lmk-shop-java.git

parent: 05e49980 | 补丁 | 提交 | ignore whitespace

zhanghua

2025-06-11 2ca169c85f61256fb5185c078dba1bfef2be5066

小程序鉴权处理

9个文件已修改

	buyer-api/src/main/java/cn/lili/security/BuyerAuthenticationFilter.java	3 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	framework/src/main/java/cn/lili/modules/connect/serviceimpl/ConnectServiceImpl.java	5 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	framework/src/main/java/cn/lili/modules/member/entity/dos/Member.java	7 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	framework/src/main/java/cn/lili/modules/member/service/MemberService.java	2 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	framework/src/main/java/cn/lili/modules/member/serviceimpl/MemberServiceImpl.java	23 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	framework/src/main/java/cn/lili/modules/member/serviceimpl/StoreMenuRoleServiceImpl.java	15 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	framework/src/main/java/cn/lili/modules/member/token/MemberTokenGenerate.java	10 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	seller-api/src/main/java/cn/lili/controller/goods/CategoryStoreController.java	12 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	seller-api/src/main/java/cn/lili/security/StoreAuthenticationFilter.java	18 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

 buyer-api/src/main/java/cn/lili/security/BuyerAuthenticationFilter.java

@@ -99,7 +99,8 @@
            AuthUser authUser = new Gson().fromJson(json, AuthUser.class);

            //校验redis中是否有权限
            if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER,authUser.getId()) + jwt)) {
            if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER, authUser.getId()) + jwt) ||
                    cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)) {
                //构造返回信息
                List<GrantedAuthority> auths = new ArrayList<>();
                auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name()));

 framework/src/main/java/cn/lili/modules/connect/serviceimpl/ConnectServiceImpl.java

@@ -265,6 +265,11 @@
            if (StrUtil.isNotBlank(authUser.getPhone())) {
                member = memberService.findByMobile(authUser.getPhone());
            }

            if (StrUtil.isNotBlank(authUser.getUuid())) {
                member = memberService.findByUUID(authUser.getUuid());
            }

            //如果未查到手机号的会员则使用第三方登录
            if (member == null) {
                LambdaQueryWrapper<Connect> queryWrapper = new LambdaQueryWrapper<Connect>();

 framework/src/main/java/cn/lili/modules/member/entity/dos/Member.java

@@ -5,6 +5,7 @@
import cn.lili.common.security.sensitive.enums.SensitiveStrategy;
import cn.lili.common.utils.CommonUtil;
import cn.lili.mybatis.BaseEntity;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableName;
import com.fasterxml.jackson.annotation.JsonFormat;
import io.swagger.annotations.ApiModel;
@@ -80,6 +81,10 @@
    @ApiModelProperty(value = "店铺ID")
    private String storeId;

    @ApiModelProperty(value = "uuId")
    @TableField(value = "uu_id")
    private String uuId;

    /**
     * @see ClientTypeEnum
     */
@@ -111,7 +116,7 @@
        this.lastLoginDate = new Date();
    }

    public Member(String username, String password, String face, String nickName, Integer sex,String mobile) {
    public Member(String username, String password, String face, String nickName, Integer sex, String mobile) {
        this.username = username;
        this.password = password;
        this.mobile = mobile;

 framework/src/main/java/cn/lili/modules/member/service/MemberService.java

@@ -336,4 +336,6 @@
    boolean appSConfirm(String token, Integer code);

    QRLoginResultVo loginWithSession(String token);

    Member findByUUID(String uuid);
}

 framework/src/main/java/cn/lili/modules/member/serviceimpl/MemberServiceImpl.java

@@ -257,6 +257,7 @@
            Member member = new Member(authUser.getUsername(), UuidUtils.getUUID(), authUser.getAvatar(), authUser.getNickname(),
                    authUser.getGender() != null ? Convert.toInt(authUser.getGender().getCode()) : 0, authUser.getPhone());
            member.setPassword(DEFAULT_PASSWORD);
            member.setUuId(authUser.getUuid());
            // 发送会员注册信息
            registerHandler(member);

@@ -501,18 +502,19 @@
        this.updateById(member);
        return member;
    }

