Merge remote-tracking branch 'origin/master'

lishuai

2023-12-26 70577a6d6cf2bded29e71dcad11a0c2605193d20

 server/dmvisit_admin/src/main/java/com/doumee/config/shiro/ShiroConfig.java

@@ -4,14 +4,19 @@
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.util.ThreadContext;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.serializer.StringRedisSerializer;

import javax.servlet.Filter;
import java.io.Serializable;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;
@@ -39,6 +44,20 @@
    @Autowired
    private ShiroRealm shiroRealm;

    @Bean("sessionRedisTemplate")
    public RedisTemplate<Object, Serializable> sessionRedisTemplate(RedisConnectionFactory redisConnectionFactory) {
        RedisTemplate<Object, Serializable> redisTemplate = new RedisTemplate<>();
        redisTemplate.setConnectionFactory(redisConnectionFactory);
        // 默认序列化方式
        redisTemplate.setDefaultSerializer(new StringRedisSerializer());
        // 值序列化方式
        ShiroSessionSerializer serializer = new ShiroSessionSerializer();
        redisTemplate.setValueSerializer(serializer);
        redisTemplate.setHashValueSerializer(serializer);
        redisTemplate.afterPropertiesSet();
        return redisTemplate;
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator autoProxyCreator = new DefaultAdvisorAutoProxyCreator();
@@ -50,12 +69,16 @@
    public SessionManager sessionManager() {
        ShiroSessionManager sessionManager = new ShiroSessionManager();
        sessionManager.setSessionDAO(shiroSessionDAO);
        sessionManager.setGlobalSessionTimeout(sessionExpireTime*1000);
        // 删除失效的session
        sessionManager.setDeleteInvalidSessions(true);
        return sessionManager;
    }

    @Bean
    public SecurityManager securityManager() {
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        ThreadContext.bind(securityManager);//加上这句代码手动绑定
        securityManager.setRealm(shiroRealm);
        securityManager.setSessionManager(this.sessionManager());
        securityManager.setCacheManager(shiroCacheManager);
@@ -66,20 +89,33 @@
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        Map<String, String> map = new HashMap<>();
        Map<String, String> map = new LinkedHashMap<>();
        // 路径拦截配置
        map.put("/system/login", "anon");
        map.put("/system/syncLingCountData", "anon");
        map.put("/system/wxLogin", "anon");
        map.put("/system/wxProgramLogin", "anon");
        map.put("/system/wxAccountLogin", "anon");
        map.put("/system/initCompany", "anon");
        map.put("/system/logout", "anon");
        map.put("/common/captcha", "anon");
        //文件上传取消拦截
        map.put("/public/**", "anon");

        map.put("/statistics/**", "anon");
        map.put("/business/hksync/push/**", "anon");
        map.put("/dingding/push", "anon");
//        map.put("/ext/workorderExt/freshStatistics", "anon");
        map.put("/dingding/jsapiTicket", "anon");
        map.put("/dingding/ddLogin", "anon");
        map.put("/dingding/getDingdingCorpId", "anon");
        map.put("/lingyang/login", "anon");
        map.put("/lingyang/loginDemo", "anon");
        map.put("/lingyang/importBatch", "anon");
        map.put("/edgp/**", "anon");
        // - 放行swagger
        map.put("/doc.html", "anon");
        map.put("/webjars/**", "anon");
        map.put("/template/**", "anon");
        map.put("/swagger-resources/**", "anon");
        map.put("/v2/api-docs/**", "anon");
        map.put("/wgListener/**", "anon");
        // - 其他接口统一拦截
        map.put("/**", "authc");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);