7 years ago · b819fe62b3
--- a/src/main/java/com/uas/eis/controller/HelloWorldController.java
+++ b/src/main/java/com/uas/eis/controller/HelloWorldController.java
@@ -6,7 +6,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 
				 import org.springframework.web.bind.annotation.RequestMapping;
			
 
				 import org.springframework.web.bind.annotation.RestController;
			
 
				 
			
 
				-import com.uas.eis.entity.Token;
			
 
				+import com.uas.eis.dao.RoleDao;
			
 
				+import com.uas.eis.entity.TokenConfig;
			
 
				+import com.uas.eis.service.RoleService;
			
 
				 import com.uas.eis.service.UserService;
			
 
				 import com.uas.eis.utils.JwtUtil;
			
 
				 
			
@@ -15,6 +17,8 @@ public class HelloWorldController {
 
				 
			
 
				 	@Autowired
			
 
				 	private UserService userService;
			
 
				+	@Autowired
			
 
				+	private RoleService roleService;
			
 
				 	
			
 
				 	@RequestMapping("/hello")
			
 
				 	public String hello(){
			
@@ -30,8 +34,9 @@ public class HelloWorldController {
 
				 	 * 首次登陆请求token
			
 
				 	 */
			
 
				 	@RequestMapping("/login")
			
 
				-	public String login(String username){
			
 
				-		return "token: " + JwtUtil.createJWT("zhuth", "u0783", "ADMIN", "TEST", "gg", 100000, Token.SECURITY_KEY);
			
 
				+	public String login(String username, String password){
			
 
				+		roleService.checkRoleEnable("zhuth");
			
 
				+		return "<pre style=\"width:50%;font-family: mic;white-space: pre-wrap;word-wrap: break-word;\">"+roleService.login(username, password)+"</pre>";
			
 
				 	}
			
 
				 	
			
 
				 	/**
			
--- a/src/main/java/com/uas/eis/core/support/InterceptorConfig.java
+++ b/src/main/java/com/uas/eis/core/support/InterceptorConfig.java
@@ -1,7 +1,5 @@
 
				 package com.uas.eis.core.support;
			
 
				 
			
 
				-import java.util.Enumeration;
			
 
				-
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				 
			
@@ -11,22 +9,39 @@ import org.springframework.web.servlet.ModelAndView;
 
				 
			
 
				 import com.uas.eis.utils.BaseUtil;
			
 
				 
			
 
				+import io.jsonwebtoken.Claims;
			
 
				+
			
 
				 public class InterceptorConfig implements HandlerInterceptor{
			
 
				 
			
 
				 	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
			
 
				 		//token认证
			
 
				 		String token = request.getParameter("token");
			
 
				-		if(token != null && !token.isEmpty()) {
			
 
				-			if(TokenHandler.checkToken(token)) {
			
 
				-				return true;
			
 
				+		boolean flag = false;
			
 
				+		String message = new String("程序错误");
			
 
				+		if(token != null && !token.isEmpty()) { // 验证是否包含token
			
 
				+			Claims claims = TokenHandler.checkToken(token); 
			
 
				+			if(claims != null && claims.containsKey("userid")) { // 验证token信息是否合法
			
 
				+				String username = (String) claims.get("username");
			
 
				+				if(checkRoleEnable(username)) {
			
 
				+					String actionUrl = request.getRequestURI();
			
 
				+					if(checkActionAccess(username, actionUrl)) { // 验证请求权限
			
 
				+						flag = true;
			
 
				+					}else {
			
 
				+						message = "访问权限受限";
			
 
				+					}
			
 
				+				}else {
			
 
				+					message = "请求用户无效";
			
 
				+				}
			
 
				 			}else {
			
 
				-				BaseUtil.showError("身份验证不通过");
			
 
				-				return true;
			
 
				+				message = "未通过验证的请求";
			
 
				 			}
			
 
				 		}else {
			
 
				-			BaseUtil.showError("身份验证不通过");
			
 
				-			return true;
			
 
				+			message = "未授权的请求";
			
 
				+		}
			
 
				+		if(!flag) {
			
 
				+			BaseUtil.showError(message);
			
 
				 		}
			
 
				+		return flag;
			
 
				 	}
			
 
				 	
			
 
				 	public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler,
			
@@ -37,4 +52,11 @@ public class InterceptorConfig implements HandlerInterceptor{
 
				 			@Nullable Exception ex) throws Exception {
			
 
				 	}
			
 
				 	
			
 
				+	private boolean checkRoleEnable(String username) {
			
 
				+		return true;
			
