基本完成认证和权限接口

.gitignore

@@ -28,3 +28,9 @@ dmaster/\.classpath
 dmaster/\.factorypath
 
 logs/
+
+common/target/
+
+dagent/target/
+
+dmaster/target/

common/src/main/java/cn/reghao/autodop/common/utils/DateTimeUtil.java

@@ -2,6 +2,7 @@ package cn.reghao.autodop.common.utils;
 
 import java.time.*;
 import java.time.format.DateTimeFormatter;
+import java.util.Date;
 
 /**
  * 时间日期工具类
@@ -74,4 +75,10 @@ public class DateTimeUtil {
         ZonedDateTime dateTime = instant.atZone(ZoneId.of("Asia/Shanghai"));
         return dateTime.toLocalDateTime().toString();
     }
+
+    public static long duration(LocalDateTime future) {
+        LocalDateTime now = LocalDateTime.now();
+        long second = Duration.between(now, future).getSeconds();
+        return second * 1000;
+    }
 }

common/src/main/java/cn/reghao/autodop/common/utils/security/Md5Cryptor.java

@@ -0,0 +1,32 @@
+package cn.reghao.autodop.common.utils.security;
+
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
+/**
+ * @author reghao
+ * @date 2019-03-26 14:46:57
+ */
+public class Md5Cryptor implements Cryptor {
+    private MessageDigest md5;
+
+    public Md5Cryptor() throws NoSuchAlgorithmException {
+        this.md5 = MessageDigest.getInstance("MD5");
+    }
+
+    @Override
+    public String encrypt(String str) {
+        byte[] bytes = md5.digest(str.getBytes());
+        StringBuilder sb = new StringBuilder();
+        for (byte aByte : bytes) {
+            sb.append(Integer.toString((aByte & 0xff) + 0x100, 16).substring(1));
+        }
+
+        return sb.toString();
+    }
+
+    @Override
+    public String decrypt(String str) {
+        return null;
+    }
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/app/controller/AppOrchestrateController.java

@@ -112,7 +112,7 @@ public class AppOrchestrateController {
 
     @ApiOperation(value = "删除项目/应用编排")
     @DeleteMapping("/{type}/{appId}")
-    public ResponseEntity<String>deleteOrchestration(@PathVariable("type") int type,
+    public ResponseEntity<String> deleteOrchestration(@PathVariable("type") int type,
                                       @PathVariable("appId") String appId) {
         appOrchestrateService.delete(type, appId);
         return ResponseEntity.ok().body(WebResult.success("ok"));

dmaster/src/main/java/cn/reghao/autodop/dmaster/app/entity/orchestration/AppOrchestration.java

@@ -4,6 +4,7 @@ import cn.reghao.autodop.dmaster.app.entity.BaseEntity;
 import cn.reghao.autodop.dmaster.app.entity.build.AppBuild;
 import cn.reghao.autodop.dmaster.app.entity.deploy.AppDeploy;
 import cn.reghao.autodop.dmaster.app.entity.deploy.ConfigFile;
+import cn.reghao.autodop.dmaster.auth.entity.Role;
 import lombok.Data;
 import lombok.EqualsAndHashCode;
 
@@ -51,11 +52,13 @@ public class AppOrchestration extends BaseEntity implements Cloneable {
     @ManyToOne(cascade = CascadeType.PERSIST)
     @JoinColumn(name = "notification_id", foreignKey = @ForeignKey(value = ConstraintMode.NO_CONSTRAINT))
     private Notification notification;
+    /*@ManyToOne(cascade = CascadeType.PERSIST)
+    @JoinColumn(name = "role_id", foreignKey = @ForeignKey(value = ConstraintMode.NO_CONSTRAINT))
+    private Role role;*/
     // 是否启用编排
     @Column(nullable = false)
     private boolean enable;
-    // TODO 添加一个 role 字段，表示哪些权限的用户可以访问
-    // TODO 添加一个 delete 字段，表示是否被删除。只做逻辑上的删除
+    //private boolean delete;
     // TODO 添加定时构建部署选项
     // TODO 接入到项目管理系统
 

dmaster/src/main/java/cn/reghao/autodop/dmaster/app/repository/orchestration/AppRepository.java

@@ -4,13 +4,11 @@ import cn.reghao.autodop.dmaster.app.entity.build.compile.AppCompile;
 import cn.reghao.autodop.dmaster.app.entity.build.pack.AppPack;
 import cn.reghao.autodop.dmaster.app.entity.build.update.AppUpdate;
 import cn.reghao.autodop.dmaster.app.entity.orchestration.Notification;
-import cn.reghao.autodop.dmaster.app.entity.orchestration.ProjOrchestration;
 import cn.reghao.autodop.dmaster.app.repository.build.AppCompileRepository;
 import cn.reghao.autodop.dmaster.app.repository.build.AppPackRepository;
 import cn.reghao.autodop.dmaster.app.repository.build.AppUpdateRepository;
-import cn.reghao.autodop.dmaster.app.vo.AppBuildVO;
 import cn.reghao.autodop.dmaster.app.vo.BuildConfig;
-import cn.reghao.autodop.dmaster.app.vo.SelectOption;
+import cn.reghao.autodop.dmaster.vue.SelectOption;
 import org.springframework.stereotype.Repository;
 
 import java.util.*;

dmaster/src/main/java/cn/reghao/autodop/dmaster/app/service/deploy/AppDeployTask.java

