Separate front and admin login tokens
This commit is contained in:
@@ -110,6 +110,12 @@ public class Constants
|
|||||||
*/
|
*/
|
||||||
public static final String LOGIN_USER_KEY = "login_user_key";
|
public static final String LOGIN_USER_KEY = "login_user_key";
|
||||||
|
|
||||||
|
/** 后台管理端登录类型 */
|
||||||
|
public static final String LOGIN_TYPE_ADMIN = "admin";
|
||||||
|
|
||||||
|
/** 前台用户登录类型 */
|
||||||
|
public static final String LOGIN_TYPE_FRONT = "front";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 用户ID
|
* 用户ID
|
||||||
*/
|
*/
|
||||||
|
|||||||
@@ -31,6 +31,9 @@ public class LoginUser implements UserDetails
|
|||||||
*/
|
*/
|
||||||
private String token;
|
private String token;
|
||||||
|
|
||||||
|
/** 登录类型:admin 后台用户,front 前台用户 */
|
||||||
|
private String loginType;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 登录时间
|
* 登录时间
|
||||||
*/
|
*/
|
||||||
@@ -119,6 +122,16 @@ public class LoginUser implements UserDetails
|
|||||||
this.token = token;
|
this.token = token;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public String getLoginType()
|
||||||
|
{
|
||||||
|
return loginType;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setLoginType(String loginType)
|
||||||
|
{
|
||||||
|
this.loginType = loginType;
|
||||||
|
}
|
||||||
|
|
||||||
@JSONField(serialize = false)
|
@JSONField(serialize = false)
|
||||||
@Override
|
@Override
|
||||||
public String getPassword()
|
public String getPassword()
|
||||||
|
|||||||
@@ -111,7 +111,8 @@ public class SecurityConfig
|
|||||||
.authorizeHttpRequests((requests) -> {
|
.authorizeHttpRequests((requests) -> {
|
||||||
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
|
permitAllUrl.getUrls().forEach(url -> requests.antMatchers(url).permitAll());
|
||||||
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
|
// 对于登录login 注册register 验证码captchaImage 允许匿名访问
|
||||||
requests.antMatchers("/login", "/register", "/captchaImage").permitAll()
|
requests.antMatchers("/login", "/register", "/captchaImage",
|
||||||
|
"/front/auth/login", "/front/auth/register").permitAll()
|
||||||
// 静态资源,可匿名访问
|
// 静态资源,可匿名访问
|
||||||
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
|
.antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
|
||||||
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
|
.antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
|
||||||
|
|||||||
@@ -32,7 +32,9 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
|
|||||||
throws ServletException, IOException
|
throws ServletException, IOException
|
||||||
{
|
{
|
||||||
LoginUser loginUser = tokenService.getLoginUser(request);
|
LoginUser loginUser = tokenService.getLoginUser(request);
|
||||||
if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
|
if (StringUtils.isNotNull(loginUser)
|
||||||
|
&& isTokenAllowedForRequest(loginUser, request)
|
||||||
|
&& StringUtils.isNull(SecurityUtils.getAuthentication()))
|
||||||
{
|
{
|
||||||
tokenService.verifyToken(loginUser);
|
tokenService.verifyToken(loginUser);
|
||||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
|
||||||
@@ -41,4 +43,20 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
|
|||||||
}
|
}
|
||||||
chain.doFilter(request, response);
|
chain.doFilter(request, response);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private boolean isFrontRequest(HttpServletRequest request)
|
||||||
|
{
|
||||||
|
return request.getRequestURI() != null && request.getRequestURI().startsWith("/front/");
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isTokenAllowedForRequest(LoginUser loginUser, HttpServletRequest request)
|
||||||
|
{
|
||||||
|
String loginType = loginUser.getLoginType();
|
||||||
|
boolean frontRequest = isFrontRequest(request);
|
||||||
|
if (frontRequest)
|
||||||
|
{
|
||||||
|
return com.ruoyi.common.constant.Constants.LOGIN_TYPE_FRONT.equals(loginType);
|
||||||
|
}
|
||||||
|
return loginType == null || com.ruoyi.common.constant.Constants.LOGIN_TYPE_ADMIN.equals(loginType);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -95,6 +95,7 @@ public class SysLoginService
|
|||||||
}
|
}
|
||||||
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
|
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
|
||||||
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
|
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
|
||||||
|
loginUser.setLoginType(Constants.LOGIN_TYPE_ADMIN);
|
||||||
recordLoginInfo(loginUser.getUserId());
|
recordLoginInfo(loginUser.getUserId());
|
||||||
// 生成token
|
// 生成token
|
||||||
return tokenService.createToken(loginUser);
|
return tokenService.createToken(loginUser);
|
||||||
|
|||||||
Reference in New Issue
Block a user