From d8a687741273d121586b83745280c57f7e9d3297 Mon Sep 17 00:00:00 2001
From: XiaoRuby <3114200645@qq.com>
Date: 星期一, 07 八月 2023 17:51:28 +0800
Subject: [PATCH] Merge branch 'master' of https://gitee.com/yuanchu_code/lims-management-system

---
 user-server/src/main/java/com/yuanchu/limslaboratory/shiro/config/ShiroConfig.java |  179 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 179 insertions(+), 0 deletions(-)

diff --git a/user-server/src/main/java/com/yuanchu/limslaboratory/shiro/config/ShiroConfig.java b/user-server/src/main/java/com/yuanchu/limslaboratory/shiro/config/ShiroConfig.java
new file mode 100644
index 0000000..3109653
--- /dev/null
+++ b/user-server/src/main/java/com/yuanchu/limslaboratory/shiro/config/ShiroConfig.java
@@ -0,0 +1,179 @@
+package com.yuanchu.limslaboratory.shiro.config;
+
+import com.yuanchu.limslaboratory.shiro.filter.JwtFilter;
+import com.yuanchu.limslaboratory.shiro.MultiRealmAuthenticator;
+import com.yuanchu.limslaboratory.shiro.realm.JwtRealm;
+import com.yuanchu.limslaboratory.shiro.realm.ShiroRealm;
+import com.yuanchu.limslaboratory.shiro.utils.JwtCredentialsMatcher;
+import org.apache.shiro.authc.credential.CredentialsMatcher;
+import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
+import org.apache.shiro.authc.pam.AuthenticationStrategy;
+import org.apache.shiro.authc.pam.FirstSuccessfulStrategy;
+import org.apache.shiro.authc.pam.ModularRealmAuthenticator;
+import org.apache.shiro.authz.Authorizer;
+import org.apache.shiro.authz.ModularRealmAuthorizer;
+import org.apache.shiro.crypto.hash.Md5Hash;
+import org.apache.shiro.mgt.DefaultSessionStorageEvaluator;
+import org.apache.shiro.mgt.DefaultSubjectDAO;
+import org.apache.shiro.mgt.SecurityManager;
+import org.apache.shiro.mgt.SessionStorageEvaluator;
+import org.apache.shiro.realm.Realm;
+import org.apache.shiro.spring.LifecycleBeanPostProcessor;
+import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
+import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
+import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
+import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import javax.servlet.Filter;
+import java.util.*;
+
+@Configuration
+public class ShiroConfig {
+
+    /**
+     * 涓嶅悜 Spring瀹瑰櫒涓敞鍐� JwtFilter Bean锛岄槻姝� Spring 灏� JwtFilter 娉ㄥ唽涓哄叏灞�杩囨护鍣�
+     * 鍏ㄥ眬杩囨护鍣ㄤ細瀵规墍鏈夎姹傝繘琛屾嫤鎴紝鑰屾湰渚嬩腑鍙渶瑕佹嫤鎴櫎 /login 鍜� /logout 澶栫殑璇锋眰
+     * 鍙︿竴绉嶇畝鍗曞仛娉曟槸锛氱洿鎺ュ幓鎺� jwtFilter()涓婄殑 @Bean 娉ㄨВ
+     */
+    @Bean
+    public FilterRegistrationBean<Filter> registration(JwtFilter filter) {
+        FilterRegistrationBean<Filter> registration = new FilterRegistrationBean<Filter>(filter);
+        registration.setEnabled(false);
+        return registration;
+    }
+
+    //ShiroFilter杩囨护鎵�鏈夎姹�
+    @Bean
+    public ShiroFilterFactoryBean getShiroFilterFactoryBean(SecurityManager securityManager) {
+        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
+        //缁橲hiroFilter閰嶇疆瀹夊叏绠＄悊鍣�
+        shiroFilterFactoryBean.setSecurityManager(securityManager);
+
+        // 娣诲姞 jwt 涓撶敤杩囨护鍣紝鎷︽埅闄� /login 鍜� /logout 澶栫殑璇锋眰
+        Map<String, Filter> filterMap = new LinkedHashMap<>();
+        filterMap.put("jwtFilter", new JwtFilter());
+        shiroFilterFactoryBean.setFilters(filterMap);
+
+        //閰嶇疆绯荤粺鍏叡璧勬簮
+        Map<String, String> map = new HashMap<String, String>();
+
+        // swagger鏀捐
+        map.put("/doc.html", "anon");
+        map.put("/webjars/**/**", "anon");
+        map.put("/swagger-resources", "anon");
+        map.put("/api-docs", "anon");