@@ -25,6 +25,7 @@ public class AppDeployTask implements Callable<Boolean> {
     @Override
     public Boolean call() throws Exception {
         // TODO 公共网络下，gRPC 调用需要经过认证
+        // TODO 使用异步消息替换 gRPC
         AppDeployService appDeployService = (AppDeployService)new GrpcClientProxy<AppDeployService>()
                 .getProxy(deployConfig.getHost(), GRPC_PORT, AppDeployService.class);
 

dmaster/src/main/java/cn/reghao/autodop/dmaster/app/vo/BuildConfig.java

@@ -1,5 +1,6 @@
 package cn.reghao.autodop.dmaster.app.vo;
 
+import cn.reghao.autodop.dmaster.vue.SelectOption;
 import lombok.Data;
 
 import java.util.List;

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/UserService.java

@@ -1,20 +0,0 @@
-package cn.reghao.autodop.dmaster.auth;
-
-import cn.reghao.autodop.dmaster.auth.repository.UserAuthRepository;
-import org.springframework.stereotype.Service;
-
-/**
- * @author reghao
- * @date 2020-06-19 16:36:53
- */
-@Service
-public class UserService {
-    private UserAuthRepository authRepository;
-
-    public UserService(UserAuthRepository authRepository) {
-        this.authRepository = authRepository;
-    }
-
-    public void createUser() {
-    }
-}

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/config/WebSecurityConfig.java

@@ -26,7 +26,7 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic
  */
 @Configuration
 @EnableWebSecurity
-@EnableGlobalMethodSecurity(prePostEnabled = true)
+@EnableGlobalMethodSecurity(prePostEnabled = true) // 调用方法时检查权限
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     private UserDetailsServiceImpl userDetailsService;
     private final String authUrl = "/login";

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/IndexController.java

@@ -1,5 +1,11 @@
 package cn.reghao.autodop.dmaster.auth.controller;
 
+import cn.reghao.autodop.common.utils.JsonUtil;
+import cn.reghao.autodop.dmaster.auth.entity.Permission;
+import cn.reghao.autodop.dmaster.auth.entity.Role;
+import cn.reghao.autodop.dmaster.auth.repository.PermissionRepository;
+import cn.reghao.autodop.dmaster.auth.repository.RoleRepository;
+import cn.reghao.autodop.dmaster.vue.VueRole;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
@@ -7,10 +13,12 @@ import io.swagger.annotations.ApiOperation;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.bind.annotation.*;
 
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 
 /**
  * @author reghao
@@ -19,16 +27,66 @@ import java.util.Map;
 @Slf4j
 @Api(tags = "测试接口")
 @RestController
-//@RequestMapping("/admin")
 public class IndexController {
+    private RoleRepository roleRepository;
+    private PermissionRepository permissionRepository;
+
+    public IndexController(RoleRepository roleRepository, PermissionRepository permissionRepository) {
+        this.roleRepository = roleRepository;
+        this.permissionRepository = permissionRepository;
+    }
+
     @ApiOperation(value = "获取用户信息")
     @ApiImplicitParams(
             @ApiImplicitParam(name="appId", value="应用 ID", paramType="path", dataType = "String")
     )
-    @GetMapping("/api/getInfo")
-    public ResponseEntity<String> adminInfo() {
-        String result = "{\"code\":0,\"data\":{\"name\":\"admin\",\"roles\":[\"Home\",\"Dashbord\",\"Driver\",\"Driver-index\",\"Permission\",\"PageUser\",\"PageAdmin\",\"Roles\",\"Table\",\"BaseTable\",\"ComplexTable\",\"Icons\",\"Icons-index\",\"Components\",\"Sldie-yz\",\"Upload\",\"Carousel\",\"Echarts\",\"Sldie-chart\",\"Dynamic-chart\",\"Map-chart\",\"Excel\",\"Excel-out\",\"Excel-in\",\"Mutiheader-out\",\"Error\",\"Page404\",\"Github\",\"NavTest\",\"Nav1\",\"Nav2\",\"Nav2-1\",\"Nav2-2\",\"Nav2-2-1\",\"Nav2-2-2\",\"*404\"],\"introduce\":\"哈哈哈\"},\"_res\":{\"status\":200}}";
-        return ResponseEntity.ok().body(result);
+    @GetMapping("/api/getPages")
+    public ResponseEntity<String> getPages() {
+        // TODO 使用 UserContext 来获取当前线程访问的用户
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        String username = auth.getName();
+        List<String> roles = new ArrayList<>();
+        auth.getAuthorities().forEach(authority -> {
+            Role role = roleRepository.findRoleByName(authority.getAuthority());
+            Permission permission = permissionRepository.findByRole(role);
+            roles.addAll(permission.getUrls());
+        });
+
+        Result result = new Result();
+        result.setCode(0);
+        Map<String, Integer> map = new HashMap<>();
+        map.put("status", 200);
+        result.set_res(map);
+
+        UserInfo userInfo = new UserInfo();
+        userInfo.setName(username);
+        userInfo.setIntroduce("I am admin");
+        userInfo.setRoles(roles);
+        result.setData(userInfo);
+
+        return ResponseEntity.ok().body(JsonUtil.objectToJson(result));
+    }
+
+    @GetMapping("/api/getRoles")
+    public ResponseEntity<String> roles() {
+        ResultData resultData = new ResultData();
+        resultData.setCode(0);
+
+        RoleData roleData = new RoleData();
+        List<VueRole> allRoles = new ArrayList<>();
+        VueRole role1 = new VueRole();
+        role1.setKey("admin");
+        role1.setDescription("I am admin");
+        List<String> list1 = new ArrayList<>();
+        list1.add("Home");
+        list1.add("Dashbord");
+        list1.add("Roles");
+        role1.setPages(list1);
+        allRoles.add(role1);
+        roleData.setAllRoles(allRoles);
+        resultData.setData(roleData);
+
+        return ResponseEntity.ok().body(JsonUtil.objectToJson(resultData));
     }
 
