眼度-新项目
parent: a6afa789 | 补丁 | 提交 | ignore whitespace
无关风月
2025-01-06 01788ea18a48b738df0807f656a4007a5f16a13a 
Merge branch 'master' of http://120.76.84.145:10101/gitblit/r/java/eyes
5个文件已删除
3个文件已修改
1个文件已添加
349 ■■■■ 已修改文件
common/src/main/java/com/jilongda/common/config/CorsConfig.java 95 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
common/src/main/java/com/jilongda/common/security/ExceptionHandleFilter.java 41 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
common/src/main/java/com/jilongda/common/security/filter/CorsFilter.java 61 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
common/src/main/java/com/jilongda/common/security/filter/XssAndSqlHttpServletRequestWrapper.java 42 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
common/src/main/java/com/jilongda/common/security/filter/XssFilter.java 58 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
common/src/main/java/com/jilongda/common/security/filter/XssStringJsonSerializer.java 28 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
manage/src/main/java/com/jilongda/manage/ManageApplication.java 2 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
manage/src/main/java/com/jilongda/manage/config/WebSecurityConfig.java 14 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
manage/src/main/resources/application.yml 8 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 common/src/main/java/com/jilongda/common/config/CorsConfig.java


File was deleted




 common/src/main/java/com/jilongda/common/security/ExceptionHandleFilter.java


New file


@@ -0,0 +1,41 @@


package com.jilongda.common.security;




import com.jilongda.common.basic.ApiResult;


import com.jilongda.common.exception.ServiceException;


import com.jilongda.common.exception.TokenException;


import com.jilongda.common.utils.ResponseUtils;


import lombok.extern.slf4j.Slf4j;


import org.springframework.web.filter.OncePerRequestFilter;




import javax.servlet.FilterChain;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;




/**


 * @author liheng


 * @ClassName ExceptionHandleFilter


 * @Description 最外层filter处理验证token、登录认证和授权过滤器中抛出的所有异常


 * @date 2020-08-24 9:31


 */


@Slf4j


public class ExceptionHandleFilter extends OncePerRequestFilter {


    @Override


    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) {


        // 全局异常无法捕捉过滤器异常,需在此处做处理


        try {


            filterChain.doFilter(httpServletRequest, httpServletResponse);


        } catch (Exception e) {


            // 如果是业务异常,需返回状态码


            if (e instanceof ServiceException) {


                ServiceException e1 = (ServiceException) e;


                ResponseUtils.renderJson(httpServletResponse, ApiResult.failed(e1.getCode(), e.getMessage()));


            } else if (e instanceof TokenException) {


                TokenException e1 = (TokenException) e;


                ResponseUtils.renderJson(httpServletResponse, ApiResult.failed(e1.getCode(), e.getMessage()));


            } else {


                ResponseUtils.renderJson(httpServletResponse, ApiResult.failed(e.getMessage()));


            }


            return;


        }


    }


}




 common/src/main/java/com/jilongda/common/security/filter/CorsFilter.java


File was deleted




 common/src/main/java/com/jilongda/common/security/filter/XssAndSqlHttpServletRequestWrapper.java


File was deleted




 common/src/main/java/com/jilongda/common/security/filter/XssFilter.java


File was deleted




 common/src/main/java/com/jilongda/common/security/filter/XssStringJsonSerializer.java


File was deleted




 manage/src/main/java/com/jilongda/manage/ManageApplication.java


@@ -11,6 +11,7 @@


import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


import org.springframework.security.crypto.password.PasswordEncoder;


import org.springframework.transaction.annotation.EnableTransactionManagement;


import org.springframework.web.bind.annotation.CrossOrigin;


import org.springframework.web.servlet.config.annotation.EnableWebMvc;




import java.net.InetAddress;


@@ -26,6 +27,7 @@


@MapperScan({"com.jilongda.manage.mapper", "com.jilongda.manage.authority.mapper"})


@EnableTransactionManagement


@SpringBootApplication


@CrossOrigin


public class ManageApplication {




    public static void main(String[] args) throws UnknownHostException {




 manage/src/main/java/com/jilongda/manage/config/WebSecurityConfig.java


@@ -1,5 +1,6 @@


package com.jilongda.manage.config;




import com.jilongda.common.security.ExceptionHandleFilter;


import com.jilongda.manage.security.SecurityAccessDeniedHandler;


import com.jilongda.manage.security.SysUserDetailsService;


import com.jilongda.common.basic.Constant;


@@ -22,6 +23,7 @@


import org.springframework.security.config.http.SessionCreationPolicy;


import org.springframework.security.crypto.password.PasswordEncoder;


import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;


import org.springframework.security.web.csrf.CookieCsrfTokenRepository;




/**


 * 细粒度的访问控制


@@ -59,8 +61,8 @@


     */


    @Bean


    public SecurityUtils securityUtils() {


//        return new SecurityUtils(accessTokenCache,refreshTokenCache);


        return new SecurityUtils();


        return new SecurityUtils(accessTokenCache,refreshTokenCache);


//        return new SecurityUtils();


    }






@@ -107,14 +109,14 @@


                .logout().disable()


                .csrf().disable()


                // 放在 Cookie 中返回前端,防止跨域伪造


                //.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()


//                .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()).and()


                //.and()


                .authorizeRequests()


                // 跨域预检请求


//                .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()


                .antMatchers(HttpMethod.OPTIONS, "/**").permitAll()


                // 登录URL permitAll() 无需保护 ---> 此种方式配置忽略认证规则会走Spring Security 过滤器链,在过滤器链中,给请求放行


                // 不需要保护的请求,但需要经过过滤连


                .antMatchers(HttpMethod.POST, "/**").permitAll()


//                .antMatchers(HttpMethod.POST, "/**").permitAll()


                // 其他都需要权限认证


                .anyRequest()


                .authenticated()


@@ -135,6 +137,8 @@


        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);


        // 访问控制时登录状态检查过滤器


        http.addFilterBefore(new AuthenticationFilter(securityUtils()), UsernamePasswordAuthenticationFilter.class);


        // 异常捕捉过滤器,必须在AuthenticationFilter之前才能捕捉到异常信息


        http.addFilterBefore(new ExceptionHandleFilter(), AuthenticationFilter.class);


        //禁用缓存


        http.headers().cacheControl();


    }




 manage/src/main/resources/application.yml


@@ -13,8 +13,8 @@


      max-request-size: 500MB


      resolve-lazily: true #设置为懒加载,不然依然会捕获不到异常


  profiles:


#    active: dev


    active: prod


    active: dev


#    active: prod


  main:


    allow-bean-definition-overriding: true


  #sagger文档属性配置


@@ -89,8 +89,8 @@


  # 数据源


  datasource:


    username: root #测试环境


    password: YanDu@2025!


    url: jdbc:mysql://127.0.0.1:3306/eyes?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai


    password: 123456


    url: jdbc:mysql://192.168.110.34:3306/eyes?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai


    type: com.zaxxer.hikari.HikariDataSource


    driver-class-name: com.mysql.cj.jdbc.Driver


    hikari: