From 3ff9f1b326bee8115467993e33a3f1cb3cf5879a Mon Sep 17 00:00:00 2001 From: YunaiV Date: Fri, 10 May 2019 01:11:25 +0800 Subject: [PATCH] =?UTF-8?q?-=20=E6=96=B0=E5=BB=BA=20mall-spring-boot=20?= =?UTF-8?q?=E9=A1=B9=E7=9B=AE=EF=BC=8C=E7=94=A8=E4=BA=8E=E6=8F=90=E4=BE=9B?= =?UTF-8?q?=E9=80=9A=E7=94=A8=E7=BB=84=E4=BB=B6=E7=9A=84=E8=87=AA=E5=8A=A8?= =?UTF-8?q?=E9=85=8D=E7=BD=AE=20-=20=E5=B0=81=E8=A3=85=20AdminMVCConfigura?= =?UTF-8?q?tion=20=E5=92=8C=20UserConfiguration=20=E7=BB=84=E4=BB=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- admin-web/src/utils/request.js | 3 +- common/mall-spring-boot/pom.xml | 37 +++++++++++ .../spring/boot/constant/RootRequestPath.java | 17 ++++++ .../boot/web/AdminMVCConfiguration.java | 49 +++++++++++++++ .../spring/boot/web/UserMVCConfiguration.java | 49 +++++++++++++++ .../main/resources/META-INF/spring.factories | 3 + .../application/config/MVCConfiguration.java | 17 +----- .../application/config/MVCConfiguration.java | 10 +-- .../application/config/MVCConfiguration.java | 8 --- .../application/config/MVCConfiguration.java | 8 --- .../application/config/MVCConfiguration.java | 8 --- system/system-application/pom.xml | 5 ++ .../application/config/MVCConfiguration.java | 61 ------------------- .../controller/admins/AdminController.java | 3 +- .../src/main/resources/application.yaml | 6 +- .../interceptor/AdminSecurityInterceptor.java | 5 +- user/user-application/pom.xml | 5 ++ .../user/application/UserApplication.java | 3 +- .../application/config/MVCConfiguration.java | 53 ---------------- 19 files changed, 180 insertions(+), 170 deletions(-) create mode 100644 common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/constant/RootRequestPath.java create mode 100644 common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/AdminMVCConfiguration.java create mode 100644 common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/UserMVCConfiguration.java create mode 100644 common/mall-spring-boot/src/main/resources/META-INF/spring.factories delete mode 100644 system/system-application/src/main/java/cn/iocoder/mall/admin/application/config/MVCConfiguration.java delete mode 100644 user/user-application/src/main/java/cn/iocoder/mall/user/application/config/MVCConfiguration.java diff --git a/admin-web/src/utils/request.js b/admin-web/src/utils/request.js index cafb0d772..21352fbf1 100644 --- a/admin-web/src/utils/request.js +++ b/admin-web/src/utils/request.js @@ -137,7 +137,8 @@ export default function request(url, option) { // 将登陆的 accessToken 放到 header const loginToken = getLoginToken(); - if (loginToken && loginToken.accessToken) { + if (loginToken && loginToken.accessToken + && url.indexOf('/passport/login') === -1) { // TODO 芋艿,临时这么加,可能不是很优雅 const headers = { ...newOptions.headers, Authorization: `Bearer ${loginToken.accessToken}`, diff --git a/common/mall-spring-boot/pom.xml b/common/mall-spring-boot/pom.xml index 4380c4a0c..0340ec1be 100644 --- a/common/mall-spring-boot/pom.xml +++ b/common/mall-spring-boot/pom.xml @@ -11,5 +11,42 @@ mall-spring-boot + + + cn.iocoder.mall + common-framework + 1.0-SNAPSHOT + + + + cn.iocoder.mall + system-sdk + 1.0-SNAPSHOT + true + + + cn.iocoder.mall + user-sdk + 1.0-SNAPSHOT + true + + + + org.springframework.boot + spring-boot-starter + + + + org.springframework + spring-webmvc + true + + + javax.servlet + servlet-api + true + + + diff --git a/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/constant/RootRequestPath.java b/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/constant/RootRequestPath.java new file mode 100644 index 000000000..7111b70fe --- /dev/null +++ b/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/constant/RootRequestPath.java @@ -0,0 +1,17 @@ +package cn.iocoder.mall.spring.boot.constant; + +/** + * 全局请求路径枚举类,用于定义不同用户类型的根请求路径 + */ +public interface RootRequestPath { + + /** + * 管理员 + */ + String ADMIN = "/admins"; + /** + * 用户 + */ + String USER = "/users"; + +} diff --git a/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/AdminMVCConfiguration.java b/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/AdminMVCConfiguration.java