From 4c70d9f0656bbec48fa619f2ec9aa0ee12fca2c1 Mon Sep 17 00:00:00 2001
From: wu <731351411@qq.com>
Date: 星期一, 04 十二月 2023 09:04:51 +0800
Subject: [PATCH] Merge branch 'master' of http://10.153.19.25:10101/r/CanadaMes

---
 springboot-vue3/src/main/java/com/example/springboot/security/config/ShiroConfig.java |  185 ++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 185 insertions(+), 0 deletions(-)

diff --git a/springboot-vue3/src/main/java/com/example/springboot/security/config/ShiroConfig.java b/springboot-vue3/src/main/java/com/example/springboot/security/config/ShiroConfig.java
new file mode 100644
index 0000000..52ad80c
--- /dev/null
+++ b/springboot-vue3/src/main/java/com/example/springboot/security/config/ShiroConfig.java
@@ -0,0 +1,185 @@
+package com.example.springboot.security.config;
+ 
+import com.example.springboot.security.JWTRealm;
+import com.example.springboot.security.NoSessionFilter;
+import com.example.springboot.security.StatelessDefaultSubjectFactory;
+import com.example.springboot.security.UserRealm;
+import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
+import org.apache.shiro.codec.Base64;
+import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
+import org.apache.shiro.mgt.DefaultSubjectDAO;
+import org.apache.shiro.spring.LifecycleBeanPostProcessor;
+import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
+import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
+import org.apache.shiro.web.mgt.CookieRememberMeManager;
+import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.apache.shiro.web.servlet.SimpleCookie;
+import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.DependsOn;
+ 
+import javax.servlet.Filter;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.LinkedHashMap;
+import java.util.Map;
+ 
+@Configuration
+public class ShiroConfig {
+ 
+ 
+    /**
+     * Shiro鐢熷懡鍛ㄦ湡澶勭悊鍣�
+     *
+     * @return
+     */
+    @Bean
+    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
+        return new LifecycleBeanPostProcessor();
+    }
+ 
+    /**
+     * 寮�鍚疭hiro鐨勬敞瑙�(濡侤RequiresRoles,@RequiresPermissions),闇�鍊熷姪SpringAOP鎵弿浣跨敤Shiro娉ㄨВ鐨勭被,骞跺湪蹇呰鏃惰繘琛屽畨鍏ㄩ�昏緫楠岃瘉
+     * DefaultAdvisorAutoProxyCreator鐨勯『搴忓繀椤诲湪shiroFilterFactoryBean涔嬪墠锛屼笉鐒禨ecurityUtils.getSubject().getPrincipal()鑾峰彇涓嶅埌鍙傛暟
+     *
+     * @return
+     */
+    @Bean
+    @DependsOn({"lifecycleBeanPostProcessor"})
+    public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
+        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
+        advisorAutoProxyCreator.setProxyTargetClass(true);
+        return advisorAutoProxyCreator;
+    }
+ 
+    @Bean
+    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
+        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
+        authorizationAttributeSourceAdvisor.setSecurityManager(defaultSecurityManager());
+        return authorizationAttributeSourceAdvisor;
+    }
+ 
+    @Bean(name = "shiroFilterFactoryBean")
+    public ShiroFilterFactoryBean shiroFilterFactoryBean() {
