合并代码

service-base/src/main/java/com/simuwang/base/config/DaqProperties.java

@@ -1,10 +1,12 @@
 package com.simuwang.base.config;
 
+import cn.hutool.core.collection.ListUtil;
 import lombok.Getter;
 import lombok.Setter;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Configuration;
 
+import java.util.LinkedHashMap;
 import java.util.List;
 
 @Setter
@@ -25,15 +27,15 @@ public class DaqProperties {
     /**
      * 默认的密码
      */
-    private String defaultPwd = "QWER1234!@#$";
+    private String defaultPwd;
     /**
-     * token 过期时间
+     * token 过期时间，单位分钟
      */
-    private Long tokenExpire = 60 * 60 * 24L;
+    private Long tokenExpire = 60 * 24L;
     /**
      * token 的秘钥（长度为64）
      */
-    private String tokenSecret = "qwertyuiopasdfghjklzxcvbnm1234567890qwertyuiopasdfghjklzxcvbnm12";
+    private String tokenSecret;
     /**
      * 基于rsa的加解密方式
      */
@@ -41,7 +43,11 @@ public class DaqProperties {
     /**
      * 自定义token过滤器的拦截白名单
      */
-    private List<String> whitelist;
+    private List<String> whitelist = ListUtil.list(true);
+    /**
+     * shiro 过滤器配置
+     */
+    private List<FilterChain> shiroFilterChain = ListUtil.list(true);
 
     @Setter
     @Getter
@@ -49,4 +55,11 @@ public class DaqProperties {
         private String publicKey;
         private String privateKey;
     }
+
+    @Setter
+    @Getter
+    public static class FilterChain {
+        private String path;
+        private List<String> filters;
+    }
 }

service-base/src/main/java/com/simuwang/base/config/ShiroConfig.java

@@ -5,9 +5,9 @@ import com.simuwang.base.components.ShiroLoginAuthAdapter;
 import com.simuwang.base.components.ShiroRsaCredentialsMatcher;
 import com.simuwang.base.components.UserAuthService;
 import com.simuwang.shiro.core.ShiroDbRealm;
+import com.simuwang.shiro.core.ShiroDbRealmImpl;
 import com.simuwang.shiro.core.adapter.LoginAuthAdapter;
 import com.simuwang.shiro.core.bridge.AuthBridgeService;
-import com.simuwang.shiro.core.ShiroDbRealmImpl;
 import com.simuwang.shiro.core.jwt.JwtContext;
 import com.simuwang.shiro.core.jwt.JwtFilter;
 import jakarta.servlet.Filter;
@@ -24,6 +24,7 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.DependsOn;
 
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 @Configuration
@@ -140,25 +141,6 @@ public class ShiroConfig {
         return new AuthorizationAttributeSourceAdvisor();
     }
 
-    /**
-     * 过滤器链
-     */
-    private Map<String, String> filterChainDefinition() {
-        Map<String, String> map = MapUtil.newHashMap(20, true);
-        map.put("/static/**", "anon");
-        map.put("/v1/test/**", "anon");
-        map.put("/v1/login", "anon");
-        map.put("/v1/rsa-key", "anon");
-        map.put("/v1/**", "jwt");
-        map.put("/**", "jwt");
-        return map;
-    }
-
-//    @Bean
-//    public JwtContext jwtUtil() {
-//        return new JwtContext(this.properties);
-//    }
-
     private Map<String, Filter> filterMap() {
         HashMap<String, Filter> map = MapUtil.newHashMap();
         map.put("jwt", new JwtFilter(this.properties, this.jwtContext));
@@ -173,7 +155,13 @@ public class ShiroConfig {
         ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
         shiroFilter.setSecurityManager(this.defaultWebSecurityManager());
         shiroFilter.setFilters(this.filterMap());
-        shiroFilter.setFilterChainDefinitionMap(this.filterChainDefinition());
+        // 过滤器链配置
+        Map<String, String> map = MapUtil.newHashMap(16, true);
+        List<DaqProperties.FilterChain> shiroFilterChain = this.properties.getShiroFilterChain();
+        for (DaqProperties.FilterChain filterChain : shiroFilterChain) {
+            map.put(filterChain.getPath(), String.join(",", filterChain.getFilters()));
+        }
+        shiroFilter.setFilterChainDefinitionMap(map);
         // 去掉，防止404路由自动跳转到登录请求
 //        shiroFilter.setLoginUrl("/v1/login");
 //        shiroFilter.setUnauthorizedUrl("/v1/login");

service-base/src/main/java/com/simuwang/shiro/core/jwt/JwtFilter.java

@@ -56,7 +56,7 @@ public class JwtFilter extends AccessControlFilter {
 
     @Override
     protected boolean onAccessDenied(ServletRequest servletRequest, ServletResponse servletResponse) throws Exception {
-        // 跟前端约定将jwtToken放在请求的Header的Authorization中，Authorization:token
+        // 跟前端约定将jwtToken放在请求的Header的Authorization中，Authorization: token
         HttpServletRequest request = (HttpServletRequest) servletRequest;
         String requestURI = request.getRequestURI();
         List<String> whitelist = this.properties.getWhitelist();

service-manage/src/main/java/com/simuwang/manage/dto/MenuTreeDTO.java

@@ -64,6 +64,10 @@ public class MenuTreeDTO {
      */
     private String icon;
     /**
+     * 启用状态，1-启用，0-禁用
+     */
+    private Integer status;
+    /**
      * 子菜单
      */
     private List<MenuTreeDTO> children;
@@ -94,6 +98,7 @@ public class MenuTreeDTO {
         this.isCache = menuDO.getIsCache();
         this.visible = menuDO.getVisible();
         this.icon = menuDO.getIcon();
+        this.status = menuDO.getStatus();
     }
 
     public Integer getId() {
@@ -207,4 +212,12 @@ public class MenuTreeDTO {
     public void setIcon(String icon) {
         this.icon = icon;
     }
+
+    public Integer getStatus() {
+        return status;
+    }
+
+    public void setStatus(Integer status) {
+        this.status = status;
+    }
 }