添加管理后台管理员登录功能

sso-manage-console/build.gradle

@@ -1,38 +1,40 @@
 buildscript {
-    repositories {
-        maven { url "https://plugins.gradle.org/m2/" }
-        maven { url 'http://113.105.74.141:8081/artifactory/libs-release-local' }
-        maven { url "http://maven.aliyun.com/nexus/content/groups/public/" }
-        jcenter()
-    }
-    dependencies {
-        classpath 'com.uas.demo.mesh:spring-boot-docker-plugin:1.0.2'
-    }
+  repositories {
+    maven { url "https://plugins.gradle.org/m2/" }
+    maven { url 'http://113.105.74.141:8081/artifactory/libs-release-local' }
+    maven { url "http://maven.aliyun.com/nexus/content/groups/public/" }
+    jcenter()
+  }
+  dependencies {
+    classpath 'com.uas.demo.mesh:spring-boot-docker-plugin:1.0.2'
+  }
 }
 
 plugins {
-	id "eclipse"
-	id "org.springframework.boot" version "1.5.9.RELEASE"
+  id "eclipse"
+  id "org.springframework.boot" version "1.5.9.RELEASE"
 }
 
 apply plugin: 'com.uas.docker.spring.boot'
 
 dependencies {
-    // Custom Libraries
-    compile project(":sso-common")
-    compile project(path: ":sso-server", configuration: "persist")  // Project Lib
+  // Custom Libraries
+  compile project(":sso-common")
+  compile project(path: ":sso-server", configuration: "persist")  // Project Lib
 
-	compile("org.springframework.boot:spring-boot-starter-web")
-    compile("org.springframework.boot:spring-boot-starter-data-jpa")
-    compile("org.springframework.boot:spring-boot-starter-actuator")
+  compile("org.springframework.boot:spring-boot-starter-web")
+  compile("org.springframework.boot:spring-boot-starter-thymeleaf")
+  compile("org.springframework.boot:spring-boot-starter-data-jpa")
+  compile("org.springframework.boot:spring-boot-starter-actuator")
+  compile("net.sourceforge.nekohtml:nekohtml:1.9.15")
 
-    compile("mysql:mysql-connector-java:5.1.41")
-    compile("com.alibaba:druid:1.1.6")
+  compile("mysql:mysql-connector-java:5.1.41")
+  compile("com.alibaba:druid:1.1.6")
 
-	testCompile('org.springframework.boot:spring-boot-starter-test')
+  testCompile('org.springframework.boot:spring-boot-starter-test')
 }
 
 customDocker {
-    baseImage '10.10.100.200:5000/alpine-java:8'
-    registry '10.10.100.200:5000'
+  baseImage '10.10.100.200:5000/alpine-java:8'
+  registry '10.10.100.200:5000'
 }

sso-manage-console/src/main/java/com/uas/sso/sso/backend/config/SecurityConfiguration.java

@@ -0,0 +1,92 @@
+package com.uas.sso.sso.backend.config;
+
+import com.uas.sso.web.AccountConfigurer;
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Properties;
+import org.apache.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
+
+/**
+ * Spring MVC web configurations which is used to intercept protected
+ * resources visit.
+ *
+ * @author huxz
+ */
+@Configuration
+public class SecurityConfiguration extends WebMvcConfigurerAdapter {
+
+    private static final Logger logger = Logger.getLogger(SecurityConfiguration.class);
+
+    private final ApplicationContext applicationContext;
+
+    private final SecurityInterceptor securityInterceptor;
+
+    @Autowired
+    public SecurityConfiguration(ApplicationContext applicationContext, SecurityInterceptor securityInterceptor) {
+        this.applicationContext = applicationContext;
+        this.securityInterceptor = securityInterceptor;
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(securityInterceptor)
+                .addPathPatterns("/**");
+    }
+
+    @Override
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("/").setViewName("index");
+        registry.addViewController("/index").setViewName("index");
+    }
+
+    @Bean(name = "accountConfigurer")
+    @Profile(value = {"dev"})
+    public AccountConfigurer devAccountConfigurer() {
+        return initAccountConfigurer(applicationContext, "classpath:config/account-dev.properties");
+    }
+
+    @Bean(name = "accountConfigurer")
+    @Profile(value = {"test"})
+    public AccountConfigurer testAccountConfigurer() {
+        return initAccountConfigurer(applicationContext, "classpath:config/account-test.properties");
+    }
+
+    @Bean(name = "accountConfigurer")
+    @Profile(value = {"prod"})
+    public AccountConfigurer prodAccountConfigurer() {
+        return initAccountConfigurer(applicationContext, "classpath:config/account-prod.properties");
+    }
+
+    private AccountConfigurer initAccountConfigurer(ApplicationContext applicationContext, String classpath) {
+        AccountConfigurer configurer = new AccountConfigurer();
+
+        // 解决Spring Boot应用不支持Resource.getFile方式读取配置文件的问题
+        Properties prop = getProperties(applicationContext, classpath);
+
+        if (prop != null) {
+            configurer.initProperties(prop);
+        } else {
+            throw new NullPointerException("Initializing is not available AccountConfigLocation on the classpath");
+        }
+        return configurer;
+    }
+
+    private Properties getProperties(ApplicationContext applicationContext, String location) {
+        Properties prop;
+        try (InputStream stream = applicationContext.getResource(location).getInputStream()) {
+            prop = new Properties();
+            prop.load(stream);
+        } catch (IOException e) {
+            throw new IllegalStateException("account read config file error", e);
+        }
+        return prop;
+    }
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/config/SecurityInterceptor.java

