From c2ccfa3bd6c7acb8096c2e7dbdc0a08289804b71 Mon Sep 17 00:00:00 2001 From: YunaiV Date: Fri, 4 Feb 2022 01:36:27 +0800 Subject: [PATCH] =?UTF-8?q?=E5=A4=9A=E6=A8=A1=E5=9D=97=E9=87=8D=E6=9E=84?= =?UTF-8?q?=2012=EF=BC=9A=E3=80=90=E6=96=B0=E5=A2=9E=E3=80=91Spring=20Secu?= =?UTF-8?q?rity=20=E6=96=B0=E5=A2=9E=20AuthorizeRequestsCustomizer=20?= =?UTF-8?q?=E6=8A=BD=E8=B1=A1=E7=B1=BB=EF=BC=8C=20=E8=87=AA=E5=AE=9A?= =?UTF-8?q?=E4=B9=89=E6=AF=8F=E4=B8=AA=20Maven=20Module=20=E7=9A=84=20URL?= =?UTF-8?q?=20=E7=9A=84=E5=AE=89=E5=85=A8=E9=85=8D=E7=BD=AE?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- http-client.env.json | 2 +- .../config/AuthorizeRequestsCustomizer.java | 36 ++++++++++++ .../YudaoWebSecurityConfigurerAdapter.java | 55 +++++++++---------- .../yudao-module-infra-impl/pom.xml | 11 ++++ .../config/AdminServerConfiguration.java | 2 +- .../framework/monitor/package-info.java | 2 +- ...€ŠèŠ‹é“ Spring Boot 监控工具 Admin 入门》.md | 0 .../config/InfraSecurityConfiguration.java | 45 +++++++++++++++ .../framework/security/core/package-info.java | 4 ++ .../module/member/framework/package-info.java | 6 -- .../service/auth/MemberAuthServiceImpl.java | 1 + .../api/logger/dto/LoginLogCreateReqDTO.java | 1 - .../config/SystemSecurityConfiguration.java | 34 ++++++++++++ .../framework/security/core/package-info.java | 4 ++ .../service/auth/AdminAuthServiceImpl.java | 2 +- .../service/logger/LoginLogServiceImpl.java | 2 + yudao-server/pom.xml | 11 ---- .../shop/controller/admin/package-info.java | 4 ++ .../app/AppShopOrderController.java | 26 ++++----- .../app/vo/AppShopOrderCreateRespVO.java | 6 +- .../yudao/module}/shop/package-info.java | 3 +- .../security/SecurityConfiguration.java | 50 ----------------- .../src/main/resources/application.yaml | 4 ++ .../static/MP_verify_DKOvVzFP7vPwwHx2.txt | 0 .../src/main/resources/static/READMD.md | 0 .../main/resources/static/pay_alipay_qr.html | 6 +- .../main/resources/static/pay_alipay_wap.html | 6 +- .../src/main/resources/static/pay_wx_pub.html | 8 +-- .../src/main/resources/static/qrcode.min.js | 0 .../main/resources/static/social-login.html | 4 +- .../main/resources/static/social-login2.html | 8 +-- .../src/main/resources/application.yaml | 4 +- 更新日志.md | 2 + 33 files changed, 212 insertions(+), 137 deletions(-) create mode 100644 yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java rename {yudao-server/src/main/java/cn/iocoder/yudao/server => yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra}/framework/monitor/config/AdminServerConfiguration.java (76%) rename {yudao-server/src/main/java/cn/iocoder/yudao/server => yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra}/framework/monitor/package-info.java (52%) rename {yudao-server/src/main/java/cn/iocoder/yudao/server => yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra}/framework/monitor/ã€ŠèŠ‹é“ Spring Boot 监控工具 Admin 入门》.md (100%) create mode 100644 yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/InfraSecurityConfiguration.java create mode 100644 yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/core/package-info.java delete mode 100644 yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/framework/package-info.java create mode 100644 yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SystemSecurityConfiguration.java create mode 100644 yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/core/package-info.java create mode 100644 yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/admin/package-info.java rename yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/ShopOrderController.java => yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/AppShopOrderController.java (71%) rename yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/vo/ShopOrderCreateRespVO.java => yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/vo/AppShopOrderCreateRespVO.java (73%) rename {yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules => yudao-server/src/main/java/cn/iocoder/yudao/module}/shop/package-info.java (62%) delete mode 100644 