问题遇到的现象和发生背景
拿了个博客项目,因为是后台管理系统,是springboot+shiro+jwt+h5的,我想改造成也能兼容前后端分离(uniapp开发)
用代码块功能插入代码,请勿粘贴截图
package com.demo.config;
import cn.hutool.core.collection.CollectionUtil;
import com.demo.Application;
import com.demo.model.Permission;
import com.demo.model.User;
import com.demo.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.List;
import java.util.stream.Collectors;
/**
* Custom shiroRealm
*
* @author dolphin
*/
@Component
public class ShiroRealm extends AuthorizingRealm {
private final static Logger LOGGER = LoggerFactory.getLogger(Application.class);
private UserService userService;
@Autowired
public void setUserService(UserService userService) {
this.userService = userService;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) throws AuthenticationException {
User user = new User();
try {
BeanUtils.copyProperties(principals.getPrimaryPrincipal(), user);
} catch (Exception e) {
LOGGER.error("Get authorization exception: {}", e.getMessage());
throw new AuthenticationException("Get authorization exception");
}
user = userService.getUserByAccount(user.getAccount());
SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
simpleAuthorizationInfo.addRole(user.getRole().getCode());
List<Permission> permissionList = user.getPermissionList();
//管理员有所有的权限
if (user.hasAdmin()) {
simpleAuthorizationInfo.addStringPermission("*:*:*");
} else if (CollectionUtil.isNotEmpty(permissionList)) {
List<String> list = permissionList.stream().map(Permission::getPermissionValue)
.collect(Collectors.toList());
simpleAuthorizationInfo.addStringPermissions(list);
}
return simpleAuthorizationInfo;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken userToken = (UsernamePasswordToken) token;
String account = userToken.getUsername();
User user = userService.getUserByAccount(account);
if (user == null) {
LOGGER.error("Account does not exist: {}", account);
throw new UnknownAccountException("Account does not exist");
}
if (user.getPassword() == null) {
LOGGER.error("Password is empty");
throw new IncorrectCredentialsException("Password is empty");
} else {
String md5Hash = new Md5Hash(userToken.getPassword(), user.getSalt()).toString();
userToken.setPassword(md5Hash.toCharArray());
}
String password = user.getPassword();
user.setPassword(null);
return new SimpleAuthenticationInfo(user, password, getName());
}
}
import org.apache.shiro.authz.Authorizer;
import org.apache.shiro.authz.ModularRealmAuthorizer;
import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
import org.apache.shiro.mgt.DefaultSubjectDAO;
import org.apache.shiro.mgt.SessionsSecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.apache.shiro.mgt.SecurityManager;
/**
* Shiro Configuration
*
* @author dolphin
*/
@Configuration
public class ShiroConfig {
private final static Logger LOGGER = LoggerFactory.getLogger(ShiroConfig.class);
@Bean
public ShiroRealm userRealm() {
return new ShiroRealm();
}
@Bean
public ShiroFilterChainDefinition shiroFilterChainDefinition() {
DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();
chainDefinition.addPathDefinition("/login", "anon");
chainDefinition.addPathDefinition("/doLogin", "anon");
chainDefinition.addPathDefinition("/register", "anon");
chainDefinition.addPathDefinition("/doRegister", "anon");
chainDefinition.addPathDefinition("/restPassword", "anon");
chainDefinition.addPathDefinition("/logout", "anon");
chainDefinition.addPathDefinition("/404", "anon");
chainDefinition.addPathDefinition("/500", "anon");
chainDefinition.addPathDefinition("/403", "anon");
chainDefinition.addPathDefinition("/api/401", "anon");
chainDefinition.addPathDefinition("/install", "anon");
// List<Permission> permissionList = MenuManager.initSystemPermission();
// // 权限控制map.
// Map filterChainDefinitionMap = new LinkedHashMap();
// //从数据库获取
// for (Permission permission : permissionList) {
// filterChainDefinitionMap.put(permission.getUrl(),
// permission.getPermissionValue());
// }
// chainDefinition.addPathDefinitions(filterChainDefinitionMap);
LOGGER.info("Shiro拦截器工厂类注入成功");
return chainDefinition;
}
@Bean
public SessionsSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(userRealm());
return securityManager;
}
@Bean
public static DefaultAdvisorAutoProxyCreator getDefaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
defaultAdvisorAutoProxyCreator.setUsePrefix(true);
return defaultAdvisorAutoProxyCreator;
}
}
运行结果及报错内容
调试了很多次,要么就是原来的h5静态页面不能访问,要么就是验证不通过
我想要达到的结果
我想改造成也能兼容前后端分离(uniapp开发),就是管理后台和app都能够有权限控制,有试过的小伙伴吗