    @Override
    public Result resetPassword(String id){
            String password = "123456";
            Member member = this.getById(id);
            member.setPassword(new BCryptPasswordEncoder().encode(password));
            this.updateById(member);
            return Result.ok("重置成功");
    public Result resetPassword(String id) {
        String password = "123456";
        Member member = this.getById(id);
        member.setPassword(new BCryptPasswordEncoder().encode(password));
        this.updateById(member);
        return Result.ok("重置成功");
    }


    @Override
    public Member updateMemberPartProperties(String id,String password,String mobile) {
    public Member updateMemberPartProperties(String id, String password, String mobile) {
        //查询会员信息
        Member member = this.getById(id);
        member.setMobile(mobile);
@@ -861,6 +863,13 @@
        return result;
    }

    @Override
    public Member findByUUID(String uuid) {
        QueryWrapper<Member> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("uu_id", uuid);
        return this.baseMapper.selectOne(queryWrapper);
    }

    /**
     * 检测会员
     *

 framework/src/main/java/cn/lili/modules/member/serviceimpl/StoreMenuRoleServiceImpl.java

@@ -48,13 +48,14 @@

    @Override
    public List<StoreUserMenuVO> findAllMenu(String clerkId, String memberId) {
        String cacheKey = CachePrefix.STORE_USER_MENU.getPrefix() + memberId;
        List<StoreUserMenuVO> menuList = (List<StoreUserMenuVO>) cache.get(cacheKey);
        if (menuList == null || menuList.isEmpty()) {
            menuList = storeMenuService.getUserRoleMenu(clerkId);
            cache.put(cacheKey, menuList);
        }
        return menuList;
//        String cacheKey = CachePrefix.STORE_USER_MENU.getPrefix() + memberId;
//        List<StoreUserMenuVO> menuList = (List<StoreUserMenuVO>) cache.get(cacheKey);
//        if (menuList == null || menuList.isEmpty()) {
//            menuList = storeMenuService.getUserRoleMenu(clerkId);
//            cache.put(cacheKey, menuList);
//        }
//        return menuList;
        return storeMenuService.getUserRoleMenu(clerkId);
    }



 framework/src/main/java/cn/lili/modules/member/token/MemberTokenGenerate.java

@@ -8,7 +8,9 @@
import cn.lili.common.security.token.Token;
import cn.lili.common.security.token.TokenUtil;
import cn.lili.common.security.token.base.AbstractTokenGenerate;
import cn.lili.modules.member.entity.dos.Clerk;
import cn.lili.modules.member.entity.dos.Member;
import cn.lili.modules.member.service.ClerkService;
import cn.lili.rocketmq.RocketmqSendCallbackBuilder;
import cn.lili.rocketmq.tags.MemberTagsEnum;
import org.apache.rocketmq.spring.core.RocketMQTemplate;
@@ -34,6 +36,9 @@
    @Autowired
    private RocketMQTemplate rocketMQTemplate;

    @Autowired
    private ClerkService clerkService;

    @Override
    public Token createToken(Member member, Boolean longTerm) {

@@ -57,11 +62,14 @@
        String destination = rocketmqCustomProperties.getMemberTopic() + ":" + MemberTagsEnum.MEMBER_LOGIN.name();
        rocketMQTemplate.asyncSend(destination, member, RocketmqSendCallbackBuilder.commonCallback());

        Clerk clerk = clerkService.getClerkByMemberId(member.getId());

        AuthUser authUser = AuthUser.builder()
                .username(member.getUsername())
                .face(member.getFace())
                .id(member.getId())
                .role(UserEnums.MEMBER)
                .role(clerk == null ? UserEnums.MEMBER : UserEnums.STORE)
                .storeId(clerk == null ? null : clerk.getStoreId())
                .nickName(member.getNickName())
                .longTerm(longTerm)
                .build();

 seller-api/src/main/java/cn/lili/controller/goods/CategoryStoreController.java

@@ -1,12 +1,16 @@
package cn.lili.controller.goods;

import cn.lili.common.enums.ResultUtil;
import cn.lili.common.security.AuthUser;
import cn.lili.common.security.context.UserContext;
import cn.lili.common.utils.StringUtils;
import cn.lili.common.vo.ResultMessage;
import cn.lili.modules.goods.entity.vos.CategoryBrandVO;
import cn.lili.modules.goods.entity.vos.CategoryVO;
import cn.lili.modules.goods.service.CategoryBrandService;
import cn.lili.modules.goods.service.CategoryService;
import cn.lili.modules.member.entity.dos.Clerk;
import cn.lili.modules.member.service.ClerkService;
import cn.lili.modules.store.service.StoreDetailService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
@@ -49,11 +53,19 @@
     */
    @Autowired
    private StoreDetailService storeDetailService;
    @Autowired
    private ClerkService clerkService;

