fix:权限拦截修改

iot-common/iot-common-core/src/main/java/cc/iotkit/common/constant/Constants.java

@@ -95,10 +95,6 @@ public interface Constants {
 
     String CACHE_OAUTH_CLIENT = "oauth_client_cache";
 
-    String WECHAT_APP_ID = "wx791cb7bf75950e0c";
-
-    String WECHAT_APP_SECRET = "eeef73ce71f1a722ad6298985d859844";
-
     String APP_DESIGN_CACHE = "app_design_cache";
 
     String CACHE_PRODUCT_SCRIPT = "product_script_cache";

iot-common/iot-common-satoken/src/main/java/cc/iotkit/common/satoken/config/SaTokenConfig.java

@@ -3,11 +3,12 @@ package cc.iotkit.common.satoken.config;
 import cc.iotkit.common.satoken.core.dao.PlusSaTokenDao;
 import cc.iotkit.common.satoken.core.service.SaPermissionImpl;
 import cn.dev33.satoken.dao.SaTokenDao;
-import cn.dev33.satoken.jwt.StpLogicJwtForSimple;
+import cn.dev33.satoken.interceptor.SaInterceptor;
 import cn.dev33.satoken.stp.StpInterface;
-import cn.dev33.satoken.stp.StpLogic;
-import org.springframework.boot.autoconfigure.AutoConfiguration;
+import cn.dev33.satoken.stp.StpUtil;
 import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 /**
@@ -15,15 +16,9 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
  *
  * @author Lion Li
  */
-@AutoConfiguration
+@Configuration
 public class SaTokenConfig implements WebMvcConfigurer {
 
-    @Bean
-    public StpLogic getStpLogicJwt() {
-        // Sa-Token 整合 jwt (简单模式)
-        return new StpLogicJwtForSimple();
-    }
-
     /**
      * 权限接口实现(使用bean注入方便用户替换)
      */
@@ -40,4 +35,12 @@ public class SaTokenConfig implements WebMvcConfigurer {
         return new PlusSaTokenDao();
     }
 
+    // 注册拦截器
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        // 注册 Sa-Token 拦截器，校验规则为 StpUtil.checkLogin() 登录校验。
+        registry.addInterceptor(new SaInterceptor(handle -> StpUtil.checkLogin()))
+                .addPathPatterns("/**")
+                .excludePathPatterns("/code", "/auth/tenant/list", "/auth/login");
+    }
 }

iot-module/iot-manager/src/main/java/cc/iotkit/manager/service/WeChatService.java

@@ -1,90 +0,0 @@
-/*
- * +----------------------------------------------------------------------
- * | Copyright (c) 奇特物联 2021-2022 All rights reserved.
- * +----------------------------------------------------------------------
- * | Licensed 未经许可不能去掉「奇特物联」相关版权
- * +----------------------------------------------------------------------
- * | Author: xw2sy@163.com
- * +----------------------------------------------------------------------
- */
-package cc.iotkit.manager.service;
-
-import cc.iotkit.common.constant.Constants;
-import cc.iotkit.common.exception.BizException;
-import cc.iotkit.common.utils.CodecUtil;
-import cc.iotkit.common.utils.JsonUtils;
-import cc.iotkit.common.utils.WeChatUtil;
-import cc.iotkit.data.manager.IUserInfoData;
-import cc.iotkit.model.UserInfo;
-import lombok.Data;
-import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-@Slf4j
-@Service
-public class WeChatService {
-
-    @Autowired
-    private IUserInfoData userInfoData;
-
-    public String login(String encryptedData, String iv, String loginCode) {
-        WxSession wxSession = authCode2Session(Constants.WECHAT_APP_ID, Constants.WECHAT_APP_SECRET, loginCode);
-        if (wxSession == null) {
-            throw new BizException("调用微信端授权认证接口错误");
-        }
-        if (StringUtils.isEmpty(wxSession.getOpenid())) {
-            throw new BizException("微信授权认证失败");
-        }
-        if (wxSession.getErrcode() != 0) {
-            throw new BizException("微信授权认证失败:" + wxSession.getErrmsg());
-        }
-
-        UserInfo userInfo = userInfoData.findById(wxSession.getOpenid());
-        //判断用户表中是否存在该用户，不存在则进行解密得到用户信息，并进行新增用户
-        String strUserInfo = WeChatUtil.decryptData(encryptedData, wxSession.getSession_key(), iv);
-        if (StringUtils.isEmpty(strUserInfo)) {
-            throw new BizException("解密用户信息错误");
-        }
-        UserInfo decryptUser = JsonUtils.parseObject(strUserInfo, UserInfo.class);
-        if (userInfo == null) {
-        } else {
-            decryptUser.setId(userInfo.getId());
-        }
-//        decryptUser.setId(decryptUser.getOpenId());
-        userInfoData.save(decryptUser);
-
-        try {
-            return CodecUtil.aesEncrypt(System.currentTimeMillis() + "_" + wxSession.getOpenid(), Constants.ACCOUNT_SECRET);
-        } catch (Throwable e) {
-            throw new BizException("微信授权认证失败");
-        }
-    }
-
-    public WxSession authCode2Session(String appId, String secret, String jsCode) {
-        String url = "https://api.weixin.qq.com/sns/jscode2session?appid=" + appId + "&secret=" + secret + "&js_code=" + jsCode + "&grant_type=authorization_code";
-        String str = WeChatUtil.httpRequest(url, "GET", null);
-        log.info("api/wx-mini/getSessionKey:" + str);
-        if (StringUtils.isBlank(str)) {
-            return null;
-        } else {
-            return JsonUtils.parseObject(str, WxSession.class);
-        }
-    }
-
-    @Data
-    public static class WxSession {
-
-        private String openid;
-
-        private String session_key;
-
-        private String unionid;
-
-        private int errcode;
-
-        private String errmsg;
-    }
-
-}