yudao-server/src/main/java/cn/iocoder/yudao/server/framework/security/SecurityConfiguration.java rename {yudao-user-server => yudao-server}/src/main/resources/static/MP_verify_DKOvVzFP7vPwwHx2.txt (100%) rename {yudao-user-server => yudao-server}/src/main/resources/static/READMD.md (100%) rename {yudao-user-server => yudao-server}/src/main/resources/static/pay_alipay_qr.html (93%) rename {yudao-user-server => yudao-server}/src/main/resources/static/pay_alipay_wap.html (92%) rename {yudao-user-server => yudao-server}/src/main/resources/static/pay_wx_pub.html (94%) rename {yudao-user-server => yudao-server}/src/main/resources/static/qrcode.min.js (100%) rename {yudao-user-server => yudao-server}/src/main/resources/static/social-login.html (89%) rename {yudao-user-server => yudao-server}/src/main/resources/static/social-login2.html (93%) diff --git a/http-client.env.json b/http-client.env.json index a73a267ef..2f18d251c 100644 --- a/http-client.env.json +++ b/http-client.env.json @@ -4,7 +4,7 @@ "token": "test1", "adminTenentId": "1", - "userApi": "http://127.0.0.1:48080/app-api", + "appApi": "http://127.0.0.1:48080/app-api", "appToken": "test1", "appTenentId": "1" } diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java new file mode 100644 index 000000000..5c8629076 --- /dev/null +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/AuthorizeRequestsCustomizer.java @@ -0,0 +1,36 @@ +package cn.iocoder.yudao.framework.security.config; + +import cn.iocoder.yudao.framework.web.config.WebProperties; +import org.springframework.core.Ordered; +import org.springframework.security.config.Customizer; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; + +import javax.annotation.Resource; + +/** + * 自定义的 URL 的安全é…ç½® + * 目的:æ¯ä¸ª Maven Module å¯ä»¥è‡ªå®šä¹‰è§„åˆ™ï¼ + * + * @author 芋é“æºç  + */ +public abstract class AuthorizeRequestsCustomizer + implements Customizer.ExpressionInterceptUrlRegistry>, Ordered { + + @Resource + private WebProperties webProperties; + + protected String buildAdminApi(String url) { + return webProperties.getAdminApi().getPrefix() + url; + } + + protected String buildAppApi(String url) { + return webProperties.getAppApi().getPrefix() + url; + } + + @Override + public int getOrder() { + return 0; + } + +} diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java index ba19b8bd2..8231306a9 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java @@ -26,6 +26,8 @@ import org.springframework.security.web.util.matcher.RequestMatcher; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; +import java.util.List; +import java.util.function.Consumer; /** * 自定义的 Spring Security é…置适é…器实现 @@ -62,14 +64,22 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap @Resource private JWTAuthenticationTokenFilter authenticationTokenFilter; +// /** +// * 自定义的æƒé™æ˜ å°„ Bean +// * +// * @see #configure(HttpSecurity) +// */ +// @Resource +// private Customizer.ExpressionInterceptUrlRegistry> +// authorizeRequestsCustomizer; + /** - * 自定义的æƒé™æ˜ å°„ Bean + * 自定义的æƒé™æ˜ å°„ Bean 们 * * @see #configure(HttpSecurity) */ @Resource - private Customizer.ExpressionInterceptUrlRegistry> - authorizeRequestsCustomizer; + private List authorizeRequestsCustomizers; /** * 由于 Spring Security 创建 AuthenticationManager 对象时,没声明 @Bean 注解,导致无法被注入 @@ -126,44 +136,31 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap StrUtil.equalsAny(request.getRequestURI(), buildAdminApi("/system/logout"), buildAppApi("/member/logout"))); - // 设置æ¯ä¸ªè¯·æ±‚çš„æƒé™ ①:全局共享规则 - httpSecurity.authorizeRequests() - // 登录的接å£ï¼Œå¯åŒ¿å访问 - .antMatchers(buildAdminApi("/system/login"), buildAdminApi("/member/login")).anonymous() + // 设置æ¯ä¸ªè¯·æ±‚çš„æƒé™ + httpSecurity + // ①:全局共享规则 + .authorizeRequests() // é™æ€èµ„æºï¼Œå¯åŒ¿å访问 .antMatchers(HttpMethod.GET, "/*.html", "/**/*.html", "/**/*.css", "/**/*.js").permitAll() - // 文件的获å–接å£ï¼Œå¯åŒ¿å访问 - .antMatchers(buildAdminApi("/infra/file/get/**")).anonymous() - // Swagger 接å£æ–‡æ¡£ - .antMatchers("/swagger-ui.html").anonymous() - .antMatchers("/swagger-resources/**").anonymous() - .antMatchers("/webjars/**").anonymous() - .antMatchers("/*/api-docs").anonymous() - // Spring