diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/events/AuthorizationFailedEvent.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/events/AuthorizationFailedEvent.java index 640e4dfd9..428988548 100644 --- a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/events/AuthorizationFailedEvent.java +++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/events/AuthorizationFailedEvent.java @@ -31,6 +31,7 @@ public class AuthorizationFailedEvent extends AbstractAuthorizationEvent { /** * 失败原因 */ + @Deprecated//已弃用,请根据exception判断 private Reason reason; /** @@ -58,6 +59,7 @@ public class AuthorizationFailedEvent extends AbstractAuthorizationEvent { return reason; } + @Deprecated//已弃用,请根据exception判断 public enum Reason { PASSWORD_ERROR, USER_DISABLED, diff --git a/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/exception/AuthenticationException.java b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/exception/AuthenticationException.java new file mode 100644 index 000000000..dce94a7bf --- /dev/null +++ b/hsweb-authorization/hsweb-authorization-api/src/main/java/org/hswebframework/web/authorization/exception/AuthenticationException.java @@ -0,0 +1,25 @@ +package org.hswebframework.web.authorization.exception; + +import lombok.Getter; + +@Getter +public class AuthenticationException extends RuntimeException { + + + public static String ILLEGAL_PASSWORD = "illegal_password"; + + public static String USER_DISABLED = "user_disabled"; + + + private final String code; + + public AuthenticationException(String code, String message) { + super(message); + this.code = code; + } + + public AuthenticationException(String code, String message, Throwable cause) { + super(message, cause); + this.code = code; + } +} diff --git a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java index 1360a7fed..1dd7e4fb8 100644 --- a/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java +++ b/hsweb-authorization/hsweb-authorization-basic/src/main/java/org/hswebframework/web/authorization/basic/web/AuthorizationController.java @@ -27,9 +27,11 @@ import org.hswebframework.web.authorization.events.AuthorizationBeforeEvent; import org.hswebframework.web.authorization.events.AuthorizationDecodeEvent; import org.hswebframework.web.authorization.events.AuthorizationFailedEvent; import org.hswebframework.web.authorization.events.AuthorizationSuccessEvent; +import org.hswebframework.web.authorization.exception.AuthenticationException; import org.hswebframework.web.authorization.exception.UnAuthorizedException; import org.hswebframework.web.authorization.simple.CompositeReactiveAuthenticationManager; import org.hswebframework.web.authorization.simple.PlainTextUsernamePasswordAuthenticationRequest; +import org.hswebframework.web.logging.AccessLogger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationEventPublisher; import org.springframework.http.MediaType; @@ -65,19 +67,12 @@ public class AuthorizationController { @PostMapping(value = "/login", consumes = MediaType.APPLICATION_JSON_VALUE) @ApiOperation("用户名密码登录,json方式") @Authorize(ignore = true) + @AccessLogger(ignore = true) public Mono> authorizeByJson(@ApiParam(example = "{\"username\":\"admin\",\"password\":\"admin\"}") @RequestBody Mono> parameter) { return doLogin(parameter); } - @PostMapping(value = "/login", consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE) - @ApiOperation("用户名密码登录,参数方式") - @Authorize(ignore = true) - public Mono> authorizeByUrlEncoded(@ApiParam(hidden = true) @RequestParam Map parameter) { - - return doLogin(Mono.just(parameter)); - } - /** * */ @@ -105,7 +100,7 @@ public class AuthorizationController { .publish(eventPublisher) .then(authenticationManager .authenticate(Mono.just(new PlainTextUsernamePasswordAuthenticationRequest(username, password))) - .switchIfEmpty(Mono.error(() -> new IllegalArgumentException("密码错误"))) + .switchIfEmpty(Mono.error(() -> new AuthenticationException(AuthenticationException.ILLEGAL_PASSWORD,"密码错误"))) .flatMap(auth -> { //触发授权成功事件 AuthorizationSuccessEvent event = new AuthorizationSuccessEvent(auth, parameterGetter); @@ -114,7 +109,6 @@ public class AuthorizationController { .publish(eventPublisher) .then(Mono.fromCallable(event::getResult)); })); - })); }).onErrorResume(err -> { AuthorizationFailedEvent failedEvent = new