use of com.haier.api.user.domain.UserVO in project su-sunday-cloud by illeagalName.
the class AuthFilter method filter.
@Override
public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
String url = exchange.getRequest().getURI().getPath();
// 跳过不需要验证的路径
if (StringUtils.matches(url, whiteListProperties.getLists())) {
return chain.filter(exchange);
}
String token = SecurityUtils.getToken(exchange.getRequest());
if (StringUtils.isBlank(token)) {
return setUnauthorizedResponse(exchange, "令牌不能为空");
}
// 获取到token,解析token
String[] split = token.split("\\.");
if (split.length != 3) {
return setUnauthorizedResponse(exchange, "令牌格式不正确");
}
TokenVO tokenVO = JsonUtils.toObject(decode(split[1]), TokenVO.class);
if (Objects.isNull(tokenVO)) {
return setUnauthorizedResponse(exchange, "令牌格式不正确");
}
// 查询缓存数据
String clientId = tokenVO.getClientId();
UserVO user = redisService.getObject(CacheConstants.AUTHORIZATION_USER_TOKEN + clientId + ":" + tokenVO.getUniqueId());
if (Objects.isNull(user)) {
return setUnauthorizedResponse(exchange, "登录状态已过期");
}
// 校验令牌完整性
boolean verify = SecurityUtils.verifyToken(token, user.getSecret());
if (!verify) {
return setUnauthorizedResponse(exchange, "令牌校验未通过");
}
Long userid = user.getUserId();
String username = user.getUserName();
// 设置用户信息到请求
ServerHttpRequest mutableReq = exchange.getRequest().mutate().header(CacheConstants.DETAILS_USER_ID, String.valueOf(userid)).header(CacheConstants.DETAILS_USERNAME, ServletUtils.urlEncode(username)).header(CacheConstants.DETAILS_CLIENT_ID, clientId).build();
ServerWebExchange mutableExchange = exchange.mutate().request(mutableReq).build();
return chain.filter(mutableExchange);
}
use of com.haier.api.user.domain.UserVO in project su-sunday-cloud by illeagalName.
the class UserServiceImpl method selectUserByUserName.
@Override
public UserVO selectUserByUserName(String username, String password) {
QueryWrapper<User> userWrapper = new QueryWrapper<>();
userWrapper.select("user_id,password,user_name,nick_name,email,phone,sex,avatar,status").eq("user_name", username);
User user = userMapper.selectOne(userWrapper);
AssertUtils.notEmpty(user, "不存在用户:" + username);
AssertUtils.isTrue(SecurityUtils.matchesPassword(password, user.getPassword()), "密码不正确");
// 先用BeanUtil 后面改为MapStruct
UserVO vo = new UserVO();
BeanUtils.copyProperties(user, vo);
List<Role> roles = roleMapper.listRolesByUserId(user.getUserId());
vo.setRoles(roles.stream().map(Role::getSymbol).collect(Collectors.toList()));
return vo;
}
use of com.haier.api.user.domain.UserVO in project su-sunday-cloud by illeagalName.
the class UserServiceImpl method getPersonalInfo.
@Override
public PersonalInfoVO getPersonalInfo() {
Long userId = SecurityUtils.getUserId();
String clientId = SecurityUtils.getClientId();
UserVO userVO = redisService.getObject(AUTHORIZATION_USER_TOKEN + clientId + ":" + userId);
PersonalInfoVO result = new PersonalInfoVO();
BeanUtils.copyProperties(userVO, result);
return result;
}
use of com.haier.api.user.domain.UserVO in project su-sunday-cloud by illeagalName.
the class AuthService method login.
public R<Map<String, Object>> login(LoginUser loginUser) {
// 判断loginUser的username和password的空值
AssertUtils.anyNotEmpty("用户名/密码不能为空", loginUser.getUsername(), loginUser.getPassword());
R<UserVO> userInfo = remoteUserService.getUserInfo(loginUser.getUsername(), loginUser.getPassword());
UserVO data = userInfo.getData();
AssertUtils.notEmpty(data, userInfo.getMsg());
AssertUtils.isTrue(Objects.equals(data.getStatus(), 0), "账号已被停用");
// 密码正确,创建token
return R.success(createToken(data));
}
Aggregations