@@ -0,0 +1,85 @@
+package com.uas.sso.sso.backend.config;
+
+import com.uas.sso.SSOConfig;
+import com.uas.sso.SSOHelper;
+import com.uas.sso.SSOToken;
+import com.uas.sso.entity.UserAccount;
+import com.uas.sso.support.SystemSession;
+import com.uas.sso.util.FastjsonUtils;
+import com.uas.sso.web.spring.AbstractSSOInterceptor;
+import java.io.IOException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+
+/**
+ * 登录拦截
+ *
+ * @author wangmh
+ * @date 2018/1/9.
+ */
+@Component
+public class SecurityInterceptor extends AbstractSSOInterceptor {
+
+    @Override
+    protected boolean onAuthenticateFailed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
+        return false;
+    }
+
+    @Override
+    protected void onAuthenticateSuccess(HttpServletRequest request, HttpServletResponse response) {
+        SSOToken token = SSOHelper.attrToken(request);
+        UserAccount userAccount = getUserByToken(token);
+
+        if (userAccount != null) {
+            request.getSession().setAttribute("userAccount", userAccount);
+            SystemSession.setUserAccount(userAccount);
+        } else {
+            try {
+                sendRedirect(request, response);
+            } catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
+            throws Exception {
+        super.afterCompletion(request, response, handler, ex);
+        SystemSession.clear();
+    }
+
+    @Override
+    protected void sendRedirect(HttpServletRequest request, HttpServletResponse response) throws IOException {
+        System.out.println(request.getRequestedSessionId());
+        System.out.println(request.getRequestURL().toString());
+        boolean cross = SSOHelper.isCrossDomain(request);
+        if (cross) {
+            request.getSession().setAttribute(SSOConfig.SSOReferer, request.getRequestURL());
+
+            String returnUrl = request.getRequestURL().toString();
+            String baseUrl = returnUrl.replace(request.getRequestURI(), "");
+            if (StringUtils.isEmpty(returnUrl)) {
+                returnUrl = SSOHelper.getRedirectRefererLoginUrl(request);
+            } else {
+                returnUrl = SSOHelper.getRedirectLoginUrl(request, returnUrl);
+            }
+            System.out.println(returnUrl);
+
+            baseUrl = baseUrl + "/login/other";
+            response.sendRedirect(returnUrl + "&baseUrl=" + baseUrl);
+        } else {
+            SSOHelper.clearRedirectLogin(request, response);
+        }
+    }
+
+    private UserAccount getUserByToken(SSOToken token) {
+        UserAccount userAccount = null;
+        if (token != null && !StringUtils.isEmpty(token.getData())) {
+            userAccount = FastjsonUtils.fromJson(token.getData(), UserAccount.class);
+        }
+        return userAccount;
+    }
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/service/impl/AppealServiceImpl.java

@@ -5,6 +5,7 @@ import com.uas.sso.dao.UserDao;
 import com.uas.sso.dao.UserspaceDao;
 import com.uas.sso.entity.Appeal;
 import com.uas.sso.entity.User;
+import com.uas.sso.entity.UserAccount;
 import com.uas.sso.entity.Userspace;
 import com.uas.sso.sso.backend.dao.AdminChangeRecordDao;
 import com.uas.sso.sso.backend.entity.AdminChangeRecord;
@@ -12,6 +13,7 @@ import com.uas.sso.sso.backend.entity.AdminChangeType;
 import com.uas.sso.sso.backend.exceptions.ValidationFailedException;
 import com.uas.sso.sso.backend.service.AppealService;
 import com.uas.sso.sso.backend.util.JacksonUtils;
+import com.uas.sso.support.SystemSession;
 import java.sql.Timestamp;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -122,7 +124,9 @@ public class AppealServiceImpl implements AppealService {
         Assert.notNull(isPass, "审核状态不能为空");
         Appeal appeal = assertAppealExist(appealId);
 
-        appeal.setAuditor("系统管理员");
+        UserAccount account = SystemSession.getUserAccount();
+
+        appeal.setAuditor(account.getVipName());
         appeal.setAuditDate(new Timestamp(System.currentTimeMillis()));
         appeal.setStatus((short) (isPass ? 2 : 3));
         appealDao.save(appeal);
@@ -171,7 +175,9 @@ public class AppealServiceImpl implements AppealService {
             record.setOldAdminName(oldAdmin.getVipName());
             record.setOldAdminTel(oldAdmin.getMobile());
 
