将 onemall 老代码，统一到归档目录，后续不断迁移移除

2022-06-16 09:06:44 +08:00
parent 64c478a45b
commit 71930d492e
1095 changed files with 0 additions and 16 deletions
--- a/归档/common/mall-spring-boot-starter-security-user/pom.xml
+++ b/归档/common/mall-spring-boot-starter-security-user/pom.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>common</artifactId>
+        <groupId>cn.iocoder.mall</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>mall-spring-boot-starter-security-user</artifactId>
+
+    <dependencies>
+        <!-- Mall 相关 -->
+        <dependency>
+            <groupId>cn.iocoder.mall</groupId>
+            <artifactId>system-service-api</artifactId>
+            <version>1.0-SNAPSHOT</version>
+        </dependency>
+
+        <!-- Spring 核心 -->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-configuration-processor</artifactId>
+            <optional>true</optional>
+        </dependency>
+
+        <!-- Web 相关 -->
+        <dependency>
+            <groupId>cn.iocoder.mall</groupId>
+            <artifactId>mall-spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>cn.iocoder.mall</groupId>
+            <artifactId>mall-security-annotations</artifactId>
+        </dependency>
+
+        <!-- RPC 相关 -->
+        <dependency>
+            <groupId>org.apache.dubbo</groupId>
+            <artifactId>dubbo</artifactId>
+        </dependency>
+    </dependencies>
+
+</project>
--- a/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/config/UserSecurityAutoConfiguration.java
+++ b/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/config/UserSecurityAutoConfiguration.java
@@ -0,0 +1,47 @@
+package cn.iocoder.mall.security.user.config;
+
+import cn.iocoder.mall.security.user.core.interceptor.UserSecurityInterceptor;
+import cn.iocoder.mall.web.config.CommonWebAutoConfiguration;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.boot.autoconfigure.AutoConfigureAfter;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
+import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication;
+import org.springframework.boot.context.properties.EnableConfigurationProperties;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+@AutoConfigureAfter(CommonWebAutoConfiguration.class) // 在 CommonWebAutoConfiguration 之后自动配置，保证过滤器的顺序
+@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET)
+@EnableConfigurationProperties(UserSecurityProperties.class)
+public class UserSecurityAutoConfiguration implements WebMvcConfigurer {
+
+    private Logger logger = LoggerFactory.getLogger(getClass());
+
+    @Bean
+    @ConditionalOnMissingBean
+    public UserSecurityProperties userSecurityProperties() {
+        return new UserSecurityProperties();
+    }
+
+    // ========== 拦截器相关 ==========
+
+    @Bean
+    public UserSecurityInterceptor userSecurityInterceptor() {
+        return new UserSecurityInterceptor();
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        UserSecurityProperties properties = this.userSecurityProperties();
+        // UserSecurityInterceptor 拦截器
+        registry.addInterceptor(this.userSecurityInterceptor())
+                .excludePathPatterns(properties.getIgnorePaths())
+                .excludePathPatterns(properties.getDefaultIgnorePaths());;
+        logger.info("[addInterceptors][加载 UserSecurityInterceptor 拦截器完成]");
+    }
+
+}
--- a/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/config/UserSecurityProperties.java
+++ b/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/config/UserSecurityProperties.java
@@ -0,0 +1,41 @@
+package cn.iocoder.mall.security.user.config;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+
+@ConfigurationProperties("mall.security.user")
+public class UserSecurityProperties {
+
+    private static final String[] DEFAULT_IGNORE_PATHS = new String[]{
+            // Swagger 相关
+            "/doc.html", "/swagger-resources",  "/swagger-resources/**", "/webjars/**",
+            // Actuator 相关
+    };
+
+    /**
+     * 自定义忽略 Path
+     */
+    private String[] ignorePaths = new String[0];
+    /**
+     * 默认忽略 Path
+     */
+    private String[] defaultIgnorePaths = DEFAULT_IGNORE_PATHS;
+
+    public String[] getIgnorePaths() {
+        return ignorePaths;
+    }
+
+    public UserSecurityProperties setIgnorePaths(String[] ignorePaths) {
+        this.ignorePaths = ignorePaths;
+        return this;
+    }
+
+    public String[] getDefaultIgnorePaths() {
+        return defaultIgnorePaths;
+    }
+
+    public UserSecurityProperties setDefaultIgnorePaths(String[] defaultIgnorePaths) {
+        this.defaultIgnorePaths = defaultIgnorePaths;
+        return this;
+    }
+
+}
--- a/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/core/context/UserSecurityContext.java
+++ b/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/core/context/UserSecurityContext.java
@@ -0,0 +1,18 @@
+package cn.iocoder.mall.security.user.core.context;
+
+import lombok.Data;
+import lombok.experimental.Accessors;
+
+/**
+ * User Security 上下文
+ */
+@Data
+@Accessors(chain = true)
+public class UserSecurityContext {