     @PostMapping("/login")
@@ -60,13 +118,24 @@ public class IndexController {
     static class Result {
         private int code;
         private Map<String, Integer> _res;
-        private String data;
+        private UserInfo data;
     }
 
     @Data
-    static class AdminInfo {
+    static class UserInfo {
         private String name;
         private String introduce;
         private List<String> roles;
     }
+
+    @Data
+    static class ResultData {
+        private int code;
+        private RoleData data;
+    }
+
+    @Data
+    static class RoleData {
+        private List<VueRole> allRoles;
+    }
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/controller/UserController.java

@@ -1,10 +1,13 @@
 package cn.reghao.autodop.dmaster.auth.controller;
 
-import cn.reghao.autodop.dmaster.auth.UserService;
+import cn.reghao.autodop.dmaster.app.vo.PageList;
+import cn.reghao.autodop.dmaster.auth.service.UserService;
 import cn.reghao.autodop.dmaster.common.webresult.WebResult;
 import io.swagger.annotations.Api;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Sort;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.annotation.Secured;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
 
 /**
@@ -21,15 +24,34 @@ public class UserController {
         this.userService = userService;
     }
 
-    // TODO 指定角色的用户才能访问
-    @Secured("ROLE_ADMIN")
-    @PostMapping(consumes = "application/json")
-    public ResponseEntity<String> createUser(@RequestBody String json) throws Exception {
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @PostMapping(value = "/{type}", consumes = "application/json")
+    public ResponseEntity<String> add(@PathVariable("type") int type, @RequestBody String json) throws Exception {
+        userService.addOrUpdate(type, json);
         return ResponseEntity.ok().body(WebResult.success("ok"));
     }
 
-    @GetMapping
-    public ResponseEntity<String> getUserByPage(@RequestParam("page") int page, @RequestParam("size") int size) {
-        return ResponseEntity.ok().body("");
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @GetMapping(value = "/{type}")
+    public ResponseEntity<String> getByPage(@PathVariable("type") int type,
+                                            @RequestParam("page") int page, @RequestParam("size") int size) {
+        PageRequest pageRequest =
+                PageRequest.of(page-1, size, Sort.by(Sort.Direction.DESC, "updateTime"));
+        PageList pageList = userService.getByPage(type, pageRequest);
+        return ResponseEntity.ok().body(WebResult.success(pageList));
+    }
+
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @PutMapping("/{type}")
+    public ResponseEntity<String> modify(@PathVariable("type") int type, @RequestBody String json) {
+        userService.addOrUpdate(type, json);
+        return ResponseEntity.ok().body(WebResult.success("ok"));
+    }
+
+    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    @DeleteMapping("/{type}/{name}")
+    public ResponseEntity<String> delete(@PathVariable("type") int type, @PathVariable("name") String name) {
+        userService.delete(type, name);
+        return ResponseEntity.ok().body(WebResult.success("ok"));
     }
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/entity/Permission.java

@@ -1,25 +1,23 @@
 package cn.reghao.autodop.dmaster.auth.entity;
 
+import cn.reghao.autodop.dmaster.app.entity.BaseEntity;
 import lombok.Data;
+import lombok.EqualsAndHashCode;
 
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import java.io.Serializable;
+import javax.persistence.*;
+import java.util.Set;
 
 /**
  * @author reghao
  * @date 2019/03/14 20:05:36
  */
-@Entity
 @Data
-public class Permission implements Serializable {
-    private static final long serialVersionUID = 1L;
-
-    @Id
-    @GeneratedValue(strategy = GenerationType.AUTO)
-    private Integer id;
-    private String url;
-    private int roleId;
+@EqualsAndHashCode(callSuper = false)
+@Entity
+public class Permission extends BaseEntity {
+    @ManyToOne(cascade = CascadeType.PERSIST)
+    @JoinColumn(name = "role_id", foreignKey = @ForeignKey(value = ConstraintMode.NO_CONSTRAINT))
+    private Role role;
+    @ElementCollection(fetch = FetchType.EAGER)
+    private Set<String> urls;
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/entity/Role.java

@@ -1,24 +1,21 @@
 package cn.reghao.autodop.dmaster.auth.entity;
 
+import cn.reghao.autodop.dmaster.app.entity.BaseEntity;
 import lombok.Data;
+import lombok.EqualsAndHashCode;
 
+import javax.persistence.Column;
 import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import java.io.Serializable;
 
 /**
  * @author reghao
  * @date 2019/03/14 21:46:13
  */
-@Entity
 @Data
-public class Role implements Serializable {
-    private static final long serialVersionUID = -2426880004705187049L;
-
-    @Id
-    @GeneratedValue(strategy = GenerationType.AUTO)
-    private Integer id;
+@EqualsAndHashCode(callSuper = false)
+@Entity
+public class Role extends BaseEntity {
+    @Column(nullable = false, unique = true)
     private String name;
+    private String description;
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/entity/UserAuth.java

@@ -1,16 +1,14 @@
 package cn.reghao.autodop.dmaster.auth.entity;
 