    @ApiOperation(value = "获取店铺经营的分类")
    @GetMapping(value = "/all")
    public ResultMessage<List<CategoryVO>> getListAll() {

        String storeId = Objects.requireNonNull(UserContext.getCurrentUser()).getStoreId();
        if (StringUtils.isEmpty(storeId)) {
            Clerk clerk = clerkService.getClerkByMemberId(UserContext.getCurrentUserId());
            storeId = clerk.getStoreId();
        }

        //获取店铺经营范围
        String goodsManagementCategory = storeDetailService.getStoreDetail(storeId).getGoodsManagementCategory();
        return ResultUtil.data(this.categoryService.getStoreCategory(goodsManagementCategory.split(",")));

 seller-api/src/main/java/cn/lili/security/StoreAuthenticationFilter.java

@@ -106,7 +106,9 @@
            AuthUser authUser = new Gson().fromJson(json, AuthUser.class);

            //校验redis中是否有权限
            if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)) {
            if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER, authUser.getId()) + jwt) ||
                    cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)
            ) {
                //用户角色
                List<GrantedAuthority> auths = new ArrayList<>();
                auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name()));
@@ -145,14 +147,14 @@
            //获取缓存中的权限
            Map<String, List<String>> permission =
                    (Map<String, List<String>>) cache.get(permissionCacheKey);
            if (permission == null || permission.isEmpty()) {
                //根据会员id查询店员信息
                Clerk clerk = clerkService.getClerkByMemberId(authUser.getId());
                if (clerk != null) {
                    permission = storeTokenGenerate.permissionList(storeMenuRoleService.findAllMenu(clerk.getId(), authUser.getId()));
                    cache.put(permissionCacheKey, permission);
                }
            // if (permission == null || permission.isEmpty()) {
            //根据会员id查询店员信息
            Clerk clerk = clerkService.getClerkByMemberId(authUser.getId());
            if (clerk != null) {
                permission = storeTokenGenerate.permissionList(storeMenuRoleService.findAllMenu(clerk.getId(), authUser.getId()));
                cache.put(permissionCacheKey, permission);
            }
            //}
            //获取数据(GET 请求)权限
            if (request.getMethod().equals(RequestMethod.GET.name())) {
                //如果用户的超级权限和查阅权限都不包含当前请求的api

			@@ -99,7 +99,8 @@
			AuthUser authUser = new Gson().fromJson(json, AuthUser.class);

			//校验redis中是否有权限
			if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER,authUser.getId()) + jwt)) {
			if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER, authUser.getId()) + jwt) \|\|
			cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)) {
			//构造返回信息
			List<GrantedAuthority> auths = new ArrayList<>();
			auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name()));

			@@ -265,6 +265,11 @@
			if (StrUtil.isNotBlank(authUser.getPhone())) {
			member = memberService.findByMobile(authUser.getPhone());
			}

			if (StrUtil.isNotBlank(authUser.getUuid())) {
			member = memberService.findByUUID(authUser.getUuid());
			}

			//如果未查到手机号的会员则使用第三方登录
			if (member == null) {
			LambdaQueryWrapper<Connect> queryWrapper = new LambdaQueryWrapper<Connect>();

			@@ -5,6 +5,7 @@
			import cn.lili.common.security.sensitive.enums.SensitiveStrategy;
			import cn.lili.common.utils.CommonUtil;
			import cn.lili.mybatis.BaseEntity;
			import com.baomidou.mybatisplus.annotation.TableField;
			import com.baomidou.mybatisplus.annotation.TableName;
			import com.fasterxml.jackson.annotation.JsonFormat;
			import io.swagger.annotations.ApiModel;
			@@ -80,6 +81,10 @@
			@ApiModelProperty(value = "店铺ID")
			private String storeId;

