♻️ Refactoring code. 重构 PasswordDecoderFilter ValidateCodeFilter 代码至 …

…pig-auth 模块简化网关逻辑
pig-mesh · Apr 7, 2024 · 0e90c12 · 0e90c12
1 parent a5125ed
commit 0e90c12
Show file tree

Hide file tree

Showing 5 changed files with 52 additions and 57 deletions.
diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/WebSecurityConfiguration.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/config/WebSecurityConfiguration.java
@@ -33,48 +33,50 @@
 @EnableWebSecurity
 public class WebSecurityConfiguration {
 
-	/**
-	 * spring security 默认的安全策略
-	 * @param http security注入点
-	 * @return SecurityFilterChain
-	 * @throws Exception
-	 */
-	@Bean
-	SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
-		http.authorizeRequests(authorizeRequests -> authorizeRequests.antMatchers("/token/*")
-			.permitAll()// 开放自定义的部分端点
-			.anyRequest()
-			.authenticated())
-			.headers()
-			.frameOptions()
-			.sameOrigin()// 避免iframe同源无法登录
-			.and()
-			.apply(new FormIdentityLoginConfigurer()); // 表单登录个性化
-		// 处理 UsernamePasswordAuthenticationToken
-		http.authenticationProvider(new PigDaoAuthenticationProvider());
-		return http.build();
-	}
+    /**
+     * spring security 默认的安全策略
+     *
+     * @param http security注入点
+     * @return SecurityFilterChain
+     * @throws Exception
+     */
+    @Bean
+    SecurityFilterChain defaultSecurityFilterChain(HttpSecurity http) throws Exception {
+        http.authorizeRequests(authorizeRequests -> authorizeRequests.antMatchers("/token/*")
+                        .permitAll()// 开放自定义的部分端点
+                        .anyRequest()
+                        .authenticated())
+                .headers()
+                .frameOptions()
+                .sameOrigin()// 避免iframe同源无法登录
+                .and()
+                .apply(new FormIdentityLoginConfigurer()); // 表单登录个性化
+        // 处理 UsernamePasswordAuthenticationToken
+        http.authenticationProvider(new PigDaoAuthenticationProvider());
+        return http.build();
+    }
 
-	/**
-	 * 暴露静态资源
-	 *
-	 * https://github.com/spring-projects/spring-security/issues/10938
-	 * @param http
-	 * @return
-	 * @throws Exception
-	 */
-	@Bean
-	@Order(0)
-	SecurityFilterChain resources(HttpSecurity http) throws Exception {
-		http.requestMatchers((matchers) -> matchers.antMatchers("/actuator/**", "/css/**", "/error"))
-			.authorizeHttpRequests((authorize) -> authorize.anyRequest().permitAll())
-			.requestCache()
-			.disable()
-			.securityContext()
-			.disable()
-			.sessionManagement()
-			.disable();
-		return http.build();
-	}
+    /**
+     * 暴露静态资源
+     * <p>
+     * https://github.com/spring-projects/spring-security/issues/10938
+     *
+     * @param http
+     * @return
+     * @throws Exception
+     */
+    @Bean
+    @Order(0)
+    SecurityFilterChain resources(HttpSecurity http) throws Exception {
+        http.requestMatchers((matchers) -> matchers.antMatchers("/actuator/**", "/code/image", "/css/**", "/error"))
+                .authorizeHttpRequests((authorize) -> authorize.anyRequest().permitAll())
+                .requestCache()
+                .disable()
+                .securityContext()
+                .disable()
+                .sessionManagement()
+                .disable();
+        return http.build();
+    }
 
 }
diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/endpoint/ImageCodeEndpoint.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/endpoint/ImageCodeEndpoint.java
@@ -5,7 +5,7 @@
 import io.springboot.captcha.ArithmeticCaptcha;
 import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
-import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -28,7 +28,7 @@ public class ImageCodeEndpoint {
 
     private static final Integer DEFAULT_IMAGE_HEIGHT = 40;
 
-    private final RedisTemplate redisTemplate;
+    private final StringRedisTemplate redisTemplate;
 
     /**
      * 创建图形验证码

diff --git a/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java b/pig-auth/src/main/java/com/pig4cloud/pig/auth/support/filter/ValidateCodeFilter.java
@@ -17,6 +17,7 @@
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.security.oauth2.core.OAuth2AuthenticationException;
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.stereotype.Component;
@@ -97,7 +98,7 @@ private void checkCode() throws ValidateCodeException {
         }
 
         String key = CacheConstants.DEFAULT_CODE_KEY + randomStr;
-        RedisTemplate<String, String> redisTemplate = SpringContextHolder.getBean(RedisTemplate.class);
+        RedisTemplate<String, String> redisTemplate = SpringContextHolder.getBean(StringRedisTemplate.class);
         if (Boolean.FALSE.equals(redisTemplate.hasKey(key))) {
             throw new ValidateCodeException("验证码不合法");
         }

diff --git a/...ain/java/com/pig4cloud/pig/auth/support/handler/PigAuthenticationFailureEventHandler.java b/...ain/java/com/pig4cloud/pig/auth/support/handler/PigAuthenticationFailureEventHandler.java
@@ -19,15 +19,11 @@
 import cn.hutool.core.util.StrUtil;
 import com.pig4cloud.pig.admin.api.entity.SysLog;
 import com.pig4cloud.pig.common.core.constant.CommonConstants;
-import com.pig4cloud.pig.common.core.constant.SecurityConstants;
-import com.pig4cloud.pig.common.core.util.MsgUtils;
 import com.pig4cloud.pig.common.core.util.R;
 import com.pig4cloud.pig.common.core.util.SpringContextHolder;
 import com.pig4cloud.pig.common.log.event.SysLogEvent;
 import com.pig4cloud.pig.common.log.util.LogTypeEnum;
 import com.pig4cloud.pig.common.log.util.SysLogUtils;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
@@ -39,6 +35,8 @@
 import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 
 /**
@@ -97,12 +95,6 @@ private void sendErrorResponse(HttpServletRequest request, HttpServletResponse r
 			errorMessage = exception.getLocalizedMessage();
 		}
 
-		// 手机号登录
-		String grantType = request.getParameter(OAuth2ParameterNames.GRANT_TYPE);
-		if (SecurityConstants.MOBILE.equals(grantType)) {
-			errorMessage = MsgUtils.getSecurityMessage("AbstractUserDetailsAuthenticationProvider.smsBadCredentials");
-		}
-
 		this.errorHttpResponseConverter.write(R.failed(errorMessage), MediaType.APPLICATION_JSON, httpResponse);
 	}
 

diff --git a/...pig-upms-biz/src/main/java/com/pig4cloud/pig/admin/service/impl/SysMobileServiceImpl.java b/...pig-upms-biz/src/main/java/com/pig4cloud/pig/admin/service/impl/SysMobileServiceImpl.java
@@ -30,7 +30,7 @@
 import com.pig4cloud.pig.common.core.util.R;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.stereotype.Service;
 
 import java.util.List;
@@ -47,7 +47,7 @@
 @AllArgsConstructor
 public class SysMobileServiceImpl implements SysMobileService {
 
-	private final RedisTemplate redisTemplate;
+	private final StringRedisTemplate redisTemplate;
 
 	private final SysUserMapper userMapper;