+import cn.reghao.autodop.dmaster.app.entity.BaseEntity;
 import lombok.Data;
+import lombok.EqualsAndHashCode;
 import lombok.NoArgsConstructor;
 import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetails;
 
 import javax.persistence.*;
-import java.io.Serializable;
 import java.util.Collection;
-import java.util.HashSet;
-import java.util.List;
 import java.util.Set;
 
 /**
@@ -19,40 +17,31 @@ import java.util.Set;
  * @author reghao
  * @date 2019/03/14 19:12:48
  */
-@Data
 @NoArgsConstructor
+@Data
+@EqualsAndHashCode(callSuper = false)
 @Entity
-public class UserAuth implements Serializable, UserDetails {
-    private static final long serialVersionUID = 1L;
-
-    @Id
-    @GeneratedValue(strategy = GenerationType.AUTO)
-    private Integer id;
+public class UserAuth  extends BaseEntity implements UserDetails {
     // 用户名和密码
+    @Column(nullable = false, unique = true)
     private String username;
+    @Column(nullable = false)
     private String password;
+    @Column(nullable = false)
     private String salt;
-
     // 数据库表中默认为 ROLE_USER
-    private int roleId;
+    /*@Column(nullable = false)
+    private int roleId;*/
+    @ManyToOne(cascade = CascadeType.PERSIST)
+    @JoinColumn(name = "role_id", foreignKey = @ForeignKey(value = ConstraintMode.NO_CONSTRAINT))
+    private Role role;
     // 数据库表中默认为 0
     private int status;
     // 数据库表中默认为 0
     private int locked;
-    @ElementCollection(fetch = FetchType.LAZY)
+    @ElementCollection(fetch = FetchType.EAGER)
     private Set<GrantedAuthority> authorities;
 
-    public UserAuth(String username, String password, Set<GrantedAuthority> grantedAuthorities) {
-        this.username = username;
-        this.password = password;
-        this.authorities = grantedAuthorities;
-    }
-
-    public UserAuth(String username, String password) {
-        this.username = username;
-        this.password = password;
-    }
-
     @Override
     public String getUsername() {
         return username;

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/entity/UserProfile.java

@@ -1,25 +0,0 @@
-package cn.reghao.autodop.dmaster.auth.entity;
-
-import lombok.Data;
-
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import java.io.Serializable;
-
-/**
- * @author reghao
- * @date 2019-05-31 15:04:20
- */
-@Entity
-@Data
-public class UserProfile implements Serializable {
-    private static final long serialVersionUID = 1L;
-
-    @Id
-    @GeneratedValue(strategy = GenerationType.AUTO)
-    private Integer id;
-    private String uuid;
-    private String name;
-}

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/jwt/JwtToken.java

@@ -1,5 +1,6 @@
 package cn.reghao.autodop.dmaster.auth.jwt;
 
+import cn.reghao.autodop.common.utils.DateTimeUtil;
 import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.ExpiredJwtException;
 import io.jsonwebtoken.Jwts;
@@ -11,13 +12,13 @@ import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
 
 import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
+import java.time.LocalDate;
+import java.time.LocalDateTime;
 import java.util.Date;
 import java.util.List;
 
 /**
- * JWT 令牌服务
+ * JWT 令牌
  * TODO 将 JWT 令牌存放在 redis 中
  *
  * @author reghao
@@ -25,25 +26,30 @@ import java.util.List;
  */
 @Slf4j
 public class JwtToken {
-    // 10 mins
-    private static final long EXPIRATION_TIME = 60_000*60*24*7;
+    // TODO 过期时间统一在凌晨三点，根据当前时间加一个偏移值
+    // 7 days
+    private static final long EXPIRATION_DAY = 7;
+    // 15 days
+    private static final long REFRESH_EXPIRATION_DAY = 15;
     // TODO key 需要动态变化
     private static final String KEY = "Reghao";
     private static final String TOKEN_PREFIX = "Bearer ";
     private static final String HEADER_STRING = "Authorization";
 
     /**
-     * 生成一个新 token
+     * 颁发一个访问令牌
      *
      * @param
      * @return
      * @date 2019-11-21 下午4:39
      */
-    public static String newToken(String username) {
+    public static String accessToken(String username, String authorities) {
+        // TODO 第七天凌晨三点令牌过期
+        LocalDateTime future = LocalDate.now().plusDays(EXPIRATION_DAY).atTime(3, 0);
         String jwt = Jwts.builder()
-                .claim("authorities", "ROLE_USER")
+                .claim("authorities", authorities)
                 .setSubject(username)
-                .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
+                .setExpiration(new Date(System.currentTimeMillis() + DateTimeUtil.duration(future)))
                 .signWith(SignatureAlgorithm.HS256, KEY)
                 .compact();
 
@@ -51,7 +57,26 @@ public class JwtToken {
     }
 
     /**
-     * TODO 检查 token 是否有效
+     * 颁发一个刷新令牌
+     * TODO 访问令牌过期时，使用刷新令牌获取一个新的访问令牌
+     *
+     * @param
+     * @return
+     * @date 2019-11-21 下午4:39
+     */
+    public static String refreshToken(String username) {
+        LocalDateTime future = LocalDate.now().plusDays(REFRESH_EXPIRATION_DAY).atTime(3, 0);
+        String refreshToken = Jwts.builder()
+                .setSubject(username)
+                .setExpiration(new Date(System.currentTimeMillis() + DateTimeUtil.duration(future)))
+                .signWith(SignatureAlgorithm.HS256, KEY)
+                .compact();
+
+        return refreshToken;
+    }
+
+    /**
+     * TODO 检查 token 是否有效，令牌是否过期，令牌格式是否有效等
      *
      * @param
      * @return
@@ -70,24 +95,7 @@ public class JwtToken {
         }
     }
 