iot-module/iot-system/pom.xml

@@ -63,6 +63,11 @@
             <artifactId>iot-common-oss</artifactId>
         </dependency>
 
+        <dependency>
+            <groupId>cc.iotkit</groupId>
+            <artifactId>iot-common-satoken</artifactId>
+        </dependency>
+
         <dependency>
             <groupId>io.github.linpeilie</groupId>
             <artifactId>mapstruct-plus-spring-boot-starter</artifactId>

iot-starter/src/main/resources/application.yml

@@ -57,7 +57,7 @@ spring:
           username: sa
           password: 123456
 
-  # 内置h2 web console设置
+    # 内置h2 web console设置
     platform: h2
   h2:
     console:
@@ -69,22 +69,22 @@ spring:
 
 
   # <<==========mysql配置开始==============
-#  datasource:
-#    url: jdbc:mysql://127.0.0.1:3306/iotkit?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false
-#    driverClassName: com.mysql.cj.jdbc.Driver
-#    username: root
-#    password: 123456
-#    validationQuery: SELECT 1
-#    testOnBorrow: true
-#  jpa:
-#    database: MySQL
-#    database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
-##    show-sql: true
-#    hibernate:
-#      ddl-auto: update
-#    properties:
-#      hibernate:
-#        format_sql: true
+  #  datasource:
+  #    url: jdbc:mysql://127.0.0.1:3306/iotkit?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC&useSSL=false
+  #    driverClassName: com.mysql.cj.jdbc.Driver
+  #    username: root
+  #    password: 123456
+  #    validationQuery: SELECT 1
+  #    testOnBorrow: true
+  #  jpa:
+  #    database: MySQL
+  #    database-platform: org.hibernate.dialect.MySQL5InnoDBDialect
+  ##    show-sql: true
+  #    hibernate:
+  #      ddl-auto: update
+  #    properties:
+  #      hibernate:
+  #        format_sql: true
   # ============mysql配置结束============>>
 
   #<<================es时序数据配置开始===============
@@ -99,11 +99,11 @@ spring:
   #================es时序数据配置结束===============>>
 
   #<<===========tdengine时序数据库配置开始============
-#  td-datasource:
-#    url: jdbc:TAOS-RS://127.0.0.1:6041/iotkit?timezone=UTC-8&charset=UTF-8&locale=en_US.UTF-8
-#    username: root
-#    password: taosdata
-#    driverClassName: com.taosdata.jdbc.rs.RestfulDriver
+  #  td-datasource:
+  #    url: jdbc:TAOS-RS://127.0.0.1:6041/iotkit?timezone=UTC-8&charset=UTF-8&locale=en_US.UTF-8
+  #    username: root
+  #    password: taosdata
+  #    driverClassName: com.taosdata.jdbc.rs.RestfulDriver
   #===========tdengine时序数据库配置开始============>>
 
 
@@ -149,11 +149,6 @@ sa-token:
   # 是否输出操作日志
   is-log: false
 
-#认证中心地址
-oauth2:
-  auth-server-url: http://127.0.0.1:8086
-
-
 # 多租户配置
 tenant:
   # 是否开启

pom.xml

@@ -69,7 +69,6 @@
             <scope>import</scope>
             </dependency>
 
-
             <dependency>
                 <groupId>commons-beanutils</groupId>
                 <artifactId>commons-beanutils</artifactId>
@@ -221,7 +220,7 @@
             <dependency>
                 <groupId>co.elastic.clients</groupId>
                 <artifactId>elasticsearch-java</artifactId>
-                <version>7.15.2</version>
+                <version>7.17.9</version>
             </dependency>
 
             <dependency>