Example 1 with BaseLoginUser
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class BaseJwtRealm method doGetAuthenticationInfo.
/**
* 获取认证信息
* @param token
* @return
* @throws AuthenticationException
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
BaseJwtAuthToken jwtToken = (BaseJwtAuthToken) token;
String authAccount = (String) jwtToken.getPrincipal();
if (V.isEmpty(authAccount)) {
throw new AuthenticationException("无效的用户标识");
} else {
// 获取认证方式
AuthService authService = AuthServiceFactory.getAuthService(jwtToken.getAuthType());
if (authService == null) {
jwtToken.clearAuthtoken();
throw new AuthenticationException("认证类型: " + jwtToken.getAuthType() + " 的AccountAuthService未实现!");
}
IamAccount account = authService.getAccount(jwtToken);
// 登录失败则抛出相关异常
if (account == null) {
jwtToken.clearAuthtoken();
throw new AuthenticationException("用户账号或密码错误!");
}
// 获取当前user对象并缓存
BaseLoginUser loginUser = null;
BaseService userService = ContextHelper.getBaseServiceByEntity(jwtToken.getUserTypeClass());
if (userService != null) {
loginUser = (BaseLoginUser) userService.getEntity(account.getUserId());
} else {
throw new AuthenticationException("用户 " + jwtToken.getUserTypeClass().getName() + " 相关的Service未定义!");
}
if (loginUser == null) {
throw new AuthenticationException("用户不存在");
}
loginUser.setAuthToken(jwtToken.getAuthtoken());
IamExtensible iamExtensible = getIamUserRoleService().getIamExtensible();
if (iamExtensible != null) {
LabelValue extentionObj = iamExtensible.getUserExtentionObj(jwtToken.getUserTypeClass().getSimpleName(), account.getUserId(), jwtToken.getExtObj());
if (extentionObj != null) {
loginUser.setExtentionObj(extentionObj);
}
}
// 清空当前用户缓存
this.clearCachedAuthorizationInfo(IamSecurityUtils.getSubject().getPrincipals());
return new SimpleAuthenticationInfo(loginUser, jwtToken.getCredentials(), this.getName());
}
}
Also used :
IamAccount(com.diboot.iam.entity.IamAccount)
IamExtensible(com.diboot.iam.auth.IamExtensible)
LabelValue(com.diboot.core.vo.LabelValue)
SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
BaseLoginUser(com.diboot.iam.entity.BaseLoginUser)
AuthService(com.diboot.iam.auth.AuthService)
BaseService(com.diboot.core.service.BaseService)
Example 2 with BaseLoginUser
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class BaseJwtRealm method doGetAuthorizationInfo.
/**
* 获取授权信息
* @param principals
* @return
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
BaseLoginUser currentUser = (BaseLoginUser) principals.getPrimaryPrincipal();
// 根据用户类型与用户id获取roleList
Long extentionObjId = null;
LabelValue extentionObj = currentUser.getExtentionObj();
if (extentionObj != null) {
extentionObjId = (Long) extentionObj.getValue();
}
// 获取角色列表
List<IamRole> roleList = getIamUserRoleService().getUserRoleList(currentUser.getClass().getSimpleName(), currentUser.getId(), extentionObjId);
// 如果没有任何角色,返回
if (V.isEmpty(roleList)) {
return authorizationInfo;
}
// 整理所有角色许可列表
Set<String> allRoleCodes = new HashSet<>();
List<Long> roleIds = new ArrayList<>();
roleList.stream().forEach(role -> {
// 添加当前角色到角色列表中
allRoleCodes.add(role.getCode());
roleIds.add(role.getId());
});
// 整理所有权限许可列表,从缓存匹配
Set<String> allPermissionCodes = new HashSet<>();
List<String> apiUrlList = getIamRoleResourceService().getApiUrlList(Cons.APPLICATION, roleIds);
if (V.notEmpty(apiUrlList)) {
apiUrlList.stream().forEach(set -> {
for (String uri : set.split(Cons.SEPARATOR_COMMA)) {
String permissionCode = IamCacheManager.getPermissionCode(uri);
if (permissionCode != null) {
allPermissionCodes.add(permissionCode);
}
}
});
}
// 将所有角色和权限许可授权给用户
authorizationInfo.setRoles(allRoleCodes);
authorizationInfo.setStringPermissions(allPermissionCodes);
return authorizationInfo;
}
Also used :
SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo)
LabelValue(com.diboot.core.vo.LabelValue)
BaseLoginUser(com.diboot.iam.entity.BaseLoginUser)
IamRole(com.diboot.iam.entity.IamRole)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
Example 3 with BaseLoginUser
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class LogAspect method beforeHandler.
