Browse Source

flowable

tags/24080901
PoffyZhang 1 year ago
parent
commit
35b9f65a1b
11 changed files with 51 additions and 30 deletions
  1. +6
    -6
      pmapi/pom.xml
  2. +2
    -0
      pmapi/src/main/java/com/ningdatech/pmapi/App.java
  3. +18
    -0
      pmapi/src/main/java/com/ningdatech/pmapi/common/constant/CommonConstant.java
  4. +2
    -1
      pmapi/src/main/java/com/ningdatech/pmapi/common/handler/GlobalResponseHandler.java
  5. +1
    -1
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/AuthProperties.java
  6. +1
    -1
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/AuthenticationBeanConfig.java
  7. +15
    -14
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/WebSecurityConfig.java
  8. +1
    -1
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/config/RedisSessionConfig.java
  9. +1
    -1
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthSecurityConfig.java
  10. +4
    -0
      pmapi/src/main/resources/security/auth-dev.yml
  11. +0
    -5
      pom.xml

+ 6
- 6
pmapi/pom.xml View File

@@ -14,11 +14,6 @@
</properties> </properties>


<dependencies> <dependencies>
<!--Spring boot 安全框架-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency> <dependency>
<groupId>com.google.guava</groupId> <groupId>com.google.guava</groupId>
<artifactId>guava</artifactId> <artifactId>guava</artifactId>
@@ -163,7 +158,7 @@
<dependency> <dependency>
<groupId>org.springframework.boot</groupId> <groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId> <artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<!-- <scope>test</scope>-->
</dependency> </dependency>
<dependency> <dependency>
<groupId>org.mapstruct</groupId> <groupId>org.mapstruct</groupId>
@@ -192,6 +187,10 @@
<groupId>org.slf4j</groupId> <groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId> <artifactId>slf4j-log4j12</artifactId>
</exclusion> </exclusion>
<!-- <exclusion>-->
<!-- <groupId>org.springframework.boot</groupId>-->
<!-- <artifactId>spring-boot-starter-security</artifactId>-->
<!-- </exclusion>-->
</exclusions> </exclusions>
</dependency> </dependency>
<dependency> <dependency>
@@ -207,6 +206,7 @@
<dependency> <dependency>
<groupId>com.ningdatech</groupId> <groupId>com.ningdatech</groupId>
<artifactId>nd-flowable-starter</artifactId> <artifactId>nd-flowable-starter</artifactId>
<scope>true</scope>
</dependency> </dependency>


<dependency> <dependency>


+ 2
- 0
pmapi/src/main/java/com/ningdatech/pmapi/App.java View File

@@ -4,6 +4,7 @@ import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication; import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.scheduling.annotation.EnableAsync;
import org.springframework.scheduling.annotation.EnableScheduling; import org.springframework.scheduling.annotation.EnableScheduling;
import org.springframework.transaction.annotation.EnableTransactionManagement; import org.springframework.transaction.annotation.EnableTransactionManagement;


@@ -11,6 +12,7 @@ import org.springframework.transaction.annotation.EnableTransactionManagement;
* @author liuxinxin * @author liuxinxin
*/ */
@SpringBootApplication @SpringBootApplication
@EnableAsync
@MapperScan(App.MAPPER_PACKAGES) @MapperScan(App.MAPPER_PACKAGES)
@EnableScheduling @EnableScheduling
@EnableTransactionManagement @EnableTransactionManagement


+ 18
- 0
pmapi/src/main/java/com/ningdatech/pmapi/common/constant/CommonConstant.java View File

@@ -0,0 +1,18 @@
package com.ningdatech.pmapi.common.constant;

/**
* @description: 常量
* @author: LiuXinXin
* @date: 2022/5/5 17:31
*/
public class CommonConstant {

public static final String COOKIE_KEY = "ND_JSESSION";

public static final Integer EXPORT_PAGE_NUMBER= 1;

public static final Integer EXPORT_PAGE_SIZE= 100000;
public static final String CALL_STATUS = "status";
public static final String CALL_STATUS_OK_VALUE = "ok";

