mirror of
https://github.com/hs-web/hsweb-framework.git
synced 2026-06-01 10:21:26 +08:00
优化权限
This commit is contained in:
zhou-hao
@@ -8,6 +8,7 @@ import org.hswebframework.web.authorization.access.DataAccessHandler;
|
||||
import org.hswebframework.web.authorization.basic.handler.DefaultAuthorizingHandler;
|
||||
import org.hswebframework.web.authorization.basic.handler.access.DefaultDataAccessController;
|
||||
import org.hswebframework.web.authorization.basic.web.*;
|
||||
import org.hswebframework.web.authorization.basic.web.session.UserTokenAutoExpiredListener;
|
||||
import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
|
||||
import org.hswebframework.web.authorization.token.UserTokenAuthenticationSupplier;
|
||||
import org.hswebframework.web.authorization.token.UserTokenManager;
|
||||
@@ -87,6 +88,11 @@ public class AuthorizingHandlerAutoConfiguration {
|
||||
return new UserOnSignOut(userTokenManager);
|
||||
}
|
||||
|
||||
@Bean
|
||||
public UserTokenAutoExpiredListener userTokenAutoExpiredListener(UserTokenManager userTokenManager) {
|
||||
return new UserTokenAutoExpiredListener(userTokenManager);
|
||||
}
|
||||
|
||||
@Configuration
|
||||
public static class DataAccessHandlerProcessor implements BeanPostProcessor {
|
||||
|
||||
|
||||
@@ -6,8 +6,15 @@ package org.hswebframework.web.authorization.basic.web;
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface AuthorizedToken extends ParsedToken {
|
||||
|
||||
/**
|
||||
* @return 令牌绑定的用户id
|
||||
*/
|
||||
String getUserId();
|
||||
|
||||
/**
|
||||
* @return 令牌有效期,单位毫秒,-1为长期有效
|
||||
*/
|
||||
default long getMaxInactiveInterval() {
|
||||
return -1;
|
||||
}
|
||||
|
||||
@@ -1,12 +1,18 @@
|
||||
package org.hswebframework.web.authorization.basic.web;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
* 令牌解析结果
|
||||
*
|
||||
* @author zhouhao
|
||||
*/
|
||||
public interface ParsedToken {
|
||||
/**
|
||||
* @return 令牌
|
||||
*/
|
||||
String getToken();
|
||||
|
||||
/**
|
||||
* @return 令牌类型
|
||||
*/
|
||||
String getType();
|
||||
}
|
||||
|
||||
@@ -13,9 +13,11 @@ import java.util.Map;
|
||||
*/
|
||||
public class SessionIdUserTokenGenerator implements UserTokenGenerator, Serializable {
|
||||
|
||||
private static final long serialVersionUID = -9197243220777237431L;
|
||||
|
||||
@Override
|
||||
public String getSupportTokenType() {
|
||||
return "sessionId";
|
||||
return TOKEN_TYPE_SESSION_ID;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -30,6 +32,8 @@ public class SessionIdUserTokenGenerator implements UserTokenGenerator, Serializ
|
||||
String sessionId = request.getSession().getId();
|
||||
|
||||
return new GeneratedToken() {
|
||||
private static final long serialVersionUID = 3964183451883410929L;
|
||||
|
||||
@Override
|
||||
public Map<String, Object> getResponse() {
|
||||
return Collections.emptyMap();
|
||||
@@ -42,7 +46,7 @@ public class SessionIdUserTokenGenerator implements UserTokenGenerator, Serializ
|
||||
|
||||
@Override
|
||||
public String getType() {
|
||||
return "session-id-default";
|
||||
return TOKEN_TYPE_SESSION_ID;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -8,6 +8,8 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import java.util.function.Predicate;
|
||||
|
||||
import static org.hswebframework.web.authorization.basic.web.UserTokenGenerator.TOKEN_TYPE_SESSION_ID;
|
||||
|
||||
/**
|
||||
* @author zhouhao
|
||||
*/
|
||||
@@ -46,7 +48,7 @@ public class SessionIdUserTokenParser implements UserTokenParser {
|
||||
|
||||
@Override
|
||||
public String getType() {
|
||||
return "session-id-default";
|
||||
return TOKEN_TYPE_SESSION_ID;
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -63,7 +65,7 @@ public class SessionIdUserTokenParser implements UserTokenParser {
|
||||
|
||||
@Override
|
||||
public String getType() {
|
||||
return "session-id-default";
|
||||
return TOKEN_TYPE_SESSION_ID;
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
@@ -12,13 +12,28 @@ import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
/**
|
||||
* 监听授权成功事件,授权成功后,生成token并注册到{@link UserTokenManager}
|
||||
*
|
||||
* @author zhouhao
|
||||
* @see org.springframework.context.ApplicationEvent
|
||||
* @see org.hswebframework.web.authorization.listener.event.AuthorizationEvent
|
||||
* @see UserTokenManager
|
||||
* @see UserTokenGenerator
|
||||
* @since 3.0
|
||||
*/
|
||||
public class UserOnSignIn implements AuthorizationListener<AuthorizationSuccessEvent>
|
||||
,ApplicationListener<AuthorizationSuccessEvent>{
|
||||
, ApplicationListener<AuthorizationSuccessEvent> {
|
||||
|
||||
/**
|
||||
* 默认到令牌类型
|
||||
* @see UserToken#getType()
|
||||
* @see SessionIdUserTokenGenerator#getSupportTokenType()
|
||||
*/
|
||||
private String defaultTokenType = "sessionId";
|
||||
|
||||
/**
|
||||
* 令牌管理器
|
||||
*/
|
||||
private UserTokenManager userTokenManager;
|
||||
|
||||
private List<UserTokenGenerator> userTokenGenerators = new ArrayList<>();
|
||||
@@ -38,7 +53,7 @@ public class UserOnSignIn implements AuthorizationListener<AuthorizationSuccessE
|
||||
|
||||
@Override
|
||||
public void on(AuthorizationSuccessEvent event) {
|
||||
onApplicationEvent(event);
|
||||
onApplicationEvent(event);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -9,6 +9,10 @@ import org.hswebframework.web.authorization.Authentication;
|
||||
*
|
||||
*/
|
||||
public interface UserTokenGenerator {
|
||||
String TOKEN_TYPE_SESSION_ID = "sessionId";
|
||||
|
||||
String TOKEN_TYPE_SIMPLE = "simple-token";
|
||||
|
||||
String getSupportTokenType();
|
||||
|
||||
GeneratedToken generate(Authentication authentication);
|
||||
|
||||
@@ -4,11 +4,12 @@ import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.function.Predicate;
|
||||
|
||||
/**
|
||||
* TODO 完成注释
|
||||
*
|
||||
* 令牌解析器,用于在接受到请求到时候,从请求中获取令牌
|
||||
* @author zhouhao
|
||||
* @see 3.0
|
||||
* @see ParsedToken
|
||||
* @see AuthorizedToken
|
||||
*/
|
||||
public interface UserTokenParser {
|
||||
|
||||
ParsedToken parseToken(HttpServletRequest request);
|
||||
}
|
||||
|
||||
@@ -0,0 +1,26 @@
|
||||
package org.hswebframework.web.authorization.basic.web.session;
|
||||
|
||||
import org.hswebframework.web.authorization.token.UserTokenManager;
|
||||
|
||||
import javax.servlet.http.HttpSessionEvent;
|
||||
import javax.servlet.http.HttpSessionListener;
|
||||
|
||||
public class UserTokenAutoExpiredListener implements HttpSessionListener {
|
||||
|
||||
private UserTokenManager userTokenManager;
|
||||
|
||||
public UserTokenAutoExpiredListener(UserTokenManager userTokenManager) {
|
||||
this.userTokenManager = userTokenManager;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void sessionCreated(HttpSessionEvent se) {
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void sessionDestroyed(HttpSessionEvent se) {
|
||||
String sessionId = se.getSession().getId();
|
||||
userTokenManager.signOutByToken(sessionId);
|
||||
}
|
||||
}
|
||||
@@ -1,9 +1,6 @@
|
||||
package org.hswebframework.web.authorization;
|
||||
|
||||
import org.hswebframework.web.authorization.token.DefaultUserTokenManager;
|
||||
import org.hswebframework.web.authorization.token.SimpleUserToken;
|
||||
import org.hswebframework.web.authorization.token.UserToken;
|
||||
import org.hswebframework.web.authorization.token.UserTokenManager;
|
||||
import org.hswebframework.web.authorization.token.*;
|
||||
import org.hswebframework.web.id.IDGenerator;
|
||||
import org.junit.Assert;
|
||||
import org.redisson.Redisson;
|
||||
@@ -15,12 +12,14 @@ import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.ConcurrentMap;
|
||||
|
||||
public class RedisUserTokenManagerTests {
|
||||
|
||||
static UserTokenManager userTokenManager;
|
||||
static DefaultUserTokenManager userTokenManager;
|
||||
|
||||
static String token = IDGenerator.MD5.generate();
|
||||
|
||||
@@ -31,26 +30,28 @@ public class RedisUserTokenManagerTests {
|
||||
|
||||
try {
|
||||
ConcurrentMap<String, SimpleUserToken> repo = client.getMap("hsweb.user-token", new SerializationCodec());
|
||||
ConcurrentMap<String, List<String>> userRepo = client.getMap("hsweb.user-token-u", new SerializationCodec());
|
||||
ConcurrentMap<String, Set<String>> userRepo = client.getMap("hsweb.user-token-u", new SerializationCodec());
|
||||
|
||||
userTokenManager = new DefaultUserTokenManager(repo, userRepo) {
|
||||
@Override
|
||||
protected List<String> getUserToken(String userId) {
|
||||
userRepo.computeIfAbsent(userId,u->new ArrayList<>());
|
||||
protected Set<String> getUserToken(String userId) {
|
||||
userRepo.computeIfAbsent(userId,u->new HashSet<>());
|
||||
|
||||
return client.getList("hsweb.user-token-"+userId, new SerializationCodec());
|
||||
return client.getSet("hsweb.user-token-"+userId, new SerializationCodec());
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
userTokenManager.setAllopatricLoginMode(AllopatricLoginMode.deny);
|
||||
// userTokenManager=new DefaultUserTokenManager();
|
||||
|
||||
|
||||
userRepo.clear();
|
||||
repo.clear();
|
||||
for (int i = 0; i < 1000; i++) {
|
||||
userTokenManager.signIn(IDGenerator.MD5.generate(), "sessionId", "admin", 60*3600*1000);
|
||||
}
|
||||
userTokenManager.signIn(IDGenerator.MD5.generate(), "sessionId", "admin2", 60*3600*1000);
|
||||
// userRepo.clear();
|
||||
// repo.clear();
|
||||
// for (int i = 0; i < 1000; i++) {
|
||||
// userTokenManager.signIn(IDGenerator.MD5.generate(), "sessionId", "admin", 60*3600*1000);
|
||||
// }
|
||||
// userTokenManager.signIn(IDGenerator.MD5.generate(), "sessionId", "admin2", 60*3600*1000);
|
||||
|
||||
testGet();
|
||||
testGetAll();
|
||||
|
||||
Reference in New Issue
Block a user