From 3caf9e468b28325ad18d6c951999ba98d21375e6 Mon Sep 17 00:00:00 2001 From: FalingCliff Date: Sun, 25 May 2025 16:11:25 +0800 Subject: [PATCH] =?UTF-8?q?refactor(admin):=20=E9=87=8D=E6=9E=84=E7=AE=A1?= =?UTF-8?q?=E7=90=86=E5=91=98=E8=AE=A4=E8=AF=81=E9=80=BB=E8=BE=91?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 新增 AdminAuthController 专门处理认证相关接口 - 重写管理员登录和 token 刷新逻辑 - 更新 JwtAuthenticationFilter 中的白名单路径- 调整 SecurityConfig 中的认证规则 - 删除 AdminMainController 类 --- .../admin_server/config/SecurityConfig.java | 2 +- .../controller/admin/AdminAuthController.java | 97 +++++++++++++++++++ .../controller/admin/AdminController.java | 47 --------- .../controller/admin/AdminMainController.java | 24 ----- .../filter/JwtAuthenticationFilter.java | 6 +- .../example/admin_server/utils/JwtUtil.java | 4 + 6 files changed, 105 insertions(+), 75 deletions(-) create mode 100644 src/main/java/com/example/admin_server/controller/admin/AdminAuthController.java delete mode 100644 src/main/java/com/example/admin_server/controller/admin/AdminMainController.java diff --git a/src/main/java/com/example/admin_server/config/SecurityConfig.java b/src/main/java/com/example/admin_server/config/SecurityConfig.java index ad68c24..70dd15e 100644 --- a/src/main/java/com/example/admin_server/config/SecurityConfig.java +++ b/src/main/java/com/example/admin_server/config/SecurityConfig.java @@ -44,7 +44,7 @@ public class SecurityConfig { "/swagger-ui/**", "/v3/api-docs/**", "/api/public/**", - "/api/admin/login", + "/api/admin/auth/login", "/api/client/wx/login" ).permitAll() .antMatchers("/api/admin/**").authenticated() diff --git a/src/main/java/com/example/admin_server/controller/admin/AdminAuthController.java b/src/main/java/com/example/admin_server/controller/admin/AdminAuthController.java new file mode 100644 index 0000000..1655c88 --- /dev/null +++ b/src/main/java/com/example/admin_server/controller/admin/AdminAuthController.java @@ -0,0 +1,97 @@ +package com.example.admin_server.controller.admin; + +import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; +import com.example.admin_server.common.Result; +import com.example.admin_server.enums.ResultCode; +import com.example.admin_server.mapper.AdminMapper; +import com.example.admin_server.model.dto.LoginDto; +import com.example.admin_server.model.entity.Admin; +import com.example.admin_server.utils.JwtUtil; +import io.jsonwebtoken.Claims; +import io.swagger.annotations.Api; +import io.swagger.annotations.ApiOperation; +import lombok.RequiredArgsConstructor; +import org.springframework.util.DigestUtils; +import org.springframework.util.StringUtils; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.util.HashMap; +import java.util.Map; +import java.util.Optional; + +@RestController +@RequestMapping("/api/admin/auth") +@RequiredArgsConstructor +@Api(tags = {"管理员认证接口"}) +public class AdminAuthController { + + private final AdminMapper adminMapper; + private final JwtUtil jwtUtil; + + @PostMapping("/login") + @ApiOperation("管理员登录") + public Result login(@RequestBody LoginDto request) { + Admin admin = adminMapper.selectOne( + new QueryWrapper().eq("username", request.getUsername()) + ); + + if (admin == null) { + return Result.of(ResultCode.UNAUTHORIZED, "用户不存在"); + } + + String inputPassword = DigestUtils.md5DigestAsHex(request.getPassword().getBytes()); + if (!admin.getPassword().equals(inputPassword)) { + return Result.of(ResultCode.UNAUTHORIZED, "密码错误"); + } + + if (admin.getStatus() == 0) { + return Result.of(ResultCode.FAIL, "账号已禁用"); + } + + // JWT Claims + Map claims = new HashMap<>(); + claims.put("id", admin.getId()); + claims.put("username", admin.getUsername()); + claims.put("isSuper", admin.getIsSuper()); + + // Token 与 RefreshToken + return getResult(claims); + } + + @PostMapping("/refreshToken") + @ApiOperation("刷新 Token") + public Result refreshToken(@RequestBody Map request) { + String refreshToken = request.get("refreshToken"); + + if (!StringUtils.hasText(refreshToken)) { + return Result.of(ResultCode.UNAUTHORIZED, "缺少 refreshToken"); + } + + Optional claimsOpt = jwtUtil.parseToken(refreshToken); + if (!claimsOpt.isPresent() || jwtUtil.isTokenExpired(refreshToken)) { + return Result.of(ResultCode.UNAUTHORIZED, "refreshToken 无效或已过期"); + } + + Claims claims = claimsOpt.get(); + Map data = new HashMap<>(); + data.put("id", claims.get("id")); + data.put("username", claims.get("username")); + data.put("isSuper", claims.get("isSuper")); + + return getResult(data); + } + + private Result getResult(Map data) { + String newToken = jwtUtil.generateToken(data); + String newRefreshToken = jwtUtil.generateRefreshToken(data); + + Map tokenMap = new HashMap<>(); + tokenMap.put("token", newToken); + tokenMap.put("refreshToken", newRefreshToken); + + return Result.ok("请求成功", tokenMap); + } +} diff --git a/src/main/java/com/example/admin_server/controller/admin/AdminController.java b/src/main/java/com/example/admin_server/controller/admin/AdminController.java index b9b316e..f6a653e 100644 --- a/src/main/java/com/example/admin_server/controller/admin/AdminController.java +++ b/src/main/java/com/example/admin_server/controller/admin/AdminController.java @@ -1,60 +1,13 @@ package com.example.admin_server.controller.admin; -import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; -import com.example.admin_server.common.Result; -import com.example.admin_server.enums.ResultCode; -import com.example.admin_server.mapper.AdminMapper; -import com.example.admin_server.model.dto.LoginDto; -import com.example.admin_server.model.entity.Admin; -import com.example.admin_server.utils.JwtUtil; import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; import lombok.RequiredArgsConstructor; -import org.springframework.util.DigestUtils; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; -import java.util.HashMap; -import java.util.Map; - @RestController @RequestMapping("/api/admin") @RequiredArgsConstructor @Api(tags = {"管理员接口"}) public class AdminController { - - private final AdminMapper adminMapper; - private final JwtUtil jwtUtil; - - @PostMapping("/auth/login") - @ApiOperation(value = "管理员登陆") - public Result login(@RequestBody LoginDto request) { - Admin admin = adminMapper.selectOne(new QueryWrapper() - .eq("username", request.getUsername())); - - if (admin == null) { - return Result.of(ResultCode.UNAUTHORIZED, "用户不存在"); - } - - String inputPassword = DigestUtils.md5DigestAsHex(request.getPassword().getBytes()); - System.out.println(inputPassword); - if (!admin.getPassword().equals(inputPassword)) { - return Result.of(ResultCode.UNAUTHORIZED, "密码错误"); - } - - if (admin.getStatus() == 0) { - return Result.of(ResultCode.FAIL, "账号已禁用"); - } - - Map claims = new HashMap<>(); - claims.put("id", admin.getId()); - claims.put("username", admin.getUsername()); - claims.put("isSuper", admin.getIsSuper()); - - String token = jwtUtil.generateToken(claims); - return Result.ok(token); - } - } diff --git a/src/main/java/com/example/admin_server/controller/admin/AdminMainController.java b/src/main/java/com/example/admin_server/controller/admin/AdminMainController.java deleted file mode 100644 index cdef859..0000000 --- a/src/main/java/com/example/admin_server/controller/admin/AdminMainController.java +++ /dev/null @@ -1,24 +0,0 @@ -package com.example.admin_server.controller.admin; - -import com.example.admin_server.config.AppConfig; -import io.swagger.annotations.Api; -import io.swagger.annotations.ApiOperation; -import lombok.RequiredArgsConstructor; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; - -@RestController -@RequestMapping("/api/admin") -@Api(tags = {"AdminMain"}) -@RequiredArgsConstructor -public class AdminMainController { - - private final AppConfig appConfig; - - @GetMapping("/welcome") - @ApiOperation(value = "Hello admin") - public String welcome() { - return "Hello admin" + appConfig.getEnvName(); - } -} diff --git a/src/main/java/com/example/admin_server/filter/JwtAuthenticationFilter.java b/src/main/java/com/example/admin_server/filter/JwtAuthenticationFilter.java index 980059c..70e320e 100644 --- a/src/main/java/com/example/admin_server/filter/JwtAuthenticationFilter.java +++ b/src/main/java/com/example/admin_server/filter/JwtAuthenticationFilter.java @@ -28,9 +28,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { private static final Set WHITELIST = new HashSet<>(); static { - WHITELIST.add("/api/admin/login"); - WHITELIST.add("/api/client/login"); - WHITELIST.add("/api/employee/login"); + WHITELIST.add("/api/admin/auth/login"); + WHITELIST.add("/api/client/auth/login"); + WHITELIST.add("/api/employee/auth/login"); WHITELIST.add("/api/client/wx/login"); } diff --git a/src/main/java/com/example/admin_server/utils/JwtUtil.java b/src/main/java/com/example/admin_server/utils/JwtUtil.java index 8ef93e6..2772caf 100644 --- a/src/main/java/com/example/admin_server/utils/JwtUtil.java +++ b/src/main/java/com/example/admin_server/utils/JwtUtil.java @@ -60,4 +60,8 @@ public class JwtUtil { .map(c -> c.getExpiration().before(new Date())) .orElse(true); } + + public String generateRefreshToken(Map claims) { + return generateToken(claims); + } }