new file mode 100644 index 000000000..1e64ca1bc --- /dev/null +++ b/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/AdminMVCConfiguration.java @@ -0,0 +1,49 @@ +package cn.iocoder.mall.spring.boot.web; + +import cn.iocoder.mall.admin.sdk.interceptor.AdminAccessLogInterceptor; +import cn.iocoder.mall.admin.sdk.interceptor.AdminSecurityInterceptor; +import cn.iocoder.mall.spring.boot.constant.RootRequestPath; +import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.DispatcherServlet; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET) // TODO 芋艿,未来可能考虑 REACTIVE +@ConditionalOnClass({DispatcherServlet.class, WebMvcConfigurer.class, // 有 Spring MVC 容器 + AdminSecurityInterceptor.class, AdminAccessLogInterceptor.class}) // 有引入 system-sdk +public class AdminMVCConfiguration implements WebMvcConfigurer { + + @Bean + @ConditionalOnMissingBean(AdminSecurityInterceptor.class) + public AdminSecurityInterceptor adminSecurityInterceptor() { + return new AdminSecurityInterceptor(); + } + + @Bean + @ConditionalOnMissingBean(AdminAccessLogInterceptor.class) + public AdminAccessLogInterceptor adminAccessLogInterceptor() { + return new AdminAccessLogInterceptor(); + } + + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(adminAccessLogInterceptor()).addPathPatterns(RootRequestPath.ADMIN + "/**"); + registry.addInterceptor(adminSecurityInterceptor()).addPathPatterns(RootRequestPath.ADMIN + "/**"); + } + + @Override + public void addCorsMappings(CorsRegistry registry) { + registry.addMapping(RootRequestPath.USER + "/**") + .allowedOrigins("*") + .allowedMethods("*") + .allowedHeaders("*") + .allowCredentials(true).maxAge(1800); + } + +} diff --git a/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/UserMVCConfiguration.java b/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/UserMVCConfiguration.java new file mode 100644 index 000000000..8db827006 --- /dev/null +++ b/common/mall-spring-boot/src/main/java/cn/iocoder/mall/spring/boot/web/UserMVCConfiguration.java @@ -0,0 +1,49 @@ +package cn.iocoder.mall.spring.boot.web; + +import cn.iocoder.mall.spring.boot.constant.RootRequestPath; +import cn.iocoder.mall.user.sdk.interceptor.UserAccessLogInterceptor; +import cn.iocoder.mall.user.sdk.interceptor.UserSecurityInterceptor; +import org.springframework.boot.autoconfigure.condition.ConditionalOnClass; +import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean; +import org.springframework.boot.autoconfigure.condition.ConditionalOnWebApplication; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.DispatcherServlet; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +@ConditionalOnWebApplication(type = ConditionalOnWebApplication.Type.SERVLET) // TODO 芋艿,未来可能考虑 REACTIVE +@ConditionalOnClass({DispatcherServlet.class, WebMvcConfigurer.class, // 有 Spring MVC 容器 + UserSecurityInterceptor.class, UserAccessLogInterceptor.class}) // 有引入 system-sdk +public class UserMVCConfiguration implements WebMvcConfigurer { + + @Bean + @ConditionalOnMissingBean(UserAccessLogInterceptor.class) + public UserAccessLogInterceptor userAccessLogInterceptor() { + return new UserAccessLogInterceptor(); + } + + @Bean + @ConditionalOnMissingBean(UserSecurityInterceptor.class) + public UserSecurityInterceptor userSecurityInterceptor() { + return new UserSecurityInterceptor(); + } + + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(userAccessLogInterceptor()).addPathPatterns(RootRequestPath.USER + "/**"); + registry.addInterceptor(userSecurityInterceptor()).addPathPatterns(RootRequestPath.USER + "/**"); + } + + @Override + public void addCorsMappings(CorsRegistry registry) { + registry.addMapping(RootRequestPath.USER + "/**") + .allowedOrigins("*") + .allowedMethods("*") + .allowedHeaders("*") + .allowCredentials(true).maxAge(1800); + } + +} diff --git a/common/mall-spring-boot/src/main/resources/META-INF/spring.factories b/common/mall-spring-boot/src/main/resources/META-INF/spring.factories new file mode 100644 index 000000000..282e9e45a --- /dev/null +++ b/common/mall-spring-boot/src/main/resources/META-INF/spring.factories @@ -0,0 +1,3 @@ +org.springframework.boot.autoconfigure.EnableAutoConfiguration=\ + cn.iocoder.mall.spring.boot.web.AdminMVCConfiguration, \ + cn.iocoder.mall.spring.boot.web.UserMVCConfiguration diff --git a/order/order-application/src/main/java/cn/iocoder/mall/order/application/config/MVCConfiguration.java b/order/order-application/src/main/java/cn/iocoder/mall/order/application/config/MVCConfiguration.java index c7c372217..a6227a2e4 100644 --- a/order/order-application/src/main/java/cn/iocoder/mall/order/application/config/MVCConfiguration.java +++ b/order/order-application/src/main/java/cn/iocoder/mall/order/application/config/MVCConfiguration.java @@ -49,21 +49,6 @@ public class MVCConfiguration implements WebMvcConfigurer { return registrationBean; } -// @Override -// public void addViewControllers(ViewControllerRegistry registry) { -// registry.addRedirectViewController("/api/v2/api-docs", "/v2/api-docs"); -// registry.addRedirectViewController("/api/swagger-resources/configuration/ui", "/swagger-resources/configuration/ui"); -// registry.addRedirectViewController("/api/swagger-resources/configuration/security", "/swagger-resources/configuration/security"); -// registry.addRedirectViewController("/api/swagger-resources", "/swagger-resources"); -// } - - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - // 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决 - registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html"); - registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - // TODO 芋艿,允许跨域 @Override public void addCorsMappings(CorsRegistry registry) { @@ -72,4 +57,4 @@ public class MVCConfiguration implements WebMvcConfigurer { .allowedMethods("*") .allowedOrigins("*"); } -} \ No newline at end of file +} diff --git a/pay/pay-application/src/main/java/cn/iocoder/mall/pay/application/config/MVCConfiguration.java b/pay/pay-application/src/main/java/cn/iocoder/mall/pay/application/config/MVCConfiguration.java index d44bb4dcf..489a9c7b8 100644 --- a/pay/pay-application/src/main/java/cn/iocoder/mall/pay/application/config/MVCConfiguration.java +++ b/pay/pay-application/src/main/java/cn/iocoder/mall/pay/application/config/MVCConfiguration.java @@ -5,7 +5,6 @@ import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.web.servlet.config.annotation.CorsRegistry; import org.springframework.web.servlet.config.annotation.EnableWebMvc; -import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @EnableWebMvc @@ -28,13 +27,6 @@ public class MVCConfiguration implements WebMvcConfigurer { // .excludePathPatterns("/admins/passport/login"); // 排除登陆接口 // } - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - // 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决 - registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html"); - registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - // TODO 芋艿,允许跨域 @Override public void addCorsMappings(CorsRegistry registry) { @@ -44,4 +36,4 @@ public class MVCConfiguration implements WebMvcConfigurer { .allowedOrigins("*"); } -} \ No newline at end of file +} diff --git a/product/product-application/src/main/java/cn/iocoder/mall/product/application/config/MVCConfiguration.java b/product/product-application/src/main/java/cn/iocoder/mall/product/application/config/MVCConfiguration.java index 6af4471ff..0ef5dc96d 100644 --- a/product/product-application/src/main/java/cn/iocoder/mall/product/application/config/MVCConfiguration.java +++ b/product/product-application/src/main/java/cn/iocoder/mall/product/application/config/MVCConfiguration.java @@ -11,7 +11,6 @@ import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @EnableWebMvc @@ -32,13 +31,6 @@ public class MVCConfiguration implements WebMvcConfigurer { registry.addInterceptor(adminSecurityInterceptor).addPathPatterns("/admins/**"); } - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - // 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决 - registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html"); - registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - @Bean