From e5b6ff3b197476a8f71bf5cdd9347a3a3716e561 Mon Sep 17 00:00:00 2001 From: Yongchun Jiang Date: Sun, 3 Aug 2025 11:14:55 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8E=A5=E5=8F=A3=E8=AE=BF=E9=97=AE=E9=89=B4?= =?UTF-8?q?=E6=9D=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dolphin/magic/constants/BizConstants.java | 13 +++- .../interceptor/AuthorizeInterceptor.java | 78 +++++++++++++++++++ .../dolphin/magic/model/AccessTokenInfo.java | 15 ++++ .../dolphin/magic/model/RefreshTokenInfo.java | 16 ++++ .../dolphin/magic/model/UserDetails.java | 22 ++++++ src/main/resources/lang/messages.properties | 8 ++ .../resources/lang/messages_zh_CN.properties | 8 ++ 7 files changed, 159 insertions(+), 1 deletion(-) create mode 100644 src/main/java/day/gitlab/dolphin/magic/interceptor/AuthorizeInterceptor.java create mode 100644 src/main/java/day/gitlab/dolphin/magic/model/AccessTokenInfo.java create mode 100644 src/main/java/day/gitlab/dolphin/magic/model/RefreshTokenInfo.java create mode 100644 src/main/java/day/gitlab/dolphin/magic/model/UserDetails.java diff --git a/src/main/java/day/gitlab/dolphin/magic/constants/BizConstants.java b/src/main/java/day/gitlab/dolphin/magic/constants/BizConstants.java index 0083539..dcc322b 100644 --- a/src/main/java/day/gitlab/dolphin/magic/constants/BizConstants.java +++ b/src/main/java/day/gitlab/dolphin/magic/constants/BizConstants.java @@ -25,7 +25,18 @@ public class BizConstants { public static final String AUTH_0104 = AUTH_01 + "04"; /** 业务:鉴权 */ - public static final String AUTH_02 = "010200"; + public static final String AUTH_02 = "0102"; /** 错误:鉴权-无权限 */ public static final String AUTH_0201 = AUTH_02 + "01"; + + /** 业务:登录 */ + public static final String AUTH_03 = "0103"; + /** 错误:登录-参数 */ + public static final String AUTH_0301 = AUTH_03 + "01"; + /** 错误:认证-用户名或密码错误 */ + public static final String AUTH_0302 = AUTH_03 + "02"; + /** 错误:认证-用户锁定 */ + public static final String AUTH_0303 = AUTH_03 + "03"; + /** 错误:认证-用户禁用 */ + public static final String AUTH_0304 = AUTH_03 + "04"; } diff --git a/src/main/java/day/gitlab/dolphin/magic/interceptor/AuthorizeInterceptor.java b/src/main/java/day/gitlab/dolphin/magic/interceptor/AuthorizeInterceptor.java new file mode 100644 index 0000000..2b90d85 --- /dev/null +++ b/src/main/java/day/gitlab/dolphin/magic/interceptor/AuthorizeInterceptor.java @@ -0,0 +1,78 @@ +package day.gitlab.dolphin.magic.interceptor; + +import com.fasterxml.jackson.databind.ObjectMapper; +import day.gitlab.dolphin.magic.constants.BizConstants; +import day.gitlab.dolphin.magic.model.AccessTokenInfo; +import day.gitlab.dolphin.magic.model.UserDetails; +import day.gitlab.dolphin.magic.util.Result; +import org.dromara.hutool.core.text.StrUtil; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.redis.core.StringRedisTemplate; +import org.springframework.stereotype.Component; +import org.ssssssss.magicapi.core.interceptor.RequestInterceptor; +import org.ssssssss.magicapi.core.model.ApiInfo; +import org.ssssssss.magicapi.core.model.Options; +import org.ssssssss.magicapi.core.servlet.MagicHttpServletRequest; +import org.ssssssss.magicapi.core.servlet.MagicHttpServletResponse; +import org.ssssssss.script.MagicScriptContext; + +import java.io.Serializable; +import java.util.List; + +@Component +public class AuthorizeInterceptor implements RequestInterceptor { + + @Autowired + private StringRedisTemplate stringRedisTemplate; + + @Autowired + private ObjectMapper objectMapper; + + @Override + public Object preHandle(ApiInfo info, MagicScriptContext context, MagicHttpServletRequest request, MagicHttpServletResponse response) throws Exception { + // 不需要登录的方法 + String requireLogin = info.getOptionValue(Options.REQUIRE_LOGIN); + if (!"true".equals(requireLogin)) { + return null; + } + // 验证登录-获取accessToken + String accessToken = request.getHeader("Access-Token"); + if (StrUtil.isBlank(accessToken)) { + return Result.biz(BizConstants.AUTH_0101, null); + } + // 验证accessToken是否有效 + String accessTokenInfoStr = stringRedisTemplate.opsForValue().get("dolphin:authorize:access_token:" + accessToken); + if (StrUtil.isBlank(accessTokenInfoStr)) { + return Result.biz(BizConstants.AUTH_0101, null); + } + AccessTokenInfo accessTokenInfo = objectMapper.readValue(accessTokenInfoStr, AccessTokenInfo.class); + Serializable userId = accessTokenInfo.getId(); + String userDetailsStr = stringRedisTemplate.opsForValue().get("dolphin:authorize:user:" + userId); + if (StrUtil.isBlank(userDetailsStr)) { + return Result.biz(BizConstants.AUTH_0101, null); + } + UserDetails userDetails = objectMapper.readValue(userDetailsStr, UserDetails.class); + // 验证角色 + String role = info.getOptionValue(Options.ROLE); + if (!StrUtil.isBlank(role)) { + role = role.trim(); + + List userRoles = userDetails.getRoles(); + if (userRoles == null || !userRoles.contains(role)) { + return Result.biz(BizConstants.AUTH_0201, null); + } + } + // 验证权限 + String permission = info.getOptionValue(Options.PERMISSION); + if (!StrUtil.isBlank(permission)) { + permission = permission.trim(); + + List userPermissions = userDetails.getPermissions(); + if (userPermissions == null || !userPermissions.contains(permission)) { + return Result.biz(BizConstants.AUTH_0201, null); + } + } + + return null; + } +} diff --git a/src/main/java/day/gitlab/dolphin/magic/model/AccessTokenInfo.java b/src/main/java/day/gitlab/dolphin/magic/model/AccessTokenInfo.java new file mode 100644 index 0000000..eff2e85 --- /dev/null +++ b/src/main/java/day/gitlab/dolphin/magic/model/AccessTokenInfo.java @@ -0,0 +1,15 @@ +package day.gitlab.dolphin.magic.model; + +import lombok.Data; + +import java.io.Serializable; + +@Data +public class AccessTokenInfo { + + /** 用户ID */ + private Serializable id; + + /** 用户名 */ + private String username; +} diff --git a/src/main/java/day/gitlab/dolphin/magic/model/RefreshTokenInfo.java b/src/main/java/day/gitlab/dolphin/magic/model/RefreshTokenInfo.java new file mode 100644 index 0000000..992351a --- /dev/null +++ b/src/main/java/day/gitlab/dolphin/magic/model/RefreshTokenInfo.java @@ -0,0 +1,16 @@ +package day.gitlab.dolphin.magic.model; + +import lombok.Data; + +@Data +public class RefreshTokenInfo { + + /** 访问令牌 */ + private String accessToken; + + /** 刷新令牌 */ + private String refreshToken; + + /** 客户端ID */ + private String clientId; +} diff --git a/src/main/java/day/gitlab/dolphin/magic/model/UserDetails.java b/src/main/java/day/gitlab/dolphin/magic/model/UserDetails.java new file mode 100644 index 0000000..3d80040 --- /dev/null +++ b/src/main/java/day/gitlab/dolphin/magic/model/UserDetails.java @@ -0,0 +1,22 @@ +package day.gitlab.dolphin.magic.model; + +import lombok.Data; + +import java.io.Serializable; +import java.util.List; + +@Data +public class UserDetails { + + private Serializable id; + + private String username; + + private String nickname; + + private String password; + + private List roles; + + private List permissions; +} diff --git a/src/main/resources/lang/messages.properties b/src/main/resources/lang/messages.properties index 5d4bd4c..8c96303 100644 --- a/src/main/resources/lang/messages.properties +++ b/src/main/resources/lang/messages.properties @@ -19,3 +19,11 @@ biz.010103=Invalid token biz.010104=Token refresh failed # 业务:认证授权-鉴权失败 biz.010201=Forbidden +# 业务:登录-用户名或密码不能为空 +biz.010301=Username or password cannot be empty +# 业务:登录-用户名或密码错误 +biz.010302=Username or password error +# 业务:登录-用户被锁定,请稍后重试 +biz.010303=User is locked, please try again later +# 业务:登录-用户被禁用 +biz.010304=User is disabled diff --git a/src/main/resources/lang/messages_zh_CN.properties b/src/main/resources/lang/messages_zh_CN.properties index 7593218..01cf4d2 100644 --- a/src/main/resources/lang/messages_zh_CN.properties +++ b/src/main/resources/lang/messages_zh_CN.properties @@ -19,3 +19,11 @@ biz.010103=令牌无效 biz.010104=令牌刷新失败 # 业务:认证授权-鉴权失败 biz.010201=无权限 +# 业务:登录-用户名或密码不能为空 +biz.010301=用户名或密码不能为空 +# 业务:登录-用户名或密码错误 +biz.010302=用户名或密码错误 +# 业务:登录-用户被锁定,请稍后重试 +biz.010303=用户被锁定,请稍后重试 +# 业务:登录-用户被禁用 +biz.010304=用户被禁用