-    public static void setAuthentication(HttpServletResponse response, String username) throws IOException {
-        String jwt = Jwts.builder()
-                .claim("authorities", "ROLE_USER")
-                .setSubject(username)
-                .setExpiration(new Date(System.currentTimeMillis() + EXPIRATION_TIME))
-                .signWith(SignatureAlgorithm.HS256, KEY)
-                .compact();
-
-        response.setContentType("application/json");
-        response.setStatus(HttpServletResponse.SC_OK);
-        // 由于没有托管在 Spring MVC 中，因此需要单独处理跨域
-        response.addHeader("Access-Control-Allow-Origin", "*");
-        response.addHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,PUT,DELETE");
-        response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization，Content-Type");
-        response.getOutputStream().print(jwt);
-    }
-
-    static Authentication getAuthentication(HttpServletRequest request) {
+    public static Authentication getAuthentication(HttpServletRequest request) {
         String token = request.getHeader(HEADER_STRING);
         if (token != null) {
             Claims claims = Jwts.parser()

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/jwt/JwtTokenFilter.java

@@ -31,9 +31,11 @@ public class JwtTokenFilter extends OncePerRequestFilter {
         String token = request.getHeader("Authorization");
         if (token != null) {
             if (JwtToken.isValid(token)) {
+                // TODO 计算当前离过期时间还有多久
                 Authentication authentication = JwtToken.getAuthentication(request);
                 SecurityContextHolder.getContext().setAuthentication(authentication);
             } else {
+                // TODO 使用刷新令牌获取一个新的访问令牌
                 response.sendError(HttpServletResponse.SC_FORBIDDEN, "令牌已过期");
             }
         } else {

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/jwt/UserDetailsServiceImpl.java

@@ -32,32 +32,16 @@ public class UserDetailsServiceImpl implements UserDetailsService {
 
     @Override
     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
-        if ("admin".equals(username)) {
-            UserAuth userAuth = new UserAuth();
-            userAuth.setId(1);
-            userAuth.setUsername(username);
-            userAuth.setPassword("12345678");
-            userAuth.setRoleId(1);
-            userAuth.setStatus(0);
-
-            Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
-            GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("ADMIN");
-            grantedAuthorities.add(grantedAuthority);
-            // 用户的权限
-            userAuth.setAuthorities(grantedAuthorities);
-            return userAuth;
-        }
-
-        /*UserAuth userAuth = authRepository.findUserAuthByUsername(username);
+        UserAuth userAuth = authRepository.findUserAuthByUsername(username);
         if (userAuth != null) {
-            String role = roleRepository.findRoleById(userAuth.getRoleId());
+            String role = userAuth.getRole().getName();
             Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
             GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(role);
             grantedAuthorities.add(grantedAuthority);
             // 用户的权限
             userAuth.setAuthorities(grantedAuthorities);
             return userAuth;
-        }*/ else {
+        } else {
             // Spring Security 会将 UsernameNotFoundException 捕获并替换，使得前端无法看到信息
             //throw new UsernameNotFoundException(email + " 未注册");
             throw new DisabledException(username + " 未注册");

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/jwt/UsernamePasswordAuthFilter.java

@@ -8,6 +8,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
@@ -35,12 +36,12 @@ public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessing
     public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
             throws AuthenticationException, IOException, ServletException {
         // form-data 中的 username 和 password 参数
-        String username = request.getParameter("user");
+        String username = request.getParameter("username");
         String password = request.getParameter("password");
-        if (username == null && password == null) {
+        if (username == null || password == null) {
             // 请求数据放在 request 的 body 中
-            JsonObject jsonObject = getBody(request);
-            username = jsonObject.get("user").getAsString();
+            JsonObject jsonObject = requestBody(request);
+            username = jsonObject.get("username").getAsString();
             password = jsonObject.get("password").getAsString();
         }
 
@@ -60,8 +61,14 @@ public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessing
                                             HttpServletResponse response,
                                             FilterChain chain,
                                             Authentication auth) throws IOException, ServletException {
+        StringBuilder authorities = new StringBuilder();
+        for (GrantedAuthority authority : auth.getAuthorities()) {
+            authorities.append(authority.getAuthority()).append(",");
+        }
+
         // TODO 将 username:token 存储在缓存中，用户注销时，在缓存中将 token 置为不可用
-        String accessToken = JwtToken.newToken(auth.getName());
+        String accessToken = JwtToken.accessToken(auth.getName(), authorities.toString());
+        String refreshToken = JwtToken.refreshToken(auth.getName());
         ResultData resultData = new ResultData();
         resultData.setMsg("登录成功");
         resultData.setSuccess(true);
@@ -94,7 +101,7 @@ public class UsernamePasswordAuthFilter extends AbstractAuthenticationProcessing
         response.getOutputStream().println("username or password invalid");
     }
 
-    private JsonObject getBody(HttpServletRequest request) throws IOException {
+    private JsonObject requestBody(HttpServletRequest request) throws IOException {
         BufferedReader br = request.getReader();
         StringBuilder sb = new StringBuilder();
         String line;

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/jwt/UsernamePasswordAuthProvider.java