Boot Actuator 的安全é…ç½® - .antMatchers("/actuator").anonymous() - .antMatchers("/actuator/**").anonymous() - // Druid 监控 TODO 芋艿:等对接了 druid admin åŽï¼Œåœ¨è°ƒæ•´ä¸‹ã€‚ - .antMatchers("/druid/**").anonymous() - // oAuth2 auth2/login/gitee TODO 芋艿:貌似å¯ä»¥åˆ é™¤ - .antMatchers(buildAdminApi("/auth2/login/**")).anonymous() - .antMatchers(buildAdminApi("/auth2/authorization/**")).anonymous() - .antMatchers("/api/callback/**").anonymous() - // 设置æ¯ä¸ªè¯·æ±‚çš„æƒé™ ②:æ¯ä¸ªé¡¹ç›®çš„自定义规则 TODO 芋艿:改造æˆå¤šä¸ªï¼Œæ–¹ä¾¿æ¯ä¸ªæ¨¡å—自定义规则 - .and().authorizeRequests(authorizeRequestsCustomizer) - // 设置æ¯ä¸ªè¯·æ±‚çš„æƒé™ â‘¢ï¼šå…œåº•è§„åˆ™ï¼Œå¿…é¡»è®¤è¯ - .authorizeRequests().anyRequest().authenticated() + // 设置 App API æ— éœ€è®¤è¯ + .antMatchers(buildAppApi("/**")).permitAll() + // ②:æ¯ä¸ªé¡¹ç›®çš„自定义规则 + .and().authorizeRequests(registry -> // 下é¢ï¼Œå¾ªçŽ¯è®¾ç½®è‡ªå®šä¹‰è§„则 + authorizeRequestsCustomizers.forEach(customizer -> customizer.customize(registry))) + // â‘¢ï¼šå…œåº•è§„åˆ™ï¼Œå¿…é¡»è®¤è¯ + .authorizeRequests() + .anyRequest().authenticated() ; + // 添加 JWT Filter httpSecurity.addFilterBefore(authenticationTokenFilter, UsernamePasswordAuthenticationFilter.class); } private String buildAdminApi(String url) { - // TODO èŠ‹è‰¿ï¼šå¤šæ¨¡å— return webProperties.getAdminApi().getPrefix() + url; } private String buildAppApi(String url) { - // TODO èŠ‹è‰¿ï¼šå¤šæ¨¡å— return webProperties.getAppApi().getPrefix() + url; } diff --git a/yudao-module-infra/yudao-module-infra-impl/pom.xml b/yudao-module-infra/yudao-module-infra-impl/pom.xml index a26b274f3..6cefa7028 100644 --- a/yudao-module-infra/yudao-module-infra-impl/pom.xml +++ b/yudao-module-infra/yudao-module-infra-impl/pom.xml @@ -90,6 +90,17 @@ cn.smallbun.screw screw-core + + + + cn.iocoder.boot + yudao-spring-boot-starter-monitor + + + + de.codecentric + spring-boot-admin-starter-server + diff --git a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/config/AdminServerConfiguration.java b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/config/AdminServerConfiguration.java similarity index 76% rename from yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/config/AdminServerConfiguration.java rename to yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/config/AdminServerConfiguration.java index f3784570d..697426e44 100644 --- a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/config/AdminServerConfiguration.java +++ b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/config/AdminServerConfiguration.java @@ -1,4 +1,4 @@ -package cn.iocoder.yudao.server.framework.monitor.config; +package cn.iocoder.yudao.module.infra.framework.monitor.config; import de.codecentric.boot.admin.server.config.EnableAdminServer; import org.springframework.context.annotation.Configuration; diff --git a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/package-info.java b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/package-info.java similarity index 52% rename from yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/package-info.java rename to yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/package-info.java index 99a6c75bd..f52e72c76 100644 --- a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/package-info.java +++ b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/package-info.java @@ -1,4 +1,4 @@ /** * 使用 Spring Boot Admin 实现简å•çš„ç›‘æŽ§å¹³å° */ -package cn.iocoder.yudao.server.framework.monitor; +package cn.iocoder.yudao.module.infra.framework.monitor; diff --git a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/ã€ŠèŠ‹é“ Spring Boot 监控工具 Admin 入门》.md b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/ã€ŠèŠ‹é“ Spring Boot 监控工具 Admin 入门》.md similarity index 100% rename from yudao-server/src/main/java/cn/iocoder/yudao/server/framework/monitor/ã€ŠèŠ‹é“ Spring Boot 监控工具 Admin 入门》.md rename to yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/monitor/ã€ŠèŠ‹é“ Spring Boot 监控工具 Admin 入门》.md diff --git a/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/InfraSecurityConfiguration.java