1. 完成 auth 鉴权逻辑

2. 完成 admin 获取 Admin 上下文 3. 完成 user 获取 User 上下文
2020-04-23 21:18:48 +08:00
parent a545d673ab
commit eb86ae7cbc
104 changed files with 815 additions and 1256 deletions
--- a/user/pom.xml
+++ b/user/pom.xml
@@ -14,7 +14,6 @@
    <modules>
 <!--        <module>user-application</module>-->
 <!--        <module>user-service-api</module>-->
-<!--        <module>user-sdk</module>-->
 <!--        <module>user-service-impl</module>-->
        <module>user-application</module>
        <module>user-rest</module>
--- a/user/user-sdk/pom.xml
+++ b/user/user-sdk/pom.xml
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
-    <parent>
-        <artifactId>user</artifactId>
-        <groupId>cn.iocoder.mall</groupId>
-        <version>1.0-SNAPSHOT</version>
-    </parent>
-    <modelVersion>4.0.0</modelVersion>
-
-    <artifactId>user-sdk</artifactId>
-    <dependencies>
-        <!-- Mall 相关 -->
-        <dependency>
-            <groupId>cn.iocoder.mall</groupId>
-            <artifactId>common-framework</artifactId>
-            <version>1.0-SNAPSHOT</version>
-        </dependency>
-        <dependency>
-            <groupId>cn.iocoder.mall</groupId>
-            <artifactId>user-service-api</artifactId>
-            <version>1.0-SNAPSHOT</version>
-        </dependency>
-
-        <!-- Web 相关 -->
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>servlet-api</artifactId>
-        </dependency>
-
-        <dependency>
-            <groupId>org.springframework</groupId>
-            <artifactId>spring-webmvc</artifactId>
-        </dependency>
-
-        <!-- RPC 相关  -->
-        <dependency>
-            <groupId>org.apache.dubbo</groupId>
-            <artifactId>dubbo</artifactId>
-        </dependency>
-
-    </dependencies>
-
-
-</project>
--- a/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/annotation/RequiresLogin.java
+++ b/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/annotation/RequiresLogin.java
@@ -1,16 +0,0 @@
-package cn.iocoder.mall.user.sdk.annotation;
-
-import java.lang.annotation.*;
-
-/**
- * 要求用户登录注解。通过将该注解添加到 Controller 上，会自动校验用户是否登陆。
- *
- * 默认请求下，用户访问的 API 接口，无需登陆。主要的考虑是，
- * 1. 需要用户登陆的接口，本身会获取在线用户的编号。如果不添加 @RequiresLogin 注解就会报错。
- * 2. 大多数情况下，用户的 API 接口无需登陆。
- */
-@Documented
-@Target({ElementType.METHOD}) // 暂时不支持 ElementType.TYPE ，因为没有场景
-@Retention(RetentionPolicy.RUNTIME)
-public @interface RequiresLogin {
-}
--- a/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/context/UserSecurityContext.java
+++ b/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/context/UserSecurityContext.java
@@ -1,18 +0,0 @@
-package cn.iocoder.mall.user.sdk.context;
-
-import lombok.Data;
-import lombok.experimental.Accessors;
-
-/**
- * User Security 上下文
- */
-@Data
-@Accessors(chain = true)
-public class UserSecurityContext {
-
-    /**
-     * 用户编号
-     */
-    private Integer userId;
-
-}
--- a/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/context/UserSecurityContextHolder.java
+++ b/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/context/UserSecurityContextHolder.java
@@ -1,30 +0,0 @@
-package cn.iocoder.mall.user.sdk.context;
-
-/**
- * {@link UserSecurityContext} Holder
- *
- * 参考 spring security 的 ThreadLocalSecurityContextHolderStrategy 类，简单实现。
- */
-public class UserSecurityContextHolder {
-
-    private static final ThreadLocal<UserSecurityContext> SECURITY_CONTEXT = new ThreadLocal<UserSecurityContext>();
-
-    public static void setContext(UserSecurityContext context) {
-        SECURITY_CONTEXT.set(context);
-    }
-
-    public static UserSecurityContext getContext() {
-        UserSecurityContext ctx = SECURITY_CONTEXT.get();
-        // 为空时，设置一个空的进去
-        if (ctx == null) {
