更新GAEA到版本1.5.0: token 认证方式

2022-09-14 09:41:49 +08:00
parent 6f520513a2
commit 947853479b
8 changed files with 38 additions and 24 deletions
--- a/build.gradle
+++ b/build.gradle
@@ -20,7 +20,7 @@ subprojects {
    ext {
        version '0.9.0'
-        gaea_version = '1.4.0'
+        gaea_version = '1.5.0'
        spring_version = "2.7.0"
    }
--- a/src/zeus.app/build.gradle
+++ b/src/zeus.app/build.gradle
@@ -14,7 +14,7 @@ dependencies {
    api project(":src:zeus.domain")
    api project(":src:zeus.query")
    api project(":src:zeus.repository")
-    api "com.synebula:gaea.app:$gaea_version"
+    api("com.synebula:gaea.app:$gaea_version")
    api "com.synebula:gaea.spring:$gaea_version"
    api "com.synebula:gaea.mongodb:$gaea_version"
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/config/ZeusBeans.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/config/ZeusBeans.kt
@@ -1,7 +1,7 @@
 package com.synebula.zeus.app.config
 import com.google.gson.Gson
-import com.synebula.gaea.app.component.security.WebSecurity
+import com.synebula.gaea.data.message.HttpMessageFactory
 import com.synebula.gaea.data.serialization.json.IJsonSerializer
 import com.synebula.gaea.domain.repository.IRepositoryFactory
 import com.synebula.gaea.mongodb.query.MongodbQueryFactory
@@ -9,17 +9,12 @@ import com.synebula.gaea.mongodb.repository.MongodbRepositoryFactory
 import com.synebula.gaea.query.IQueryFactory
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.ComponentScan
 import org.springframework.context.annotation.ComponentScan.Filter
 import org.springframework.context.annotation.Configuration
 import org.springframework.context.annotation.FilterType
 import org.springframework.data.mongodb.core.MongoTemplate
@Configuration
-@ComponentScan(
+@ComponentScan(basePackages = ["com.synebula.gaea.app.component"])
    basePackages = ["com.synebula.gaea.app.component"],
    excludeFilters = [Filter(type = FilterType.ASSIGNABLE_TYPE, classes = [WebSecurity::class])]
 )
 class ZeusBeans {
    @Bean
@@ -43,4 +38,9 @@ class ZeusBeans {
            }
        }
    }
    @Bean
    fun httpMessageFactory(serializer: IJsonSerializer): HttpMessageFactory {
        return HttpMessageFactory(serializer)
    }
 }
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/SignInOutApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/SignInOutApp.kt
@@ -1,8 +1,10 @@
 package com.synebula.zeus.app.controller
 import com.synebula.gaea.app.IApplication
-import com.synebula.gaea.app.component.security.TokenManager
+import com.synebula.gaea.app.component.security.session.UserSession
 import com.synebula.gaea.app.component.security.session.UserSessionManager
 import com.synebula.gaea.data.message.HttpMessage
 import com.synebula.gaea.data.message.HttpMessageFactory
 import com.synebula.gaea.data.message.Status
 import com.synebula.gaea.data.serialization.json.IJsonSerializer
 import com.synebula.gaea.log.ILogger
@@ -11,10 +13,8 @@ import com.synebula.zeus.domain.service.cmd.rbac.UserCmd
 import com.synebula.zeus.domain.service.contr.rbac.IUserService
 import com.synebula.zeus.query.contr.IUserQuery
 import org.springframework.beans.factory.annotation.Autowired
-import org.springframework.web.bind.annotation.PostMapping
+import org.springframework.security.core.context.SecurityContextHolder
-import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.*
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RestController
@RestController
@RequestMapping("/sign")
@@ -27,11 +27,14 @@ class SignInOutApp(override var logger: ILogger) : IApplication {
    lateinit var userService: IUserService
    @Autowired
-    lateinit var tokenHelper: TokenManager
+    lateinit var userSessionManager: UserSessionManager
    @Autowired
    lateinit var serializer: IJsonSerializer
    @Autowired
    override lateinit var httpMessageFactory: HttpMessageFactory
    override var name: String = "用户登录管理"
    @Method("用户登录")
@@ -42,7 +45,7 @@ class SignInOutApp(override var logger: ILogger) : IApplication {
            if (message.data != null) {
                val user = message.data
                user!!.remember = remember ?: false
-                val token = tokenHelper.sign(message.data!!)