@@ -1,9 +1,10 @@
 package cn.reghao.autodop.dmaster.auth.jwt;
 
 import cn.reghao.autodop.common.utils.security.Cryptor;
-import cn.reghao.autodop.common.utils.security.Sha256Cryptor;
+import cn.reghao.autodop.common.utils.security.Md5Cryptor;
 import cn.reghao.autodop.dmaster.auth.entity.UserAuth;
 import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.DisabledException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -23,7 +24,7 @@ public class UsernamePasswordAuthProvider implements AuthenticationProvider {
     public UsernamePasswordAuthProvider(UserDetailsServiceImpl userDetailsService)
             throws NoSuchAlgorithmException {
         this.userDetailsService = userDetailsService;
-        this.cryptor = new Sha256Cryptor();
+        this.cryptor = new Md5Cryptor();
     }
 
     @Override
@@ -31,12 +32,13 @@ public class UsernamePasswordAuthProvider implements AuthenticationProvider {
         String username = authentication.getName();
         String password = (String) authentication.getCredentials();
 
+        // TODO 缓存中查找
         // 从数据库中获取用户认证信息
         UserAuth userAuth = (UserAuth) userDetailsService.loadUserByUsername(username);
-        /*String encodedPassword = cryptor.encrypt(password + userAuth.getSalt());
+        String encodedPassword = cryptor.encrypt(password + userAuth.getSalt());
         if (!userAuth.getPassword().equals(encodedPassword)) {
             throw new DisabledException("用户名/密码错误");
-        }*/
+        }
 
         return new UsernamePasswordAuthenticationToken(userAuth, password, userAuth.getAuthorities());
     }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/repository/PermissionRepository.java

@@ -0,0 +1,13 @@
+package cn.reghao.autodop.dmaster.auth.repository;
+
+import cn.reghao.autodop.dmaster.auth.entity.Permission;
+import cn.reghao.autodop.dmaster.auth.entity.Role;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+/**
+ * @author reghao
+ * @date 2019-08-29 10:52:14
+ */
+public interface PermissionRepository extends JpaRepository<Permission, Integer> {
+    Permission findByRole(Role role);
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/repository/RoleRepository.java

@@ -8,5 +8,6 @@ import org.springframework.data.jpa.repository.JpaRepository;
  * @date 2019-08-29 10:52:14
  */
 public interface RoleRepository extends JpaRepository<Role, Integer> {
-    String findRoleById(int id);
+    Role findRoleByName(String roleName);
+    Role findRoleById(long id);
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/repository/UserAuthRepository.java

@@ -2,6 +2,9 @@ package cn.reghao.autodop.dmaster.auth.repository;
 
 import cn.reghao.autodop.dmaster.auth.entity.UserAuth;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
+
+import javax.transaction.Transactional;
 
 /**
  * @author reghao
@@ -9,4 +12,8 @@ import org.springframework.data.jpa.repository.JpaRepository;
  */
 public interface UserAuthRepository extends JpaRepository<UserAuth, Integer> {
     UserAuth findUserAuthByUsername(String username);
+
+    @Modifying
+    @Transactional
+    void deleteByUsername(String username);
 }

