forked from beauty-erp
zq-erp/pom.xml
@@ -341,6 +341,29 @@ <artifactId>alibaba-dingtalk-service-sdk</artifactId> <version>1.0.1</version> </dependency> <!-- swagger2 start --> <dependency> <groupId>io.springfox</groupId> <artifactId>springfox-swagger2</artifactId> <version>2.9.2</version> </dependency> <dependency> <groupId>io.swagger</groupId> <artifactId>swagger-annotations</artifactId> <version>1.5.23</version> </dependency> <dependency> <groupId>io.swagger</groupId> <artifactId>swagger-models</artifactId> <version>1.5.23</version> </dependency> <dependency> <groupId>io.springfox</groupId> <artifactId>springfox-swagger-ui</artifactId> <version>2.9.2</version> </dependency> <!-- swagger2 end --> </dependencies> <build> <resources> @@ -354,14 +377,14 @@ <exclude>config/test/*</exclude> <exclude>config/xcx/*</exclude> <!-- --> <!-- <exclude>config/config.json</exclude> <exclude>config/application.properties</exclude> <exclude>config/system.properties</exclude> --> <exclude>**/*.woff</exclude> <exclude>**/*.woff2</exclude> <exclude>**/*.ttf</exclude> zq-erp/src/main/java/com/matrix/config/MvcCoreConfig.java
@@ -3,6 +3,7 @@ import com.matrix.core.interceptor.WbeCommonInterceptor; import com.matrix.system.common.interceptor.ApiUserLoginInterceptor; import com.matrix.system.common.interceptor.HostInterceptor; import com.matrix.system.common.interceptor.SuAuthorityInterceptor; import com.matrix.system.common.interceptor.UserLoginInterceptor; @@ -36,6 +37,9 @@ @Autowired private WbeCommonInterceptor wbeCommonInterceptor; @Autowired private ApiUserLoginInterceptor apiUserLoginInterceptor; /** * 添加拦截器 @@ -46,15 +50,29 @@ */ @Override public void addInterceptors(InterceptorRegistry registry) { // 手机端拦截 registry.addInterceptor(apiUserLoginInterceptor) .addPathPatterns("/api/**") .excludePathPatterns("/api/common/**"); // 公共拦截 registry.addInterceptor(wbeCommonInterceptor) .addPathPatterns("/**") .excludePathPatterns("/css/**") .excludePathPatterns("/js/**") .excludePathPatterns("/images/**") .excludePathPatterns("/plugin/**"); .excludePathPatterns("/plugin/**") .excludePathPatterns("/swagger**/**") .excludePathPatterns("/webjars/**"); // 用户认证拦截 registry.addInterceptor(userLoginInterceptor).addPathPatterns("/**").excludePathPatterns("/common/**").excludePathPatterns("/resource/**"); registry.addInterceptor(userLoginInterceptor) .addPathPatterns("/**") .excludePathPatterns("/common/**") .excludePathPatterns("/resource/**") .excludePathPatterns("/swagger**/**") .excludePathPatterns("/webjars/**") .excludePathPatterns("/api/**"); // url权限拦截 registry.addInterceptor(suAuthorityInterceptor).addPathPatterns("/**/su/**"); //小程序公司与域名对应关系拦截 zq-erp/src/main/java/com/matrix/config/SwaggerConfig.java
New file @@ -0,0 +1,57 @@ package com.matrix.config; import io.swagger.annotations.Api; import org.springframework.beans.factory.annotation.Value; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; import org.springframework.boot.context.properties.ConfigurationProperties; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import springfox.documentation.builders.ApiInfoBuilder; import springfox.documentation.builders.ParameterBuilder; import springfox.documentation.builders.PathSelectors; import springfox.documentation.builders.RequestHandlerSelectors; import springfox.documentation.schema.ModelRef; import springfox.documentation.service.ApiInfo; import springfox.documentation.service.Parameter; import springfox.documentation.spi.DocumentationType; import springfox.documentation.spring.web.plugins.Docket; import springfox.documentation.swagger2.annotations.EnableSwagger2; import java.util.ArrayList; import java.util.List; /** * @Author wzy * @Date 2020/5/11 * @email wangdoubleone@gmail.com * @Version V1.0 **/ @Configuration @EnableSwagger2 public class SwaggerConfig { @Value("${swagger.enable}") private boolean swaggerEnable; @Bean public Docket createRestApi(){ // 添加请求参数,我们这里把token作为请求头部参数传入后端 ParameterBuilder parameterBuilder = new ParameterBuilder(); List<Parameter> parameters = new ArrayList<Parameter>(); parameterBuilder.name("Authorization").description("令牌").modelRef(new ModelRef("string")).parameterType("header") .required(false).build(); parameters.add(parameterBuilder.build()); return new Docket(DocumentationType.SWAGGER_2).apiInfo(apiInfo()).enable(swaggerEnable).select().apis(RequestHandlerSelectors.withClassAnnotation(Api.class)) .paths(PathSelectors.any()).build().globalOperationParameters(parameters); // .ignoredParameterTypes(MemberEntity.class); } private ApiInfo apiInfo(){ return new ApiInfoBuilder() .title("Hive") .description("This is a restful api document of Hive.") .version("1.0") .build(); } } zq-erp/src/main/java/com/matrix/core/exception/GlobalExceptionHandler.java