public FilterRegistrationBean corsFilter() { FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); diff --git a/promotion/promotion-application/src/main/java/cn/iocoder/mall/promotion/application/config/MVCConfiguration.java b/promotion/promotion-application/src/main/java/cn/iocoder/mall/promotion/application/config/MVCConfiguration.java index 3331c37ec..9295e9998 100644 --- a/promotion/promotion-application/src/main/java/cn/iocoder/mall/promotion/application/config/MVCConfiguration.java +++ b/promotion/promotion-application/src/main/java/cn/iocoder/mall/promotion/application/config/MVCConfiguration.java @@ -13,7 +13,6 @@ import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @EnableWebMvc @@ -46,13 +45,6 @@ public class MVCConfiguration implements WebMvcConfigurer { registry.addInterceptor(adminSecurityInterceptor).addPathPatterns("/admins/**"); } - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - // 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决 - registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html"); - registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - @Bean public FilterRegistrationBean corsFilter() { FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); diff --git a/search/search-application/src/main/java/cn/iocoder/mall/search/application/config/MVCConfiguration.java b/search/search-application/src/main/java/cn/iocoder/mall/search/application/config/MVCConfiguration.java index a6e4b7d13..3de69b226 100644 --- a/search/search-application/src/main/java/cn/iocoder/mall/search/application/config/MVCConfiguration.java +++ b/search/search-application/src/main/java/cn/iocoder/mall/search/application/config/MVCConfiguration.java @@ -8,7 +8,6 @@ import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Import; import org.springframework.web.servlet.config.annotation.EnableWebMvc; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @EnableWebMvc @@ -41,13 +40,6 @@ public class MVCConfiguration implements WebMvcConfigurer { // registry.addInterceptor(adminSecurityInterceptor).addPathPatterns("/admins/**"); } - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - // 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决 - registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html"); - registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - @Bean public FilterRegistrationBean corsFilter() { FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); diff --git a/system/system-application/pom.xml b/system/system-application/pom.xml index f7f088306..af0ef92ba 100644 --- a/system/system-application/pom.xml +++ b/system/system-application/pom.xml @@ -17,6 +17,11 @@ common-framework 1.0-SNAPSHOT + + cn.iocoder.mall + mall-spring-boot + 1.0-SNAPSHOT + cn.iocoder.mall diff --git a/system/system-application/src/main/java/cn/iocoder/mall/admin/application/config/MVCConfiguration.java b/system/system-application/src/main/java/cn/iocoder/mall/admin/application/config/MVCConfiguration.java deleted file mode 100644 index 7290c8ae5..000000000 --- a/system/system-application/src/main/java/cn/iocoder/mall/admin/application/config/MVCConfiguration.java +++ /dev/null @@ -1,61 +0,0 @@ -package cn.iocoder.mall.admin.application.config; - -import cn.iocoder.common.framework.config.GlobalExceptionHandler; -import cn.iocoder.common.framework.servlet.CorsFilter; -import cn.iocoder.mall.admin.sdk.interceptor.AdminAccessLogInterceptor; -import cn.iocoder.mall.admin.sdk.interceptor.AdminSecurityInterceptor; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.beans.factory.annotation.Value; -import org.springframework.boot.web.servlet.FilterRegistrationBean; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.web.servlet.config.annotation.EnableWebMvc; -import org.springframework.web.servlet.config.annotation.InterceptorRegistry; -import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; -import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; - -import java.util.Set; - -@EnableWebMvc -@Configuration -@Import(value = {GlobalExceptionHandler.class, // 统一全局返回 - AdminAccessLogInterceptor.class, - AdminSecurityInterceptor.class -}) -public class MVCConfiguration implements WebMvcConfigurer { - -// @Autowired -// private UserSecurityInterceptor securityInterceptor; - - @Autowired - private AdminSecurityInterceptor adminSecurityInterceptor; - @Autowired - private AdminAccessLogInterceptor adminAccessLogInterceptor; - - @Value("${auth.ignore-urls}") - private Set ignoreUrls; - - @Override - public void addInterceptors(InterceptorRegistry registry) { - registry.addInterceptor(adminAccessLogInterceptor).addPathPatterns("/admins/**"); - registry.addInterceptor(adminSecurityInterceptor.setIgnoreUrls(ignoreUrls)).addPathPatterns("/admins/**") - .excludePathPatterns("/admins/passport/login"); // 排除登陆接口 - } - - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - // 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决 - registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html"); - registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - - @Bean - public FilterRegistrationBean corsFilter() { - FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); - registrationBean.setFilter(new CorsFilter()); - registrationBean.addUrlPatterns("/*"); - return registrationBean; - } - -} diff --git a/system/system-application/src/main/java/cn/iocoder/mall/admin/application/controller/admins/AdminController.java b/system/system-application/src/main/java/cn/iocoder/mall/admin/application/controller/admins/AdminController.java index 11f1c10a3..98b0c1a09 100644 --- a/system/system-application/src/main/java/cn/iocoder/mall/admin/application/controller/admins/AdminController.java +++ b/system/system-application/src/main/java/cn/iocoder/mall/admin/application/controller/admins/AdminController.java @@ -18,6 +18,7 @@ import cn.iocoder.mall.admin.application.vo.AdminPageVO; import cn.iocoder.mall.admin.application.vo.AdminRoleVO; import cn.iocoder.mall.admin.application.vo.AdminVO; import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder; +import cn.iocoder.mall.spring.boot.constant.RootRequestPath; import io.swagger.annotations.Api; import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; @@ -29,7 +30,7 @@ import java.util.*; import java.util.stream.Collectors; @RestController -@RequestMapping("admins/admin") +@RequestMapping(RootRequestPath.ADMIN + "/admin") @Api("管理员模块") public class AdminController { diff --git a/system/system-application/src/main/resources/application.yaml b/system/system-application/src/main/resources/application.yaml index b17cc27bc..64e0fd5e4 100644 --- a/system/system-application/src/main/resources/application.yaml +++ b/system/system-application/src/main/resources/application.yaml @@ -8,9 +8,9 @@ server: servlet: context-path: /admin-api/ -# auth -auth: - ignore-urls: /admin-api/admins/admin/passport/login, /admin-api/admins/file/get_qiniu_token +admins: + security: + ignore_urls: /admin-api/admins/passport/login, /admin-api/admins/file/get_qiniu_token # qiniu qiniu: diff --git a/system/system-sdk/src/main/java/cn/iocoder/mall/admin/sdk/interceptor/AdminSecurityInterceptor.java b/system/system-sdk/src/main/java/cn/iocoder/mall/admin/sdk/interceptor/AdminSecurityInterceptor.java index 9c2d7c894..d28c2d220 100644 --- a/system/system-sdk/src/main/java/cn/iocoder/mall/admin/sdk/interceptor/AdminSecurityInterceptor.java +++ b/system/system-sdk/src/main/java/cn/iocoder/mall/admin/sdk/interceptor/AdminSecurityInterceptor.java @@ -9,6 +9,7 @@ import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum; import cn.iocoder.mall.admin.sdk.context.AdminSecurityContext; import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder; import org.apache.dubbo.config.annotation.Reference; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; @@ -24,9 +25,11 @@ public class AdminSecurityInterceptor extends HandlerInterceptorAdapter { @Reference(validation = "true", version = "${dubbo.consumer.OAuth2Service.version:1.0.0}") private OAuth2Service oauth2Service; + /** * 忽略的 URL 集合,即无需经过认证 */ + @Value("${admins.security.ignore_url:#{null}}") private Set ignoreUrls; public AdminSecurityInterceptor setIgnoreUrls(Set