ssyg/SIMS
2
0
Fork 0
mirror of https://github.com/suyiiyii/SIMS.git synced 2025-06-03 12:56:10 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor(jwt-interceptor):精简无效的JWT,提高检查效率

Browse Source 
调整JwtInterceptor以精简无效的JWT检查逻辑。实现对JWT效验和用户ID提取的优化,避免不必要的数据库查询。refactor(role): 使用自定义注解替换MyBatis Plus注解并移除冗余字段

通过自定义注解替换MyBatis Plus注解,以整理和优化实体类定义。删除了Role类中的冗余字段,如'tag',以及未使用的imports。

refactor(user-service): 使用ModelMapper简化对象映射,重构注册逻辑引入ModelMapper以简化User对象和DTO之间的映射操作。重构UserService中的用户注册逻辑,使用ModelMapper进行对象转换,减少手动设置属性的需求。

fix(user-controller):调整用户注册请求参数,统一数据类型

调整UserController中的注册请求参数,将'studentId'和'userGroup'的类型与现有代码库保持一致,以便正确进行参数传递和处理。

feat(user-service): 实现rbacService集成,增强用户注册流程

在UserService中集成rbacService,以在用户注册时为新用户分配默认角色。优化了用户注册流程,并简化了权限和角色的管理。

BREAKING CHANGE: 对UserRole逻辑的改动可能会影响现有的用户权限和角色分配。请确保在更新代码后进行
This commit is contained in:
suyiiyii 2024-08-24 23:57:53 +08:00
parent 0fdf18154c
commit c24be4181c
4 changed files with 37 additions and 56 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/top/suyiiyii/sims/common/JwtInterceptor.java
View File

@ -2,14 +2,14 @@ package top.suyiiyii.sims.common;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;
import top.suyiiyii.sims.exception.ServiceException;
import top.suyiiyii.sims.mapper.MpUserMapper;
import top.suyiiyii.sims.utils.JwtUtils;
import java.util.Objects;
/**
* @Author tortoise
* @Date 2024/8/12 11:33
@ -41,12 +41,12 @@ public class JwtInterceptor implements HandlerInterceptor {
return true;
}
// 验证 token 的有效性
if (!JwtUtils.verifyToken(token, secret)) {
if (!JwtUtils.verifyToken(token, secret) || JwtUtils.extractUserId(token) == null) {
throw new ServiceException("401", "登录已过期,请重新登录");
}
// 获取 token 中的 user id
String userId = JwtUtils.extractUserId(token);
Integer userId = Integer.parseInt(Objects.requireNonNull(JwtUtils.extractUserId(token)));
request.setAttribute("userId", userId);
return true;

13
src/main/java/top/suyiiyii/sims/controller/UserController.java
View File

@ -67,14 +67,7 @@ public class UserController {
if (request.getPassword() == null || request.getPassword().length() < 3) {
throw new ServiceException("密码长度不能小于3位");
}
User user = new User();
user.setUsername(request.getUsername());
user.setPassword(request.getPassword());
user.setStudentId(request.getStudentId());
user.setEmail(request.getEmail());
user.setGrade(request.getGrade());
user.setUserGroup(request.getGroup());
userService.register(user);
userService.register(request);
return Result.success(CommonResponse.factory("注册成功"));
}
@ -118,10 +111,10 @@ public class UserController {
public static class RegisterRequest {
private String username;
private String password;
private int studentId;
private Integer studentId;
private String email;
private String grade;
private String group;
private String userGroup;
}
@Data

6
src/main/java/top/suyiiyii/sims/entity/Role.java
View File

@ -1,7 +1,6 @@
package top.suyiiyii.sims.entity;
import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableId;
import com.tangzc.autotable.annotation.ColumnNotNull;
import com.tangzc.mpe.autotable.annotation.ColumnId;
import com.tangzc.mpe.autotable.annotation.Table;
@ -24,13 +23,12 @@ import lombok.NoArgsConstructor;
public class Role {
@ColumnId(mode = IdType.AUTO,comment = "id主键")
private Integer id;
@ColumnNotNull
private Integer roleId;
//管理员普通用户组员组长队长
@ColumnNotNull
private String roleName;
private String tag;
public static Role guest() {
return new Role(-1, -1, "guest");
return new Role(-1, "guest","");
}
}

