use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class BaseJwtRealm method doGetAuthenticationInfo.
/**
* 获取认证信息
* @param token
* @return
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
BaseJwtAuthToken jwtToken = (BaseJwtAuthToken) token;
String authAccount = (String) jwtToken.getPrincipal();
if (V.isEmpty(authAccount)) {
throw new AuthenticationException("无效的用户标识");
} else {
// 获取认证方式
AuthService authService = AuthServiceFactory.getAuthService(jwtToken.getAuthType());
if (authService == null) {
jwtToken.clearAuthtoken();
throw new AuthenticationException("认证类型: " + jwtToken.getAuthType() + " 的AccountAuthService未实现!");
}
IamAccount account = authService.getAccount(jwtToken);
// 登录失败则抛出相关异常
if (account == null) {
jwtToken.clearAuthtoken();
throw new AuthenticationException("用户账号或密码错误!");
}
// 获取当前user对象并缓存
BaseLoginUser loginUser = null;
BaseService userService = ContextHelper.getBaseServiceByEntity(jwtToken.getUserTypeClass());
if (userService != null) {
loginUser = (BaseLoginUser) userService.getEntity(account.getUserId());
} else {
throw new AuthenticationException("用户 " + jwtToken.getUserTypeClass().getName() + " 相关的Service未定义!");
}
if (loginUser == null) {
throw new AuthenticationException("用户不存在");
}
loginUser.setAuthToken(jwtToken.getAuthtoken());
IamExtensible iamExtensible = getIamUserRoleService().getIamExtensible();
if (iamExtensible != null) {
LabelValue extentionObj = iamExtensible.getUserExtentionObj(jwtToken.getUserTypeClass().getSimpleName(), account.getUserId(), jwtToken.getExtObj());
if (extentionObj != null) {
loginUser.setExtentionObj(extentionObj);
}
}
// 清空当前用户缓存
this.clearCachedAuthorizationInfo(IamSecurityUtils.getSubject().getPrincipals());
return new SimpleAuthenticationInfo(loginUser, jwtToken.getCredentials(), this.getName());
}
}
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class BaseJwtRealm method doGetAuthorizationInfo.
/**
* 获取授权信息
* @param principals
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
BaseLoginUser currentUser = (BaseLoginUser) principals.getPrimaryPrincipal();
// 根据用户类型与用户id获取roleList
Long extentionObjId = null;
LabelValue extentionObj = currentUser.getExtentionObj();
if (extentionObj != null) {
extentionObjId = (Long) extentionObj.getValue();
}
// 获取角色列表
List<IamRole> roleList = getIamUserRoleService().getUserRoleList(currentUser.getClass().getSimpleName(), currentUser.getId(), extentionObjId);
// 如果没有任何角色,返回
if (V.isEmpty(roleList)) {
return authorizationInfo;
}
// 整理所有角色许可列表
Set<String> allRoleCodes = new HashSet<>();
List<Long> roleIds = new ArrayList<>();
roleList.stream().forEach(role -> {
// 添加当前角色到角色列表中
allRoleCodes.add(role.getCode());
roleIds.add(role.getId());
});
// 整理所有权限许可列表,从缓存匹配
Set<String> allPermissionCodes = new HashSet<>();
List<String> apiUrlList = getIamRoleResourceService().getApiUrlList(Cons.APPLICATION, roleIds);
if (V.notEmpty(apiUrlList)) {
apiUrlList.stream().forEach(set -> {
for (String uri : set.split(Cons.SEPARATOR_COMMA)) {
String permissionCode = IamCacheManager.getPermissionCode(uri);
if (permissionCode != null) {
allPermissionCodes.add(permissionCode);
}
}
});
}
// 将所有角色和权限许可授权给用户
authorizationInfo.setRoles(allRoleCodes);
authorizationInfo.setStringPermissions(allPermissionCodes);
return authorizationInfo;
}
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class LogAspect method beforeHandler.
/**
* 操作日志处理
* @param joinPoint
*/
@Before(value = "pointCut()")
public void beforeHandler(JoinPoint joinPoint) {
BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
threadLocal.set(currentUser);
}
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class WxAuthServiceImpl method saveLoginTrace.
/**
* 保存登录日志
* @param authToken
* @param isSuccess
*/
protected void saveLoginTrace(BaseJwtAuthToken authToken, boolean isSuccess) {
IamLoginTrace loginTrace = new IamLoginTrace();
loginTrace.setAuthType(getAuthType()).setAuthAccount(authToken.getAuthAccount()).setUserType(authToken.getUserType()).setSuccess(isSuccess);
BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
if (currentUser != null) {
Long userId = currentUser.getId();
loginTrace.setUserId(userId);
}
// 记录客户端信息
String userAgent = HttpHelper.getUserAgent(request);
String ipAddress = HttpHelper.getRequestIp(request);
loginTrace.setUserAgent(userAgent).setIpAddress(ipAddress);
try {
iamLoginTraceService.createEntity(loginTrace);
} catch (Exception e) {
log.warn("保存登录日志异常", e);
}
}
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class PwdAuthServiceImpl method saveLoginTrace.
/**
* 保存登录日志
* @param authToken
* @param isSuccess
*/
protected void saveLoginTrace(BaseJwtAuthToken authToken, boolean isSuccess) {
IamLoginTrace loginTrace = new IamLoginTrace();
loginTrace.setAuthType(getAuthType()).setAuthAccount(authToken.getAuthAccount()).setUserType(authToken.getUserType()).setSuccess(isSuccess);
BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
if (currentUser != null) {
loginTrace.setUserId(currentUser.getId());
}
// 记录客户端信息
String userAgent = HttpHelper.getUserAgent(request);
String ipAddress = HttpHelper.getRequestIp(request);
loginTrace.setUserAgent(userAgent).setIpAddress(ipAddress);
iamAsyncWorker.saveLoginTraceLog(loginTrace);
}
Aggregations