AuthorizationFailedEvent(username_, password_, parameterGetter, reason); diff --git a/hsweb-concurrent/hsweb-concurrent-cache/src/main/java/org/hswebframework/web/cache/supports/RedisReactiveCache.java b/hsweb-concurrent/hsweb-concurrent-cache/src/main/java/org/hswebframework/web/cache/supports/RedisReactiveCache.java index 1d3295082..8fbaa4fa6 100644 --- a/hsweb-concurrent/hsweb-concurrent-cache/src/main/java/org/hswebframework/web/cache/supports/RedisReactiveCache.java +++ b/hsweb-concurrent/hsweb-concurrent-cache/src/main/java/org/hswebframework/web/cache/supports/RedisReactiveCache.java @@ -82,34 +82,17 @@ public class RedisReactiveCache implements ReactiveCache { @Override public Mono put(Object key, Publisher data) { - if (data instanceof Mono) { - return ((Mono) data) - .flatMap(r -> { - return operations.opsForHash() - .put(redisKey, key, r) - .then(localCache.put(key, data)) - .then(operations.convertAndSend(topicName, key)); - - }) - .then() - .onErrorResume(err -> this.handleError(err)) - ; - } - if (data instanceof Flux) { - return ((Flux) data) - .collectList() - .flatMap(r -> { - return operations.opsForHash() - .put(redisKey, key, r) - .then(localCache.put(key, data)) - .then(operations.convertAndSend(topicName, key)); - - }) - .then() - .onErrorResume(err -> this.handleError(err)) - ; - } - return Mono.error(new UnsupportedOperationException("unsupport publisher:" + data)); + return Flux + .from(data) + .collectList() + .flatMap(r -> { + return operations.opsForHash() + .put(redisKey, key, r) + .then(localCache.put(key, data)) + .then(operations.convertAndSend(topicName, key)); + }) + .then() + .onErrorResume(err -> this.handleError(err)); } @Override diff --git a/hsweb-logging/hsweb-access-logging-api/src/main/java/org/hswebframework/web/logging/AccessLogger.java b/hsweb-logging/hsweb-access-logging-api/src/main/java/org/hswebframework/web/logging/AccessLogger.java index c19c627ee..b6488c60a 100644 --- a/hsweb-logging/hsweb-access-logging-api/src/main/java/org/hswebframework/web/logging/AccessLogger.java +++ b/hsweb-logging/hsweb-access-logging-api/src/main/java/org/hswebframework/web/logging/AccessLogger.java @@ -33,7 +33,7 @@ public @interface AccessLogger { * @return 对类或方法的简单说明 * @see AccessLoggerInfo#getAction() */ - String value(); + String value() default ""; /** * @return 对类或方法的详细描述 diff --git a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveAuthenticationManager.java b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveAuthenticationManager.java index 5990036cd..cb4ec3b8c 100644 --- a/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveAuthenticationManager.java +++ b/hsweb-system/hsweb-system-authorization/hsweb-system-authorization-default/src/main/java/org/hswebframework/web/system/authorization/defaults/service/DefaultReactiveAuthenticationManager.java @@ -29,22 +29,21 @@ public class DefaultReactiveAuthenticationManager implements ReactiveAuthenticat @Autowired(required = false) private ReactiveCacheManager cacheManager; - @EventListener public void handleClearAuthCache(ClearUserAuthorizationCacheEvent event) { if (cacheManager != null) { if (event.isAll()) { cacheManager.getCache("user-auth") .clear() - .doOnSuccess(nil->log.info("clear all user authentication cache success")) + .doOnSuccess(nil -> log.info("clear all user authentication cache success")) .doOnError(err -> log.error(err.getMessage(), err)) .subscribe(); } else { cacheManager.getCache("user-auth") .evictAll(event.getUserId()) .doOnError(err -> log.error(err.getMessage(), err)) - .doOnSuccess(__->log.info("clear user {} authentication cache success", event.getUserId())) - .subscribe( ); + .doOnSuccess(__ -> log.info("clear user {} authentication cache success", event.getUserId())) + .subscribe(); } } } @@ -56,7 +55,7 @@ public class DefaultReactiveAuthenticationManager implements ReactiveAuthenticat .switchIfEmpty(Mono.error(() -> new UnsupportedOperationException("不支持的请求类型"))) .map(PlainTextUsernamePasswordAuthenticationRequest.class::cast) .flatMap(pwdRequest -> reactiveUserService.findByUsernameAndPassword(pwdRequest.getUsername(), pwdRequest.getPassword())) - .switchIfEmpty(Mono.error(() -> new AccessDenyException("密码错误"))) + .filter(user -> Byte.valueOf((byte) 1).equals(user.getStatus())) .map(UserEntity::getId) .flatMap(this::getByUserId); }