			@ApiModelProperty(value = "uuId")
			@TableField(value = "uu_id")
			private String uuId;

			/**
			* @see ClientTypeEnum
			*/
			@@ -111,7 +116,7 @@
			this.lastLoginDate = new Date();
			}

			public Member(String username, String password, String face, String nickName, Integer sex,String mobile) {
			public Member(String username, String password, String face, String nickName, Integer sex, String mobile) {
			this.username = username;
			this.password = password;
			this.mobile = mobile;

			@@ -336,4 +336,6 @@
			boolean appSConfirm(String token, Integer code);

			QRLoginResultVo loginWithSession(String token);

			Member findByUUID(String uuid);
			}

			@@ -257,6 +257,7 @@
			Member member = new Member(authUser.getUsername(), UuidUtils.getUUID(), authUser.getAvatar(), authUser.getNickname(),
			authUser.getGender() != null ? Convert.toInt(authUser.getGender().getCode()) : 0, authUser.getPhone());
			member.setPassword(DEFAULT_PASSWORD);
			member.setUuId(authUser.getUuid());
			// 发送会员注册信息
			registerHandler(member);

			@@ -501,18 +502,19 @@
			this.updateById(member);
			return member;
			}

			@Override
			public Result resetPassword(String id){
			String password = "123456";
			Member member = this.getById(id);
			member.setPassword(new BCryptPasswordEncoder().encode(password));
			this.updateById(member);
			return Result.ok("重置成功");
			public Result resetPassword(String id) {
			String password = "123456";
			Member member = this.getById(id);
			member.setPassword(new BCryptPasswordEncoder().encode(password));
			this.updateById(member);
			return Result.ok("重置成功");
			}


			@Override
			public Member updateMemberPartProperties(String id,String password,String mobile) {
			public Member updateMemberPartProperties(String id, String password, String mobile) {
			//查询会员信息
			Member member = this.getById(id);
			member.setMobile(mobile);
			@@ -861,6 +863,13 @@
			return result;
			}

			@Override
			public Member findByUUID(String uuid) {
			QueryWrapper<Member> queryWrapper = new QueryWrapper<>();
			queryWrapper.eq("uu_id", uuid);
			return this.baseMapper.selectOne(queryWrapper);
			}

			/**
			* 检测会员
			*

			@@ -48,13 +48,14 @@

			@Override
			public List<StoreUserMenuVO> findAllMenu(String clerkId, String memberId) {
			String cacheKey = CachePrefix.STORE_USER_MENU.getPrefix() + memberId;
			List<StoreUserMenuVO> menuList = (List<StoreUserMenuVO>) cache.get(cacheKey);
			if (menuList == null \|\| menuList.isEmpty()) {
			menuList = storeMenuService.getUserRoleMenu(clerkId);
			cache.put(cacheKey, menuList);
			}
			return menuList;
			// String cacheKey = CachePrefix.STORE_USER_MENU.getPrefix() + memberId;
			// List<StoreUserMenuVO> menuList = (List<StoreUserMenuVO>) cache.get(cacheKey);
			// if (menuList == null \|\| menuList.isEmpty()) {
			// menuList = storeMenuService.getUserRoleMenu(clerkId);
			// cache.put(cacheKey, menuList);
			// }
			// return menuList;
			return storeMenuService.getUserRoleMenu(clerkId);
			}

			@@ -8,7 +8,9 @@
			import cn.lili.common.security.token.Token;
			import cn.lili.common.security.token.TokenUtil;
			import cn.lili.common.security.token.base.AbstractTokenGenerate;
			import cn.lili.modules.member.entity.dos.Clerk;
			import cn.lili.modules.member.entity.dos.Member;
			import cn.lili.modules.member.service.ClerkService;
			import cn.lili.rocketmq.RocketmqSendCallbackBuilder;
			import cn.lili.rocketmq.tags.MemberTagsEnum;
			import org.apache.rocketmq.spring.core.RocketMQTemplate;
			@@ -34,6 +36,9 @@
			@Autowired
			private RocketMQTemplate rocketMQTemplate;

			@Autowired
			private ClerkService clerkService;

