package com.lxzn.auth.security;
|
|
import com.lxzn.framework.domain.ucenter.Menu;
|
import com.lxzn.framework.domain.ucenter.ext.UserExt;
|
import com.lxzn.ucenter.service.IUserService;
|
import org.apache.commons.lang3.StringUtils;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.authority.AuthorityUtils;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.userdetails.User;
|
import org.springframework.security.core.userdetails.UserDetails;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.security.oauth2.provider.ClientDetails;
|
import org.springframework.security.oauth2.provider.ClientDetailsService;
|
import org.springframework.stereotype.Service;
|
|
import java.util.ArrayList;
|
import java.util.List;
|
|
@Service
|
public class UserDetailsServiceImpl implements UserDetailsService {
|
|
@Autowired
|
private IUserService userService;
|
|
@Autowired
|
private ClientDetailsService clientDetailsService;
|
|
@Value("${auth.clientId}")
|
private String clientId;
|
|
@Override
|
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
if (StringUtils.isEmpty(username)) {
|
return null;
|
}
|
//取出身份,如果身份为空说明没有认证
|
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
//没有认证统一采用httpbasic认证,httpbasic中存储了client_id和client_secret,开始认证client_id和client_secret
|
if(authentication==null || username.equals(clientId)){
|
//return new User(username, BCryptUtil.encode(clientSecret),AuthorityUtils.commaSeparatedStringToAuthorityList(""));
|
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(username);
|
if(clientDetails != null){
|
//密码
|
String clientSecret = clientDetails.getClientSecret();
|
return new User(username,clientSecret,AuthorityUtils.commaSeparatedStringToAuthorityList(""));
|
}
|
}
|
|
//远程调用用户中心根据账号查询用户信息
|
UserExt userExt = userService.findUserExtByUsername(username);
|
if(userExt == null) {
|
return null;
|
}
|
//如果没有任何菜单权限则不允许登陆系统
|
if(userExt.getPermissions() == null || userExt.getPermissions().isEmpty())
|
return null;
|
//userExt.setPermissions(new ArrayList<Menu>());//权限暂时用静态的
|
|
//取出正确密码(hash值)
|
String password = userExt.getPassword();
|
//用户权限,这里暂时使用静态数据,最终会从数据库读取
|
//从数据库获取权限 TODO jwt中的权限设计暂未确定
|
List<Menu> permissions = userExt.getPermissions();
|
List<String> userPermission = new ArrayList<>();
|
List<String> userMenus = new ArrayList<>();
|
//permissions.forEach(item-> userPermission.add(item.getPermCode()));
|
permissions.forEach(item-> userMenus.add(item.getMenuUrl()));
|
String user_permission_string = StringUtils.join(userPermission.toArray(), ",");
|
UserJwt userDetails = new UserJwt(username,
|
password,
|
AuthorityUtils.commaSeparatedStringToAuthorityList(user_permission_string));
|
userDetails.setUserId(userExt.getUserId());
|
userDetails.setUserType(userExt.getUserType());//用户类型
|
userDetails.setUserPic(userExt.getUserPic());//用户头像
|
userDetails.setNickname(userExt.getNickname());
|
userDetails.setMenus(userMenus);
|
return userDetails;
|
}
|
}
|