ignoreUrls) { @@ -67,7 +70,7 @@ public class AdminSecurityInterceptor extends HandlerInterceptorAdapter { } // 校验是否需要已授权 // TODO sin 暂时不校验 - checkPermission(request, authentication); + // checkPermission(request, authentication); // 返回成功 return super.preHandle(request, response, handler); } diff --git a/user/user-application/pom.xml b/user/user-application/pom.xml index a5c30cc79..9729b5055 100644 --- a/user/user-application/pom.xml +++ b/user/user-application/pom.xml @@ -21,6 +21,11 @@ common-framework 1.0-SNAPSHOT + + cn.iocoder.mall + mall-spring-boot + 1.0-SNAPSHOT + cn.iocoder.mall diff --git a/user/user-application/src/main/java/cn/iocoder/mall/user/application/UserApplication.java b/user/user-application/src/main/java/cn/iocoder/mall/user/application/UserApplication.java index bb91d4848..65d42497e 100644 --- a/user/user-application/src/main/java/cn/iocoder/mall/user/application/UserApplication.java +++ b/user/user-application/src/main/java/cn/iocoder/mall/user/application/UserApplication.java @@ -2,6 +2,7 @@ package cn.iocoder.mall.user.application; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.web.servlet.config.annotation.EnableWebMvc; @SpringBootApplication(scanBasePackages = {"cn.iocoder.mall.user"}) public class UserApplication { @@ -10,4 +11,4 @@ public class UserApplication { SpringApplication.run(UserApplication.class, args); } -} \ No newline at end of file +} diff --git a/user/user-application/src/main/java/cn/iocoder/mall/user/application/config/MVCConfiguration.java b/user/user-application/src/main/java/cn/iocoder/mall/user/application/config/MVCConfiguration.java deleted file mode 100644 index feb538832..000000000 --- a/user/user-application/src/main/java/cn/iocoder/mall/user/application/config/MVCConfiguration.java +++ /dev/null @@ -1,53 +0,0 @@ -package cn.iocoder.mall.user.application.config; - -import cn.iocoder.common.framework.config.GlobalExceptionHandler; -import cn.iocoder.common.framework.servlet.CorsFilter; -import cn.iocoder.mall.admin.sdk.interceptor.AdminSecurityInterceptor; -import cn.iocoder.mall.user.sdk.interceptor.UserAccessLogInterceptor; -import cn.iocoder.mall.user.sdk.interceptor.UserSecurityInterceptor; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.boot.web.servlet.FilterRegistrationBean; -import org.springframework.context.annotation.Bean; -import org.springframework.context.annotation.Configuration; -import org.springframework.context.annotation.Import; -import org.springframework.web.servlet.config.annotation.*; - -@EnableWebMvc -@Configuration -@Import(value = {GlobalExceptionHandler.class, // 统一全局返回 - UserSecurityInterceptor.class, UserAccessLogInterceptor.class, - AdminSecurityInterceptor.class}) // 安全拦截器,实现认证和授权功能。 -public class MVCConfiguration implements WebMvcConfigurer { - - @Autowired - private UserSecurityInterceptor userSecurityInterceptor; - @Autowired - private UserAccessLogInterceptor userAccessLogInterceptor; - @Autowired - private AdminSecurityInterceptor adminSecurityInterceptor; - - @Override - public void addInterceptors(InterceptorRegistry registry) { - // 用户 - registry.addInterceptor(userAccessLogInterceptor).addPathPatterns("/users/**"); - registry.addInterceptor(userSecurityInterceptor).addPathPatterns("/users/**"); // 只拦截我们定义的接口 - // 管理员 - registry.addInterceptor(adminSecurityInterceptor).addPathPatterns("/admins/**"); // 只拦截我们定义的接口 - } - - @Override - public void addResourceHandlers(ResourceHandlerRegistry registry) { - // 解决 swagger-ui.html 的访问,参考自 https://stackoverflow.com/questions/43545540/swagger-ui-no-mapping-found-for-http-request 解决 - registry.addResourceHandler("swagger-ui.html**").addResourceLocations("classpath:/META-INF/resources/swagger-ui.html"); - registry.addResourceHandler("webjars/**").addResourceLocations("classpath:/META-INF/resources/webjars/"); - } - - @Bean - public FilterRegistrationBean corsFilter() { - FilterRegistrationBean registrationBean = new FilterRegistrationBean<>(); - registrationBean.setFilter(new CorsFilter()); - registrationBean.addUrlPatterns("/*"); - return registrationBean; - } - -}