From 45da0753f62d352c9e0f809c34232f9d07e7b1ee Mon Sep 17 00:00:00 2001
From: yulinling <2712495353@qq.com>
Date: Sun, 15 Jun 2025 11:44:38 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20-=20=E5=AE=8C=E5=96=84Spring=20Security?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
pom.xml | 6 ++++
.../workflow/config/SecurityConfig.java | 5 ++--
.../security/JwtAuthenticationFilter.java | 18 +++++++-----
.../yulinling/workflow/utils/JwtUtil.java | 29 ++++++++++++-------
src/main/resources/mapper/UserMapper.xml | 28 ------------------
.../yulinling/workflow/utils/JwtUtilTest.java | 4 ---
6 files changed, 38 insertions(+), 52 deletions(-)
diff --git a/pom.xml b/pom.xml
index f362cf0..96ad611 100644
--- a/pom.xml
+++ b/pom.xml
@@ -132,6 +132,12 @@
mockito-core
test
+
+ org.jetbrains
+ annotations
+ RELEASE
+ compile
+
diff --git a/src/main/java/asia/yulinling/workflow/config/SecurityConfig.java b/src/main/java/asia/yulinling/workflow/config/SecurityConfig.java
index 2ab1fb2..60ac3e9 100644
--- a/src/main/java/asia/yulinling/workflow/config/SecurityConfig.java
+++ b/src/main/java/asia/yulinling/workflow/config/SecurityConfig.java
@@ -31,16 +31,17 @@ public class SecurityConfig {
public SecurityFilterChain securityFilterChain(HttpSecurity http, JwtUtil jwtUtil, JwtAuthenticationEntryPoint jwtAuthenticationEntryPoint) throws Exception {
http
.csrf(AbstractHttpConfigurer::disable)
+ .sessionManagement(AbstractHttpConfigurer::disable)
.exceptionHandling(ex -> ex
.authenticationEntryPoint(jwtAuthenticationEntryPoint)
- .accessDeniedHandler((request, response, accessDeniedException) -> response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied"))
+ .accessDeniedHandler((request, response, accessDeniedException) ->
+ response.sendError(HttpServletResponse.SC_FORBIDDEN, "Access Denied"))
)
.authorizeHttpRequests(auth -> auth
.requestMatchers("/login").permitAll()
.requestMatchers("/users", "/users/**").authenticated()
.anyRequest().authenticated()
)
- .sessionManagement(AbstractHttpConfigurer::disable)
.addFilterBefore(
new JwtAuthenticationFilter(jwtUtil, jwtUserDetailsService),
UsernamePasswordAuthenticationFilter.class
diff --git a/src/main/java/asia/yulinling/workflow/security/JwtAuthenticationFilter.java b/src/main/java/asia/yulinling/workflow/security/JwtAuthenticationFilter.java
index c406037..54b8894 100644
--- a/src/main/java/asia/yulinling/workflow/security/JwtAuthenticationFilter.java
+++ b/src/main/java/asia/yulinling/workflow/security/JwtAuthenticationFilter.java
@@ -7,6 +7,8 @@ import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
+import org.jetbrains.annotations.NotNull;
+import org.jetbrains.annotations.Nullable;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
@@ -32,32 +34,34 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
private final UserDetailsService userDetailsService;
@Override
- protected void doFilterInternal(HttpServletRequest request,
- HttpServletResponse response,
- FilterChain filterChain) throws ServletException, IOException {
+ protected void doFilterInternal(@NotNull HttpServletRequest request,
+ @NotNull HttpServletResponse response,
+ @NotNull FilterChain filterChain) throws ServletException, IOException {
String token = getTokenFromRequest(request);
log.info("token: {}", token);
if (StringUtils.hasText(token) && jwtUtil.validateToken(token)) {
- // get username from token
+ // 解析token获取username
String username = jwtUtil.parseToken(token).getSubject();
+ log.info("username: {}", username);
- // load the user associated with token
+ // 根据token获取的username,加载当前登录中userDetails
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
+ log.info("userDetails: {}", userDetails);
UsernamePasswordAuthenticationToken authenticationToken
