Separate front and admin login tokens

This commit is contained in:
王鹏
2026-05-21 20:59:18 +08:00
parent 511cf8f601
commit d9d00f81d2
5 changed files with 41 additions and 2 deletions

View File

@@ -110,6 +110,12 @@ public class Constants
*/ */
public static final String LOGIN_USER_KEY = "login_user_key"; public static final String LOGIN_USER_KEY = "login_user_key";
/** 后台管理端登录类型 */
public static final String LOGIN_TYPE_ADMIN = "admin";
/** 前台用户登录类型 */
public static final String LOGIN_TYPE_FRONT = "front";
/** /**
* 用户ID * 用户ID
*/ */

View File

@@ -31,6 +31,9 @@ public class LoginUser implements UserDetails
*/ */
private String token; private String token;
/** 登录类型admin 后台用户front 前台用户 */
private String loginType;
/** /**
* 登录时间 * 登录时间
*/ */
@@ -119,6 +122,16 @@ public class LoginUser implements UserDetails
this.token = token; this.token = token;
} }
public String getLoginType()
{
return loginType;
}
public void setLoginType(String loginType)
{
this.loginType = loginType;
}
@JSONField(serialize = false) @JSONField(serialize = false)
@Override @Override
public String getPassword() public String getPassword()

View File

@@ -111,7 +111,8 @@ public class SecurityConfig
.authorizeHttpRequests((requests) -> { .authorizeHttpRequests((requests) -> {
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll()); permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
// 对于登录login 注册register 验证码captchaImage 允许匿名访问 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
requests.antMatchers("/login", "/register", "/captchaImage").permitAll() requests.antMatchers("/login", "/register", "/captchaImage",
"/front/auth/login", "/front/auth/register").permitAll()
// 静态资源,可匿名访问 // 静态资源,可匿名访问
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

View File

@@ -32,7 +32,9 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
throws ServletException, IOException throws ServletException, IOException
{ {
LoginUser loginUser = tokenService.getLoginUser(request); LoginUser loginUser = tokenService.getLoginUser(request);
if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) if (StringUtils.isNotNull(loginUser)
&& isTokenAllowedForRequest(loginUser, request)
&& StringUtils.isNull(SecurityUtils.getAuthentication()))
{ {
tokenService.verifyToken(loginUser); tokenService.verifyToken(loginUser);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities()); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
@@ -41,4 +43,20 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
} }
chain.doFilter(request, response); chain.doFilter(request, response);
} }
private boolean isFrontRequest(HttpServletRequest request)
{
return request.getRequestURI() != null && request.getRequestURI().startsWith("/front/");
}
private boolean isTokenAllowedForRequest(LoginUser loginUser, HttpServletRequest request)
{
String loginType = loginUser.getLoginType();
boolean frontRequest = isFrontRequest(request);
if (frontRequest)
{
return com.ruoyi.common.constant.Constants.LOGIN_TYPE_FRONT.equals(loginType);
}
return loginType == null || com.ruoyi.common.constant.Constants.LOGIN_TYPE_ADMIN.equals(loginType);
}
} }

View File

@@ -95,6 +95,7 @@ public class SysLoginService
} }
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"))); AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal(); LoginUser loginUser = (LoginUser) authentication.getPrincipal();
loginUser.setLoginType(Constants.LOGIN_TYPE_ADMIN);
recordLoginInfo(loginUser.getUserId()); recordLoginInfo(loginUser.getUserId());
// 生成token // 生成token
return tokenService.createToken(loginUser); return tokenService.createToken(loginUser);