 
				+	}
			
 
				+	
			
 
				+	private boolean checkActionAccess(String username, String action) {
			
 
				+		return username.equals("zhuth") && action.equals("/test");
			
 
				+	}
			
 
				 }
			
--- a/src/main/java/com/uas/eis/core/support/TokenHandler.java
+++ b/src/main/java/com/uas/eis/core/support/TokenHandler.java
@@ -1,18 +1,17 @@
 
				 package com.uas.eis.core.support;
			
 
				 
			
 
				-import java.util.Map;
			
 
				-
			
 
				-import com.uas.eis.entity.Token;
			
 
				 import com.uas.eis.utils.JwtUtil;
			
 
				 
			
 
				 import io.jsonwebtoken.Claims;
			
 
				 
			
 
				 public class TokenHandler {
			
 
				-	public static String createToken(Map<String, String> params, boolean encode) {
			
 
				-		return null;
			
 
				+	
			
 
				+	public static String createToken(String username, String password) {
			
 
				+		return JwtUtil.createJWT(username, password);
			
 
				 	}
			
 
				-	public static boolean checkToken(String token) {
			
 
				-		Claims claim = JwtUtil.parseJWT(token, Token.SECURITY_KEY);
			
 
				-		return claim.containsKey("unique_name");
			
 
				+	
			
 
				+	public static Claims checkToken(String token) {
			
 
				+		Claims claim = JwtUtil.parseJWT(token);
			
 
				+		return claim;
			
 
				 	}
			
 
				 }
			
--- a/src/main/java/com/uas/eis/dao/RoleDao.java
+++ b/src/main/java/com/uas/eis/dao/RoleDao.java
@@ -0,0 +1,37 @@
 
				+package com.uas.eis.dao;
			
 
				+
			
 
				+import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.jdbc.core.support.JdbcDaoSupport;
			
 
				+import org.springframework.stereotype.Component;
			
 
				+
			
 
				+import com.uas.eis.core.support.TokenHandler;
			
 
				+
			
 
				+public class RoleDao extends JdbcDaoSupport{
			
 
				+	
			
 
				+	@Autowired
			
 
				+	private BaseDao baseDao;
			
 
				+	
			
 
				+	public String login(String username, String password) {
			
 
				+		return TokenHandler.createToken(username, password);
			
 
				+	}
			
 
				+	
			
 
				+	public boolean getEnable(String username) {
			
 
				+		int enable = baseDao.queryForObject("select er_enable from EIS_ROLE where er_name = '" + username + "'", Integer.class);
			
 
				+		return enable == -1;
			
 
				+	}
			
 
				+	
			
 
				+	public boolean checkActionAccess(String username, String action) {
			
 
				+		String role = baseDao.queryForObject("select eu_role from EIS_USER; where eu_name = '" + username + "'", String.class);
			
 
				+		String roles = baseDao.queryForObject("select ei_roles from EIS_INTERFACE where ei_path = '" + action + "'", String.class);
			
 
				+		String[] allRoles = roles.split(",");
			
 
				+		boolean flag = false;
			
 
				+		
			
 
				+		for(String r: allRoles){
			
 
				+	        if(r.equals(role)) {
			
 
				+	        	flag = true;
			
 
				+	        	break;
			
 
				+	        }
			
 
				+	    }
			
 
				+		return flag;
			
 
				+	}
			
 
				+}
			
--- a/src/main/java/com/uas/eis/entity/Action.java
+++ b/src/main/java/com/uas/eis/entity/Action.java
@@ -0,0 +1,54 @@
 
				+package com.uas.eis.entity;
			
 
				+
			
 
				+import java.util.List;
			
 
				+
			
 
				+/**
			
 
				+ * 接口信息类
			
 
				+ * @author zhuth
			
 
				+ * @time 2018年4月4日
			
 
				+ */
			
 
				+public class Action {
			
 
				+	private int id; // id
			
 
				+	private String code; // 编号
			
 
				+	private String name; // 名称
			
 
				+	private String path; // 路由地址
			
 
				+	private int enable; // 是否启用
			
 
				+	private List<String> roles; // 分配角色
			
 
				+	
			
 
				+	public int getId() {
			
 
				+		return id;
			
 
				+	}
			
 
				+	public void setId(int id) {
			
 
				+		this.id = id;
			
 
				+	}
			
 
				+	public String getCode() {
			
 
				+		return code;
			
 
				+	}
			
 
				+	public void setCode(String code) {
			
 
				+		this.code = code;
			
