feat: SaToken

2024-03-05 19:27:33 +08:00
parent 36f4750705
commit d77bded1bb
3 changed files with 88 additions and 1 deletions
--- a/sms-auth/sms-auth-common/src/main/java/com/landaiqing/auth/common/config/GlobalExceptionHandler.java
+++ b/sms-auth/sms-auth-common/src/main/java/com/landaiqing/auth/common/config/GlobalExceptionHandler.java
@@ -0,0 +1,34 @@
+package com.landaiqing.auth.common.config;
+
+/**
+ * @Classname GlobalExceptionHandler
+ * @BelongsProject: student-Management-system
+ * @BelongsPackage: com.landaiqing.auth.common.config
+ * @Author: landaiqing
+ * @CreateTime: 2024-03-05  19:23
+ * @Description: TODO
+ * @Version: 1.0
+ */
+
+import cn.dev33.satoken.exception.NotLoginException;
+import com.landaiqing.auth.common.entity.Result;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+/**
+ * 全局异常处理
+ * Created by macro on 2020/2/27.
+ */
+@ControllerAdvice
+public class GlobalExceptionHandler {
+
+    /**
+     * 处理未登录的异常
+     */
+    @ResponseBody
+    @ExceptionHandler(value = NotLoginException.class)
+    public Result handleNotLoginException(NotLoginException e) {
+        return Result.fail(e.getMessage());
+    }
+}
--- a/sms-auth/sms-auth-common/src/main/java/com/landaiqing/auth/common/config/SaTokenConfigure.java
+++ b/sms-auth/sms-auth-common/src/main/java/com/landaiqing/auth/common/config/SaTokenConfigure.java
@@ -0,0 +1,47 @@
+package com.landaiqing.auth.common.config;
+
+/**
+ * @Classname SaTokenConfigure
+ * @BelongsProject: student-Management-system
+ * @BelongsPackage: com.landaiqing.auth.common.config
+ * @Author: landaiqing
+ * @CreateTime: 2024-03-05  19:24
+ * @Description: TODO
+ * @Version: 1.0
+ */
+
+import cn.dev33.satoken.interceptor.SaInterceptor;
+import cn.dev33.satoken.router.SaRouter;
+import cn.dev33.satoken.stp.StpUtil;
+import org.springframework.boot.SpringBootConfiguration;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+/**
+ * 注册 Sa-Token 拦截器，打开注解式鉴权功能
+ * 如果在高版本 SpringBoot (≥2.6.x) 下注册拦截器失效，则需要额外添加 @EnableWebMvc 注解才可以使用
+ */
+@SpringBootConfiguration
+@EnableWebMvc
+public class SaTokenConfigure implements WebMvcConfigurer {
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        // 注册路由拦截器，自定义认证规则
+        registry.addInterceptor(new SaInterceptor(handler -> {
+                    // 登录认证 -- 拦截所有路由，并排除/user/doLogin 用于开放登录
+                    SaRouter.match("/**", "/student/login", r -> StpUtil.checkLogin());
+                    // 角色认证 -- 拦截以 admin 开头的路由，必须具备 admin 角色或者 super-admin 角色才可以通过认证
+                    SaRouter.match("/admin/**", r -> StpUtil.checkRoleOr("admin", "super-admin"));
+                    // 权限认证 -- 不同模块认证不同权限
+                    SaRouter.match("/user/**", r -> StpUtil.checkRole("user"));
+                    SaRouter.match("/admin/**", r -> StpUtil.checkPermission("admin"));
+                    // 甚至你可以随意的写一个打印语句
+                    SaRouter.match("/**", r -> System.out.println("--------权限认证成功-------"));
+                }).isAnnotation(true))
+                //拦截所有接口
+                .addPathPatterns("/**")
+                //不拦截/user/doLogin登录接口
+                .excludePathPatterns("/student/login");
+    }
+}
--- a/sms-auth/sms-auth-controller/src/main/java/com/landaiqing/controller/StudentController.java
+++ b/sms-auth/sms-auth-controller/src/main/java/com/landaiqing/controller/StudentController.java
@@ -1,6 +1,7 @@
 package com.landaiqing.controller;

 import cn.dev33.satoken.stp.SaTokenInfo;
+import cn.dev33.satoken.stp.StpUtil;
 import com.alibaba.fastjson.JSON;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.google.common.base.Preconditions;
@@ -143,11 +144,16 @@ public class StudentController {
            Preconditions.checkArgument(!StringUtils.isBlank(studentDTO.getUsername()), "用户名不能为空！");
            Preconditions.checkArgument(!StringUtils.isBlank(studentDTO.getPassword()), "密码不能为空！");
            StudentBO studentBO = StudentInfoDtoConvert.INSTANCE.convertDtoToBO(studentDTO);
-            SaTokenInfo  saTokenInfo = studentDomainService.login(studentBO);
+            SaTokenInfo saTokenInfo = studentDomainService.login(studentBO);
            return Result.ok(saTokenInfo);
        } catch (Exception e) {
            log.error("StudentController.login.error:{}", e.getMessage(), e);
            return Result.fail("登录失败！");
        }
    }
+
+    @RequestMapping("isLogin")
+    public String isLogin() {
+        return "当前会话是否登录：" + StpUtil.isLogin();
+    }
 }