今日目标:
1.JSON登录
2.给微信小程序登录升个小级
JSON登录其实很简单,我们并没有改变security表单登录的本质,在上一章我们写了一个FormLoginFilter,这是基于表单登录的, 但是不觉得这么一个小程序登录, 浪费了这么好的一个类??
那我们就拿它来做JSON登录和微信小程序好的多了
开始整他。
我们重写一个拦截类,JsonLoginFilter.java
在这个类中,我们截取请求的JSON数据,把JSON数据放到对应表单流中
package com.alumni_circle.core.filter;
import com.alumni_circle.core.utils.GetOpen;
import com.alumni_circle.mapper.security.UserSecurityMapper;
import com.fasterxml.jackson.databind.ObjectMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.io.InputStream;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
/**
* @author 龙小虬
* @since 2020-08-02 12:08
*
* Json表单形式登录
*/
public class JsonLoginFilter implements Filter {
@Autowired
UserSecurityMapper userSecurityMapper;
/**
* 需要过滤的地址
*/
private static List<String> urlList = Arrays.asList("/login");
private static String WeChat = "WeChat";
/**
* 是否不需要过滤
*
* @param requestUrl
* 请求的url
* @return
*/
private boolean isPast(String requestUrl) {
for (String url : urlList) {
if (requestUrl.equals(url)) {
return true;
}
}
return false;
}
@Override
public void init(FilterConfig filterConfig) {
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
String url = (request).getRequestURI().substring((request).getContextPath().length());
if(isPast(url)){
if(request.getContentType().equals(MediaType.APPLICATION_JSON_VALUE)){
ObjectMapper objectMapper = new ObjectMapper();
try(InputStream is = request.getInputStream()) {
Map map = objectMapper.readValue(is,Map.class);
System.out.println(map.get("username"));
System.out.println(map.get("password"));
MyHttpServletRequestWrapper requestWrapper = new MyHttpServletRequestWrapper(request);
String username = map.get("username").toString();
String password = map.get("password").toString();
//把密码设置为WeChat,那我们在后面传输数据时,就不需要再次向FormLoginFilter一样,查询两次数据库
if(WeChat.equals(password)){
if(username.contains(WeChat)){
//账号结构 WeChat+" "+code
String openid = GetOpen.sendGet(username.substring(7));
//post通过code请求openid 请求失败时会返回errcode
if(!"errcode".equals(openid)){
//改变标识符"{"+WeChat+"} "
requestWrapper.setParameter("username","{"+WeChat+"} "+openid);
requestWrapper.setParameter("password",password);
}
}
}else {
requestWrapper.setParameter("username", username);
requestWrapper.setParameter("password", password);
}
chain.doFilter(requestWrapper, servletResponse);
}catch (IOException e){
chain.doFilter(servletRequest, servletResponse);
}
}
}
}
@Override
public void destroy() {
}
}
因为微信小程序的登录升了个小级,所以UserSecurityServiceImpl中的loadUserByUsername方法内的数据判断需要进行修改
package com.alumni_circle.service.security.impl;
import cn.hutool.core.util.StrUtil;
import com.alumni_circle.entity.security.UserSecurity;
import com.alumni_circle.mapper.security.UserSecurityMapper;
import com.alumni_circle.service.security.IUserSecurityService;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
/**
* @author 龙小虬
* @since 2020-07-29 13:42
*/
@Service
public class UserSecurityServiceImpl implements IUserSecurityService {
@Autowired
UserSecurityMapper userSecurityMapper;
@Override
public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException {
QueryWrapper<UserSecurity> queryWrapper = new QueryWrapper<>();
boolean flag = true;
if("{WeChat} ".equals(name.substring(0,9))){
queryWrapper.eq("openid",name);
}else {
queryWrapper.eq("username",name);
flag = false;
}
UserSecurity userSecurity = userSecurityMapper.selectOne(queryWrapper);
List<SimpleGrantedAuthority> authorities = new ArrayList<>();
System.out.println(userSecurity.getAuthority());
System.out.println(userSecurity);
System.out.println(authorities);
//权限不能为空
if(!StrUtil.hasEmpty(userSecurity.getAuthority())){
//账号密码登录
if (flag) {
return new User(userSecurity.getUsername(), userSecurity.getPassword(), AuthorityUtils.commaSeparatedStringToAuthorityList(userSecurity.getAuthority()));
}else {
//微信授权登录
return new User("{WeChat} "+userSecurity.getUsername(), "WeChat", AuthorityUtils.commaSeparatedStringToAuthorityList(userSecurity.getAuthority()));
}
}
System.out.println(name);
return null;
}
}
好了,现在两个目标都已经完成了。
有问题,找博主。愿意探讨所有问题