 
				+	}
			
 
				+	public String getName() {
			
 
				+		return name;
			
 
				+	}
			
 
				+	public void setName(String name) {
			
 
				+		this.name = name;
			
 
				+	}
			
 
				+	public String getPath() {
			
 
				+		return path;
			
 
				+	}
			
 
				+	public void setPath(String path) {
			
 
				+		this.path = path;
			
 
				+	}
			
 
				+	public int getEnable() {
			
 
				+		return enable;
			
 
				+	}
			
 
				+	public void setEnable(int enable) {
			
 
				+		this.enable = enable;
			
 
				+	}
			
 
				+	public List<String> getRoles() {
			
 
				+		return roles;
			
 
				+	}
			
 
				+	public void setRoles(List<String> roles) {
			
 
				+		this.roles = roles;
			
 
				+	}
			
 
				+}
			
--- a/src/main/java/com/uas/eis/entity/Token.java
+++ b/src/main/java/com/uas/eis/entity/Token.java
@@ -1,5 +0,0 @@
 
				-package com.uas.eis.entity;
			
 
				-
			
 
				-public class Token {
			
 
				-	public static String SECURITY_KEY = "36762702385535371444397399";
			
 
				-}
			
--- a/src/main/java/com/uas/eis/entity/TokenConfig.java
+++ b/src/main/java/com/uas/eis/entity/TokenConfig.java
@@ -0,0 +1,8 @@
 
				+package com.uas.eis.entity;
			
 
				+
			
 
				+public class TokenConfig {
			
 
				+	public static String SECURITY_KEY = "36762702385535371444397399"; // 秘钥
			
 
				+	public static String ISSUER = "UAS_EIS";
			
 
				+	public static String AUDIENCE = "UAS_EIS";
			
 
				+	public static long KEEP = 2592000; // 保留时间
			
 
				+}
			
--- a/src/main/java/com/uas/eis/entity/User.java
+++ b/src/main/java/com/uas/eis/entity/User.java
@@ -0,0 +1,38 @@
 
				+package com.uas.eis.entity;
			
 
				+
			
 
				+/**
			
 
				+ * 角色类
			
 
				+ * @author zhuth
			
 
				+ * @time 2018年4月4日
			
 
				+ */
			
 
				+public class User {
			
 
				+	private String name;
			
 
				+	private String password;
			
 
				+	private int enable;
			
 
				+	private String role;
			
 
				+	
			
 
				+	public String getName() {
			
 
				+		return name;
			
 
				+	}
			
 
				+	public void setName(String name) {
			
 
				+		this.name = name;
			
 
				+	}
			
 
				+	public String getPassword() {
			
 
				+		return password;
			
 
				+	}
			
 
				+	public void setPassword(String password) {
			
 
				+		this.password = password;
			
 
				+	}
			
 
				+	public int getEnable() {
			
 
				+		return enable;
			
 
				+	}
			
 
				+	public void setEnable(int enable) {
			
 
				+		this.enable = enable;
			
 
				+	}
			
 
				+	public String getRole() {
			
 
				+		return role;
			
 
				+	}
			
 
				+	public void setRole(String role) {
			
 
				+		this.role = role;
			
 
				+	}
			
 
				+}
			
--- a/src/main/java/com/uas/eis/service/RoleService.java
+++ b/src/main/java/com/uas/eis/service/RoleService.java
@@ -0,0 +1,10 @@
 
				+package com.uas.eis.service;
			
 
				+
			
 
				+public interface RoleService {
			
 
				+	
			
 
				+	public abstract String login(String username, String password);
			
 
				+
			
 
				+	public abstract boolean checkActionAccess(String username, String action);
			
 
				+
			
 
				+	public abstract boolean checkRoleEnable(String username);
			
 
				+}
			
--- a/src/main/java/com/uas/eis/serviceImpl/RoleServiceImpl.java
+++ b/src/main/java/com/uas/eis/serviceImpl/RoleServiceImpl.java
@@ -0,0 +1,33 @@
 
				+package com.uas.eis.serviceImpl;
			
 
				+
			
 
				+import org.springframework.beans.factory.annotation.Autowired;
			
 
				+import org.springframework.jdbc.core.JdbcTemplate;
			
 
				+import org.springframework.stereotype.Service;
			
 
				+
			
 
				+import com.uas.eis.core.support.TokenHandler;
			
 
				+import com.uas.eis.service.RoleService;
			
 
				+
			
 
				+@Service
			
 
				+public class RoleServiceImpl implements RoleService {
			
 
				+
			
 
				+	@Autowired
			
 
				+	private JdbcTemplate jdbcTemplate; 
			
