MySQLRealm.java
3.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
package com.myxrk.rbac.config;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.myxrk.rbac.dao.SysMenuMapper;
import com.myxrk.rbac.dao.SysRoleMenuMapper;
import com.myxrk.rbac.dao.SysUserMapper;
import com.myxrk.rbac.dao.SysUserRoleMapper;
import com.myxrk.rbac.exception.AccountException;
import com.myxrk.rbac.po.SysMenu;
import com.myxrk.rbac.po.SysRoleMenu;
import com.myxrk.rbac.po.SysUser;
import com.myxrk.rbac.po.SysUserRole;
import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.stereotype.Component;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
@Slf4j
@Component
public class MySQLRealm extends AuthorizingRealm {
// @Inject
@Resource
private SysUserMapper sysUserMapper;
@Resource
private SysUserRoleMapper sysUserRoleMapper;
@Resource
private SysRoleMenuMapper sysRoleMenuMapper;
@Resource
private SysMenuMapper sysMenuMapper;
/**
* 用户、角色、权限
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
String username = token.getUsername();
log.info("[username: {}] is authenticating", username);
// 0. get user by username
SysUser sysUser = sysUserMapper.selectOne(Wrappers.query(SysUser.class).eq("username", username));
// 1. 用户不存在
if (sysUser == null) {
throw new AccountException("用户名不正确");
}
// 2. 密码为空
String password = sysUser.getPassword();
if (null == password) {
throw new AccountException("用户名不正确");
}
// 3. 密码不正确
if (!password.equals(new String((char[]) token.getCredentials()))) {
throw new AccountException("密码不正确");
}
log.info("[username: {}] has been authenticated! info:{}", username, sysUser);
return new SimpleAuthenticationInfo(token.getPrincipal(), password, getName());
}
/**
*
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
String username = (String) SecurityUtils.getSubject().getPrincipal();
log.info("[username: {}] is authorizing!", username);
// 0. get user by username
SysUser sysUser = sysUserMapper.selectOne(Wrappers.query(SysUser.class).eq("username", username));
// 1. roles
List<SysUserRole> sysUserRole = sysUserRoleMapper.selectList(Wrappers.query(SysUserRole.class).eq("user_id", sysUser.getUserId()));
Set<String> roles = sysUserRole.stream().map(SysUserRole::getRoleId).map(String::valueOf).collect(Collectors.toSet());
// 2. permissions
List<SysRoleMenu> sysRoleMenus = sysRoleMenuMapper.selectList(Wrappers.query(SysRoleMenu.class).in("role_id", roles));
List<Long> menus = sysRoleMenus.stream().map(SysRoleMenu::getMenuId).toList();
List<SysMenu> sysMenus = sysMenuMapper.selectList(Wrappers.query(SysMenu.class).in("menu_id", menus));
Set<String> permissions = sysMenus.stream().map(SysMenu::getPerms).collect(Collectors.toSet());
// 3. set roles and permissions
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.setRoles(roles);
info.setStringPermissions(permissions);
log.info("[username: {}] has been authorized roles:{} and permissions:{}", username, roles, permissions);
return info;
}
}