+                val token = userSessionManager.signIn(user.uid, user)
                it.data = token
            } else {
                it.load(message)
@@ -50,10 +53,19 @@ class SignInOutApp(override var logger: ILogger) : IApplication {
        }
    }
    @Method("登录用户信息")
    @GetMapping("/user")
    fun signUser(): HttpMessage {
        val userSession = SecurityContextHolder.getContext().authentication.principal as UserSession
        return httpMessageFactory.create(userSession.user)
    }
    @Method("用户登出")
    @PostMapping("/out")
-    fun signOut(user: String): HttpMessage {
+    fun signOut(token: String): HttpMessage {
-        return HttpMessage(user)
+        userSessionManager.signOut(token)
        return this.httpMessageFactory.create(token)
    }
    @Method("用户注册")
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/AuthorityApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/AuthorityApp.kt
@@ -25,7 +25,7 @@ class AuthorityApp(
    @PostMapping("/batch")
    fun add(@RequestBody cmd: AuthorityBatchAddCmd): HttpMessage {
        this.authorityService.add(cmd)
-        return HttpMessage()
+        return this.httpMessageFactory.create()
    }
    @Method("根据资源和角色删除权限")
@@ -36,6 +36,6 @@ class AuthorityApp(
        @RequestBody resource: List<String>
    ): HttpMessage {
        this.authorityService.removeByResourceRole(type, resource, role)
-        return HttpMessage()
+        return this.httpMessageFactory.create()
    }
 }
--- a/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt
+++ b/src/zeus.app/src/main/kotlin/com/synebula/zeus/app/controller/rbac/resource/PageApp.kt
@@ -28,7 +28,7 @@ class PageApp(
    @Method("获取角色系统下有权页面")
    @GetMapping("/in-system/{system}/authorized/{role}")
    fun authorized(@PathVariable system: String, @PathVariable role: String): HttpMessage {
-        val msg = HttpMessage()
+        val msg = this.httpMessageFactory.create()
        msg.data = this.pageQuery.authorized(role, system)
        return msg
    }
--- a/src/zeus.app/src/main/resources/application.yml
+++ b/src/zeus.app/src/main/resources/application.yml
@@ -4,6 +4,8 @@ server:
 spring:
  application:
    name: gaea.app
  sign-in-url: /sign/in
  allow-multi-sign: false
  data:
    mongodb:
      uri: mongodb://127.0.0.1/zeus
--- a/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/impl/rbac/UserService.kt
+++ b/src/zeus.domain/src/main/kotlin/com/synebula/zeus/domain/service/impl/rbac/UserService.kt
@@ -1,6 +1,6 @@
 package com.synebula.zeus.domain.service.impl.rbac
-import com.synebula.gaea.bus.Subscribe
+import com.synebula.gaea.bus.DomainSubscribe
 import com.synebula.gaea.data.message.DataMessage
 import com.synebula.gaea.data.message.Status
 import com.synebula.gaea.data.serialization.IObjectMapper
@@ -25,13 +25,13 @@ class UserService(
    var logger: ILogger
 ) : Service<User, String>(User::class.java, factory.createRepository(User::class.java), mapper), IUserService {
-    @Subscribe(["groupBeforeRemoveEvent"])
+    @DomainSubscribe(domainClass = Role::class, messageClass = BeforeRemoveEvent::class)
    fun beforeRoleRemove(event: BeforeRemoveEvent<Role, String>) {
        if (this.repository.count(mapOf(Pair("role", event.id!!))) > 0)
            throw NoticeUserException("角色下还有用户")
    }
-    @Subscribe(["groupBeforeRemoveEvent"])
+    @DomainSubscribe(BeforeRemoveEvent::class, Group::class)
    fun beforeGroupRemove(event: BeforeRemoveEvent<Group, String>) {
        if (this.repository.count(mapOf(Pair("group", event.id!!))) > 0)
            throw NoticeUserException("用户组下还有用户")