b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/InfraSecurityConfiguration.java new file mode 100644 index 000000000..8af44d694 --- /dev/null +++ b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/config/InfraSecurityConfiguration.java @@ -0,0 +1,45 @@ +package cn.iocoder.yudao.module.infra.framework.security.config; + +import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; + +/** + * Infra 模å—çš„ Security é…ç½® + */ +@Configuration +public class InfraSecurityConfiguration { + + @Value("${spring.boot.admin.context-path:''}") + private String adminSeverContextPath; + + @Bean("infraAuthorizeRequestsCustomizer") + public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { + return new AuthorizeRequestsCustomizer() { + + @Override + public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + // Swagger 接å£æ–‡æ¡£ + registry.antMatchers("/swagger-ui.html").anonymous() + .antMatchers("/swagger-resources/**").anonymous() + .antMatchers("/webjars/**").anonymous() + .antMatchers("/*/api-docs").anonymous(); + // Spring Boot Actuator 的安全é…ç½® + registry.antMatchers("/actuator").anonymous() + .antMatchers("/actuator/**").anonymous(); + // Druid 监控 + registry.antMatchers("/druid/**").anonymous(); + // Spring Boot Admin Server 的安全é…ç½® + registry.antMatchers(adminSeverContextPath).anonymous() + .antMatchers(adminSeverContextPath + "/**").anonymous(); + // 文件的获å–接å£ï¼Œå¯åŒ¿å访问 + registry.antMatchers(buildAdminApi("/infra/file/get/**"), buildAppApi("/infra/file/get/**")).anonymous(); + } + + }; + } + +} diff --git a/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/core/package-info.java b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/core/package-info.java new file mode 100644 index 000000000..7762626c9 --- /dev/null +++ b/yudao-module-infra/yudao-module-infra-impl/src/main/java/cn/iocoder/yudao/module/infra/framework/security/core/package-info.java @@ -0,0 +1,4 @@ +/** + * å ä½ + */ +package cn.iocoder.yudao.module.infra.framework.security.core; diff --git a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/framework/package-info.java b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/framework/package-info.java deleted file mode 100644 index 7342570b1..000000000 --- a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/framework/package-info.java +++ /dev/null @@ -1,6 +0,0 @@ -/** - * 属于 yudao-module-member-impl çš„å°è£… - * - * @author 芋é“æºç  - */ -package cn.iocoder.yudao.module.member.framework; diff --git a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/service/auth/MemberAuthServiceImpl.java b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/service/auth/MemberAuthServiceImpl.java index fcb68b271..b95408afc 100644 --- a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/service/auth/MemberAuthServiceImpl.java +++ b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/service/auth/MemberAuthServiceImpl.java @@ -202,6 +202,7 @@ public class MemberAuthServiceImpl implements MemberAuthService { if (user != null) { reqDTO.setUserId(user.getId()); } + reqDTO.setUserType(getUserType().getValue()); reqDTO.setUsername(mobile); reqDTO.setUserAgent(ServletUtils.getUserAgent()); reqDTO.setUserIp(getClientIP()); diff --git a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/logger/dto/LoginLogCreateReqDTO.java b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/logger/dto/LoginLogCreateReqDTO.java index 514ac2d98..d3ae4fb4f 100644 --- a/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/logger/dto/LoginLogCreateReqDTO.java +++ b/yudao-module-system/yudao-module-system-api/src/main/java/cn/iocoder/yudao/module/system/api/logger/dto/LoginLogCreateReqDTO.java @@ -23,7 +23,6 @@ public class LoginLogCreateReqDTO { /** * é“¾è·¯è¿½è¸ªç¼–å· */ - @NotEmpty(message = "链路追踪编å·ä¸èƒ½ä¸ºç©º") private String traceId; /** diff --git a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SystemSecurityConfiguration.java b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SystemSecurityConfiguration.java new file mode 100644 index 000000000..3c6866e37 --- /dev/null +++ b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/config/SystemSecurityConfiguration.java @@ -0,0 +1,34 @@ +package cn.iocoder.yudao.module.system.framework.security.config; + +import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; + +/** + * System 模å—çš„ Security é…ç½® + */ +@Configuration +public class SystemSecurityConfiguration { + + @Bean("systemAuthorizeRequestsCustomizer") + public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { + return new AuthorizeRequestsCustomizer() { + + @Override + public void customize(ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry) { + // 登录的接å£ï¼Œå¯åŒ¿å访问 + registry.antMatchers(buildAdminApi("/system/login")).anonymous(); + // 验è¯ç çš„æŽ¥å£ + registry.antMatchers(buildAdminApi("/system/captcha/**")).anonymous(); + // 获得租户编å·çš„æŽ¥å£ + registry.antMatchers(buildAdminApi("/system/tenant/get-id-by-name")).anonymous(); + // 短信回调 API + registry.antMatchers(buildAdminApi("/system/sms/callback/**")).anonymous(); + } + + }; + } + +} diff --git a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/core/package-info.java b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/core/package-info.java new file mode 100644 index 000000000..04a8d8b37 --- /dev/null +++ b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/framework/security/core/package-info.java @@ -0,0 +1,4 @@ +/** + * å ä½ + */ +package cn.iocoder.yudao.module.system.framework.security.core; diff --git a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java index afc66ebd2..7bdb58f3a 100644 --- a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java +++ b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/auth/AdminAuthServiceImpl.java @@ -164,7 +164,7 @@ public class AdminAuthServiceImpl implements AdminAuthService { if (user != null) { reqDTO.setUserId(user.getId()); } - reqDTO.setUserType(UserTypeEnum.ADMIN.getValue()); + reqDTO.setUserType(getUserType().getValue()); reqDTO.setUsername(username); reqDTO.setUserAgent(ServletUtils.getUserAgent()); reqDTO.setUserIp(ServletUtils.getClientIP()); diff --git a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/logger/LoginLogServiceImpl.java b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/logger/LoginLogServiceImpl.java index 78ad540ba..0b806f6da 100644 --- a/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/logger/LoginLogServiceImpl.java +++ b/yudao-module-system/yudao-module-system-impl/src/main/java/cn/iocoder/yudao/module/system/service/logger/LoginLogServiceImpl.java @@ -8,6 +8,7 @@ import cn.iocoder.yudao.module.system.convert.logger.LoginLogConvert; import cn.iocoder.yudao.module.system.dal.dataobject.logger.LoginLogDO; import cn.iocoder.yudao.module.system.dal.mysql.logger.LoginLogMapper; import org.springframework.stereotype.Service; +import org.springframework.validation.annotation.Validated; import javax.annotation.Resource; import java.util.List; @@ -16,6 +17,7 @@ import java.util.List; * 登录日志 Service 实现 */ @Service +@Validated public class LoginLogServiceImpl implements LoginLogService { @Resource diff --git a/yudao-server/pom.xml b/yudao-server/pom.xml index 156e73f75..0e933ce05 100644 --- a/yudao-server/pom.xml +++ b/yudao-server/pom.xml @@ -67,17 +67,6 @@ yudao-spring-boot-starter-protection - - - cn.iocoder.boot - yudao-spring-boot-starter-monitor - - - - de.codecentric - spring-boot-admin-starter-server - - diff --git a/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/admin/package-info.java b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/admin/package-info.java new file mode 100644 index 000000000..624b6c614 --- /dev/null +++ b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/admin/package-info.java @@ -0,0 +1,4 @@ +/** + * å ä½ + */ +package cn.iocoder.yudao.module.shop.controller.admin; diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/ShopOrderController.java b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/AppShopOrderController.java similarity index 71% rename from yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/ShopOrderController.java rename to yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/AppShopOrderController.java index 25ebd6d28..54ff4daf9 100644 --- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/ShopOrderController.java +++ b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/AppShopOrderController.java @@ -1,13 +1,13 @@ -package cn.iocoder.yudao.userserver.modules.shop.controller; +package cn.iocoder.yudao.module.shop.controller.app; -import cn.iocoder.yudao.coreservice.modules.pay.service.notify.vo.PayNotifyOrderReqVO; -import cn.iocoder.yudao.coreservice.modules.pay.service.notify.vo.PayRefundOrderReqVO; -import cn.iocoder.yudao.coreservice.modules.pay.service.order.PayOrderCoreService; -import cn.iocoder.yudao.coreservice.modules.pay.service.order.dto.PayOrderCreateReqDTO; -import cn.iocoder.yudao.coreservice.modules.pay.util.PaySeqUtils; import cn.iocoder.yudao.framework.common.pojo.CommonResult; import cn.iocoder.yudao.framework.common.util.date.DateUtils; -import cn.iocoder.yudao.userserver.modules.shop.controller.vo.ShopOrderCreateRespVO; +import cn.iocoder.yudao.module.pay.service.notify.vo.PayNotifyOrderReqVO; +import cn.iocoder.yudao.module.pay.service.notify.vo.PayRefundOrderReqVO; +import cn.iocoder.yudao.module.pay.service.order.PayOrderService; +import cn.iocoder.yudao.module.pay.service.order.dto.PayOrderCreateReqDTO; +import cn.iocoder.yudao.module.pay.util.PaySeqUtils; +import cn.iocoder.yudao.module.shop.controller.app.vo.AppShopOrderCreateRespVO; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; @@ -24,20 +24,20 @@ import java.time.Duration; import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success; import static cn.iocoder.yudao.framework.common.util.servlet.ServletUtils.getClientIP; -@Api(tags = "商城订å•") +@Api(tags = "用户 APP - 商城订å•") @RestController @RequestMapping("/shop/order") @Validated @Slf4j -public class ShopOrderController { +public class AppShopOrderController { @Resource - private PayOrderCoreService payOrderCoreService; + private PayOrderService payOrderService; @PostMapping("/create") @ApiOperation("创建商城订å•") // @PreAuthenticated // TODO æš‚æ—¶ä¸åŠ ç™»é™†éªŒè¯ï¼Œå‰ç«¯æš‚时没åšå¥½ - public CommonResult create() { + public CommonResult create() { // å‡è£…åˆ›å»ºå•†åŸŽè®¢å• Long shopOrderId = System.currentTimeMillis(); @@ -50,10 +50,10 @@ public class ShopOrderController { reqDTO.setBody("内容:" + shopOrderId); reqDTO.setAmount(200); // å•ä½ï¼šåˆ† reqDTO.setExpireTime(DateUtils.addTime(Duration.ofDays(1))); - Long payOrderId = payOrderCoreService.createPayOrder(reqDTO); + Long payOrderId = payOrderService.createPayOrder(reqDTO); // 拼接返回 - return success(ShopOrderCreateRespVO.builder().id(shopOrderId) + return success(AppShopOrderCreateRespVO.builder().id(shopOrderId) .payOrderId(payOrderId).build()); } diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/vo/ShopOrderCreateRespVO.java b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/vo/AppShopOrderCreateRespVO.java similarity index 73% rename from yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/vo/ShopOrderCreateRespVO.java rename to yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/vo/AppShopOrderCreateRespVO.java index 682afc4e9..06a677dbb 100644 --- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/controller/vo/ShopOrderCreateRespVO.java +++ b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/controller/app/vo/AppShopOrderCreateRespVO.java @@ -1,4 +1,4 @@ -package cn.iocoder.yudao.userserver.modules.shop.controller.vo; +package cn.iocoder.yudao.module.shop.controller.app.vo; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; @@ -6,11 +6,11 @@ import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; -@ApiModel("商城订å•åˆ›å»º Response VO") +@ApiModel("用户 APP - 商城订å•åˆ›å»º Response VO") @Data @Builder @AllArgsConstructor -public class ShopOrderCreateRespVO { +public class AppShopOrderCreateRespVO { @ApiModelProperty(value = "商城订å•ç¼–å·", required = true, example = "1024") private Long id; diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/package-info.java b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/package-info.java