增加登录成功监听事件

1 year ago · 56bb9d821c
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/AuthorizationEventListener.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/controller/AuthorizationEventListener.java
@@ -0,0 +1,67 @@
 package com.ningdatech.pmapi.user.controller;

 import com.ningdatech.log.model.OptLogDTO;
 import com.ningdatech.log.model.enumeration.LogType;
 import com.ningdatech.log.service.OptLogService;
 import com.ningdatech.log.util.AddressUtil;
 import com.ningdatech.pmapi.user.security.auth.model.UserInfoDetails;
 import com.ningdatech.pmapi.user.security.auth.model.WebRequestDetails;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.event.EventListener;
 import org.springframework.scheduling.annotation.Async;
 import org.springframework.security.authentication.event.AbstractAuthenticationEvent;
 import org.springframework.security.authentication.event.AuthenticationSuccessEvent;
 import org.springframework.security.authentication.event.LogoutSuccessEvent;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;

 import java.time.LocalDateTime;

 /**
 * <p>
 * AuthorizationEventListener
 * </p>
 *
 * @author WendyYang
 * @since 2023/6/7
 **/
@Component
@RequiredArgsConstructor
 public class AuthorizationEventListener {

    private final OptLogService optLogService;

    @Async
    @EventListener(AuthenticationSuccessEvent.class)
    public void loginSuccessListener(AuthenticationSuccessEvent event) {
        optLogService.save(buildOptLog("用户登录", event));
    }

    @Async
    @EventListener(LogoutSuccessEvent.class)
    public void logoutSuccessListener(LogoutSuccessEvent event) {
        optLogService.save(buildOptLog("退出登录", event));
    }

    private OptLogDTO buildOptLog(String description, AbstractAuthenticationEvent event) {
        Authentication authentication = event.getAuthentication();
        UserInfoDetails userDetails = (UserInfoDetails) authentication.getPrincipal();
        WebRequestDetails webDetails = (WebRequestDetails) authentication.getDetails();
        OptLogDTO log = new OptLogDTO();
        log.setActionMethod(webDetails.getServletPath());
        log.setDescription(description);
        log.setStartTime(LocalDateTime.now());
        log.setFinishTime(log.getStartTime());
        log.setCreateOn(log.getStartTime());
        log.setHttpMethod(webDetails.getMethod());
        log.setUserName(userDetails.getUsername());
        log.setCreateBy(userDetails.getUserId());
        log.setRequestIp(webDetails.getRequestIp());
        log.setRequestUri(webDetails.getRequestUri());
        log.setRegionByIp(AddressUtil.getRegion(log.getRequestIp()));
        log.setUa(webDetails.getUserAgent());
        log.setType(LogType.OPT.name());
        return log;
    }

 }
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/agent/AgentAuthFilter.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/agent/AgentAuthFilter.java
@@ -1,6 +1,7 @@
 package com.ningdatech.pmapi.user.security.auth.agent;

 import com.ningdatech.basic.exception.BizException;
 import com.ningdatech.pmapi.user.security.auth.model.WebRequestDetails;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationServiceException;
@@ -49,8 +50,7 @@ public class AgentAuthFilter extends AbstractAuthenticationProcessingFilter {
        userId = trim(userId);
        try {
            AgentAuthToken authRequest = new AgentAuthToken(userId, userId);
            // Allow subclasses to set the "details" property
            setDetails(request, authRequest);
            authRequest.setDetails(new WebRequestDetails(request));
            return this.getAuthenticationManager().authenticate(authRequest);
        } catch (AuthenticationException e) {
            throw new BadCredentialsException("用户id 不能为空");
@@ -61,10 +61,6 @@ public class AgentAuthFilter extends AbstractAuthenticationProcessingFilter {
        }
    }

    protected void setDetails(HttpServletRequest request, AgentAuthToken authRequest) {
        authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
    }

    private String trim(String trimStr) {
        if (StringUtils.isNotBlank(trimStr)) {
            return trimStr.trim();
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/common/CommonAuthFilter.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/common/CommonAuthFilter.java
@@ -1,6 +1,7 @@
 package com.ningdatech.pmapi.user.security.auth.common;

