spring boot 利用注解实现权限验证的实现代码

spring boot 利用注解实现权限验证的实现代码

这里使用 aop 来实现权限验证

引入依赖

org.springframework.boot

spring-boot-starter-aop

定义注解

package com.lmxdawn.api.admin.annotation;

import java.lang.annotation.ElementType;

import java.lang.annotation.Retention;

import java.lang.annotation.RetentionPolicy;

import java.lang.annotation.Target;

/**

* 后台登录授权/权限验证的注解

*/

//此注解只能修饰方法

@Target(ElementType.METHOD)

//当前注解如何去保持

@Retention(RetentionPolicy.RUNTIME)

public @interface AuthRuleAnnotation {

String value();

}

拦截实现登录和权限验证

package com.lmxdawn.api.admin.aspect;

import com.lmxdawn.api.admin.annotation.AuthRuleAnnotation;

import com.lmxdawn.api.admin.enums.ResultEnum;

import com.lmxdawn.api.admin.exception.jsonException;

import com.lmxdawn.api.admin.service.auth.AuthLoginService;

import com.lmxdawn.api.common.utils.JwtUtils;

import io.jsonwebtoken.Claims;

import lombok.extern.slf4j.Slf4j;

import org.aspectj.lang.JoinPoint;

import org.aspectj.lang.annotation.Aspect;

import org.aspectj.lang.annotation.Before;

import org.aspectj.lang.annotation.Pointcut;

import org.aspectj.lang.reflect.MethodSignature;

import org.springframework.stereotype.Component;

import org.springframework.web.context.request.RequestContextHolder;

import org.springframework.web.context.request.ServletRequestAttributes;

import javax.annotation.Resource;

import javax.servlet.http.HttpServletRequest;

import java.lang.reflect.Method;

import java.util.List;

/**

* 登录验证 AOP

*/

@Aspect

@Component

@Slf4j

public class AuthorizeAspect {

@Resource

private AuthLoginService authLoginService;

@Pointcut("@annotation(com.lmxdawn.api.admin.annotation.AuthRuleAnnotation)")

public void adminLoginVerify() {

}

/**

* 登录验证

*

* @param joinPoint

*/

@Before("adminLoginVerify()")

public void doAdminAuthVerify(JoinPoint joinPoint) {

ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();

if (attributes == null) {

throw new JsonException(ResultEnum.NOT_NETWORK);

}

HttpServletRequest request = attributes.getRequest();

String id = request.getHeader("X-Adminid");

Long adminId = Long.valueOf(id);

String token = request.getHeader("X-Token");

if (token == null) {

throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);

}

// 验证 token

Claims claims = JwtUtils.parse(token);

if (claims == null) {

throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);

}

Long jwtAdminId = Long.valueOf(claims.get("admin_id").toString());

if (adminId.compareTo(jwtAdminId) != 0) {

throw new JsonException(ResultEnum.LOGIN_VERIFY_FALL);

}

// 判断是否进行权限验证

MethodSignature signature = (MethodSignature) joinPoint.getSignature();

//从切面中获取当前方法

Method method = signature.getMethod();

//得到了方,提取出他的注解

AuthRuleAnnotation action = method.getAnnotation(AuthRuleAnnotation.class);

// 进行权限验证

authRuleVerify(action.value(), adminId);

}

/**

* 权限验证

*

* @param authRule

*/

private void authRuleVerify(String authRule, Long adminId) {

if (authRule != null && authRule.length() > 0) {

List authRules = authLoginService.listRuleByAdminId(adminId);

// admin 为最高权限

for (String item : authRules) {

if (item.equals("admin") || item.equals(authRule)) {

return;

}

}

throw new JsonException(ResultEnum.AUTH_FAILED);

}

}

}

Controller 中使用

使用 AuthRuleAnnotation 注解, value 值就是在数据库里面定义的 权限规则名称

/**

* 获取管理员列表

*/

@AuthRuleAnnotation("admin/auth/admin/index")

@GetMapping("/admin/auth/admin/index")

public ResultVO index(@Valid AuthAdminQueryForm authAdminQueryForm,

BindingResult bindingResult) {

if (bindingResult.hasErrors()) {

return ResultVOUtils.error(ResultEnum.PARAM_VERIFY_FALL, bindingResult.getFieldError().getDefaultMessage());

}

if (authAdminQueryForm.getRoleId() != null) {

List authRoleAdmins = authRoleAdminService.listByRoleId(authAdminQueryForm.getRoleId());

List ids = new ArrayList<>();

if (authRoleAdmins != null && !authRoleAdmins.isEmpty()) {

ids = authRoleAdmins.stream().map(AuthRoleAdmin::getAdminId).collect(Collectors.toList());

}

authAdminQueryForm.setIds(ids);

}

List authAdminList = authAdminServichttp://e.listAdminPage(authAdminQueryForm);

// 查询所有的权限

List adminIds = authAdminList.stream().map(AuthAdmin::getId).collect(Collectors.toList());

List authRoleAdminList = authRoleAdminService.listByAdminIdIn(adminIds);

// 视图列表

List authAdminVoList = authAdminList.stream().map(item -> {

AuthAdminVo authAdminVo = new AuthAdminVo();

BeanUtils.copyProperties(item, authAdminVo);

List roles = authRoleAdminList.stream()

http:// .filter(authRoleAdmin -> authAdminVo.getId().equals(authRoleAdmin.getAdminId()))

.map(AuthRoleAdmin::getRoleId)

.collect(Collectors.toList());

authAdminVo.setRoles(roles);

return authAdminVo;

}).collect(Collectors.toList());

PageInfo authAdminPageInfo = new PageInfo<>(authAdminList);

PageSimpleVO authAdminPageSimpleVO = new PageSimpleVO<>();

authAdminPageSimpleVO.setTotal(authAdminPageInfo.getTotal());

authAdminPageSimpleVO.setList(authAdminVoList);

return ResultVOUtils.success(authAdminPageSimpleVO);

}

相关地址

github 地址: https://github.com/lmxdawn/vue-admin-java

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。