代码语言:javascript复制
package com.ccb.web.shiro;
import com.ccb.cs.persistence.manager.UserManager;
import com.ccb.cs.persistence.model.UUser;
import com.ccb.service.PermissionService;
import com.ccb.service.RoleService;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import projects.commons.utils.ValidateUtils;
import java.util.Set;
/**
* 用户鉴权
*
* @author zhuyongsheng
* @date 2019/8/12
* @since 2.8.2
*/
@Slf4j
public class ShiroRealm extends AuthorizingRealm {
@Autowired
UserManager userManager;
@Autowired
PermissionService permissionService;
@Autowired
RoleService roleService;
/**
* 清除缓存
*
* @author zhuyongsheng
* @date 2019/8/15
*/
@Override
public void clearCache(PrincipalCollection principals) {
super.clearCache(principals);
}
/**
* 重写方法,清除当前用户的 认证缓存
*
* @param principals
*/
@Override
public void clearCachedAuthenticationInfo(PrincipalCollection principals) {
super.clearCachedAuthenticationInfo(principals);
}
/**
* 重写方法,清除当前用户的的 授权缓存
*
* @param principals
*/
@Override
public void clearCachedAuthorizationInfo(PrincipalCollection principals) {
super.clearCachedAuthorizationInfo(principals);
}
/**
* 验证用户身份
*
* @return org.apache.shiro.authc.AuthenticationInfo 用户认证信息
* @author zhuyongsheng
* @date 2019/8/12
*/
@Override
public AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
//获取用户名 密码
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) authenticationToken;
String username = usernamePasswordToken.getUsername();
String password = new String(usernamePasswordToken.getPassword());
//从数据库查询用户信息
UUser user = userManager.login(username, password);
//查询到用户即账号密码正确,否则失败
if (ValidateUtils.isNull(user)) {
throw new AccountException("用户名或密码错误!");
}
//校验并返回对象
return new SimpleAuthenticationInfo(user, password, getName());
}
/**
* 授权用户权限
*
* @return org.apache.shiro.authz.AuthorizationInfo
* @author zhuyongsheng
* @date 2019/8/12
*/
@Override
public AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
//获取账号
UUser user = (UUser) SecurityUtils.getSubject().getPrincipal();
//返回对象
SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
//通过用户ID获取用户角色
Set<String> roles = roleService.findRoleByUserId(user.getId());
//添加角色
for (String role : roles) {
authorizationInfo.addRole(role);
}
//通过用户ID获取用户权限
Set<String> permissions = permissionService.findPermissionByUserId(user.getId());
//添加权限
for (String permission : permissions) {
authorizationInfo.addStringPermission(permission);
}
return authorizationInfo;
}
}