dmaster/src/main/java/cn/reghao/autodop/dmaster/auth/service/UserService.java

@@ -0,0 +1,175 @@
+package cn.reghao.autodop.dmaster.auth.service;
+
+import cn.reghao.autodop.common.utils.JsonUtil;
+import cn.reghao.autodop.common.utils.security.Cryptor;
+import cn.reghao.autodop.common.utils.security.Md5Cryptor;
+import cn.reghao.autodop.common.utils.security.Salt;
+import cn.reghao.autodop.dmaster.app.vo.PageList;
+import cn.reghao.autodop.dmaster.auth.entity.Permission;
+import cn.reghao.autodop.dmaster.auth.entity.Role;
+import cn.reghao.autodop.dmaster.auth.entity.UserAuth;
+import cn.reghao.autodop.dmaster.auth.repository.PermissionRepository;
+import cn.reghao.autodop.dmaster.auth.repository.RoleRepository;
+import cn.reghao.autodop.dmaster.auth.repository.UserAuthRepository;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.stereotype.Service;
+
+import java.security.NoSuchAlgorithmException;
+import java.time.LocalDateTime;
+import java.util.stream.Collectors;
+
+/**
+ * @author reghao
+ * @date 2020-06-19 16:36:53
+ */
+@Service
+public class UserService {
+    private final String rolePrefix = "ROLE_";
+    private Cryptor cryptor;
+    private RoleRepository roleRepository;
+    private UserAuthRepository userAuthRepository;
+    private PermissionRepository permissionRepository;
+
+    public UserService(RoleRepository roleRepository, UserAuthRepository userAuthRepository,
+                       PermissionRepository permissionRepository) throws NoSuchAlgorithmException {
+        this.cryptor = new Md5Cryptor();
+        this.roleRepository = roleRepository;
+        this.userAuthRepository = userAuthRepository;
+        this.permissionRepository = permissionRepository;
+    }
+
+    public void addOrUpdate(int type, String json) {
+        switch (type) {
+            case 1:
+                Role role = (Role) JsonUtil.jsonToObject(json, Role.class);
+                String name = rolePrefix + role.getName().toUpperCase();
+                role.setName(name);
+                Role roleEntity = roleRepository.findRoleByName(role.getName());
+                if (roleEntity == null) {
+                    roleRepository.save(role);
+                } else {
+                    roleEntity.setDescription(role.getDescription());
+                    roleEntity.setUpdateTime(LocalDateTime.now());
+                    roleRepository.save(roleEntity);
+                }
+                break;
+            case 2:
+                Permission permission = (Permission) JsonUtil.jsonToObject(json, Permission.class);
+                Role role1 = permission.getRole();
+                Role roleEntity1 = roleRepository.findRoleByName(rolePrefix + role1.getName());
+                if (roleEntity1 != null) {
+                    permission.setRole(roleEntity1);
+                } else {
+                    return;
+                }
+                Permission permissionEntity = permissionRepository.findByRole(roleEntity1);
+                if (permissionEntity != null) {
+                    permissionEntity.setRole(permission.getRole());
+                    permissionEntity.setUrls(permission.getUrls());
+                    permissionEntity.setUpdateTime(LocalDateTime.now());
+                    permissionRepository.save(permissionEntity);
+                } else {
+                    permissionRepository.save(permission);
+                }
+                break;
+            case 3:
+                UserAuth userAuth = (UserAuth) JsonUtil.jsonToObject(json, UserAuth.class);
+                String password = userAuth.getPassword();
+                String salt = Salt.get(64);
+                String encryptedPwd = cryptor.encrypt(password + salt);
+                userAuth.setPassword(encryptedPwd);
+                userAuth.setSalt(salt);
+                String roleName = rolePrefix + userAuth.getRole().getName();
+                Role roleEntity2 = roleRepository.findRoleByName(roleName);
+                if (roleEntity2 != null) {
+                    userAuth.setRole(roleEntity2);
+                } else {
+                    return;
+                }
+
+                UserAuth authEntity = userAuthRepository.findUserAuthByUsername(userAuth.getUsername());
+                if (authEntity == null) {
+                    userAuthRepository.save(userAuth);
+                } else {
+                    authEntity.setPassword(userAuth.getPassword());
+                    authEntity.setSalt(salt);
+                    authEntity.setRole(userAuth.getRole());
+                    authEntity.setUpdateTime(LocalDateTime.now());
+                    userAuthRepository.save(authEntity);
+                }
+
+                break;
+            default:
+                break;
+        }
+    }
+
+    public PageList getByPage(int type, PageRequest pageRequest) {
+        // TODO 可否动态代理简化代码？？？
+        switch (type) {
+            case 1:
+                Page<Role> rolePage = roleRepository.findAll(pageRequest);
+                PageList<Role> rolePageList = new PageList<>();
+                rolePageList.setTotalSize(rolePage.getTotalElements());
+                rolePageList.setTotalPages(rolePage.getTotalPages());
+                rolePageList.setList(rolePage.getContent().stream()
+                        .peek(role -> {
+                            String name = role.getName().split(rolePrefix)[1];
+                            role.setName(name);
+                        })
+                        .collect(Collectors.toList()));
+
+                return rolePageList;
+            case 2:
+                Page<Permission> permissionPage = permissionRepository.findAll(pageRequest);
+                PageList<Permission> permissionPageList = new PageList<>();
+                permissionPageList.setTotalSize(permissionPage.getTotalElements());
+                permissionPageList.setTotalPages(permissionPage.getTotalPages());
+                permissionPageList.setList(permissionPage.getContent().stream()
+                        .peek(permission -> {
+                            Role role = permission.getRole();
+                            String name = role.getName().split(rolePrefix)[1];
+                            role.setName(name);
+                        }).collect(Collectors.toList()));
+                return permissionPageList;
+            case 3:
+                Page<UserAuth> userAuthPage = userAuthRepository.findAll(pageRequest);
+                PageList<UserAuth> userAuthPageList = new PageList<>();
+                userAuthPageList.setTotalSize(userAuthPage.getTotalElements());
+                userAuthPageList.setTotalPages(userAuthPage.getTotalPages());
+                userAuthPageList.setList(userAuthPage.getContent().stream()
+                        .peek(userAuth -> {
+                            // Role 是一个共享实体
+                            Role role = userAuth.getRole();
+                            /* TODO 数组越界异常后会返回 401，而不是 500
+                            String name = role.getName().split(rolePrefix)[1];
+                            role.setName(name);*/
+                            if (role.getName().contains(rolePrefix)) {
+                                String name = role.getName().split(rolePrefix)[1];
+                                role.setName(name);
+                            }
+                        }).collect(Collectors.toList()));
+
+                return userAuthPageList;
+            default:
+                return null;
+        }
+    }
+
+    public void delete(int type, String name) {
+        switch (type) {
+            case 1:
+                System.out.println("删除 Role");
+                break;
+            case 2:
+                System.out.println("删除 Permission");
+                break;
+            case 3:
+                userAuthRepository.deleteByUsername(name);
+                break;
+            default:
+                break;
+        }
+    }
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/common/exception/ControllerExceptionHandler.java

