Merge pull request #7 from TGclub/jc

Jc

pom.xml

@@ -22,6 +22,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <java.version>1.8</java.version>
+        <jjwt.version>0.9.0</jjwt.version>
     </properties>
 
     <dependencies>
@@ -30,6 +31,19 @@
             <artifactId>spring-boot-starter-data-jpa</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-redis</artifactId>
+            <version>2.0.6.RELEASE</version>
+        </dependency>
+
+
+        <dependency>
+            <groupId>io.jsonwebtoken</groupId>
+            <artifactId>jjwt</artifactId>
+            <version>${jjwt.version}</version>
+        </dependency>
+
         <dependency>
             <groupId>org.projectlombok</groupId>
             <artifactId>lombok</artifactId>
@@ -79,11 +93,6 @@
         </dependency>
 
         <!--JWT-->
-        <dependency>
-            <groupId>com.auth0</groupId>
-            <artifactId>java-jwt</artifactId>
-            <version>3.0.1</version>
-        </dependency>
 
         <dependency>
             <groupId>org.slf4j</groupId>
@@ -97,6 +106,11 @@
             <artifactId>druid-spring-boot-starter</artifactId>
             <version>1.1.9</version>
         </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
     </dependencies>
 
     <build>

src/main/java/com/wizzstudio/substitute/config/RedisConfig.java

@@ -1,11 +1,16 @@
 package com.wizzstudio.substitute.config;
 
 
+import org.springframework.cache.CacheManager;
 import org.springframework.cache.annotation.CachingConfigurerSupport;
 import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.data.redis.cache.RedisCacheManager;
+import org.springframework.data.redis.core.RedisTemplate;
 
 @Configuration
 @EnableCaching
 public class RedisConfig extends CachingConfigurerSupport {
+
 }

src/main/java/com/wizzstudio/substitute/config/SecurityConfig.java

@@ -0,0 +1,64 @@
+package com.wizzstudio.substitute.config;
+
+
+import com.wizzstudio.substitute.security.service.CustomUserDetailService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+
+@Configuration
+@EnableWebSecurity
+@EnableGlobalMethodSecurity(securedEnabled = true)
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+    @Autowired
+    private CustomUserDetailService userDetailsService;
+
+
+    @Bean
+    @Override
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.userDetailsService(userDetailsService);
+
+    }
+
+
+    @Bean
+    public DaoAuthenticationProvider authenticationProvider() {
+        DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();
+        authenticationProvider.setUserDetailsService(userDetailsService);
+
+        return authenticationProvider;
+    }
+
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+
+        http.csrf().disable()
+                .exceptionHandling()
+                .and()
+                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.ALWAYS).and()
+                .authorizeRequests();
+        http.authorizeRequests()
+                .antMatchers( "**/login", "**/test")
+                .permitAll();
+    }
+
+
+}

src/main/java/com/wizzstudio/substitute/constants/Constants.java

@@ -12,4 +12,8 @@ public class Constants {
     public static final String QUERY_FAILED = "请求失败";
     public static final String TOKEN = "token";
     public static final String INVALID_MESSAGE = "信息有误";
+
+    public static final Integer TOKEN_EXPIRED = 7200;
+
+    public static final Integer REMEMEMBER_ME = 864000;
 }

src/main/java/com/wizzstudio/substitute/dao/IndentDao.java

@@ -1,9 +1,18 @@
 package com.wizzstudio.substitute.dao;
 
 import com.wizzstudio.substitute.pojo.Indent;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
 
+import java.util.List;
+
 @Repository
 public interface IndentDao extends JpaRepository<Indent, Integer> {
+
+    Indent findByIndentId(Integer indentId);
+    List<Indent> findByPerformerId(String userId);
+    List<Indent> findByPublisherId(String userId);
+
 }

src/main/java/com/wizzstudio/substitute/dao/UserDao.java

@@ -13,7 +13,7 @@ public interface UserDao extends JpaRepository<User, String> {
     User findByOpenid(String id);
     User findUserById(String id);
 
-    @Query (value = "select user from  User user where user.masterId like :masterId")
+    @Query (value = "select user from  User user where user.masterId = :masterId")
     List<User> findByMasterId(@Param("masterId") String masterId);
 
