From 67f189995ea216363d148e93df8dd1d91e7caf12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BB=84=E5=AD=9F?= <3111696955@qq.com> Date: Wed, 6 Aug 2025 15:22:00 +0800 Subject: [PATCH] =?UTF-8?q?refactor(biji-houdaun):=20=E9=87=8D=E6=9E=84?= =?UTF-8?q?=E7=94=A8=E6=88=B7=E8=AE=A4=E8=AF=81=E6=96=B9=E6=B3=95=E5=B9=B6?= =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E5=AE=89=E5=85=A8=E5=B7=A5=E5=85=B7=E7=B1=BB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 将 MarkdownController 中的 isUserAuthenticated 方法移至 SecurityUtil 工具类- 在 SecurityUtil 中添加以下新方法: - getCurrentUsername - getCurrentUserDetails - hasRole - hasPermission - isAdmin - 更新 MarkdownController 中的相关调用,使用 SecurityUtil 的静态方法 --- .../controller/MarkdownController.java | 21 +--- .../test/bijihoudaun/util/SecurityUtil.java | 119 ++++++++++++++++++ 2 files changed, 121 insertions(+), 19 deletions(-) create mode 100644 biji-houdaun/src/main/java/com/test/bijihoudaun/util/SecurityUtil.java diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/controller/MarkdownController.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/controller/MarkdownController.java index 3c28d0a..2cd7f92 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/controller/MarkdownController.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/controller/MarkdownController.java @@ -5,14 +5,12 @@ import com.test.bijihoudaun.common.response.R; import com.test.bijihoudaun.entity.MarkdownFile; import com.test.bijihoudaun.entity.MarkdownFileVO; import com.test.bijihoudaun.service.MarkdownFileService; +import com.test.bijihoudaun.util.SecurityUtil; import io.swagger.v3.oas.annotations.Operation; import io.swagger.v3.oas.annotations.Parameter; import io.swagger.v3.oas.annotations.Parameters; import io.swagger.v3.oas.annotations.tags.Tag; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.*; import java.util.Date; @@ -40,7 +38,7 @@ public class MarkdownController { @GetMapping("/{id}") public R getMarkdownContent(@PathVariable Long id) { // 获取当前认证状态 - boolean isAuthenticated = isUserAuthenticated(); + boolean isAuthenticated = SecurityUtil.isUserAuthenticated(); MarkdownFile file = markdownFileService.getMarkdownById(id, isAuthenticated); if (ObjectUtil.isNotNull(file)) { @@ -113,19 +111,4 @@ public class MarkdownController { return R.success(files); } - /** - * 检查用户是否已认证 - * @return 是否已认证 - */ - private boolean isUserAuthenticated() { - Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - if (authentication == null || !authentication.isAuthenticated()) { - return false; - } - Object principal = authentication.getPrincipal(); - if (principal instanceof UserDetails) { - return true; - } - return false; - } } diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/util/SecurityUtil.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/util/SecurityUtil.java new file mode 100644 index 0000000..e4713a1 --- /dev/null +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/util/SecurityUtil.java @@ -0,0 +1,119 @@ +package com.test.bijihoudaun.util; + +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.security.core.userdetails.UserDetails; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; + +/** + * 安全工具类,提供与安全相关的实用方法 + */ +public class SecurityUtil { + + /** + * 检查用户是否已认证 + * 该方法用于判断当前用户是否已经通过身份验证,常用于控制对受保护资源的访问 + * + * @return 如果用户已认证返回true,否则返回false + */ + public static boolean isUserAuthenticated() { + // 获取当前安全上下文中的认证信息 + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + + // 检查认证对象是否存在以及是否已认证 + if (authentication == null || !authentication.isAuthenticated()) { + return false; + } + + // 检查认证主体是否为UserDetails实例 + Object principal = authentication.getPrincipal(); + if (principal instanceof UserDetails) { + return true; + } + + return false; + } + + /** + * 获取当前已认证用户的用户名 + * + * @return 当前用户的用户名,如果用户未认证则返回null + */ + public static String getCurrentUsername() { + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + if (authentication == null || !authentication.isAuthenticated()) { + return null; + } + + Object principal = authentication.getPrincipal(); + if (principal instanceof UserDetails) { + return ((UserDetails) principal).getUsername(); + } + + // 如果不是UserDetails实例,尝试直接获取主体名称 + return authentication.getName(); + } + + /** + * 获取当前已认证用户的UserDetails对象 + * + * @return 当前用户的UserDetails对象,如果用户未认证或主体不是UserDetails实例则返回null + */ + public static UserDetails getCurrentUserDetails() { + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + if (authentication == null || !authentication.isAuthenticated()) { + return null; + } + + Object principal = authentication.getPrincipal(); + if (principal instanceof UserDetails) { + return (UserDetails) principal; + } + + return null; + } + + /** + * 检查当前用户是否具有指定角色 + * + * @param role 要检查的角色名称(不需要前缀"ROLE_") + * @return 如果用户具有该角色返回true,否则返回false + */ + public static boolean hasRole(String role) { + UserDetails userDetails = getCurrentUserDetails(); + if (userDetails == null) { + return false; + } + + // Spring Security的角色默认以"ROLE_"为前缀 + String roleName = role.startsWith("ROLE_") ? role : "ROLE_" + role; + return userDetails.getAuthorities().stream() + .anyMatch(auth -> auth.getAuthority().equals(roleName)); + } + + /** + * 检查当前用户是否具有指定权限 + * + * @param permission 要检查的权限名称 + * @return 如果用户具有该权限返回true,否则返回false + */ + public static boolean hasPermission(String permission) { + UserDetails userDetails = getCurrentUserDetails(); + if (userDetails == null) { + return false; + } + + return userDetails.getAuthorities().stream() + .anyMatch(auth -> auth.getAuthority().equals(permission)); + } + + /** + * 检查当前用户是否为管理员 + * 在本项目中,管理员角色定义为"ADMIN" + * + * @return 如果用户是管理员返回true,否则返回false + */ + public static boolean isAdmin() { + return hasRole("ADMIN"); + } +}