| New file |
| | |
|---|
| | | package com.panzhihua.auth.handel; |
|---|
| | | |
|---|
| | | import com.panzhihua.common.model.vos.LoginUserInfoVO; |
|---|
| | | import com.panzhihua.common.model.vos.R; |
|---|
| | | import com.panzhihua.common.service.user.UserService; |
|---|
| | | import org.springframework.security.authentication.AuthenticationProvider; |
|---|
| | | import org.springframework.security.authentication.BadCredentialsException; |
|---|
| | | import org.springframework.security.authentication.LockedException; |
|---|
| | | import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; |
|---|
| | | import org.springframework.security.core.Authentication; |
|---|
| | | import org.springframework.security.core.AuthenticationException; |
|---|
| | | import org.springframework.security.core.GrantedAuthority; |
|---|
| | | import org.springframework.security.core.authority.SimpleGrantedAuthority; |
|---|
| | | import org.springframework.security.core.userdetails.UsernameNotFoundException; |
|---|
| | | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; |
|---|
| | | import org.springframework.stereotype.Component; |
|---|
| | | import org.springframework.util.ObjectUtils; |
|---|
| | | |
|---|
| | | import javax.annotation.Resource; |
|---|
| | | import java.util.ArrayList; |
|---|
| | | import java.util.List; |
|---|
| | | import java.util.Set; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * @program: springcloud_k8s_panzhihuazhihuishequ |
|---|
| | | * @description: 登录认证 |
|---|
| | | * @author: huang.hongfa weixin hhf9596 qq 959656820 |
|---|
| | | * @create: 2020-11-24 16:14 |
|---|
| | | **/ |
|---|
| | | @Component |
|---|
| | | public class UserAuthenticationProvider implements AuthenticationProvider { |
|---|
| | | @Resource |
|---|
| | | private UserService userService; |
|---|
| | | @Override |
|---|
| | | public Authentication authenticate(Authentication authentication) throws AuthenticationException { |
|---|
| | | // 获取表单输入中返回的用户名 |
|---|
| | | String userName = (String) authentication.getPrincipal(); |
|---|
| | | // 获取表单中输入的密码 |
|---|
| | | String password = (String) authentication.getCredentials(); |
|---|
| | | // 查询用户是否存在 |
|---|
| | | R<LoginUserInfoVO> r = userService.getUserInfo(userName); |
|---|
| | | if (r.getCode()!=200) { |
|---|
| | | throw new UsernameNotFoundException("该账号不存在"); |
|---|
| | | } |
|---|
| | | LoginUserInfoVO loginUserInfoVO = r.getData(); |
|---|
| | | List<GrantedAuthority> grantedAuthorityList=new ArrayList<>(); |
|---|
| | | Set<String> roles = loginUserInfoVO.getRoles(); |
|---|
| | | if (!ObjectUtils.isEmpty(roles)) { |
|---|
| | | roles.forEach(s -> { |
|---|
| | | grantedAuthorityList.add(new SimpleGrantedAuthority(s)); |
|---|
| | | }); |
|---|
| | | } |
|---|
| | | if (ObjectUtils.isEmpty(loginUserInfoVO.getAccount())) { |
|---|
| | | throw new UsernameNotFoundException("该账号不存在"); |
|---|
| | | } |
|---|
| | | // 我们还要判断密码是否正确,这里我们的密码使用BCryptPasswordEncoder进行加密的 |
|---|
| | | if (!new BCryptPasswordEncoder().matches(password, loginUserInfoVO.getPassword())) { |
|---|
| | | throw new BadCredentialsException("密码不正确"); |
|---|
| | | } |
|---|
| | | // 还可以加一些其他信息的判断,比如用户账号已停用等判断 |
|---|
| | | if (loginUserInfoVO.getStatus().intValue()==2) { |
|---|
| | | throw new LockedException("该用户已被禁用"); |
|---|
| | | } |
|---|
| | | // 维护最后登录时间 |
|---|
| | | userService.putUserLastLoginTime(loginUserInfoVO.getUserId()); |
|---|
| | | return new UsernamePasswordAuthenticationToken(loginUserInfoVO, password, grantedAuthorityList); |
|---|
| | | } |
|---|
| | | |
|---|
| | | @Override |
|---|
| | | public boolean supports(Class<?> aClass) { |
|---|
| | | return true; |
|---|
| | | } |
|---|
| | | } |
|---|