+
+    /**
+     * 用户编号
+     */
+    private Integer userId;
+
+}
--- a/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/core/context/UserSecurityContextHolder.java
+++ b/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/core/context/UserSecurityContextHolder.java
@@ -0,0 +1,35 @@
+package cn.iocoder.mall.security.user.core.context;
+
+/**
+ * {@link UserSecurityContext} Holder
+ *
+ * 参考 spring security 的 ThreadLocalSecurityContextHolderStrategy 类，简单实现。
+ */
+public class UserSecurityContextHolder {
+
+    private static final ThreadLocal<UserSecurityContext> SECURITY_CONTEXT = new ThreadLocal<UserSecurityContext>();
+
+    public static void setContext(UserSecurityContext context) {
+        SECURITY_CONTEXT.set(context);
+    }
+
+    public static UserSecurityContext getContext() {
+        UserSecurityContext ctx = SECURITY_CONTEXT.get();
+        // 为空时，设置一个空的进去
+        if (ctx == null) {
+            ctx = new UserSecurityContext();
+            SECURITY_CONTEXT.set(ctx);
+        }
+        return ctx;
+    }
+
+    public static Integer getUserId() {
+        UserSecurityContext ctx = SECURITY_CONTEXT.get();
+        return ctx != null ? ctx.getUserId() : null;
+    }
+
+    public static void clear() {
+        SECURITY_CONTEXT.remove();
+    }
+
+}
--- a/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/core/interceptor/UserSecurityInterceptor.java
+++ b/归档/common/mall-spring-boot-starter-security-user/src/main/java/cn/iocoder/mall/security/user/core/interceptor/UserSecurityInterceptor.java
@@ -0,0 +1,77 @@
+package cn.iocoder.mall.security.user.core.interceptor;
+
+import cn.iocoder.common.framework.enums.UserTypeEnum;
+import cn.iocoder.common.framework.exception.util.ServiceExceptionUtil;
+import cn.iocoder.common.framework.util.HttpUtil;
+import cn.iocoder.common.framework.vo.CommonResult;
+import cn.iocoder.mall.security.user.core.context.UserSecurityContext;
+import cn.iocoder.mall.security.user.core.context.UserSecurityContextHolder;
+import cn.iocoder.mall.systemservice.rpc.oauth.OAuthFeign;
+import cn.iocoder.mall.systemservice.rpc.oauth.dto.OAuth2AccessTokenRespDTO;
+import cn.iocoder.mall.web.core.util.CommonWebUtil;
+import cn.iocoder.security.annotations.RequiresAuthenticate;
+import cn.iocoder.security.annotations.RequiresPermissions;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import static cn.iocoder.common.framework.exception.enums.GlobalErrorCodeConstants.UNAUTHORIZED;
+import static cn.iocoder.mall.systemservice.enums.SystemErrorCodeConstants.OAUTH_USER_TYPE_ERROR;
+
+public class UserSecurityInterceptor extends HandlerInterceptorAdapter {
+
+    @Autowired
+    private OAuthFeign oAuthFeign;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) {
+        // 获得访问令牌
+        Integer userId = this.obtainUserId(request);
+        // 校验认证
+        this.checkAuthentication((HandlerMethod) handler, userId);
+        return true;
+    }
+
+    private Integer obtainUserId(HttpServletRequest request) {
+        String accessToken = HttpUtil.obtainAuthorization(request);
+        Integer userId = null;
+        if (accessToken != null) {
+            CommonResult<OAuth2AccessTokenRespDTO> checkAccessTokenResult = oAuthFeign.checkAccessToken(accessToken);
+            checkAccessTokenResult.checkError();
+            // 校验用户类型正确
+            if (!UserTypeEnum.USER.getValue().equals(checkAccessTokenResult.getData().getUserType())) {
+                throw ServiceExceptionUtil.exception(OAUTH_USER_TYPE_ERROR);
+            }
+            // 获得用户编号
+            userId = checkAccessTokenResult.getData().getUserId();
+            // 设置到 Request 中
+            CommonWebUtil.setUserId(request, userId);
+            CommonWebUtil.setUserType(request, UserTypeEnum.USER.getValue());
+            // 设置到
+            UserSecurityContext userSecurityContext = new UserSecurityContext().setUserId(userId);
+            UserSecurityContextHolder.setContext(userSecurityContext);
+        }
+        return userId;
+    }
+
+    private void checkAuthentication(HandlerMethod handlerMethod, Integer userId) {
+        boolean requiresAuthenticate = false; // 对于 USER 来说，默认无需登录
+        if (handlerMethod.hasMethodAnnotation(RequiresAuthenticate.class)
+                || handlerMethod.hasMethodAnnotation(RequiresPermissions.class)) { // 如果需要权限验证，也认为需要认证
+            requiresAuthenticate = true;
+        }
+        if (requiresAuthenticate && userId == null) {
+            throw ServiceExceptionUtil.exception(UNAUTHORIZED);
+        }
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
+        // 清空 SecurityContext
+        UserSecurityContextHolder.clear();
+    }
+
+}
--- a/归档/common/mall-spring-boot-starter-security-user/src/main/resources/META-INF/spring.factories
+++ b/归档/common/mall-spring-boot-starter-security-user/src/main/resources/META-INF/spring.factories
@@ -0,0 +1,2 @@
+org.springframework.boot.autoconfigure.EnableAutoConfiguration=\
+  cn.iocoder.mall.security.user.config.UserSecurityAutoConfiguration