/**
* 操作日志处理
* @param joinPoint
*/
@Before(value = "pointCut()")
public void beforeHandler(JoinPoint joinPoint) {
BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
threadLocal.set(currentUser);
}
Also used :
BaseLoginUser(com.diboot.iam.entity.BaseLoginUser)
Example 4 with BaseLoginUser
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class WxAuthServiceImpl method saveLoginTrace.
/**
* 保存登录日志
* @param authToken
* @param isSuccess
*/
protected void saveLoginTrace(BaseJwtAuthToken authToken, boolean isSuccess) {
IamLoginTrace loginTrace = new IamLoginTrace();
loginTrace.setAuthType(getAuthType()).setAuthAccount(authToken.getAuthAccount()).setUserType(authToken.getUserType()).setSuccess(isSuccess);
BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
if (currentUser != null) {
Long userId = currentUser.getId();
loginTrace.setUserId(userId);
}
// 记录客户端信息
String userAgent = HttpHelper.getUserAgent(request);
String ipAddress = HttpHelper.getRequestIp(request);
loginTrace.setUserAgent(userAgent).setIpAddress(ipAddress);
try {
iamLoginTraceService.createEntity(loginTrace);
} catch (Exception e) {
log.warn("保存登录日志异常", e);
}
}
Also used :
IamLoginTrace(com.diboot.iam.entity.IamLoginTrace)
BaseLoginUser(com.diboot.iam.entity.BaseLoginUser)
BusinessException(com.diboot.core.exception.BusinessException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
Example 5 with BaseLoginUser
use of com.diboot.iam.entity.BaseLoginUser in project diboot by dibo-software.
the class PwdAuthServiceImpl method saveLoginTrace.
/**
* 保存登录日志
* @param authToken
* @param isSuccess
*/
protected void saveLoginTrace(BaseJwtAuthToken authToken, boolean isSuccess) {
IamLoginTrace loginTrace = new IamLoginTrace();
loginTrace.setAuthType(getAuthType()).setAuthAccount(authToken.getAuthAccount()).setUserType(authToken.getUserType()).setSuccess(isSuccess);
BaseLoginUser currentUser = IamSecurityUtils.getCurrentUser();
if (currentUser != null) {
loginTrace.setUserId(currentUser.getId());
}
// 记录客户端信息
String userAgent = HttpHelper.getUserAgent(request);
String ipAddress = HttpHelper.getRequestIp(request);
loginTrace.setUserAgent(userAgent).setIpAddress(ipAddress);
iamAsyncWorker.saveLoginTraceLog(loginTrace);
}
Also used :
IamLoginTrace(com.diboot.iam.entity.IamLoginTrace)
BaseLoginUser(com.diboot.iam.entity.BaseLoginUser)
Aggregations
BaseLoginUser (com.diboot.iam.entity.BaseLoginUser)7
IamLoginTrace (com.diboot.iam.entity.IamLoginTrace)3
AuthenticationException (org.apache.shiro.authc.AuthenticationException)3
BusinessException (com.diboot.core.exception.BusinessException)2
LabelValue (com.diboot.core.vo.LabelValue)2
InvalidUsageException (com.diboot.core.exception.InvalidUsageException)1
BaseService (com.diboot.core.service.BaseService)1
JsonResult (com.diboot.core.vo.JsonResult)1
AuthService (com.diboot.iam.auth.AuthService)1
IamExtensible (com.diboot.iam.auth.IamExtensible)1
IamAccount (com.diboot.iam.entity.IamAccount)1
IamOperationLog (com.diboot.iam.entity.IamOperationLog)1
IamRole (com.diboot.iam.entity.IamRole)1
ArrayList (java.util.ArrayList)1
HashSet (java.util.HashSet)1
SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)1
SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)1
JoinPoint (org.aspectj.lang.JoinPoint)1