66
src/main/java/top/suyiiyii/sims/service/UserService.java
View File

@ -2,20 +2,22 @@ package top.suyiiyii.sims.service;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.modelmapper.ModelMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import top.suyiiyii.sims.controller.UserController;
import top.suyiiyii.sims.dto.UserDto;
import top.suyiiyii.sims.entity.*;
import top.suyiiyii.sims.exception.ServiceException;
import top.suyiiyii.sims.mapper.*;
import top.suyiiyii.sims.utils.JwtUtils;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.*;
/**
* @Author tortoise
@ -37,6 +39,10 @@ public class UserService {
PermissionsMapper permissionsMapper;
@Value("${jwt.secret}")
private String secret;
@Autowired
private RbacService rbacService;
@Autowired
private ModelMapper modelMapper;
public void addUser(User user) {
userMapper.addUser(user);
@ -63,53 +69,37 @@ public class UserService {
if (!dbUser.getPassword().equals(password)) {
throw new ServiceException("密码或用户名错误");
}
HashSet<Permissions> permissionsSet = new HashSet<>();
Integer id = dbUser.getId();
List<Role> roles = roleMapper.selectRolesById(id);
for (Role role : roles) {
//根据roleid找所有permissionId
List<RolePermission> rolePerminsion = permissionsMapper.getRolePerminsionByRoleId(role.getRoleId());
for (RolePermission rolePermission : rolePerminsion) {
Integer permissionId = rolePermission.getPermissionId();
//根据permissionId找permission
Permissions permissions = permissionsMapper.selectById(permissionId);
permissionsSet.add(permissions);
}
return JwtUtils.createToken(dbUser.getId().toString(), secret);
}
public void register(UserController.RegisterRequest req) {
User dbUser = userMapper.selectByUserId(req.getStudentId());
if (req.getUsername() == null || req.getUsername().equals("")) {
throw new ServiceException("用户名不能为空");
}
String token = JwtUtils.createToken(dbUser.getId().toString(), secret);
return token;
}
public User register(User user) {
User dbUser = userMapper.selectByUserId(user.getStudentId());
if (user.getUsername() == null || user.getUsername().equals("")) {
throw new ServiceException("用户名不能为空");
}
if (dbUser != null) {
throw new ServiceException("账号已经存在");
}
if (user.getStudentId() == null || user.getStudentId().equals("")) {
if (req.getStudentId() == null || req.getStudentId().equals("")) {
throw new ServiceException("学号不能为空");
}
if( user.getPassword() == null || user.getPassword().equals("")) {
if (req.getPassword() == null || req.getPassword().equals("")) {
throw new ServiceException("密码不能为空");
}
if (user.getEmail() == null || user.getEmail().equals("")) {
if (req.getEmail() == null || req.getEmail().equals("")) {
throw new ServiceException("邮箱不能为空");
}
if (user.getUserGroup() == null || user.getUserGroup().equals("")) {
if (req.getUserGroup() == null || req.getUserGroup().equals("")) {
throw new ServiceException("组别不能为空");
}
User user =modelMapper.map(req, User.class);
mpUserMapper.insert(user);
return user;
user = mpUserMapper.selectOne(new LambdaQueryWrapper<User>().eq(User::getUsername, req.getUsername()));
rbacService.addRoleWithUserId(user.getId(), "user");
}
public User selectByUsername(String username) {
return userMapper.selectByUserName(username);
@ -131,7 +121,7 @@ public class UserService {
Integer id = user.getId();
List<Role> roles = roleMapper.selectRolesById(id);
for (Role role : roles) {
Integer roleId = role.getRoleId();
Integer roleId = role.getId();
// 获取一个角色的名称列表
List<String> roleNameList = roleMapper.selectRoleNamesByRoleId(roleId);
// 累加角色名称到用户的角色列表中
@ -152,7 +142,7 @@ public class UserService {
UserDto.setRoles(new ArrayList<>());
List<Role> roles = roleMapper.selectRolesById(id);
for (Role role : roles) {
Integer roleId = role.getRoleId();
Integer roleId = role.getId();
// 获取一个角色的名称列表
List<String> roleNameList = roleMapper.selectRoleNamesByRoleId(roleId);
// 累加角色名称到用户的角色列表中