-            record.setAuditorName("系统管理员");
+            UserAccount accountUser = SystemSession.getUserAccount();
+
+            record.setAuditorName(accountUser.getVipName());
             record.setAuditorTel("123456789");
             record.setAuditTime(new Date());
             record.setNewAdminName(user.getVipName());

sso-manage-console/src/main/java/com/uas/sso/sso/backend/service/impl/UserSpaceServiceImpl.java

@@ -7,6 +7,7 @@ import com.uas.sso.dao.UserspaceDao;
 import com.uas.sso.dao.UserspaceValidDao;
 import com.uas.sso.entity.App;
 import com.uas.sso.entity.User;
+import com.uas.sso.entity.UserAccount;
 import com.uas.sso.entity.Userspace;
 import com.uas.sso.entity.UserspaceValid;
 import com.uas.sso.sso.backend.dao.AdminChangeRecordDao;
@@ -15,6 +16,7 @@ import com.uas.sso.sso.backend.entity.AdminChangeRecord;
 import com.uas.sso.sso.backend.entity.AdminChangeType;
 import com.uas.sso.sso.backend.exceptions.ValidationFailedException;
 import com.uas.sso.sso.backend.service.UserSpaceService;
+import com.uas.sso.support.SystemSession;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Collections;
@@ -162,7 +164,8 @@ public class UserSpaceServiceImpl implements UserSpaceService {
         record.setSpaceUU(spaceUu);
 
         User oldAdmin = space.getAdmin();
-        record.setSponsorName("系统管理员");
+        UserAccount account = SystemSession.getUserAccount();
+        record.setSponsorName(account.getVipName());
         record.setSponsorTel("123456789");
         if (oldAdmin != null) {
             record.setOldAdminName(oldAdmin.getVipName());
@@ -170,7 +173,7 @@ public class UserSpaceServiceImpl implements UserSpaceService {
         }
         record.setLaunchTime(new Date());
 
-        record.setAuditorName("系统管理员");
+        record.setAuditorName(account.getVipName());
         record.setAuditorTel("123456789");
         record.setAuditTime(new Date());
         record.setNewAdminName(admin.getVipName());
@@ -198,6 +201,7 @@ public class UserSpaceServiceImpl implements UserSpaceService {
     public Userspace authEnterpriseInfo(@NotNull Long spaceUu, @NotNull Boolean isPass,
             String reason) {
         Userspace space = assertSpaceExist(spaceUu);
+        UserAccount account = SystemSession.getUserAccount();
 
         if (isPass) {
             space.setValidCode((short) Status.AUTHENTICATED.getCode());
@@ -212,7 +216,7 @@ public class UserSpaceServiceImpl implements UserSpaceService {
         }
 
         for (UserspaceValid valid : validList) {
-            valid.setAuditor("系统管理员");
+            valid.setAuditor(account.getVipName());
 
             SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
             valid.setValidDate(dateFormat.format(new Date()));

sso-manage-console/src/main/java/com/uas/sso/sso/backend/web/LoginBackendController.java

@@ -0,0 +1,36 @@
+package com.uas.sso.sso.backend.web;
+
+import com.alibaba.fastjson.JSON;
+import com.uas.sso.SSOHelper;
+import com.uas.sso.SSOToken;
+import com.uas.sso.entity.UserView;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Controller
+public class LoginBackendController {
+
+    /**
+     * 其他地点登录后 同步登录状态
+     * @param request
+     * @param response
+     */
+    @RequestMapping(value = "/login/other")
+    @ResponseBody
+    public String afterCrossLogin(HttpServletRequest request, HttpServletResponse response, UserView userView) {
+        String callback = request.getParameter("jsoncallback");
+        response.setContentType("text/html;charset=UTF-8");
+        if (userView != null && userView.getUserUU() != null) {
+            SSOToken tk = new SSOToken();
+            tk.setUid(userView.getUserUU().toString());
+            tk.setTime(System.currentTimeMillis());
+            tk.setData(JSON.toJSONString(userView));
+            SSOHelper.setSSOCookie(request, response, tk, true);
+            return "successCallback({success:'1'})";
+        }
+        return "successCallback({success:'0'})";
+    }
+}

sso-manage-console/src/main/resources/application.yml

@@ -15,6 +15,8 @@ spring:
   jpa:
     database: mysql
     show-sql: false
+  thymeleaf:
+    mode: LEGACYHTML5
 # 避免自动建表更新账户中心的数据库结构
 #     hibernate:
 #      ddl-auto: "update"

sso-manage-console/src/main/resources/templates/index.html

@@ -0,0 +1 @@
+<!DOCTYPE html><html><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1"><title>sso-manage-console-web</title><link href=/static/css/app.ea3c1668a479c363f536125083785b3d.css rel=stylesheet></head><body><div id=app></div><script type=text/javascript src=/static/js/manifest.f90036c9cf6c695af715.js></script><script type=text/javascript src=/static/js/vendor.c0860049e31b16a93cfc.js></script><script type=text/javascript src=/static/js/app.23fbd42252c33442fd7e.js></script></body></html>