}

+ 2
- 1
pmapi/src/main/java/com/ningdatech/pmapi/common/handler/GlobalResponseHandler.java View File

@@ -38,7 +38,8 @@ public class GlobalResponseHandler implements ResponseBodyAdvice<Object> {
if (o instanceof String) { if (o instanceof String) {
return JSONUtil.toJsonStr(apiResponse); return JSONUtil.toJsonStr(apiResponse);
} }
return ApiResponse.ofSuccess(o);
// return ApiResponse.ofSuccess(o);
return o;
} }


private Boolean filter(MethodParameter methodParameter) { private Boolean filter(MethodParameter methodParameter) {


pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/config/AuthProperties.java → pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/AuthProperties.java View File

@@ -1,4 +1,4 @@
package com.ningdatech.pmapi.user.security.auth.config;
package com.ningdatech.pmapi.user.security.auth;


import cn.hutool.core.collection.CollectionUtil; import cn.hutool.core.collection.CollectionUtil;
import com.ningdatech.basic.factory.PropertySourceFactory; import com.ningdatech.basic.factory.PropertySourceFactory;

pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/config/AuthenticationBeanConfig.java → pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/AuthenticationBeanConfig.java View File

@@ -1,4 +1,4 @@
package com.ningdatech.pmapi.user.security.auth.config;
package com.ningdatech.pmapi.user.security.auth;


import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.Configuration;

+ 15
- 14
pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/WebSecurityConfig.java View File

@@ -3,7 +3,7 @@ package com.ningdatech.pmapi.user.security.auth;
import com.ningdatech.basic.util.NdJsonUtil; import com.ningdatech.basic.util.NdJsonUtil;
import com.ningdatech.basic.util.StrPool; import com.ningdatech.basic.util.StrPool;
import com.ningdatech.pmapi.common.constant.BizConst; import com.ningdatech.pmapi.common.constant.BizConst;
import com.ningdatech.pmapi.user.security.auth.config.AuthProperties;
import com.ningdatech.pmapi.common.constant.CommonConstant;
import com.ningdatech.pmapi.user.security.auth.handler.DefaultExpiredSessionStrategy; import com.ningdatech.pmapi.user.security.auth.handler.DefaultExpiredSessionStrategy;
import com.ningdatech.pmapi.user.security.auth.password.UsernamePasswordAuthSecurityConfig; import com.ningdatech.pmapi.user.security.auth.password.UsernamePasswordAuthSecurityConfig;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
@@ -46,30 +46,30 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
assemblerPreAuthUrls(http); assemblerPreAuthUrls(http);
http.formLogin() http.formLogin()
.and()
.exceptionHandling()
.authenticationEntryPoint(authenticationEntryPoint())
.loginPage(authProperties.getAuthRequireUrl())
.and().apply(usernamePasswordAuthSecurityConfig) .and().apply(usernamePasswordAuthSecurityConfig)
.and() .and()
.authorizeRequests()
.antMatchers(authProperties.getIgnoreAuthUrlsArray()).permitAll()
.anyRequest()
.authenticated()
.and()
.authorizeRequests().antMatchers(authProperties.getIgnoreAuthUrlsArray()).permitAll().anyRequest()
.authenticated().and()
// 防止固定会话攻击,Spring security的默认配置就是如此: // 防止固定会话攻击,Spring security的默认配置就是如此:
// 登陆成功之后会创建一个新的会话,然后将旧的session信息复制到新的session中(客户端的sessionId变了) // 登陆成功之后会创建一个新的会话,然后将旧的session信息复制到新的session中(客户端的sessionId变了)
.sessionManagement().invalidSessionUrl(authProperties.getInvalidSessionUrl()).sessionFixation() .sessionManagement().invalidSessionUrl(authProperties.getInvalidSessionUrl()).sessionFixation()
.migrateSession() .migrateSession()
// .invalidSessionStrategy(defaultInvalidSessionStrategy) // .invalidSessionStrategy(defaultInvalidSessionStrategy)
.maximumSessions(10).maxSessionsPreventsLogin(true).expiredSessionStrategy(defaultExpiredSessionStrategy)
.and().and().logout().logoutUrl(authProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler)
.deleteCookies(BizConst.COOKIE_KEY)
.maximumSessions(10)
.maxSessionsPreventsLogin(true)
.expiredSessionStrategy(defaultExpiredSessionStrategy)
.and().and()
.logout().logoutUrl(authProperties.getLogoutUrl()).logoutSuccessHandler(logoutSuccessHandler)
.deleteCookies(CommonConstant.COOKIE_KEY)
// .and()
// .cors().configurationSource(corsConfigurationSource())
.and() .and()
// .csrf().disable();
// 开启csrf验证,需要前端同步传入token // 开启csrf验证,需要前端同步传入token
.csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse()) .csrf().csrfTokenRepository(CookieCsrfTokenRepository.withHttpOnlyFalse())
.ignoringAntMatchers(authProperties.getIgnoreCsrfUrlsArray()); .ignoringAntMatchers(authProperties.getIgnoreCsrfUrlsArray());


