response.setContentType("application/json"); + response.getWriter().write("{\"error\": \"Invalid ID or Secret Key\"}"); + return false; + } + } + + /** + * 验证ID和SecretKey + * @param id + * @param secretKey + * @return + */ + private boolean isValid(String id, String secretKey) { + return authClientMapper.selectClientByIdAndSecret(id, secretKey) == 1; + } +} diff --git a/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/RequiresAuth.java b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/RequiresAuth.java new file mode 100644 index 000000000..d71fce2e3 --- /dev/null +++ b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/RequiresAuth.java @@ -0,0 +1,15 @@ +package org.sk.module.data.config; + +import java.lang.annotation.ElementType; +import java.lang.annotation.Retention; +import java.lang.annotation.RetentionPolicy; +import java.lang.annotation.Target; + +/** + * 是否需要判断 Id 和 秘钥的权限认证的注解 + * @author haoran + */ +@Target({ElementType.METHOD, ElementType.TYPE}) +@Retention(RetentionPolicy.RUNTIME) +public @interface RequiresAuth { +} \ No newline at end of file diff --git a/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/WebConfig.java b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/WebConfig.java new file mode 100644 index 000000000..29b680129 --- /dev/null +++ b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/config/WebConfig.java @@ -0,0 +1,22 @@ +package org.sk.module.data.config; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +/** + * + */ +@Configuration +public class WebConfig implements WebMvcConfigurer { + + @Autowired + private AuthInterceptor authInterceptor; + + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(authInterceptor) + .addPathPatterns("/**"); // 拦截所有路径,由拦截器内部决定是否处理 + } +} \ No newline at end of file diff --git a/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/controller/admin/finance/FinanceController.java b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/controller/admin/finance/FinanceController.java index 1ad8da7da..46660ab24 100644 --- a/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/controller/admin/finance/FinanceController.java +++ b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/controller/admin/finance/FinanceController.java @@ -3,16 +3,15 @@ package org.sk.module.data.controller.admin.finance; import cn.iocoder.yudao.framework.common.pojo.CommonResult; import cn.iocoder.yudao.framework.common.util.object.BeanUtils; -import cn.iocoder.yudao.framework.common.util.object.ObjectUtils; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.tags.Tag; +import org.sk.module.data.config.RequiresAuth; import org.sk.module.data.dal.bo.finance.FinanceBO; import org.sk.module.data.dal.param.finance.FinanceParam; import org.sk.module.data.dal.param.finance.IncomeAndTaxParam; import org.sk.module.data.dal.vo.FinanceVO; import org.sk.module.data.service.finance.FinanceService; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.*; import javax.annotation.security.PermitAll; @@ -51,6 +50,7 @@ public class FinanceController { @Operation(summary = "根据拼接的统一社会信用编码以及年份获取数据") @PostMapping("/getIncomeAndTax") @PermitAll + @RequiresAuth public CommonResult> getIncomeAndTax(@Valid @RequestBody IncomeAndTaxParam param) { return CommonResult.success(financeService.getIncomeAndTax(param)); } diff --git a/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/filter/AuthFilter.java b/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/filter/AuthFilter.java deleted file mode 100644 index f56e9f220..000000000 --- a/sk-module-data/sk-module-data-biz/src/main/java/org/sk/module/data/filter/AuthFilter.java +++ /dev/null @@ -1,59 +0,0 @@ -package org.sk.module.data.filter; - -import org.sk.module.data.dal.mapper.auth.AuthClientMapper; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Qualifier; -import org.springframework.stereotype.Component; -import org.springframework.web.method.HandlerMethod; -import org.springframework.web.servlet.HandlerExecutionChain; -import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; - -import javax.servlet.*; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import java.io.IOException; -import java.lang.reflect.Method; - -@Component -public class AuthFilter implements Filter { - - @Autowired - @Qualifier("requestMappingHandlerMapping") // 或 "controllerEndpointHandlerMapping" - private RequestMappingHandlerMapping handlerMapping; - - @Autowired - private AuthClientMapper authClientMapper; - - public AuthFilter( RequestMappingHandlerMapping requestMappingHandlerMapping) { - this.handlerMapping = requestMappingHandlerMapping; - } - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpServletResponse httpResponse = (HttpServletResponse) response; - - // 获取请求头中的密钥和 ID - String id = httpRequest.getHeader("X-Id"); - String secretKey = httpRequest.getHeader("X-Secret-Key"); - - // 校验 ID 和密钥是否匹配 - if (isValid(id, secretKey)) { - chain.doFilter(request, response); - } else { - httpResponse.setStatus(HttpServletResponse.SC_FORBIDDEN); // 403 Forbidden - httpResponse.setContentType("application/json"); - httpResponse.getWriter().write("{\"error\": \"Invalid ID or Secret Key\"}"); - } - } - - - /** - * 校验 ID 和密钥是否匹配 - */ - private boolean isValid(String id, String secretKey) { - // 示例逻辑:从数据库中查询 ID 和密钥是否匹配 - return authClientMapper.selectClientByIdAndSecret(id,secretKey) == 1; - } -}