= new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
+ log.info("authenticationToken: {}", authenticationToken);
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
-
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
}
filterChain.doFilter(request, response);
}
- private String getTokenFromRequest(HttpServletRequest request) {
+ private @Nullable String getTokenFromRequest(HttpServletRequest request) {
String bearerToken = request.getHeader("Authorization");
if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
return bearerToken.substring(7);
diff --git a/src/main/java/asia/yulinling/workflow/utils/JwtUtil.java b/src/main/java/asia/yulinling/workflow/utils/JwtUtil.java
index f8ea3c6..eff707d 100644
--- a/src/main/java/asia/yulinling/workflow/utils/JwtUtil.java
+++ b/src/main/java/asia/yulinling/workflow/utils/JwtUtil.java
@@ -52,7 +52,7 @@ public class JwtUtil {
public String generateToken(Authentication authentication, boolean isRememberMe) {
// 1. 构建签名密钥
Key key = key();
-
+ log.info("key: {}", key);
// 2. 当前时间
Date now = new Date();
@@ -63,10 +63,10 @@ public class JwtUtil {
// 4. 构建 JWT
String username = authentication.getName();
JwtBuilder builder = Jwts.builder()
- .setSubject(username)
- .setIssuedAt(now)
- .setExpiration(expiration)
- .signWith(key);
+ .setSubject(username)
+ .setIssuedAt(now)
+ .setExpiration(expiration)
+ .signWith(key);
// 5. 返回生成的 token 字符串
return builder.compact();
@@ -81,12 +81,12 @@ public class JwtUtil {
public Claims parseToken(String token) {
try {
Key key = key();
-
+ log.info("key: {}", key);
return Jwts.parserBuilder()
- .setSigningKey(key)
- .build()
- .parseClaimsJws(token)
- .getBody();
+ .setSigningKey(key)
+ .build()
+ .parseClaimsJws(token)
+ .getBody();
} catch (ExpiredJwtException e) {
log.error("Token 已过期: {}", token, e);
throw new JwtException("Token 已过期", e);
@@ -106,10 +106,17 @@ public class JwtUtil {
* @return true-token正确 false-token错误
*/
public boolean validateToken(String token) {
+ Key key = key();
+ log.info("token: {}; key: {}", token, key);
+
try {
- Jwts.parserBuilder().setSigningKey(key()).build().parseClaimsJws(token);
+ Jwts.parserBuilder()
+ .setSigningKey(key)
+ .build()
+ .parseClaimsJws(token);
return true;
} catch (JwtException e) {
+ log.error("Token : {}", token, e);
return false;
}
}
diff --git a/src/main/resources/mapper/UserMapper.xml b/src/main/resources/mapper/UserMapper.xml
index 1d4d659..0a7a778 100644
--- a/src/main/resources/mapper/UserMapper.xml
+++ b/src/main/resources/mapper/UserMapper.xml
@@ -1,32 +1,4 @@
-
- INSERT INTO `wk_user` (`username`,
- `nickname`,
- `password`,
- `salt`,
- `email`,
- `phone`,
- `status`,
- `create_time`,
- `last_login_time`,
- `update_time`)
- VALUES (#{user.name},
- #{user.nickname},
- #{user.password},
- #{user.salt},
- #{user.email},
- #{user.phone},
- #{user.status},
- #{user.createTime},
- #{user.lastLoginTime},
- #{user.updateTime})
-
-
-
- DELETE
- FROM `wk_user`
- WHERE id = #{id}
-
\ No newline at end of file
diff --git a/src/test/java/asia/yulinling/workflow/utils/JwtUtilTest.java b/src/test/java/asia/yulinling/workflow/utils/JwtUtilTest.java
index 059a999..fa8bb32 100644
--- a/src/test/java/asia/yulinling/workflow/utils/JwtUtilTest.java
+++ b/src/test/java/asia/yulinling/workflow/utils/JwtUtilTest.java
@@ -52,10 +52,6 @@ class JwtUtilTest {
.build();
Authentication authentication = new UsernamePasswordAuthenticationToken(user, null, user.getAuthorities());
String token = jwtUtil.generateToken(authentication, false);
- BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
- String rawPassword = "admin";
- String encodedPassword = encoder.encode(rawPassword);
- System.out.println(encodedPassword);
assertTrue(jwtUtil.validateToken(token));
}