 
				+	
			
 
				+	@Override
			
 
				+	public String login(String username, String password) {
			
 
				+		return TokenHandler.createToken(username, password);
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public boolean checkActionAccess(String username, String action) {
			
 
				+		return true;
			
 
				+	}
			
 
				+
			
 
				+	@Override
			
 
				+	public boolean checkRoleEnable(String username) {
			
 
				+		System.out.println("coming.....");
			
 
				+		int enable = jdbcTemplate.queryForObject("select eu_enable from EIS_USER where eu_name = '" + username + "'", Integer.class);
			
 
				+		return enable == -1;
			
 
				+	}
			
 
				+
			
 
				+}
			
--- a/src/main/java/com/uas/eis/utils/JwtUtil.java
+++ b/src/main/java/com/uas/eis/utils/JwtUtil.java
@@ -2,20 +2,26 @@ package com.uas.eis.utils;
 
				 
			
 
				 import java.security.Key;
			
 
				 import java.util.Date;
			
 
				+import java.util.UUID;
			
 
				 
			
 
				 import javax.crypto.spec.SecretKeySpec;
			
 
				 import javax.xml.bind.DatatypeConverter;
			
 
				 
			
 
				+import com.fasterxml.jackson.databind.deser.impl.ExternalTypeHandler.Builder;
			
 
				+import com.uas.eis.entity.TokenConfig;
			
 
				+
			
 
				 import io.jsonwebtoken.Claims;
			
 
				 import io.jsonwebtoken.JwtBuilder;
			
 
				 import io.jsonwebtoken.Jwts;
			
 
				 import io.jsonwebtoken.SignatureAlgorithm;
			
 
				 
			
 
				 public class JwtUtil {
			
 
				-	public static String createJWT(String name, String userId, String role, String audience, String issuer,
			
 
				-			long TTLMillis, String base64Security) {
			
 
				+	private static String base64Security = TokenConfig.SECURITY_KEY;
			
 
				+	
			
 
				+	public static String createJWT(String username, String password) {
			
 
				 		SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
			
 
				 
			
 
				+		UUID userid = UUID.randomUUID();
			
 
				 		long nowMillis = System.currentTimeMillis();
			
 
				 		Date now = new Date(nowMillis);
			
 
				 
			
@@ -25,24 +31,23 @@ public class JwtUtil {
 
				 
			
 
				 		// 添加构成JWT的参数
			
 
				 		JwtBuilder builder = Jwts.builder().setHeaderParam("typ", "JWT")
			
 
				-				.claim("role", role)
			
 
				-				.claim("unique_name", name)
			
 
				-				.claim("userid", userId)
			
 
				-				.setIssuer(issuer)
			
 
				-				.setAudience(audience)
			
 
				+				.claim("userid", userid)
			
 
				+				.claim("username", username)
			
 
				+				.claim("password", password)
			
 
				+				.setIssuer(TokenConfig.ISSUER)
			
 
				+				.setAudience(TokenConfig.AUDIENCE)
			
 
				 				.signWith(signatureAlgorithm, signingKey);
			
 
				+		
			
 
				 		// 添加Token过期时间
			
 
				-		if (TTLMillis >= 0) {
			
 
				-			long expMillis = nowMillis + TTLMillis;
			
 
				-			Date exp = new Date(expMillis);
			
 
				-			builder.setExpiration(exp).setNotBefore(now);
			
 
				-		}
			
 
				+		long expMillis = nowMillis + TokenConfig.KEEP;
			
 
				+		Date exp = new Date(expMillis);
			
 
				+		builder.setExpiration(exp).setNotBefore(now);
			
 
				 
			
 
				 		// 生成JWT
			
 
				 		return builder.compact();
			
 
				 	}
			
 
				 
			
 
				-	public static Claims parseJWT(String jsonWebToken, String base64Security) {
			
 
				+	public static Claims parseJWT(String jsonWebToken) {
			
 
				 		try {
			
 
				 			Claims claims = Jwts.parser().setSigningKey(DatatypeConverter.parseBase64Binary(base64Security))
			
 
				 					.parseClaimsJws(jsonWebToken).getBody();
			
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -1,6 +1,6 @@
 
				 spring:
			
 
				     datasource:
			
 
				         driverClassName: oracle.jdbc.OracleDriver
			
 
				-        username: UAS_DEV
			
 
				+        username: UAS
			
 
				         password: select!#%*(
			
 
				         url: jdbc:oracle:thin:@192.168.253.6:1521:orcl