 

src/main/java/com/wizzstudio/substitute/security/CustomUserDetail.java

@@ -0,0 +1,91 @@
+package com.wizzstudio.substitute.security;
+
+import com.wizzstudio.substitute.enums.Role;
+import com.wizzstudio.substitute.pojo.User;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+public class CustomUserDetail implements UserDetails {
+
+    private String userId;
+
+    private Long phone;
+
+    private String openId;
+
+    private Collection<? extends GrantedAuthority> authorities;
+
+    public CustomUserDetail() {
+    }
+
+    public CustomUserDetail(String userId, Long phone, String openId, Collection<? extends GrantedAuthority> authorities) {
+        this.userId = userId;
+        this.phone = phone;
+        this.openId = openId;
+        this.authorities = authorities;
+    }
+
+    @Override
+    public Collection<? extends GrantedAuthority> getAuthorities() {
+        return authorities;
+    }
+
+    @Override
+    public String getPassword() {
+        return openId;
+    }
+
+    @Override
+    public String getUsername() {
+        return userId;
+    }
+
+    @Override
+    public boolean isAccountNonExpired() {
+        return false;
+    }
+
+    @Override
+    public boolean isAccountNonLocked() {
+        return true;
+    }
+
+    @Override
+    public boolean isCredentialsNonExpired() {
+        return true;
+    }
+
+    @Override
+    public boolean isEnabled() {
+        return true;
+    }
+
+    public static CustomUserDetail create(User user) {
+        return new CustomUserDetail(
+                user.getId(),
+                user.getPhone(),
+                user.getOpenid(),
+                mapTpGrantedAuthority(user)
+        );
+    }
+
+    private static List<GrantedAuthority> mapTpGrantedAuthority(User user) {
+        List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
+        switch (user.getRole()) {
+            case ROLE_ADMIN_2:
+                grantedAuthorities.add(new SimpleGrantedAuthority(String.valueOf(Role.ROLE_ADMIN_2)));
+            case ROLE_ADMIN_1:
+                grantedAuthorities.add(new SimpleGrantedAuthority(String.valueOf(Role.ROLE_ADMIN_1)));
+            case ROLE_USER:
+                grantedAuthorities.add(new SimpleGrantedAuthority(String.valueOf(Role.ROLE_USER)));
+            default:
+                break;
+        }
+        return grantedAuthorities;
+    }
+}

src/main/java/com/wizzstudio/substitute/security/service/CustomUserDetailService.java

@@ -0,0 +1,42 @@
+package com.wizzstudio.substitute.security.service;
+
+import com.wizzstudio.substitute.constants.Constants;
+import com.wizzstudio.substitute.pojo.User;
+import com.wizzstudio.substitute.security.CustomUserDetail;
+import com.wizzstudio.substitute.service.UserService;
+import com.wizzstudio.substitute.util.RedisUtil;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+import java.util.stream.Collectors;
+
+@Service
+@Slf4j
+public class CustomUserDetailService implements UserDetailsService {
+
+    @Autowired
+    private RedisUtil redisUtil;
+    @Autowired
+    private UserService service;
+
+    @Override
+    @SuppressWarnings("ConstantConditions")
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+        Cookie[] cookies = request.getCookies();
+        Cookie cookie = Arrays.stream(cookies).filter(c -> c.getName().equals(Constants.TOKEN)).collect(Collectors.toList()).get(0);
+        String userId = redisUtil.getCachedUserId(cookie.getValue());
+        User user = service.findUserById(userId);
+        return CustomUserDetail.create(user);
+
+    }
+}

src/main/java/com/wizzstudio/substitute/service/IndentService.java

@@ -1,11 +1,45 @@
 package com.wizzstudio.substitute.service;
 
 import com.wizzstudio.substitute.pojo.Indent;
+import org.springframework.data.domain.Page;
+
+import java.util.List;
 
 public interface IndentService {
     /**
      * 创建新的订单
      * @param indent
      */
     void publishedNewIndent(Indent indent);
+
+    /**
+     * 获取用户已发布的订单
+     * @param userId
+     * @return
+     */
+    List<Indent> getUserPublishedIndent(String userId);
+
+    /**
+     * 获取用户接受的订单
+     * @param userId
+     * @return
+     */
+    List<Indent> getUserPerformedIndent(String userId);
+
+    /**
+     * 获取指定订单信息
+     * @param indentId
+     * @return
+     */
+    Indent getSpecificIndentInfo(Integer indentId);
+
+    void addIndentPrice(Integer indentId);
+
+    /**
+     *
+     * @param type 排序类型
+     * @param shippingAddress 送达地址
+     * @return
+     */
+    Page<Indent> getIndentInFuzzyMatching(Integer type, String shippingAddress, Integer start);
 }