Separate front and admin login tokens

This commit is contained in:
王鹏
2026-05-21 20:59:18 +08:00
parent 511cf8f601
commit d9d00f81d2
5 changed files with 41 additions and 2 deletions

View File

@@ -110,6 +110,12 @@ public class Constants
*/
public static final String LOGIN_USER_KEY = "login_user_key";
/** 后台管理端登录类型 */
public static final String LOGIN_TYPE_ADMIN = "admin";
/** 前台用户登录类型 */
public static final String LOGIN_TYPE_FRONT = "front";
/**
* 用户ID
*/

View File

@@ -31,6 +31,9 @@ public class LoginUser implements UserDetails
*/
private String token;
/** 登录类型admin 后台用户front 前台用户 */
private String loginType;
/**
* 登录时间
*/
@@ -119,6 +122,16 @@ public class LoginUser implements UserDetails
this.token = token;
}
public String getLoginType()
{
return loginType;
}
public void setLoginType(String loginType)
{
this.loginType = loginType;
}
@JSONField(serialize = false)
@Override
public String getPassword()

View File

@@ -111,7 +111,8 @@ public class SecurityConfig
.authorizeHttpRequests((requests) -> {
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
requests.antMatchers("/login", "/register", "/captchaImage",
"/front/auth/login", "/front/auth/register").permitAll()
// 静态资源,可匿名访问
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

View File

@@ -32,7 +32,9 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
throws ServletException, IOException
{
LoginUser loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
if (StringUtils.isNotNull(loginUser)
&& isTokenAllowedForRequest(loginUser, request)
&& StringUtils.isNull(SecurityUtils.getAuthentication()))
{
tokenService.verifyToken(loginUser);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
@@ -41,4 +43,20 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
}
chain.doFilter(request, response);
}
private boolean isFrontRequest(HttpServletRequest request)
{
return request.getRequestURI() != null && request.getRequestURI().startsWith("/front/");
}
private boolean isTokenAllowedForRequest(LoginUser loginUser, HttpServletRequest request)
{
String loginType = loginUser.getLoginType();
boolean frontRequest = isFrontRequest(request);
if (frontRequest)
{
return com.ruoyi.common.constant.Constants.LOGIN_TYPE_FRONT.equals(loginType);
}
return loginType == null || com.ruoyi.common.constant.Constants.LOGIN_TYPE_ADMIN.equals(loginType);
}
}

View File

@@ -95,6 +95,7 @@ public class SysLoginService
}
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
loginUser.setLoginType(Constants.LOGIN_TYPE_ADMIN);
recordLoginInfo(loginUser.getUserId());
// 生成token
return tokenService.createToken(loginUser);