From: Tang Cheng <cheng.tang@supwisdom.com>
Date: Mon, 22 Apr 2019 09:40:02 +0000 (+0800)
Subject: webapp 登录方式改为 userdetailsservice
X-Git-Tag: 1.0.0^2~263
X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=21c4af280ead2d7f950a09a7bce0947ce92e75ce;p=epayment%2Ffood_payapi.git

webapp 登录方式改为 userdetailsservice
---

diff --git a/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt b/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
index 4df76c68..2c62d599 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/framework/controller/security_controller.kt
@@ -10,6 +10,7 @@ import com.supwisdom.dlpay.framework.domain.ApiClientRedis
 import com.supwisdom.dlpay.framework.domain.TOperator
 import com.supwisdom.dlpay.framework.redisrepo.ApiClientRepository
 import com.supwisdom.dlpay.framework.security.OperUtil
+import com.supwisdom.dlpay.framework.service.OperatorDetailService
 import com.supwisdom.dlpay.framework.service.SystemUtilService
 import com.supwisdom.dlpay.framework.util.HmacUtil
 import com.supwisdom.dlpay.system.service.CommonService
@@ -17,7 +18,9 @@ import com.supwisdom.dlpay.system.service.FunctionService
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.http.HttpStatus
 import org.springframework.http.ResponseEntity
+import org.springframework.security.core.annotation.AuthenticationPrincipal
 import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.security.core.userdetails.UserDetails
 import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
 import org.springframework.social.connect.web.HttpSessionSessionStrategy
 import org.springframework.stereotype.Controller
@@ -147,11 +150,11 @@ class WebHomeController {
     }
 
     @GetMapping("/index")
-    fun homeView(model: Model): String {
-        model.addAttribute("loginOper", TOperator("111","å¼åæµè¯"))
-        val funclist = functionService.getFunctionsByOperid("111")
+    fun homeView(@AuthenticationPrincipal operUser: UserDetails, model: Model): String {
+        model.addAttribute("loginOper", operUser as TOperator)
+        val funclist = functionService.getFunctionsByOperid(operUser.operid)
         model.addAttribute("menus", functionService.getMenuTree(funclist, "-1"))
-        model.addAttribute("payapiVersion",commonService.getSystemVersion())
+        model.addAttribute("payapiVersion", commonService.getSystemVersion())
         return "index"
     }
 }
diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index 7347908d..124eb954 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -5,6 +5,7 @@ import com.supwisdom.dlpay.framework.core.JwtTokenUtil
 import com.supwisdom.dlpay.framework.dao.OperRoleDao
 import com.supwisdom.dlpay.framework.dao.OperatorDao
 import com.supwisdom.dlpay.framework.security.ValidateCodeSecurityConfig
+import com.supwisdom.dlpay.framework.service.OperatorDetailService
 import com.supwisdom.dlpay.framework.util.StringUtil
 import org.jose4j.jwt.consumer.InvalidJwtException
 import org.springframework.beans.factory.annotation.Autowired
@@ -16,7 +17,9 @@ import org.springframework.security.authentication.AuthenticationCredentialsNotF
 import org.springframework.security.authentication.AuthenticationProvider
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
 import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider
 import org.springframework.security.authentication.jaas.AuthorityGranter
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
@@ -60,50 +63,9 @@ class ApiJwtAuthenticationFilter(jwt: JwtTokenUtil) : OncePerRequestFilter() {
     }
 }
 
-@Component
-class OperatorAuthenticationProvider : AuthenticationProvider {
-    @Autowired
-    lateinit var operatorDao: OperatorDao
-
-    @Autowired
-    lateinit var operRoleDao: OperRoleDao
-
-    override fun authenticate(authentication: Authentication?): Authentication {
-        return authentication?.let {
-            val oper = operatorDao.findByOpercode(it.name)
-                    ?: throw AuthenticationCredentialsNotFoundException("æä½åä¸å­å¨æå¯ç éè¯¯")
-            if (BCryptPasswordEncoder().matches(it.credentials.toString(), oper.password)) {
-                val roles = operRoleDao.getRolecodeByOperid(oper.operid)
-                if (roles.size > 0) {
-                    oper.authorities = roles.mapNotNull { role ->
-                        role?.let {
-                            SimpleGrantedAuthority(role)
-                        }
-                    }
-                } else {
-                    oper.authorities = listOf()
-                }
-                return UsernamePasswordAuthenticationToken(authentication.name, authentication.credentials,
-                        oper.authorities)
-            } else {
-                throw AuthenticationCredentialsNotFoundException("æä½åä¸å­å¨æå¯ç éè¯¯")
-            }
-        } ?: throw AuthenticationCredentialsNotFoundException("æä½åä¸å­å¨æå¯ç éè¯¯")
-    }
-
-    override fun supports(authentication: Class<*>?): Boolean {
-        return authentication?.equals(UsernamePasswordAuthenticationToken::class.java)
-                ?: false
-    }
-}
-
 @EnableWebSecurity
 class WebSecurityConfig {
 
-    @Bean
-    fun passwordEncoder(): BCryptPasswordEncoder {
-        return BCryptPasswordEncoder()
-    }
 
     companion object {
         @Configuration
@@ -148,6 +110,26 @@ class WebSecurityConfig {
             lateinit var authenticationSuccessHandler: AuthenticationSuccessHandler
 
 
+            @Autowired
+            lateinit var userDetailsService: OperatorDetailService
+
+            override fun configure(auth: AuthenticationManagerBuilder) {
+                auth.authenticationProvider(authenticationProvider())
+            }
+
+            @Bean
+            fun authenticationProvider(): DaoAuthenticationProvider {
+                val authProvider = DaoAuthenticationProvider()
+                authProvider.setUserDetailsService(userDetailsService)
+                authProvider.setPasswordEncoder(passwordEncoder())
+                return authProvider
+            }
+
+            @Bean
+            fun passwordEncoder(): BCryptPasswordEncoder {
+                return BCryptPasswordEncoder()
+            }
+
             @Bean
             fun jdbcTokenImplement(): JdbcTokenRepositoryImpl {
                 return JdbcTokenRepositoryImpl().also {