template
/
template_service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

refactor(admin): 重构管理员认证逻辑 

- 新增 AdminAuthController 专门处理认证相关接口
- 重写管理员登录和 token 刷新逻辑
- 更新 JwtAuthenticationFilter 中的白名单路径- 调整 SecurityConfig 中的认证规则
- 删除 AdminMainController 类
This commit is contained in:
FalingCliff 2025-05-25 16:11:25 +08:00
parent 58907afa11
commit 3caf9e468b
6 changed files with 105 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/com/example/admin_server/config/SecurityConfig.java
View File

@ -44,7 +44,7 @@ public class SecurityConfig {
"/swagger-ui/**",
"/v3/api-docs/**",
"/api/public/**",
"/api/admin/login",
"/api/admin/auth/login",
"/api/client/wx/login"
).permitAll()
.antMatchers("/api/admin/**").authenticated()

97
src/main/java/com/example/admin_server/controller/admin/AdminAuthController.java Normal file
View File

@ -0,0 +1,97 @@
package com.example.admin_server.controller.admin;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.example.admin_server.common.Result;
import com.example.admin_server.enums.ResultCode;
import com.example.admin_server.mapper.AdminMapper;
import com.example.admin_server.model.dto.LoginDto;
import com.example.admin_server.model.entity.Admin;
import com.example.admin_server.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import org.springframework.util.DigestUtils;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
@RestController
@RequestMapping("/api/admin/auth")
@RequiredArgsConstructor
@Api(tags = {"管理员认证接口"})
public class AdminAuthController {
private final AdminMapper adminMapper;
private final JwtUtil jwtUtil;
@PostMapping("/login")
@ApiOperation("管理员登录")
public Result<?> login(@RequestBody LoginDto request) {
Admin admin = adminMapper.selectOne(
new QueryWrapper<Admin>().eq("username", request.getUsername())
);
if (admin == null) {
return Result.of(ResultCode.UNAUTHORIZED, "用户不存在");
}
String inputPassword = DigestUtils.md5DigestAsHex(request.getPassword().getBytes());
if (!admin.getPassword().equals(inputPassword)) {
return Result.of(ResultCode.UNAUTHORIZED, "密码错误");
}
if (admin.getStatus() == 0) {
return Result.of(ResultCode.FAIL, "账号已禁用");
}
// JWT Claims
Map<String, Object> claims = new HashMap<>();
claims.put("id", admin.getId());
claims.put("username", admin.getUsername());
claims.put("isSuper", admin.getIsSuper());
// Token RefreshToken
return getResult(claims);
}
@PostMapping("/refreshToken")
@ApiOperation("刷新 Token")
public Result<?> refreshToken(@RequestBody Map<String, String> request) {
String refreshToken = request.get("refreshToken");
if (!StringUtils.hasText(refreshToken)) {
return Result.of(ResultCode.UNAUTHORIZED, "缺少 refreshToken");
}
Optional<Claims> claimsOpt = jwtUtil.parseToken(refreshToken);
if (!claimsOpt.isPresent() || jwtUtil.isTokenExpired(refreshToken)) {
return Result.of(ResultCode.UNAUTHORIZED, "refreshToken 无效或已过期");
}
Claims claims = claimsOpt.get();
Map<String, Object> data = new HashMap<>();
data.put("id", claims.get("id"));
data.put("username", claims.get("username"));
data.put("isSuper", claims.get("isSuper"));
return getResult(data);
}
private Result<?> getResult(Map<String, Object> data) {
String newToken = jwtUtil.generateToken(data);
String newRefreshToken = jwtUtil.generateRefreshToken(data);
Map<String, String> tokenMap = new HashMap<>();
tokenMap.put("token", newToken);
tokenMap.put("refreshToken", newRefreshToken);
return Result.ok("请求成功", tokenMap);
}
}

47
src/main/java/com/example/admin_server/controller/admin/AdminController.java
View File

@ -1,60 +1,13 @@
package com.example.admin_server.controller.admin;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.example.admin_server.common.Result;
import com.example.admin_server.enums.ResultCode;
import com.example.admin_server.mapper.AdminMapper;
import com.example.admin_server.model.dto.LoginDto;
import com.example.admin_server.model.entity.Admin;
import com.example.admin_server.utils.JwtUtil;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import java.util.HashMap;
import java.util.Map;
@RestController
@RequestMapping("/api/admin")
@RequiredArgsConstructor
@Api(tags = {"管理员接口"})
public class AdminController {
private final AdminMapper adminMapper;
private final JwtUtil jwtUtil;
@PostMapping("/auth/login")
@ApiOperation(value = "管理员登陆")
public Result<?> login(@RequestBody LoginDto request) {
Admin admin = adminMapper.selectOne(new QueryWrapper<Admin>()
.eq("username", request.getUsername()));
if (admin == null) {
return Result.of(ResultCode.UNAUTHORIZED, "用户不存在");
}
String inputPassword = DigestUtils.md5DigestAsHex(request.getPassword().getBytes());
System.out.println(inputPassword);
if (!admin.getPassword().equals(inputPassword)) {
return Result.of(ResultCode.UNAUTHORIZED, "密码错误");
}
if (admin.getStatus() == 0) {
return Result.of(ResultCode.FAIL, "账号已禁用");
}
Map<String, Object> claims = new HashMap<>();
claims.put("id", admin.getId());
claims.put("username", admin.getUsername());
claims.put("isSuper", admin.getIsSuper());
String token = jwtUtil.generateToken(claims);
return Result.ok(token);
}
}

24
src/main/java/com/example/admin_server/controller/admin/AdminMainController.java
View File

@ -1,24 +0,0 @@
package com.example.admin_server.controller.admin;
import com.example.admin_server.config.AppConfig;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.RequiredArgsConstructor;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/api/admin")
@Api(tags = {"AdminMain"})
@RequiredArgsConstructor
public class AdminMainController {
private final AppConfig appConfig;
@GetMapping("/welcome")
@ApiOperation(value = "Hello admin")
public String welcome() {
return "Hello admin" + appConfig.getEnvName();
}
}

6
src/main/java/com/example/admin_server/filter/JwtAuthenticationFilter.java
View File

@ -28,9 +28,9 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
private static final Set<String> WHITELIST = new HashSet<>();
static {
WHITELIST.add("/api/admin/login");
WHITELIST.add("/api/client/login");
WHITELIST.add("/api/employee/login");
WHITELIST.add("/api/admin/auth/login");
WHITELIST.add("/api/client/auth/login");
WHITELIST.add("/api/employee/auth/login");
WHITELIST.add("/api/client/wx/login");
}

4
src/main/java/com/example/admin_server/utils/JwtUtil.java
View File

@ -60,4 +60,8 @@ public class JwtUtil {
.map(c -> c.getExpiration().before(new Date()))
.orElse(true);
}
public String generateRefreshToken(Map<String, Object> claims) {
return generateToken(claims);
}
}