1、添加权限验证

4 months ago · be0b7f8b12
--- a/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/api/CommonAPI.java
+++ b/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/common/api/CommonAPI.java
@ -65,6 +65,15 @@ public interface CommonAPI {



    /**
     * 小程序验证 - 小程序openid验证
     * @param username
     * @return
     * */
    public HanHaiMember getUserByNameHanHaiXcxOpenId(String username);



    /**
     * 6字典表的 翻译
     * @param table
--- a/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
+++ b/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroConfig.java
@ -73,7 +73,7 @@ public class ShiroConfig {
        }

        //特易招
        filterChainDefinitionMap.put("/api/*", "anon"); //api相关接口全部放开
        filterChainDefinitionMap.put("/api/**", "anon"); //api相关接口全部放开

        filterChainDefinitionMap.put("/sys/oss/file/upload", "anon"); //图片上传验证放开
        filterChainDefinitionMap.put("/sys/common/upload", "anon"); //图片上传验证放开
--- a/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
+++ b/jeecg-boot-base/jeecg-boot-base-core/src/main/java/org/jeecg/config/shiro/ShiroRealm.java
@ -192,6 +192,39 @@ public class ShiroRealm extends AuthorizingRealm {



    /**
     * 校验token的有效性
     *
     * @param token
     */
    public HanHaiMember checkUserTokenIsEffectHanHaiOpenId(String token) throws AuthenticationException {
        Result result = new Result();
        // 解密获得username，用于和数据库进行对比
        String openid = JwtUtil.getUsername(token);
        if (openid == null) {
            throw new AuthenticationException("token非法无效!");
        }

        // 查询用户信息
        log.debug("———校验token是否有效————checkUserTokenIsEffect——————— "+ token);
        HanHaiMember user = commonApi.getUserByNameHanHaiXcxOpenId(openid);
        if (user == null || user.getAppletOpenid() == null) {
            throw new AuthenticationException("用户不存在!");
        }
 //        // 判断用户状态
 //        if (user.getDeleteFlag().equals("Y")) {
 //            throw new AuthenticationException("账号已被注销,请联系管理员!");
 //        }
        // 校验token是否超时失效 & 或者账号密码是否错误
        if (!jwtTokenRefresh(token, openid, openid)) {
            throw new JeecgBoot401Exception(CommonConstant.TOKEN_IS_INVALID_MSG);
        }
        return user;
    }




    /**
     * JWTToken刷新生命周期 （实现： 用户在线操作不掉线功能）
     * 1、登录成功后将用户的JWT生成的Token作为k、v存储到cache缓存里面(这时候k、v值一样)，缓存有效期设置为Jwt有效时间的2倍
--- a/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/service/impl/SysBaseApiImpl.java
+++ b/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/service/impl/SysBaseApiImpl.java
@ -144,6 +144,23 @@ public class SysBaseApiImpl implements ISysBaseAPI {
 		return user;
 	}

 	/**
 	 * 公共验证--根据账号查询验证用户信息-客户端
 	 * @param username
 	 * @return
 	 * */
 	@Override
 	public HanHaiMember getUserByNameHanHaiXcxOpenId(String username){
 		if(oConvertUtils.isEmpty(username)) {
 			return null;
 		}
 		HanHaiMember user = hanHaiMemberService.lambdaQuery().eq(HanHaiMember::getAppletOpenid,username).one();
 		if(user==null) {
 			return null;
 		}
 		return user;
 	}


 	@Override
 	public String translateDictFromTable(String table, String text, String code, String key) {