+        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
+        shiroFilterFactoryBean.setSecurityManager(defaultSecurityManager());
+ 
+        // 杩囨护瑙勫垯
+        Map<String, String> linkedHashMap = new LinkedHashMap<>();
+        // 鏃犵姸鎬佺櫥褰曟儏鍐典笅鍏抽棴浜唖hiro涓殑session锛屽鑷存墍鏈夐渶瑕佸姞涓奱uthc鎺ュ彛璇锋眰鏃跺�欓兘浼氭姤閿欙紝
+        // 鎵�浠ヤ娇鐢ˊRequiresRoles,@RequiresPermissions娉ㄨВ,aop鏂瑰紡瀹炵幇鎺ュ彛鐨勬潈闄愭牎楠�
+ 
+        /* 娣诲姞shiro鐨勫唴缃繃婊ゅ櫒锛岃嚜瀹氫箟url瑙勫垯
+         * Shiro鑷甫鎷︽埅鍣ㄩ厤缃鍒�
+         * rest锛氭瘮濡�/admins/user/**=rest[user],鏍规嵁璇锋眰鐨勬柟娉曪紝鐩稿綋浜�/admins/user/**=perms[user锛歮ethod] ,鍏朵腑method涓簆ost锛実et锛宒elete绛�
+         * port锛氭瘮濡�/admins/user/**=port[8081],褰撹姹傜殑url鐨勭鍙ｄ笉鏄�8081鏄烦杞埌schemal锛�//serverName锛�8081?queryString,鍏朵腑schmal鏄崗璁甴ttp鎴杊ttps绛夛紝serverName鏄綘璁块棶鐨刪ost,8081鏄痷rl閰嶇疆閲宲ort鐨勭鍙ｏ紝queryString鏄綘璁块棶鐨剈rl閲岀殑锛熷悗闈㈢殑鍙傛暟
+         * perms锛氭瘮濡�/admins/user/**=perms[user锛歛dd锛�*],perms鍙傛暟鍙互鍐欏涓紝澶氫釜鏃跺繀椤诲姞涓婂紩鍙凤紝骞朵笖鍙傛暟涔嬮棿鐢ㄩ�楀彿鍒嗗壊锛屾瘮濡�/admins/user/**=perms["user锛歛dd锛�*,user锛歮odify锛�*"]锛屽綋鏈夊涓弬鏁版椂蹇呴』姣忎釜鍙傛暟閮介�氳繃鎵嶉�氳繃锛屾兂褰撲簬isPermitedAll()鏂规硶
+         * roles锛氭瘮濡�/admins/user/**=roles[admin],鍙傛暟鍙互鍐欏涓紝澶氫釜鏃跺繀椤诲姞涓婂紩鍙凤紝骞朵笖鍙傛暟涔嬮棿鐢ㄩ�楀彿鍒嗗壊锛屽綋鏈夊涓弬鏁版椂锛屾瘮濡�/admins/user/**=roles["admin,guest"],姣忎釜鍙傛暟閫氳繃鎵嶇畻閫氳繃锛岀浉褰撲簬hasAllRoles()鏂规硶銆�//瑕佸疄鐜皁r鐨勬晥鏋滅湅http://zgzty.blog.163.com/blog/static/83831226201302983358670/
+         * anon锛氭瘮濡�/admins/**=anon 娌℃湁鍙傛暟锛岃〃绀哄彲浠ュ尶鍚嶄娇鐢�
+         * authc锛氭瘮濡�/admins/user/**=authc琛ㄧず闇�瑕佽璇佹墠鑳戒娇鐢紝娌℃湁鍙傛暟
+         * authcBasic锛氭瘮濡�/admins/user/**=authcBasic娌℃湁鍙傛暟琛ㄧずhttpBasic璁よ瘉
+         * ssl锛氭瘮濡�/admins/user/**=ssl娌℃湁鍙傛暟锛岃〃绀哄畨鍏ㄧ殑url璇锋眰锛屽崗璁负https
+         * user锛氭瘮濡�/admins/user/**=user娌℃湁鍙傛暟琛ㄧず蹇呴』瀛樺湪鐢ㄦ埛锛屽綋鐧诲叆鎿嶄綔鏃朵笉鍋氭鏌�
+         * 璇︽儏瑙佹枃妗� http://shiro.apache.org/web.html#urls-
+         * */
+        // 鐢ㄦ埛鏉冮檺
+//        linkedHashMap.put("/api/user/selectPage", "perms[user:select]");
+//        linkedHashMap.put("/api/user/selectById", "perms[user:select]");
+//        linkedHashMap.put("/api/user/updateById", "perms[user:update]");
+//        linkedHashMap.put("/api/user/removeByIds", "perms[user:delete]");
+//        // 鍟嗗搧鏉冮檺
+//        linkedHashMap.put("/api/product/deleteBatchIds", "perms[product:delete]");
+//        linkedHashMap.put("/api/product/updateById", "perms[product:update]");
+//        linkedHashMap.put("/api/product/insert", "perms[product:add]");
+//
+//        // 瑙掕壊鏉冮檺
+//        linkedHashMap.put("/api/role/saveOrUpdate", "perms[role:add,role:update]");
+//        linkedHashMap.put("/api/role/removeByIds", "perms[role:delete]");
+//        linkedHashMap.put("/api/role/getById", "perms[role:select]");
+//        linkedHashMap.put("/api/role/selectPage", "perms[role:select]");
+//
+//        // 鑿滃崟鏉冮檺
+//        linkedHashMap.put("/api/menuList/removeByIds", "perms[menuList:delete]");
+//        linkedHashMap.put("/api/menuList/saveOrUpdate", "perms[menuList:add,menuList:update]");
+//
+//        // 璁㈠崟鏉冮檺
+//        linkedHashMap.put("/api/order/deleteBatchIds", "perms[order:delete]");
+//        linkedHashMap.put("/api/order/updateById", "perms[order:update]");