 import com.ningdatech.basic.exception.BizException;
 import com.ningdatech.pmapi.user.security.auth.model.WebRequestDetails;
 import com.ningdatech.pmapi.user.security.auth.validate.CommonLoginException;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
@@ -55,8 +56,8 @@ public class CommonAuthFilter extends AbstractAuthenticationProcessingFilter {
        platform = trim(platform);
        credential = trim(credential);
        try {
            CommonAuthToken authRequest = new CommonAuthToken(platform,credential);
            setDetails(request, authRequest);
            CommonAuthToken authRequest = new CommonAuthToken(platform, credential);
            authRequest.setDetails(new WebRequestDetails(request));
            return this.getAuthenticationManager().authenticate(authRequest);
        } catch (AuthenticationException e) {
            throw new BadCredentialsException("用户状态");
@@ -67,10 +68,6 @@ public class CommonAuthFilter extends AbstractAuthenticationProcessingFilter {
        }
    }

    protected void setDetails(HttpServletRequest request, CommonAuthToken authRequest) {
        authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
    }

    private String trim(String trimStr) {
        if (StringUtils.isNotBlank(trimStr)) {
            return trimStr.trim();
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthFilter.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthFilter.java
@@ -2,6 +2,7 @@ package com.ningdatech.pmapi.user.security.auth.credential;

 import com.ningdatech.basic.exception.BizException;
 import com.ningdatech.pmapi.user.constant.LoginTypeEnum;
 import com.ningdatech.pmapi.user.security.auth.model.WebRequestDetails;
 import com.ningdatech.pmapi.user.security.auth.validate.CommonLoginException;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.http.HttpMethod;
@@ -59,17 +60,14 @@ public class CredentialAuthFilter extends AbstractAuthenticationProcessingFilter
        loginType = trim(loginType);
        try {
            CredentialAuthToken authRequest = new CredentialAuthToken(identifier, credential, loginType);
            // Allow subclasses to set the "details" property
            setDetails(request, authRequest);
            authRequest.setDetails(new WebRequestDetails(request));
            return this.getAuthenticationManager().authenticate(authRequest);
        } catch (CommonLoginException e) {
            throw new CommonLoginException(e.getMessage());
        } catch (BadCredentialsException e) {
        } catch (BadCredentialsException | BizException e) {
            throw new BadCredentialsException(e.getMessage());
        } catch (AuthenticationException e) {
            throw new BadCredentialsException("账号或密码错误");
        } catch (BizException e) {
            throw new BadCredentialsException(e.getMessage());
        } catch (Exception e) {
            throw new InternalAuthenticationServiceException("授权失败：", e);
        }
--- a/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/WebRequestDetails.java
+++ b/pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/model/WebRequestDetails.java
@@ -0,0 +1,73 @@
 package com.ningdatech.pmapi.user.security.auth.model;

 import cn.hutool.core.util.StrUtil;
 import cn.hutool.extra.servlet.ServletUtil;
 import org.springframework.security.web.authentication.WebAuthenticationDetails;

 import javax.servlet.http.HttpServletRequest;

 /**
 * <p>
 * WebRequestDetails
 * </p>
 *
 * @author WendyYang
 * @since 2023/6/7
 **/
 public class WebRequestDetails extends WebAuthenticationDetails {

    private static final long serialVersionUID = -4466339683132696235L;

    private final String requestIp;

    private final String requestUri;

    private final String method;

    private final String servletPath;

    private final String requestUrl;

    private final String userAgent;

    /**
     * Records the remote address and will also set the session Id if a session already
     * exists (it won't create one).
     *
     * @param request that the authentication request was received from
     */
    public WebRequestDetails(HttpServletRequest request) {
        super(request);
        this.requestUri = request.getRequestURI();
        this.method = request.getMethod();
        this.servletPath = request.getServletPath();
        this.requestUrl = request.getRequestURL().toString();
        this.requestIp = ServletUtil.getClientIP(request);
        this.userAgent = StrUtil.sub(request.getHeader("user-agent"), 0, 500);
    }

    public String getRequestIp() {
        return requestIp;
    }

    public String getRequestUri() {
        return requestUri;
    }

    public String getMethod() {
        return method;
    }

    public String getServletPath() {
        return servletPath;
    }

    public String getRequestUrl() {
        return requestUrl;
    }

    public String getUserAgent() {
        return userAgent;
    }

 }