feat(all): 添加了鉴权系统

2024-04-08 17:52:43 +08:00 · 2024-04-08 17:52:43 +08:00 · db36ed3fb0
commit db36ed3fb0
parent b4c4833e44
4 changed files with 32 additions and 48 deletions
--- a/src/main/java/org/mmga/clubs/commands/UserCommands.java
+++ b/src/main/java/org/mmga/clubs/commands/UserCommands.java
@ -1,31 +0,0 @@
-package org.mmga.clubs.commands;
-
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.codec.digest.DigestUtils;
-import org.mmga.clubs.controller.UserController;
-import org.mmga.clubs.entities.BaseResponse;
-import org.mmga.clubs.entities.user.User;
-import org.mmga.clubs.entities.user.UserLoginVo;
-import org.mmga.clubs.entities.user.UserRegVo;
-import org.mmga.clubs.utils.ShellUtils;
-import org.springframework.shell.standard.ShellComponent;
-import org.springframework.shell.standard.ShellMethod;
-
-@ShellComponent
-@Slf4j
-public class UserCommands {
-    private final UserController userController;
-    public UserCommands(UserController userController){
-        this.userController = userController;
-    }
-    @ShellMethod("创建用户")
-    public void createUser(String name, String password) {
-        BaseResponse<User> user = this.userController.createUser(new UserRegVo(name, DigestUtils.md5Hex(password), 1), null);
-        ShellUtils.logToResult(log, user);
-    }
-    @ShellMethod("登录")
-    public void login(String name, String password) {
-        BaseResponse<User> user = this.userController.login(new UserLoginVo(name, DigestUtils.md5Hex(password)), null);
-        ShellUtils.logToResult(log, user);
-    }
-}
--- a/src/main/java/org/mmga/clubs/configuration/TokenConfiguration.java
+++ b/src/main/java/org/mmga/clubs/configuration/TokenConfiguration.java
@ -28,11 +28,13 @@ public class TokenConfiguration implements HandlerInterceptor, WebMvcConfigurer{
    @Override
    public boolean preHandle(@NonNull HttpServletRequest request,@NonNull HttpServletResponse response,@NonNull Object handler) throws Exception {
        if (handler instanceof HandlerMethod handlerMethod){
-            if (handlerMethod.hasMethodAnnotation(AuthorizationRequired.class)){
-                String authorization = request.getHeader("Authorization");
-                try{
-                    jwtUtils.verifyToken(authorization);
-                }catch (JWTVerificationException e){
+            request.setAttribute("user", -1);
+            String authorization = request.getHeader("Authorization");
+            try{
+                Integer userId = jwtUtils.verifyToken(authorization);
+                request.setAttribute("user", userId);
+            }catch (JWTVerificationException e){
+                if (handlerMethod.hasMethodAnnotation(AuthorizationRequired.class)) {
                    log.debug("用户鉴权时出现错误：", e);
                    ServletOutputStream outputStream = response.getOutputStream();
                    response.addHeader("Content-Encoding", "UTF-8");
@ -42,7 +44,6 @@ public class TokenConfiguration implements HandlerInterceptor, WebMvcConfigurer{
                    outputStream.close();
                    return false;
                }
-                return true;
            }
        }
        return true;
--- a/src/main/java/org/mmga/clubs/controller/UserController.java
+++ b/src/main/java/org/mmga/clubs/controller/UserController.java
@ -5,7 +5,6 @@ import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.tags.Tag;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
-import org.mmga.clubs.annotations.AuthorizationRequired;
 import org.mmga.clubs.entities.BaseResponse;
 import org.mmga.clubs.entities.user.User;
 import org.mmga.clubs.entities.user.UserLoginVo;
@ -18,6 +17,7 @@ import org.springframework.web.bind.annotation.*;
@RequestMapping("/api/user")
@Tag(name = "用户", description = "用户相关接口")
@Slf4j
+@CrossOrigin(allowCredentials = "true", allowedHeaders = {"Set-Authorization", "Authorization"}, origins = {"http://localhost:5173"})
 public class UserController {
    private final UserService service;
    @Autowired
@ -26,17 +26,17 @@ public class UserController {
    }
    @PostMapping("/login")
    @Operation(description = "用户登录", responses = {@ApiResponse(description = "返回是否登录成功", responseCode = "200")})
-    public BaseResponse<User> login(@RequestBody UserLoginVo user, HttpServletResponse response){
+    public BaseResponse<Boolean> login(@RequestBody UserLoginVo user, HttpServletResponse response){
        return service.login(user, response);
    }
    @PutMapping("/create")
    @Operation(description = "创建用户", responses = {@ApiResponse(description = "返回创建后的用户")})
-    public BaseResponse<User> createUser(@RequestBody UserRegVo user, HttpServletResponse response){
+    public BaseResponse<Boolean> createUser(@RequestBody UserRegVo user, HttpServletResponse response){
        return service.createUser(user, response);
    }
-    @GetMapping("/test")
-    @AuthorizationRequired
-    public BaseResponse<Boolean> test(){
-        return BaseResponse.success(true);
+    @GetMapping("/info")
+    @Operation(description = "获取用户信息")
+    public BaseResponse<User> getUserInfo(@RequestAttribute("user") int userId){
+        return service.getUserInfo(userId);
    }
 }
--- a/src/main/java/org/mmga/clubs/service/UserService.java
+++ b/src/main/java/org/mmga/clubs/service/UserService.java
@ -21,16 +21,16 @@ public class UserService {
        this.jwtUtils = jwtUtils;
    }

-    public BaseResponse<User> login(UserLoginVo user, HttpServletResponse response) {
+    public BaseResponse<Boolean> login(UserLoginVo user, HttpServletResponse response) {
        UserVo userVo = userDao.getUser(user.username(), DigestUtils.sha1Hex(user.password()));
        User u = packageUser(userVo);
        if (response != null && u != null){
            response.addHeader("Set-Authorization", jwtUtils.createToken(u));
        }
-        return u == null ? BaseResponse.failed(404, "无效用户") : BaseResponse.success(u);
+        return u == null ? BaseResponse.failed(404, "无效用户") : BaseResponse.success(true);
    }

-    public BaseResponse<User> createUser(UserRegVo user, HttpServletResponse response) {
+    public BaseResponse<Boolean> createUser(UserRegVo user, HttpServletResponse response) {
        String username = user.username();
        if (userDao.countUser(username) > 0) {
            return BaseResponse.failed(409, "用户已存在");
@ -42,11 +42,18 @@ public class UserService {
        if (newUser != null && response != null) {
            response.addHeader("Set-Authorization", jwtUtils.createToken(newUser));
        }
-        return BaseResponse.success(newUser);
+        return BaseResponse.success(true);
    }
    public User getUserById(int id){
        return packageUser(userDao.getUserById(id));
    }
+    public User getGuestUser(){
+        User user = new User();
+        user.setId(-1);
+        user.setName("游客");
+        user.setAuth(authService.getAuthById(1));
+        return user;
+    }
    private User packageUser(UserVo vo) {
        if (vo == null){
            return null;
@ -57,4 +64,11 @@ public class UserService {
        result.setAuth(authService.getAuthById(vo.auth()));
        return result;
    }
+
+    public BaseResponse<User> getUserInfo(int userId) {
+        if (userId == -1){
+            return BaseResponse.success(getGuestUser());
+        }
+        return BaseResponse.success(getUserById(userId));
+    }
 }