New file @@ -0,0 +1,34 @@ package com.matrix.core.exception; import com.matrix.core.pojo.AjaxResult; import org.springframework.validation.FieldError; import org.springframework.web.bind.MethodArgumentNotValidException; import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; import javax.validation.ValidationException; /** * @author wzy * @date 2020-05-08 15:40 **/ @RestControllerAdvice public class GlobalExceptionHandler { /** * 方法参数校验 * * @param e * @return */ @ExceptionHandler(value = {MethodArgumentNotValidException.class}) public AjaxResult handleException(MethodArgumentNotValidException e) { FieldError fieldError = e.getBindingResult().getFieldError(); if (fieldError != null) { return AjaxResult.buildFailInstance(fieldError.getDefaultMessage()); } else { return AjaxResult.buildFailInstance("参数校验失败"); } } } zq-erp/src/main/java/com/matrix/system/api/action/ApiCommonAction.java
New file @@ -0,0 +1,68 @@ package com.matrix.system.api.action; import com.alibaba.fastjson.JSONObject; import com.matrix.component.redis.RedisClient; import com.matrix.core.pojo.AjaxResult; import com.matrix.core.tools.UUIDUtil; import com.matrix.system.api.dto.LoginDto; import com.matrix.system.common.authority.DefaultAuthorityManager; import com.matrix.system.common.authority.strategy.AccountPasswordLogin; import com.matrix.system.common.authority.strategy.LoginStrategy; import com.matrix.system.common.bean.SysUsers; import com.matrix.system.common.service.SysUsersService; import com.matrix.system.hive.service.SysShopInfoService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; /** * @author wzy * @date 2020-12-21 **/ @Api(value = "CommonAction", tags = "手机端公共请求类(含登陆)") @RestController @RequestMapping(value = "/api/common") public class ApiCommonAction { @Autowired private SysUsersService sysUsersService; @Autowired private SysShopInfoService sysShopInfoService; @Autowired private DefaultAuthorityManager authorityManager; @Autowired private RedisClient redisClient; @ApiOperation(value = "登陆接口", notes = "手机端登陆接口") @PostMapping(value = "/login") public AjaxResult login(@RequestBody @Validated LoginDto loginDto) { SysUsers user = new SysUsers(); user.setSuAccount(loginDto.getUsername()); user.setSuPassword(loginDto.getPassword()); LoginStrategy apLogin = new AccountPasswordLogin(user, sysUsersService); user = authorityManager.login(apLogin); if(user.getShopId()!=null){ user.setShopName(sysShopInfoService.findById(user.getShopId()).getShopName()); } user.setSuPassword(null); String token = UUIDUtil.getRandomID(); redisClient.saveValue(token, JSONObject.toJSONString(user), 360000); redisClient.saveValue(user.getSuId().toString(), token, 3600000); AjaxResult result = new AjaxResult(); result.putInMap("user", user); result.setInfo("登陆成功 "); return result; } } zq-erp/src/main/java/com/matrix/system/api/action/TestAction.java
New file @@ -0,0 +1,24 @@ package com.matrix.system.api.action; import com.matrix.core.pojo.AjaxResult; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; /** * @author wzy * @date 2020-12-21 **/ @Api(value = "TestAction", tags = "测试类") @RestController @RequestMapping(value = "/api/test") public class TestAction { @ApiOperation(value = "测试请求", notes = "测试请求") @GetMapping(value = "/testQuery") public AjaxResult testQuery() { return null; } } zq-erp/src/main/java/com/matrix/system/api/action/UsersAction.java
New file @@ -0,0 +1,19 @@ package com.matrix.system.api.action; import io.swagger.annotations.Api; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; /** * @author wzy * @date 2020-12-21 **/ @Api(value = "UsersAction", tags = "用户中心接口类") @RestController @RequestMapping(value = "/api/user") public class UsersAction { } zq-erp/src/main/java/com/matrix/system/api/dto/LoginDto.java