-            ctx = new UserSecurityContext();
-            SECURITY_CONTEXT.set(ctx);
-        }
-        return ctx;
-    }
-
-    public static void clear() {
-        SECURITY_CONTEXT.remove();
-    }
-
-}
--- a/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/interceptor/UserSecurityInterceptor.java
+++ b/user/user-sdk/src/main/java/cn/iocoder/mall/user/sdk/interceptor/UserSecurityInterceptor.java
@@ -1,82 +0,0 @@
-package cn.iocoder.mall.user.sdk.interceptor;
-
-import cn.iocoder.common.framework.constant.UserTypeEnum;
-import cn.iocoder.common.framework.exception.ServiceException;
-import cn.iocoder.common.framework.util.HttpUtil;
-import cn.iocoder.common.framework.util.MallUtil;
-import cn.iocoder.common.framework.util.StringUtil;
-import cn.iocoder.mall.system.api.OAuth2Service;
-import cn.iocoder.mall.system.api.bo.oauth2.OAuth2AuthenticationBO;
-import cn.iocoder.mall.system.api.constant.AdminErrorCodeEnum;
-import cn.iocoder.mall.system.api.dto.oauth2.OAuth2GetTokenDTO;
-import cn.iocoder.mall.user.sdk.annotation.RequiresLogin;
-import cn.iocoder.mall.user.sdk.context.UserSecurityContext;
-import cn.iocoder.mall.user.sdk.context.UserSecurityContextHolder;
-import org.apache.dubbo.config.annotation.Reference;
-import org.springframework.stereotype.Component;
-import org.springframework.web.method.HandlerMethod;
-import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-/**
- * User 安全拦截器
- */
-@Component
-public class UserSecurityInterceptor extends HandlerInterceptorAdapter {
-
-    @Reference(validation = "true", version = "${dubbo.consumer.OAuth2Service.version:1.0.0}")
-    private OAuth2Service oauth2Service;
-
-    @Override
-    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
-        // 设置当前访问的用户类型。注意，即使未登陆，我们也认为是用户
-        MallUtil.setUserType(request, UserTypeEnum.USER.getValue());
-
-        // 根据 accessToken 获得认证信息，判断是谁
-        String accessToken = HttpUtil.obtainAuthorization(request);
-        OAuth2AuthenticationBO authentication = null;
-        ServiceException serviceException = null;
-        if (StringUtil.hasText(accessToken)) {
-            try {
-                authentication = oauth2Service.getAuthentication(new OAuth2GetTokenDTO().setAccessToken(accessToken)
-                        .setUserType(UserTypeEnum.USER.getValue()));
-            } catch (ServiceException e) {
-                serviceException = e;
-            }
-        }
-
-        // 进行鉴权
-        HandlerMethod method = (HandlerMethod) handler;
-        boolean requiresLogin = method.hasMethodAnnotation(RequiresLogin.class);
-        if (requiresLogin) { // 如果需要鉴权
-            if (serviceException != null) { // 认证失败，抛出上面认证失败的 ServiceException 异常
-                throw serviceException;
-            }
-            if (authentication == null) { // 无认证信息，抛出未登陆 ServiceException 异常
-                throw new ServiceException(AdminErrorCodeEnum.OAUTH2_NOT_LOGIN.getCode(), AdminErrorCodeEnum.OAUTH2_NOT_LOGIN.getMessage());
-            }
-            // TODO 芋艿，后续拓展读取用户信息
-        }
-
-        // 鉴权完成，初始化 AdminSecurityContext 上下文
-        UserSecurityContext context = new UserSecurityContext();
-        UserSecurityContextHolder.setContext(context);
-        if (authentication != null) {
-            context.setUserId(authentication.getUserId());
-            MallUtil.setUserId(request, authentication.getUserId()); // 记录到 request 中，避免 AdminSecurityContext 后续清理掉后，其它地方需要用到 userId
-            // TODO 芋艿，后续拓展读取用户信息
-        }
-
-        // 返回成功
-        return super.preHandle(request, response, handler);
-    }
-
-    @Override
-    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) {
-        // 清空 SecurityContext
-        UserSecurityContextHolder.clear();
-    }
-
-}