自己写一套权限控制，去掉spring security

2019-05-29 23:03:30 +08:00
parent 25b4089a8f
commit c3b3b60d93
29 changed files with 1008 additions and 520 deletions
--- a/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/config/security/DocUserDetails.java
+++ b/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/config/security/DocUserDetails.java
@@ -1,19 +1,54 @@
 package com.zyplayer.doc.data.config.security;

-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.userdetails.UserDetails;
+import java.util.Set;

-import java.util.Collection;
-
-public class DocUserDetails implements UserDetails {
-	private static final long serialVersionUID = 1L;
-	
+public class DocUserDetails {
 	private Long userId;
 	private String username;
 	private String password;
 	private boolean enabled;
-	private Collection<? extends GrantedAuthority> authorities;
-
+	private Set<String> authorities;
+	
+	public Long getUserId() {
+		return userId;
+	}
+	
+	public void setUserId(Long userId) {
+		this.userId = userId;
+	}
+	
+	public String getUsername() {
+		return username;
+	}
+	
+	public void setUsername(String username) {
+		this.username = username;
+	}
+	
+	public String getPassword() {
+		return password;
+	}
+	
+	public void setPassword(String password) {
+		this.password = password;
+	}
+	
+	public boolean isEnabled() {
+		return enabled;
+	}
+	
+	public void setEnabled(boolean enabled) {
+		this.enabled = enabled;
+	}
+	
+	public Set<String> getAuthorities() {
+		return authorities;
+	}
+	
+	public void setAuthorities(Set<String> authorities) {
+		this.authorities = authorities;
+	}
+	
 	public DocUserDetails(Long userId, String username, String password, boolean enabled) {
 		super();
 		this.userId = userId;
@@ -21,9 +56,8 @@ public class DocUserDetails implements UserDetails {
 		this.password = password;
 		this.enabled = enabled;
 	}
-
-	public DocUserDetails(Long userId, String username, String password, boolean enabled,
-						  Collection<? extends GrantedAuthority> authorities) {
+	
+	public DocUserDetails(Long userId, String username, String password, boolean enabled, Set<String> authorities) {
 		super();
 		this.userId = userId;
 		this.username = username;
@@ -31,49 +65,15 @@ public class DocUserDetails implements UserDetails {
 		this.enabled = enabled;
 		this.authorities = authorities;
 	}
-
-	public Long getUserId() {
-		return this.userId;
-	}
-
-	@Override
-	public Collection<? extends GrantedAuthority> getAuthorities() {
-		return authorities;
-	}
-
-	@Override
-	public String getPassword() {
-		return password;
-	}
-
-	@Override
-	public String getUsername() {
-		return username;
-	}
-
-	@Override
-	public boolean isAccountNonExpired() {
-		return true;
-	}
-
-	@Override
-	public boolean isAccountNonLocked() {
-		return true;
-	}
-
-	@Override
-	public boolean isCredentialsNonExpired() {
-		return true;
-	}
-
-	@Override
-	public boolean isEnabled() {
-		return enabled;
-	}
-
+	
 	@Override
 	public String toString() {
-		return "MyUserDetails [userId=" + userId + ", username=" + username + ", password=" + password + ", enabled="
-				+ enabled + ", authorities=" + authorities + "]";
+		return "DocUserDetails{" +
+				"userId=" + userId +
+				", username='" + username + '\'' +
+				", password='" + password + '\'' +
+				", enabled=" + enabled +
+				", authorities=" + authorities +
+				'}';
 	}
 }
--- a/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/config/security/DocUserUtil.java
+++ b/zyplayer-doc-data/src/main/java/com/zyplayer/doc/data/config/security/DocUserUtil.java
@@ -1,25 +1,82 @@
 package com.zyplayer.doc.data.config.security;

-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.context.SecurityContextHolder;
+import com.zyplayer.doc.data.utils.CacheUtil;

 /**
 * 用户工具类
+ * @author 暮光：城中城
+ * @since 2019年05月25日
 */
 public class DocUserUtil {
+	private static ThreadLocal<DocUserDetails> DOC_USER_DETAILS = new ThreadLocal<>();
+	private static ThreadLocal<String> ACCESS_TOKEN = new ThreadLocal<>();
+
+//
+//	/**
+//	 * 获取当前用户
+//	 * @return 用户信息
+//	 */
+//	public static DocUserDetails getCurrentUser() {
+//		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+//		if (authentication != null) {
+//			Object principal = authentication.getPrincipal();
+//			if (principal instanceof DocUserDetails) {
+//				return (DocUserDetails) principal;
+//			}
+//		}
+//		return null;
+//	}
+	
+	public static void setAccessToken(String accessToken) {
+		DocUserUtil.ACCESS_TOKEN.set(accessToken);
+	}
+	
+	public static boolean haveAuth(String... authNames) {
+		DocUserDetails currentUser = getCurrentUser();
+		if (currentUser == null) {
+			return false;
+		}
+		for (String authName : authNames) {
+			if (!currentUser.getAuthorities().contains(authName)) {
+				return false;
+			}
+		}
+		return true;
+	}
 	
 	/**
 	 * 获取当前用户
+	 *
 	 * @return 用户信息
 	 */
 	public static DocUserDetails getCurrentUser() {
-		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
-		if (authentication != null) {
-			Object principal = authentication.getPrincipal();
-			if (principal instanceof DocUserDetails) {
-				return (DocUserDetails) principal;
+		DocUserDetails docUser = DOC_USER_DETAILS.get();
+		if (docUser == null) {
+			docUser = CacheUtil.get(ACCESS_TOKEN.get());
+			if (docUser != null) {
+				DOC_USER_DETAILS.set(docUser);
 			}
 		}
-		return null;
+		return docUser;
+	}
+	
+	/**
+	 * 设置当前用户
+	 */
+	public static void setCurrentUser(String accessToken, DocUserDetails docUser) {
+		DOC_USER_DETAILS.set(docUser);
+		CacheUtil.put(accessToken, docUser);
+	}
+	
+	/**
+	 * 退出登录
+	 */
+	public static void logout() {
+		CacheUtil.remove(ACCESS_TOKEN.get());
+	}
+	
+	public static void clean() {
+		DocUserUtil.DOC_USER_DETAILS.remove();
+		DocUserUtil.ACCESS_TOKEN.remove();
 	}
 }