+//
+//        // 鎺堟潈鐨勬潈闄�
+//        linkedHashMap.put("/api/rolePermission/saveOrUpdate", "perms[rolePermission:add]");
+//        linkedHashMap.put("/api/rolePermission/removeByIds", "perms[rolePermission:delete]");
+ 
+        // 鑷畾涔夎繃婊ゅ櫒
+        HashMap<String, Filter> filterHashMap = new HashMap<>();
+        filterHashMap.put("jwt", new NoSessionFilter());
+        shiroFilterFactoryBean.setFilters(filterHashMap);
+        // 鐧诲綍涔嬪悗鎵嶅彲浠ヨ姹傜殑鎺ュ彛
+        linkedHashMap.put("/api/**", "jwt");
+        shiroFilterFactoryBean.setFilterChainDefinitionMap(linkedHashMap);
+        return shiroFilterFactoryBean;
+    }
+ 
+    @Bean
+    public DefaultWebSecurityManager defaultSecurityManager() {
+        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
+        defaultWebSecurityManager.setRealms(Arrays.asList(userRealm(), jwtRealm()));
+        // 绂佺敤shiro涓殑session
+        DefaultSubjectDAO defaultSubjectDAO = new DefaultSubjectDAO();
+        DefaultSessionStorageEvaluator defaultSessionStorageEvaluator = new DefaultSessionStorageEvaluator();
+        defaultSessionStorageEvaluator.setSessionStorageEnabled(false);
+        defaultSubjectDAO.setSessionStorageEvaluator(defaultSessionStorageEvaluator);
+        defaultWebSecurityManager.setSubjectDAO(defaultSubjectDAO);
+        defaultWebSecurityManager.setSubjectFactory(subjectFactory());
+        return defaultWebSecurityManager;
+    }
+ 
+    /**
+     * 鐧诲綍鐨勮璇佸拰鎺堟潈
+     *
+     * @return
+     */
+    @Bean
+    public UserRealm userRealm() {
+        UserRealm userRealm = new UserRealm();
+        userRealm.setCredentialsMatcher(hashedCredentialsMatcher());
+        return userRealm;
+    }
+ 
+    /**
+     * token鐨勮璇佸拰鎺堟潈
+     *
+     * @return
+     */
+    @Bean
+    public JWTRealm jwtRealm() {
+        return new JWTRealm();
+    }
+ 
+    @Bean
+    public StatelessDefaultSubjectFactory subjectFactory() {
+        return new StatelessDefaultSubjectFactory();
+    }
+ 
+    /*
+     * 鍑瘉鍖归厤鍣� 鐢变簬鎴戜滑鐨勫瘑鐮佹牎楠屼氦缁橲hiro鐨凷impleAuthenticationInfo杩涜澶勭悊浜�
+     */
+    @Bean
+    public HashedCredentialsMatcher hashedCredentialsMatcher() {
+        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
+        hashedCredentialsMatcher.setHashAlgorithmName("MD5");// 鏁ｅ垪绠楁硶:杩欓噷浣跨敤MD5绠楁硶;
+        hashedCredentialsMatcher.setHashIterations(1024);// 鏁ｅ垪鐨勬鏁帮紝姣斿鏁ｅ垪涓ゆ锛岀浉褰撲簬MD5(MD5(""));
+        return hashedCredentialsMatcher;
+    }
+ 
+    @Bean
+    public CookieRememberMeManager cookieRememberMeManager() {
+        CookieRememberMeManager cookieRememberMeManager = new CookieRememberMeManager();
+        SimpleCookie simpleCookie = new SimpleCookie("rememberMe");
+        simpleCookie.setMaxAge(259200000);
+        cookieRememberMeManager.setCookie(simpleCookie);
+        cookieRememberMeManager.setCipherKey(Base64.decode("6ZmI6I2j5Y+R5aSn5ZOlAA=="));
+        return cookieRememberMeManager;
+    }
+}
\ No newline at end of file

--
Gitblit v1.8.0