java
// jwt 方式
package com.kongjs.note.system.convert;
import com.kongjs.note.admin.model.dto.TokenInfoDTO;
import com.kongjs.note.admin.service.TokenService;
import jakarta.annotation.Resource;
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import org.springframework.util.StringUtils;
@Slf4j
@Component
public class JwtAuthenticationConverter implements AuthenticationConverter {
private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource;
@Resource
private TokenService tokenService;
@Resource
private UserDetailsService userDetailsService;
public JwtAuthenticationConverter() {
this(new WebAuthenticationDetailsSource());
}
public JwtAuthenticationConverter(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
this.authenticationDetailsSource = authenticationDetailsSource;
}
@Override
public Authentication convert(HttpServletRequest request) {
log.info("JwtAuthenticationConverter Start -->");
String token = request.getHeader("Token");
if (!StringUtils.hasText(token)) {
return null;
}
TokenInfoDTO tokenInfoDTO = tokenService.parseAccessToken(token);
if (ObjectUtils.isEmpty(tokenInfoDTO) || !StringUtils.hasText(tokenInfoDTO.getUsername())) {
return null;
}
String username = tokenInfoDTO.getUsername();
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
UsernamePasswordAuthenticationToken result = UsernamePasswordAuthenticationToken.authenticated(userDetails.getUsername(), userDetails.getPassword(), userDetails.getAuthorities());
result.setDetails(this.authenticationDetailsSource.buildDetails(request));
return result;
}
protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
}
}
java
package com.kongjs.note.system.convert;
import com.kongjs.note.admin.security.authentication.dto.LoginDTO;
import jakarta.servlet.http.HttpServletRequest;
import org.springframework.http.MediaType;
import org.springframework.http.converter.HttpMessageConverter;
import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.http.server.ServletServerHttpRequest;
import org.springframework.security.authentication.AuthenticationDetailsSource;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationConverter;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
public class RestAuthenticationConverter implements AuthenticationConverter {
private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource;
private final HttpMessageConverter<Object> converter = new MappingJackson2HttpMessageConverter();
public RestAuthenticationConverter() {
this(new WebAuthenticationDetailsSource());
}
public RestAuthenticationConverter(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) {
this.authenticationDetailsSource = authenticationDetailsSource;
}
@Override
public Authentication convert(HttpServletRequest request) {
if (!request.getRequestURI().equals("/login")) {
return null;
}
if (!request.getMethod().equals("POST")) {
return null;
}
if (!MediaType.parseMediaType(request.getContentType()).equals(MediaType.APPLICATION_JSON)) {
return null;
}
LoginDTO dto;
try {
dto = (LoginDTO) converter.read(LoginDTO.class, new ServletServerHttpRequest(request));
} catch (Exception e) {
return null;
}
String username = dto.getUsername();
username = username != null ? username.trim() : "";
String password = dto.getPassword();
password = password != null ? password : "";
UsernamePasswordAuthenticationToken authRequest = UsernamePasswordAuthenticationToken.unauthenticated(username, password);
this.setDetails(request, authRequest);
return authRequest;
}
protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) {
authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
}
}