diff --git a/http-client.env.json b/http-client.env.json index c18fbb054..10c1fdd4f 100644 --- a/http-client.env.json +++ b/http-client.env.json @@ -1,7 +1,6 @@ { "local": { "baseUrl": "http://127.0.0.1:48080/api", - "userServerUrl": "http://127.0.0.1:28080/api", "token": "test1", "userApi": "http://127.0.0.1:48080/app-api", diff --git a/yudao-admin-server/src/main/java/cn/iocoder/yudao/adminserver/modules/system/dal/mysql/dept/SysDeptMapper.java b/yudao-admin-server/src/main/java/cn/iocoder/yudao/adminserver/modules/system/dal/mysql/dept/SysDeptMapper.java index 84ab4c85d..be3bedeaf 100644 --- a/yudao-admin-server/src/main/java/cn/iocoder/yudao/adminserver/modules/system/dal/mysql/dept/SysDeptMapper.java +++ b/yudao-admin-server/src/main/java/cn/iocoder/yudao/adminserver/modules/system/dal/mysql/dept/SysDeptMapper.java @@ -5,6 +5,7 @@ import cn.iocoder.yudao.framework.mybatis.core.mapper.BaseMapperX; import cn.iocoder.yudao.framework.mybatis.core.query.LambdaQueryWrapperX; import cn.iocoder.yudao.adminserver.modules.system.controller.dept.vo.dept.SysDeptListReqVO; import cn.iocoder.yudao.coreservice.modules.system.dal.dataobject.dept.SysDeptDO; +import com.baomidou.mybatisplus.annotation.InterceptorIgnore; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import org.apache.ibatis.annotations.Mapper; @@ -28,6 +29,7 @@ public interface SysDeptMapper extends BaseMapperX { return selectCount(SysDeptDO::getParentId, parentId); } + @InterceptorIgnore(tenantLine = "on") // 该方法忽略多租户。原因:该方法被异步 task 调用,此时获取不到租户编号 default boolean selectExistsByUpdateTimeAfter(Date maxUpdateTime) { return selectOne(new LambdaQueryWrapper().select(SysDeptDO::getId) .gt(SysDeptDO::getUpdateTime, maxUpdateTime).last(SqlConstants.LIMIT1)) != null; diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java index 276ce1ed5..312f51e04 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/config/YudaoWebSecurityConfigurerAdapter.java @@ -1,5 +1,6 @@ package cn.iocoder.yudao.framework.security.config; +import cn.hutool.core.util.StrUtil; import cn.iocoder.yudao.framework.security.core.authentication.MultiUserDetailsAuthenticationProvider; import cn.iocoder.yudao.framework.security.core.filter.JWTAuthenticationTokenFilter; import cn.iocoder.yudao.framework.security.core.service.SecurityAuthFrameworkService; @@ -21,8 +22,10 @@ import org.springframework.security.web.AuthenticationEntryPoint; import org.springframework.security.web.access.AccessDeniedHandler; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; +import org.springframework.security.web.util.matcher.RequestMatcher; import javax.annotation.Resource; +import javax.servlet.http.HttpServletRequest; /** * 自定义的 Spring Security 配置适配器实现 @@ -106,6 +109,7 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap */ @Override protected void configure(HttpSecurity httpSecurity) throws Exception { + // 登出 httpSecurity // 开启跨域 .cors().and() @@ -117,7 +121,9 @@ public class YudaoWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdap // 一堆自定义的 Spring Security 处理器 .exceptionHandling().authenticationEntryPoint(authenticationEntryPoint) .accessDeniedHandler(accessDeniedHandler).and() - .logout().logoutUrl(buildAdminApi("/logout")).logoutSuccessHandler(logoutSuccessHandler); // 登出 + // 登出地址的配置 + .logout().logoutSuccessHandler(logoutSuccessHandler).logoutRequestMatcher(request -> // 匹配多种用户类型的登出 + StrUtil.equalsAny(request.getRequestURI(), buildAdminApi("/logout"), buildAppApi("/member/logout"))); // 设置每个请求的权限 ①:全局共享规则 httpSecurity.authorizeRequests() diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java index 93f163086..562c6ed9f 100644 --- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java +++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/util/SecurityFrameworkUtils.java @@ -41,6 +41,19 @@ public class SecurityFrameworkUtils { return authorization.substring(index + 7).trim(); } + /** + * 获得当前认证信息 + * + * @return 认证信息 + */ + public static Authentication getAuthentication() { + SecurityContext context = SecurityContextHolder.getContext(); + if (context == null) { + return null; + } + return context.getAuthentication(); + } + /** * 获取当前用户 * @@ -48,11 +61,7 @@ public class SecurityFrameworkUtils { */ @Nullable public static LoginUser getLoginUser() { - SecurityContext context = SecurityContextHolder.getContext(); - if (context == null) { - return null; - } - Authentication authentication = context.getAuthentication(); + Authentication authentication = getAuthentication(); if (authentication == null) { return null; } @@ -88,16 +97,22 @@ public class SecurityFrameworkUtils { * @param request 请求 */ public static void setLoginUser(LoginUser loginUser, HttpServletRequest request) { - // 创建 UsernamePasswordAuthenticationToken 对象 - UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( - loginUser, null, loginUser.getAuthorities()); - authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); - // 设置到上下文 - SecurityContextHolder.getContext().setAuthentication(authenticationToken); + // 创建 Authentication,并设置到上下文 + Authentication authentication = buildAuthentication(loginUser, request); + SecurityContextHolder.getContext().setAuthentication(authentication); + // 额外设置到 request 中,用于 ApiAccessLogFilter 可以获取到用户编号; // 原因是,Spring Security 的 Filter 在 ApiAccessLogFilter 后面,在它记录访问日志时,线上上下文已经没有用户编号等信息 WebFrameworkUtils.setLoginUserId(request, loginUser.getId()); WebFrameworkUtils.setLoginUserType(request, loginUser.getUserType()); } + private static Authentication buildAuthentication(LoginUser loginUser, HttpServletRequest request) { + // 创建 UsernamePasswordAuthenticationToken 对象 + UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( + loginUser, null, loginUser.getAuthorities()); + authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); + return authenticationToken; + } + } diff --git a/yudao-module-bpm/yudao-module-bpm-activiti/src/main/java/cn/iocoder/yudao/adminserver/modules/bpm/framework/activiti/config/BpmActivitiConfiguration.java b/yudao-module-bpm/yudao-module-bpm-activiti/src/main/java/cn/iocoder/yudao/adminserver/modules/bpm/framework/activiti/config/BpmActivitiConfiguration.java index 8e30c22db..2e1da6f4a 100644 --- a/yudao-module-bpm/yudao-module-bpm-activiti/src/main/java/cn/iocoder/yudao/adminserver/modules/bpm/framework/activiti/config/BpmActivitiConfiguration.java +++ b/yudao-module-bpm/yudao-module-bpm-activiti/src/main/java/cn/iocoder/yudao/adminserver/modules/bpm/framework/activiti/config/BpmActivitiConfiguration.java @@ -10,17 +10,11 @@ import cn.iocoder.yudao.coreservice.modules.bpm.api.group.BpmUserGroupServiceApi import cn.iocoder.yudao.coreservice.modules.system.service.dept.SysDeptCoreService; import cn.iocoder.yudao.coreservice.modules.system.service.permission.SysPermissionCoreService; import cn.iocoder.yudao.coreservice.modules.system.service.user.SysUserCoreService; -import cn.iocoder.yudao.adminserver.modules.bpm.service.definition.BpmUserGroupService; -import cn.iocoder.yudao.adminserver.modules.system.service.dept.SysDeptService; -import cn.iocoder.yudao.adminserver.modules.system.service.permission.SysPermissionService; -import cn.iocoder.yudao.adminserver.modules.system.service.user.SysUserService; import org.activiti.api.runtime.shared.identity.UserGroupManager; -import org.activiti.core.common.spring.identity.ActivitiUserGroupManagerImpl; import org.activiti.spring.boot.ProcessEngineConfigurationConfigurer; import org.springframework.context.ApplicationEventPublisher; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; -import org.springframework.security.core.userdetails.UserDetailsService; import java.util.Collections; import java.util.List; diff --git a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.http b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.http index dbe82122a..81f250bd3 100644 --- a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.http +++ b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.http @@ -1,5 +1,5 @@ ### 请求 /login 接口 => 成功 -POST {{userApi}}/login +POST {{userApi}}/member/login Content-Type: application/json tenant-id: {{userTenentId}} @@ -9,8 +9,9 @@ tenant-id: {{userTenentId}} } ### 请求 /send-sms-code 接口 => 成功 -POST {{userServerUrl}}/send-sms-code +POST {{userApi}}/member/send-sms-code Content-Type: application/json +tenant-id: {{userTenentId}} { "mobile": "15601691399", @@ -18,8 +19,9 @@ Content-Type: application/json } ### 请求 /sms-login 接口 => 成功 -POST {{userServerUrl}}/sms-login +POST {{userApi}}/member/sms-login Content-Type: application/json +tenant-id: {{userTenentId}} { "mobile": "15601691301", @@ -27,6 +29,7 @@ Content-Type: application/json } ### 请求 /logout 接口 => 成功 -POST {{userServerUrl}}/logout +POST {{userApi}}/member/logout Content-Type: application/json Authorization: Bearer c1b76bdaf2c146c581caa4d7fd81ee66 +tenant-id: {{userTenentId}} diff --git a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.java b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.java index f52e96d1a..a7c541e1f 100644 --- a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.java +++ b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/auth/AppAuthController.java @@ -5,6 +5,7 @@ import cn.iocoder.yudao.framework.common.enums.UserTypeEnum; import cn.iocoder.yudao.framework.common.pojo.CommonResult; import cn.iocoder.yudao.framework.operatelog.core.annotations.OperateLog; import cn.iocoder.yudao.framework.security.core.annotations.PreAuthenticated; +import cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUtils; import cn.iocoder.yudao.module.member.controller.app.auth.vo.*; import cn.iocoder.yudao.module.member.service.auth.AuthService; import cn.iocoder.yudao.module.member.service.sms.SysSmsCodeService; @@ -13,6 +14,7 @@ import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; +import org.springframework.security.web.authentication.logout.LogoutSuccessHandler; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; @@ -26,7 +28,7 @@ import static cn.iocoder.yudao.framework.security.core.util.SecurityFrameworkUti @Api(tags = "APP 端 - 认证") @RestController -@RequestMapping("/") +@RequestMapping("/member/") @Validated @Slf4j public class AppAuthController { @@ -39,6 +41,9 @@ public class AppAuthController { @Resource private SysSocialCoreService socialService; + @Resource + private LogoutSuccessHandler logoutSuccessHandler; + @PostMapping("/login") @ApiOperation("使用手机 + 密码登录") @OperateLog(enable = false) // 避免 Post 请求被记录操作日志 diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/controller/mp/WxMpController.http b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/weixin/AppWxMpController.http similarity index 100% rename from yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/controller/mp/WxMpController.http rename to yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/weixin/AppWxMpController.http diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/controller/mp/WxMpController.java b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/weixin/AppWxMpController.java similarity index 90% rename from yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/controller/mp/WxMpController.java rename to yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/weixin/AppWxMpController.java index decd907a0..5b33d44e6 100644 --- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/controller/mp/WxMpController.java +++ b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/controller/app/weixin/AppWxMpController.java @@ -1,4 +1,4 @@ -package cn.iocoder.yudao.userserver.modules.weixin.controller.mp; +package cn.iocoder.yudao.module.member.controller.app.weixin; import cn.iocoder.yudao.framework.common.pojo.CommonResult; import io.swagger.annotations.Api; @@ -19,10 +19,10 @@ import static cn.iocoder.yudao.framework.common.pojo.CommonResult.success; @Api(tags = "微信公众号") @RestController -@RequestMapping("/wx/mp") +@RequestMapping("/member/wx-mp") @Validated @Slf4j -public class WxMpController { +public class AppWxMpController { @Resource private WxMpService mpService; diff --git a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/dataobject/user/UserDO.java b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/dataobject/user/UserDO.java index f45168044..adefe1429 100644 --- a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/dataobject/user/UserDO.java +++ b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/dataobject/user/UserDO.java @@ -16,7 +16,7 @@ import java.util.Date; * * @author 芋道源码 */ -@TableName(value = "mbr_user", autoResultMap = true) +@TableName(value = "member_user", autoResultMap = true) @Data @EqualsAndHashCode(callSuper = true) @Builder diff --git a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/package-info.java b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/package-info.java index 5b05c46f1..a45c2a161 100644 --- a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/package-info.java +++ b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/dal/package-info.java @@ -4,6 +4,6 @@ * 2. redis:Redis 的 CRUD 操作 * 3. mysql:MySQL 的 CRUD 操作 * - * 其中,MySQL 的表以 mbr_ 作为前缀 + * 其中,MySQL 的表以 member_ 作为前缀 */ package cn.iocoder.yudao.module.member.dal; diff --git a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/package-info.java b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/package-info.java index dabac6ac3..405aa4cbf 100644 --- a/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/package-info.java +++ b/yudao-module-member/yudao-module-member-impl/src/main/java/cn/iocoder/yudao/module/member/package-info.java @@ -1 +1,8 @@ +/** + * member 模块,我们放会员业务。 + * 例如说:会员中心等等 + * + * 1. Controller URL:以 /member/ 开头,避免和其它 Module 冲突 + * 2. DataObject 表名:以 member_ 开头,方便在数据库中区分 + */ package cn.iocoder.yudao.module.member; diff --git a/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/clean.sql b/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/clean.sql index bedf8d008..9775e2454 100644 --- a/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/clean.sql +++ b/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/clean.sql @@ -1,2 +1,2 @@ -- mbr 开头的 DB -DELETE FROM "mbr_user"; \ No newline at end of file +DELETE FROM "member_user"; diff --git a/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/create_tables.sql b/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/create_tables.sql index c9dfd8c31..98d3d2bc1 100644 --- a/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/create_tables.sql +++ b/yudao-module-member/yudao-module-member-impl/src/test/resources/sql/create_tables.sql @@ -1,5 +1,5 @@ -- mbr 开头的 DB -CREATE TABLE IF NOT EXISTS "mbr_user" ( +CREATE TABLE IF NOT EXISTS "member_user" ( "id" bigint NOT NULL GENERATED BY DEFAULT AS IDENTITY COMMENT '编号', "nickname" varchar(30) NOT NULL DEFAULT '' COMMENT '用户昵称', "avatar" varchar(255) NOT NULL DEFAULT '' COMMENT '头像', diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/UserServerApplication.java b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/UserServerApplication.java deleted file mode 100644 index b0ba53e9b..000000000 --- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/UserServerApplication.java +++ /dev/null @@ -1,14 +0,0 @@ -package cn.iocoder.yudao.userserver; - -import org.springframework.boot.SpringApplication; -import org.springframework.boot.autoconfigure.SpringBootApplication; - -@SuppressWarnings("SpringComponentScan") // 忽略 IDEA 无法识别 ${yudao.info.base-package} 和 ${yudao.core-service.base-package} -@SpringBootApplication(scanBasePackages = {"${yudao.info.base-package}", "${yudao.core-service.base-package}"}) -public class UserServerApplication { - - public static void main(String[] args) { - SpringApplication.run(UserServerApplication.class, args); - } - -} diff --git a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/package-info.java b/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/package-info.java deleted file mode 100644 index 69d3e2221..000000000 --- a/yudao-user-server/src/main/java/cn/iocoder/yudao/userserver/modules/weixin/package-info.java +++ /dev/null @@ -1,7 +0,0 @@ -/** - * weixin 包下,我们放通用业务,支撑上层的核心业务。 - * 例如说:用户、部门、权限、数据字典等等 - * - * 缩写:wx - */ -package cn.iocoder.yudao.userserver.modules.weixin; diff --git a/yudao-user-server/src/main/resources/application.yaml b/yudao-user-server/src/main/resources/application.yaml index 1d789232d..7f1127526 100644 --- a/yudao-user-server/src/main/resources/application.yaml +++ b/yudao-user-server/src/main/resources/application.yaml @@ -37,8 +37,6 @@ mybatis-plus: mapper-locations: classpath*:mapper/*.xml type-aliases-package: ${yudao.info.base-package}.modules.*.dal.dataobject, ${yudao.core-service.base-package}.modules.*.dal.dataobject - - --- #################### 芋道相关配置 #################### yudao: @@ -67,5 +65,4 @@ yudao: - cn.iocoder.yudao.userserver.modules.member.enums.MbrErrorCodeConstants - cn.iocoder.yudao.userserver.modules.system.enums.SysErrorCodeConstants - debug: false diff --git a/更新日志.md b/更新日志.md index 9ac18dd8e..b1f34099e 100644 --- a/更新日志.md +++ b/更新日志.md @@ -23,6 +23,7 @@ ### 🐞 Bug Fixes *【修复】用户无权限访问 指定 API 时,未返回 FORBIDDEN 结果码 +*【修复】定时任务刷新本地缓存时,无租户上线文,导致查询报错 ### 🔨 Dependency Upgrades