New file @@ -0,0 +1,38 @@ package com.matrix.system.api.dto; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import javax.validation.constraints.NotBlank; /** * @author wzy * @date 2020-12-21 **/ @ApiModel(value = "LoginDto", description = "手机端登陆接收类") public class LoginDto { @ApiModelProperty(value = "用户名", example = "1234") @NotBlank(message = "用户名或密码错误") private String username; @ApiModelProperty(value = "密码", example = "123456") @NotBlank(message = "用户名或密码错误") private String password; public String getUsername() { return username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return password; } public void setPassword(String password) { this.password = password; } } zq-erp/src/main/java/com/matrix/system/common/interceptor/ApiUserLoginInterceptor.java
New file @@ -0,0 +1,113 @@ package com.matrix.system.common.interceptor; import com.alibaba.fastjson.JSONObject; import com.fasterxml.jackson.databind.ObjectMapper; import com.matrix.component.redis.RedisClient; import com.matrix.component.redis.RedisUserLoginUtils; import com.matrix.core.constance.MatrixConstance; import com.matrix.core.pojo.AjaxResult; import com.matrix.core.tools.LogUtil; import com.matrix.core.tools.RSAUtils; import com.matrix.core.tools.StringUtils; import com.matrix.system.common.bean.SysUsers; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import org.springframework.web.servlet.HandlerInterceptor; import org.springframework.web.servlet.ModelAndView; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * @author wzy * @date 2020-12-21 **/ @Component public class ApiUserLoginInterceptor implements HandlerInterceptor { @Autowired private RedisClient redisClient; @Value("${login_private_key}") private String privateKey; private final String TOKEN_HEADER = "Authorization"; private final String TOKEN_START_WITH = "Bearer "; @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { String token = resolveToken(request); AjaxResult ajaxResult = new AjaxResult(); ajaxResult.setStatus(AjaxResult.STATUS_LOGIN_INVALID); response.setCharacterEncoding("UTF-8"); response.setContentType("application/json; charset=utf-8"); if (StringUtils.isBlank(token)) { ajaxResult.setInfo("login time out"); response.getWriter().write(new ObjectMapper().writeValueAsString(ajaxResult)); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); return false; } String userStr = redisClient.getCachedValue(token); redisClient.resetExpire(token); if (StringUtils.isBlank(userStr)) { ajaxResult.setInfo("login time out"); response.getWriter().write(new ObjectMapper().writeValueAsString(ajaxResult)); response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); return false; } SysUsers sysUsers = JSONObject.parseObject(userStr, SysUsers.class); request.getSession().setAttribute(MatrixConstance.LOGIN_KEY, sysUsers); return true; } @Override public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception { request.getSession().removeAttribute(MatrixConstance.LOGIN_KEY); } @Override public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception { } /** * 解析token token_timestamp_url * * @param request * @return */ private String resolveToken(HttpServletRequest request) { String headToken = request.getHeader(TOKEN_HEADER); StringBuffer sb = request.getRequestURL(); if (StringUtils.isNotBlank(headToken) && headToken.startsWith(TOKEN_START_WITH)) { // 去掉令牌前缀 String rsaToken = headToken.replace(TOKEN_START_WITH, ""); try { String decryptTokten = new String(RSAUtils.decryptByPrivateKey(rsaToken, privateKey)); String[] s = decryptTokten.split("_"); if (s == null || s.length != 3) { return ""; } if (!sb.toString().equals(s[2])) { return ""; } return s[0]; } catch (Exception e) { LogUtil.info("#token解析错误:{}#", e); return ""; } } return ""; } } zq-erp/src/main/resources/config/application.properties
@@ -59,7 +59,7 @@ #定时任务 scheduling.enabled=false swagger.enable=false swagger.enable=true swagger.security.username=admin swagger.security.password=admin
@@ -57,4 +57,4 @@ #定时任务 scheduling.enabled=true swagger.enable=false swagger.enable=true