// http.anonymous().authenticationFilter(availableUserAuthenticationFilter);
} }


private AuthenticationEntryPoint authenticationEntryPoint() { private AuthenticationEntryPoint authenticationEntryPoint() {
@@ -94,4 +94,5 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
} }
} }



} }

+ 1
- 1
pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/config/RedisSessionConfig.java View File

@@ -1,4 +1,4 @@
//package com.ningdatech.pmapi.user.security.auth.config;
package com.ningdatech.pmapi.user.security.auth.config;//package com.ningdatech.pmapi.user.security.auth.config;
// //
//import com.ningdatech.basic.util.StrPool; //import com.ningdatech.basic.util.StrPool;
//import org.springframework.beans.factory.annotation.Value; //import org.springframework.beans.factory.annotation.Value;


+ 1
- 1
pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/password/UsernamePasswordAuthSecurityConfig.java View File

@@ -1,6 +1,6 @@
package com.ningdatech.pmapi.user.security.auth.password; package com.ningdatech.pmapi.user.security.auth.password;


import com.ningdatech.pmapi.user.security.auth.config.AuthProperties;
import com.ningdatech.pmapi.user.security.auth.AuthProperties;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationManager;


+ 4
- 0
pmapi/src/main/resources/security/auth-dev.yml View File

@@ -19,6 +19,8 @@ security:
- /ok.html - /ok.html
- /open/api/** - /open/api/**
- /oa/** - /oa/**
- /wflow/**
- /sys/**
ignore-csrf-urls: ignore-csrf-urls:
- /api/v1/user/auth/** - /api/v1/user/auth/**
- /v2/api-docs - /v2/api-docs
@@ -33,6 +35,8 @@ security:
- /optLog/** - /optLog/**
- /dict/** - /dict/**
- /oa/** - /oa/**
- /wflow/**
- /sys/**
role-map: role-map:
"engineer": "engineer":
"project_manager": "project_manager":


+ 0
- 5
pom.xml View File

@@ -106,11 +106,6 @@
<artifactId>flowable-spring-boot-starter-actuator</artifactId> <artifactId>flowable-spring-boot-starter-actuator</artifactId>
<version>6.7.2</version> <version>6.7.2</version>
</dependency> </dependency>
<dependency>
<groupId>cn.dev33</groupId>
<artifactId>sa-token-spring-boot-starter</artifactId>
<version>1.30.0</version>
</dependency>
<!--KingBase--> <!--KingBase-->
<dependency> <dependency>
<groupId>com.kingbase8</groupId> <groupId>com.kingbase8</groupId>


Loading…
Cancel
Save