			@Override
			public Token createToken(Member member, Boolean longTerm) {

			@@ -57,11 +62,14 @@
			String destination = rocketmqCustomProperties.getMemberTopic() + ":" + MemberTagsEnum.MEMBER_LOGIN.name();
			rocketMQTemplate.asyncSend(destination, member, RocketmqSendCallbackBuilder.commonCallback());

			Clerk clerk = clerkService.getClerkByMemberId(member.getId());

			AuthUser authUser = AuthUser.builder()
			.username(member.getUsername())
			.face(member.getFace())
			.id(member.getId())
			.role(UserEnums.MEMBER)
			.role(clerk == null ? UserEnums.MEMBER : UserEnums.STORE)
			.storeId(clerk == null ? null : clerk.getStoreId())
			.nickName(member.getNickName())
			.longTerm(longTerm)
			.build();

			@@ -1,12 +1,16 @@
			package cn.lili.controller.goods;

			import cn.lili.common.enums.ResultUtil;
			import cn.lili.common.security.AuthUser;
			import cn.lili.common.security.context.UserContext;
			import cn.lili.common.utils.StringUtils;
			import cn.lili.common.vo.ResultMessage;
			import cn.lili.modules.goods.entity.vos.CategoryBrandVO;
			import cn.lili.modules.goods.entity.vos.CategoryVO;
			import cn.lili.modules.goods.service.CategoryBrandService;
			import cn.lili.modules.goods.service.CategoryService;
			import cn.lili.modules.member.entity.dos.Clerk;
			import cn.lili.modules.member.service.ClerkService;
			import cn.lili.modules.store.service.StoreDetailService;
			import io.swagger.annotations.Api;
			import io.swagger.annotations.ApiImplicitParam;
			@@ -49,11 +53,19 @@
			*/
			@Autowired
			private StoreDetailService storeDetailService;
			@Autowired
			private ClerkService clerkService;

			@ApiOperation(value = "获取店铺经营的分类")
			@GetMapping(value = "/all")
			public ResultMessage<List<CategoryVO>> getListAll() {

			String storeId = Objects.requireNonNull(UserContext.getCurrentUser()).getStoreId();
			if (StringUtils.isEmpty(storeId)) {
			Clerk clerk = clerkService.getClerkByMemberId(UserContext.getCurrentUserId());
			storeId = clerk.getStoreId();
			}

			//获取店铺经营范围
			String goodsManagementCategory = storeDetailService.getStoreDetail(storeId).getGoodsManagementCategory();
			return ResultUtil.data(this.categoryService.getStoreCategory(goodsManagementCategory.split(",")));

			@@ -106,7 +106,9 @@
			AuthUser authUser = new Gson().fromJson(json, AuthUser.class);

			//校验redis中是否有权限
			if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)) {
			if (cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.MEMBER, authUser.getId()) + jwt) \|\|
			cache.hasKey(CachePrefix.ACCESS_TOKEN.getPrefix(UserEnums.STORE, authUser.getId()) + jwt)
			) {
			//用户角色
			List<GrantedAuthority> auths = new ArrayList<>();
			auths.add(new SimpleGrantedAuthority("ROLE_" + authUser.getRole().name()));
			@@ -145,14 +147,14 @@
			//获取缓存中的权限
			Map<String, List<String>> permission =
			(Map<String, List<String>>) cache.get(permissionCacheKey);
			if (permission == null \|\| permission.isEmpty()) {
			//根据会员id查询店员信息
			Clerk clerk = clerkService.getClerkByMemberId(authUser.getId());
			if (clerk != null) {
			permission = storeTokenGenerate.permissionList(storeMenuRoleService.findAllMenu(clerk.getId(), authUser.getId()));
			cache.put(permissionCacheKey, permission);
			}
			// if (permission == null \|\| permission.isEmpty()) {
			//根据会员id查询店员信息
			Clerk clerk = clerkService.getClerkByMemberId(authUser.getId());
			if (clerk != null) {
			permission = storeTokenGenerate.permissionList(storeMenuRoleService.findAllMenu(clerk.getId(), authUser.getId()));
			cache.put(permissionCacheKey, permission);
			}
			//}
			//获取数据(GET 请求)权限
			if (request.getMethod().equals(RequestMethod.GET.name())) {
			//如果用户的超级权限和查阅权限都不包含当前请求的api