similarity index 62% rename from yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/package-info.java rename to yudao-server/src/main/java/cn/iocoder/yudao/module/shop/package-info.java index c592130af..f088370dd 100644 --- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/shop/package-info.java +++ b/yudao-server/src/main/java/cn/iocoder/yudao/module/shop/package-info.java @@ -5,4 +5,5 @@ * * 缩写:shop */ -package cn.iocoder.yudao.userserver.modules.shop; +// TODO 芋艿:åŽç»­ä¼šè¿ç§»åˆ° yudao-module-mall-trade 下 +package cn.iocoder.yudao.module.shop; diff --git a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/security/SecurityConfiguration.java b/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/security/SecurityConfiguration.java deleted file mode 100644 index 0a698bea9..000000000 --- a/yudao-server/src/main/java/cn/iocoder/yudao/server/framework/security/SecurityConfiguration.java +++ /dev/null @@ -1,50 +0,0 @@ -package cn.iocoder.yudao.server.framework.security; - -import cn.iocoder.yudao.framework.web.config.WebProperties; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.security.config.Customizer; -import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer; - -import javax.annotation.Resource; - -@Configuration -public class SecurityConfiguration { - - @Resource - private WebProperties webProperties; - - @Value("${spring.boot.admin.context-path:''}") - private String adminSeverContextPath; - - @Bean - public Customizer.ExpressionInterceptUrlRegistry> authorizeRequestsCustomizer() { - return registry -> { - // 验è¯ç çš„æŽ¥å£ - registry.antMatchers(buildAdminApi("/system/captcha/**")).anonymous(); - // 获得租户编å·çš„æŽ¥å£ - registry.antMatchers(buildAdminApi("/system/tenant/get-id-by-name")).anonymous(); - // Spring Boot Admin Server 的安全é…ç½® - registry.antMatchers(adminSeverContextPath).anonymous() - .antMatchers(adminSeverContextPath + "/**").anonymous(); - // 短信回调 API - registry.antMatchers(buildAdminApi("/system/sms/callback/**")).anonymous(); - - // 设置 App API æ— éœ€è®¤è¯ - registry.antMatchers(buildAppApi("/**")).permitAll(); - }; - } - - private String buildAdminApi(String url) { - // TODO èŠ‹è‰¿ï¼šå¤šæ¨¡å— - return webProperties.getAdminApi().getPrefix() + url; - } - - private String buildAppApi(String url) { - // TODO èŠ‹è‰¿ï¼šå¤šæ¨¡å— - return webProperties.getAppApi().getPrefix() + url; - } - -} diff --git a/yudao-server/src/main/resources/application.yaml b/yudao-server/src/main/resources/application.yaml index 825ac44e4..301a0e176 100644 --- a/yudao-server/src/main/resources/application.yaml +++ b/yudao-server/src/main/resources/application.yaml @@ -20,6 +20,10 @@ spring: write-durations-as-timestamps: true # 设置 Duration çš„æ ¼å¼ï¼Œä½¿ç”¨æ—¶é—´æˆ³ fail-on-empty-beans: false # å…许åºåˆ—化无属性的 Bean + # é™æ€èµ„æº + mvc: + static-path-pattern: /static/** + # å·¥ä½œæµ Activiti é…ç½® activiti: # 1. false: 默认值,activitiå¯åŠ¨æ—¶ï¼Œå¯¹æ¯”æ•°æ®åº“表中ä¿å­˜çš„版本,如果ä¸åŒ¹é…。将抛出异常 diff --git a/yudao-user-server/src/main/resources/static/MP_verify_DKOvVzFP7vPwwHx2.txt b/yudao-server/src/main/resources/static/MP_verify_DKOvVzFP7vPwwHx2.txt similarity index 100% rename from yudao-user-server/src/main/resources/static/MP_verify_DKOvVzFP7vPwwHx2.txt rename to yudao-server/src/main/resources/static/MP_verify_DKOvVzFP7vPwwHx2.txt diff --git a/yudao-user-server/src/main/resources/static/READMD.md b/yudao-server/src/main/resources/static/READMD.md similarity index 100% rename from yudao-user-server/src/main/resources/static/READMD.md rename to yudao-server/src/main/resources/static/READMD.md diff --git a/yudao-user-server/src/main/resources/static/pay_alipay_qr.html b/yudao-server/src/main/resources/static/pay_alipay_qr.html similarity index 93% rename from yudao-user-server/src/main/resources/static/pay_alipay_qr.html rename to yudao-server/src/main/resources/static/pay_alipay_qr.html index edb364f07..83a4eab3e 100644 --- a/yudao-user-server/src/main/resources/static/pay_alipay_qr.html +++ b/yudao-server/src/main/resources/static/pay_alipay_qr.html @@ -24,11 +24,11 @@