+        map.put("/v3/**", "anon");
+
+        map.put("/link-basic/*", "anon");
+        map.put("/user/login/**","anon");//琛ㄧず杩欎釜涓哄叕鍏辫祫婧� 涓�瀹氭槸鍦ㄥ彈闄愯祫婧愪笂闈�
+//        map.put("/**","jwtFilter");//琛ㄧず杩欎釜璧勬簮闇�瑕佽璇佸拰鎺堟潈
+
+        shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
+
+        return shiroFilterFactoryBean;
+    }
+
+    /**
+     * 閰嶇疆 ModularRealmAuthenticator
+     */
+    @Bean
+    public ModularRealmAuthenticator authenticator() {
+        ModularRealmAuthenticator authenticator = new MultiRealmAuthenticator();
+        // 璁剧疆澶� Realm鐨勮璇佺瓥鐣ワ紝榛樿 AtLeastOneSuccessfulStrategy
+        AuthenticationStrategy strategy = new FirstSuccessfulStrategy();
+        authenticator.setAuthenticationStrategy(strategy);
+        return authenticator;
+    }
+
+
+    /**
+     * 绂佺敤session, 涓嶄繚瀛樼敤鎴风櫥褰曠姸鎬併�備繚璇佹瘡娆¤姹傞兘閲嶆柊璁よ瘉
+     */
+    @Bean
+    protected SessionStorageEvaluator sessionStorageEvaluator() {
+        DefaultSessionStorageEvaluator sessionStorageEvaluator = new DefaultSessionStorageEvaluator();
+        sessionStorageEvaluator.setSessionStorageEnabled(false);
+        return sessionStorageEvaluator;
+    }
+
+    /**
+     * 閰嶇疆 SecurityManager锛氭潈闄愮鐞嗗櫒
+     */
+    @Bean
+    public DefaultWebSecurityManager securityManager() {
+        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
+
+        // 1.韬唤楠岃瘉鍣�
+        securityManager.setAuthenticator(authenticator());
+
+        // 2.绠＄悊Realm
+        List<Realm> realms = new ArrayList<Realm>(16);
+        realms.add(JwtRealm());
+        realms.add(shiroRealm());
+        securityManager.setRealms(realms); // 閰嶇疆澶氫釜realm
+
+        // 3.鍏抽棴shiro鑷甫鐨剆ession
+        DefaultSubjectDAO subjectDAO = new DefaultSubjectDAO();
+        subjectDAO.setSessionStorageEvaluator(sessionStorageEvaluator());
+        securityManager.setSubjectDAO(subjectDAO);
+
+        return securityManager;
+    }
+
+    //    鍒涘缓鑷畾涔塕ealm
+    @Bean
+    public Realm shiroRealm() {
+        ShiroRealm realm = new ShiroRealm();
+//        HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
+////        //璁剧疆浣跨敤MD5鍔犲瘑绠楁硶
+////        credentialsMatcher.setHashAlgorithmName(Md5Hash.ALGORITHM_NAME);
+////        //鏁ｅ垪娆℃暟
+////        credentialsMatcher.setHashIterations(1024);
+//        realm.setCredentialsMatcher(credentialsMatcher);
+        return realm;
+    }
+
+    @Bean
+    public Realm JwtRealm(){
+        JwtRealm jwtRealm = new JwtRealm();
+        // 璁剧疆鍔犲瘑绠楁硶
+        CredentialsMatcher credentialsMatcher = new JwtCredentialsMatcher();
+        // 璁剧疆鍔犲瘑娆℃暟
+        jwtRealm.setCredentialsMatcher(credentialsMatcher);
+        return jwtRealm;
+    }
+
+
+    // 浠ヤ笅涓変腑bean閫氱敤锛屽浐瀹氶厤缃�
+
+    /**
+     * 浜ょ敱 Spring 鏉ヨ嚜鍔ㄥ湴绠＄悊 Shiro-Bean 鐨勭敓鍛藉懆鏈�
+     */
+    @Bean
+    public static LifecycleBeanPostProcessor getLifecycleBeanPostProcessor() {
+        return new LifecycleBeanPostProcessor();
+    }
+
+    /**
+     * 涓� Spring-Bean 寮�鍚 Shiro 娉ㄨВ鐨勬敮鎸�
+     */
+    @Bean
+    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
+        AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
+        authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
+        return authorizationAttributeSourceAdvisor;
+    }
+
+    /**
+     * 寮�鍚疉OP鏂规硶绾ф潈闄愭鏌�
+     */
+    @Bean
+    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
+        DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
+        advisorAutoProxyCreator.setProxyTargetClass(true);
+        return advisorAutoProxyCreator;
+    }
+}

--
Gitblit v1.9.3