@@ -27,6 +27,7 @@ public class ControllerExceptionHandler {
     public String error(Exception e) {
         String stackTrace = stackTrace(e);
         log.error("请求错误 -> {}", stackTrace);
+        // TODO 可能为 null
         String cause = e.getCause().getMessage();
         String msg = e.getMessage();
         return WebResult.error(new ErrorMsg(cause, msg));

dmaster/src/main/java/cn/reghao/autodop/dmaster/common/utils/Md5Encrypt.java

@@ -1,63 +0,0 @@
-package cn.reghao.autodop.dmaster.common.utils;
-
-import cn.reghao.autodop.dmaster.common.utils.encrypt.EncryptString;
-import org.springframework.security.crypto.password.PasswordEncoder;
-//import org.springframework.security.crypto.password.PasswordEncoder;
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
-/**
- * 一个用于加密的单例类
- *
- * @author reghao
- * @date 2019-03-26 14:46:57
- */
-public class Md5Encrypt implements PasswordEncoder {
-    private static final Md5Encrypt INSTANCE = new Md5Encrypt();
-
-    private Md5Encrypt() {
-    }
-
-    public static PasswordEncoder getInstance() {
-        return INSTANCE;
-    }
-
-    @Override
-    public String encode(CharSequence rawPassword) {
-        String salt = "reghao";
-        return encryptString(rawPassword.toString(), salt);
-    }
-
-    @Override
-    public boolean matches(CharSequence rawPassword, String encodedPassword) {
-        String password = EncryptString.encryptString(rawPassword.toString(), "reghao", "MD5");
-        return encodedPassword.equals(password);
-    }
-
-    private String encryptString(String str, String salt) {
-        //
-        String encryptedString = null;
-
-        try {
-            MessageDigest md = MessageDigest.getInstance("MD5");
-            md.update(salt.getBytes());
-            byte[] bytes = md.digest(str.getBytes());
-            StringBuilder sb = new StringBuilder();
-
-            for (int i : bytes) {
-                sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
-            }
-
-            for (int i = 0; i < bytes.length; i++) {
-                sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
-            }
-
-            encryptedString = sb.toString();
-        } catch (NoSuchAlgorithmException nse) {
-            nse.printStackTrace();
-        }
-
-        return encryptedString;
-    }
-}

dmaster/src/main/java/cn/reghao/autodop/dmaster/common/utils/encrypt/EncryptString.java

@@ -1,43 +0,0 @@
-package cn.reghao.autodop.dmaster.common.utils.encrypt;
-
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-
-/**
- * 加密字符串
- *
- * @author reghao
- * @date 2019-04-05 12:31:23
- */
-public class EncryptString {
-    /**
-     * 加密字符串
-     *
-     * @param str 要加密的字符串
-     * @param salt 盐值
-     * @param method 加密的方法，包括 MD5, SHA-256, SHA-384, SHA-512 等
-     * @return 已加密的字符串
-     * @date 2019-04-05 12:32:09
-     */
-    public static String encryptString(String str, String salt, String method) {
-        //
-        String encryptedString = null;
-
-        try {
-            MessageDigest md = MessageDigest.getInstance(method);
-            md.update(salt.getBytes());
-            byte[] bytes = md.digest(str.getBytes());
-            StringBuilder sb = new StringBuilder();
-
-            for (int i = 0; i < bytes.length; i++) {
-                sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1));
-            }
-
-            encryptedString = sb.toString();
-        } catch (NoSuchAlgorithmException nse) {
-            nse.printStackTrace();
-        }
-
-        return encryptedString;
-    }
-}

dmaster/src/main/java/cn/reghao/autodop/dmaster/common/utils/encrypt/Salt.java

@@ -1,30 +0,0 @@
-package cn.reghao.autodop.dmaster.common.utils.encrypt;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-
-/**
- * @author reghao
- * @date 2019-04-05 12:23:47
- */
-public class Salt {
-    /**
-     * 采用 SHA1PRNG 随机数算法返回一个盐值
-     *
-     * @return 盐值
-     * @date 2019-04-05 12:28:08
-     */
-    public static String salt() {
-        SecureRandom sr = null;
-        byte[] salt = new byte[16];
-
-        try {
-            sr = SecureRandom.getInstance("SHA1PRNG");
-            sr.nextBytes(salt);
-        } catch (NoSuchAlgorithmException nse) {
-            nse.printStackTrace();
-        }
-
-        return salt.toString();
-    }
-}

dmaster/src/main/java/cn/reghao/autodop/dmaster/vue/RouteMeta.java

@@ -0,0 +1,13 @@
+package cn.reghao.autodop.dmaster.vue;
+
+import lombok.Data;
+
+/**
+ * @author reghao
+ * @date 2020-06-22 23:21:30
+ */
+@Data
+public class RouteMeta {
+    private String title;
+    private String icon;
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/app/vo/SelectOption.java → dmaster/src/main/java/cn/reghao/autodop/dmaster/vue/SelectOption.java

@@ -1,4 +1,4 @@
-package cn.reghao.autodop.dmaster.app.vo;
+package cn.reghao.autodop.dmaster.vue;
 
 import lombok.Data;
 import lombok.NoArgsConstructor;

dmaster/src/main/java/cn/reghao/autodop/dmaster/vue/VueRole.java

@@ -0,0 +1,16 @@
+package cn.reghao.autodop.dmaster.vue;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * @author reghao
+ * @date 2020-06-23 09:24:02
+ */
+@Data
+public class VueRole {
+    private String key;
+    private String description;
+    private List<String> pages;
+}

dmaster/src/main/java/cn/reghao/autodop/dmaster/vue/VueRoute.java

@@ -0,0 +1,21 @@
+package cn.reghao.autodop.dmaster.vue;
+
+import lombok.Data;
+
+import java.util.List;
+
+/**
+ * Vue 路由
+ *
+ * @author reghao
+ * @date 2020-06-22 23:20:20
+ */
+@Data
+public class VueRoute {
+    private String path;
+    private String name;
+    private String component;
+    private RouteMeta meta;
+    private String redirect;
+    private List<VueRoute> children;
+}