登陆模块重构

base/common-security/src/main/java/com.yihu.base.security/SercurityConfig.java

@@ -1,5 +1,6 @@
package com.yihu.base.security;
import com.yihu.base.security.rbas.provider.DefaultRbasService;
import com.yihu.base.security.sms.sender.DefaultSmsCodeSender;
import org.springframework.boot.autoconfigure.condition.ConditionalOnMissingBean;
import org.springframework.context.annotation.Bean;
@@ -22,4 +23,11 @@ public class SercurityConfig {
    public DefaultSmsCodeSender defaultSmsCodeSender() {
        return new DefaultSmsCodeSender();
    }
    @Bean
    @ConditionalOnMissingBean
    public DefaultRbasService rasService() {
        return new DefaultRbasService();
    }
}

base/common-security/src/main/java/com.yihu.base.security/config/ResourceServerConfig.java

@@ -1,7 +1,6 @@
package com.yihu.base.security.config;
import com.yihu.base.security.properties.SecurityProperties;
import com.yihu.base.security.rbas.IRbasService;
import com.yihu.base.security.rbas.provider.AuthorizeConfigProviderManager;
import com.yihu.base.security.sms.SmsCodeAuthenticationSecurityConfig;
import org.springframework.beans.factory.annotation.Autowired;

base/common-security/src/main/java/com.yihu.base.security/rbas/IRbasService.java

@@ -1,5 +1,6 @@
package com.yihu.base.security.rbas;
import org.springframework.security.core.Authentication;
import javax.servlet.http.HttpServletRequest;

base/common-security/src/main/java/com.yihu.base.security/rbas/provider/DefaultRbasService.java

@@ -0,0 +1,29 @@
package com.yihu.base.security.rbas.provider;
import com.yihu.base.security.rbas.IRbasService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;
import org.springframework.util.AntPathMatcher;
import javax.servlet.http.HttpServletRequest;
import java.util.HashSet;
import java.util.Set;
/**
 * Created by chenweida on 2017/12/5.
 * 判断用户是否有权限访问该路径
 */
public class DefaultRbasService implements IRbasService {
    private Logger logger = LoggerFactory.getLogger(DefaultRbasService.class);
    @Override
    public Boolean hasPerssion(HttpServletRequest request, Authentication authentication) {
        logger.info("默认的角色DefaultRbasService,默认是true");
        return true;
    }
}

base/common-security/src/main/java/com.yihu.base.security/rbas/provider/RbasAuthorizeConfigProvider.java

@@ -15,6 +15,6 @@ public class RbasAuthorizeConfigProvider implements AuthorizeConfigProvider {
    @Override
    public void condfig(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry config) {
        // config.anyRequest().access("@rbasService.hasPerssion(request,authentication)");
        config.anyRequest().access("@rbasbean.hello()");
        //config.anyRequest().access("@rbasService.hasPerssion(request,authentication)");
    }
}

svr/svr-demo/src/main/java/com/yihu/jw/service/RbasService.java

@@ -15,7 +15,7 @@ import java.util.Set;
 * Created by chenweida on 2017/12/5.
 * 判断用户是否有权限访问该路径
 */
@Component("rbasbean")
@Service("rbasService")
public class RbasService implements IRbasService {
    private AntPathMatcher antPathMatcher = new AntPathMatcher();