From ceeff64b89070889fbf18ae8e2d10c8fe52bf37d Mon Sep 17 00:00:00 2001 From: "wangiegie@gmail.com" Date: Wed, 1 Nov 2017 17:55:49 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9readme=20=E5=A2=9E=E5=8A=A0sq?= =?UTF-8?q?l?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- README.md | 61 ++++++++++++++++++++++++++++- doc/pig.sql | 111 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 171 insertions(+), 1 deletion(-) create mode 100644 doc/pig.sql diff --git a/README.md b/README.md index 59211083..046b7910 100644 --- a/README.md +++ b/README.md @@ -1 +1,60 @@ -2017年10月30日 1.0-ALPHA \ No newline at end of file +2017年11月1日 1.0-ALPHA +Future 整合ele-admin前后端分离 + + +## 权限设计 +基于spring security oauth2.0 + jwt的认证、鉴权的网关设计 +![image](http://obq1lvsd9.bkt.clouddn.com/pigpermission.png) + +如图 +1. 用户发送获取token 的请求(密码模式) +2. 网关将请求转发到认证服务器(auth-server) +3. 认证服务器通过调用用户模块,判断下用户上送的信息是否正确 +4. 用户发送资源请求到网关 +5. 网关根据token去资源服务器获取用户的(user-info) +6. 根据用户信息调用用户模块(getUrls),进行权限判断 + +### 特点 + +- 业务模块不涉及oauth2.0,认证鉴权全部在网关模块 +- 业务模块可以直接根据网关转发过来的请求解析请求头中jwt信息,进行当前用户身份确认 +## 如何使用: +### 开发环境 +- spring Boot 1.5.7 +- spring Cloud Dalston.SR4 +- maven 3.3+ +- Redis +- MySQL 5.7 +### 配置修改 + +- fock https://github.com/jieblog/pig-config.git 自行修改各个模块的 mysql、redis配置。 +- 修改配置中心的git地址 + +``` +spring: + application: + name: pig-config-server + cloud: + config: + server: + git: + uri: 配置fork 的git厂库 +``` + +### 开始使用 + +### 通过网关访问auth-server 获取access-token + +``` +// cGlnOnBpZw== 是Base64(clientId:secret) 默认在auth模块的配置里面pig:pig + curl -H "Authorization:Basic cGlnOnBpZw==" -d "grant_type=password&scope=server&username=admin&password=admin" http://localhost:1000/auth/oauth/token + + + {"access_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MDk1NzA0NjMsInVzZXJfbmFtZSI6ImFkbWluIiwiYXV0aG9yaXRpZXMiOlsiYWRtaW4iXSwianRpIjoiZWMwZmJhMjYtMGJkZS00YjY2LThhZTQtZGRmYTNiMzkxZGM5IiwiY2xpZW50X2lkIjoicGlnIiwic2NvcGUiOlsic2VydmVyIl19.ZoSU_4NhdolnV6ZsNaSXITC_pewUDiaqZPLoESu9f9s","token_type":"bearer","refresh_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MDk1NzA0NjMsInVzZXJfbmFtZSI6ImFkbWluIiwiYXV0aG9yaXRpZXMiOlsiYWRtaW4iXSwianRpIjoiZWMwZmJhMjYtMGJkZS00YjY2LThhZTQtZGRmYTNiMzkxZGM5IiwiY2xpZW50X2lkIjoicGlnIiwic2NvcGUiOlsic2VydmVyIl19.ZoSU_4NhdolnV6ZsNaSXITC_pewUDiaqZPLoESu9f9s","expires_in":3600,"scope":"server"} + +``` +### 通过access-token 访问受保护的资源 +```+ +curl -H "Authorization:Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE1MDk1NzA0NjMsInVzZXJfbmFtZSI6ImFkbWluIiwiYXV0aG9yaXRpZXMiOlsiYWRtaW4iXSwianRpIjoiZWMwZmJhMjYtMGJkZS00YjY2LThhZTQtZGRmYTNiMzkxZGM5IiwiY2xpZW50X2lkIjoicGlnIiwic2NvcGUiOlsic2VydmVyIl19.ZoSU_4NhdolnV6ZsNaSXITC_pewUDiaqZPLoESu9f9s" http://localhost:1000/admin/user + +``` \ No newline at end of file diff --git a/doc/pig.sql b/doc/pig.sql new file mode 100644 index 00000000..0fbc6285 --- /dev/null +++ b/doc/pig.sql @@ -0,0 +1,111 @@ +/* +Navicat MySQL Data Transfer + +Source Server : localhost_3306 +Source Server Version : 50719 +Source Host : localhost:3306 +Source Database : pig + +Target Server Type : MYSQL +Target Server Version : 50719 +File Encoding : 65001 + +Date: 2017-11-01 17:40:14 +*/ + +SET FOREIGN_KEY_CHECKS=0; + +-- ---------------------------- +-- Table structure for sys_menu +-- ---------------------------- +DROP TABLE IF EXISTS `sys_menu`; +CREATE TABLE `sys_menu` ( + `menu_id` int(11) NOT NULL AUTO_INCREMENT COMMENT '菜单ID', + `menu_name` varchar(32) NOT NULL COMMENT '菜单名称', + `menu_desc` varchar(32) DEFAULT NULL COMMENT '菜单描述', + `url` varchar(128) DEFAULT NULL, + `parent_id` int(11) DEFAULT NULL COMMENT '父菜单ID', + `sort` int(11) DEFAULT NULL COMMENT '排序值', + `type` char(1) DEFAULT NULL COMMENT '菜单类型 (0菜单 1按钮)', + `create_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `update_time` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT '更新时间', + `del_flag` char(1) DEFAULT '0' COMMENT '0--正常 1--删除', + PRIMARY KEY (`menu_id`) +) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COMMENT='菜单权限表'; + +-- ---------------------------- +-- Records of sys_menu +-- ---------------------------- +INSERT INTO `sys_menu` VALUES ('1', '用户', '/', '/user', null, null, null, '2017-10-31 21:56:27', null, '0'); + +-- ---------------------------- +-- Table structure for sys_role +-- ---------------------------- +DROP TABLE IF EXISTS `sys_role`; +CREATE TABLE `sys_role` ( + `role_id` int(11) NOT NULL AUTO_INCREMENT, + `role_name` varchar(64) COLLATE utf8mb4_bin NOT NULL, + `role_code` varchar(64) COLLATE utf8mb4_bin NOT NULL, + `role_desc` varchar(255) COLLATE utf8mb4_bin DEFAULT NULL, + `create_time` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP, + `update_time` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP, + `del_flag` char(1) COLLATE utf8mb4_bin DEFAULT '0' COMMENT '删除标识(0-正常,1-删除)', + PRIMARY KEY (`role_id`), + UNIQUE KEY `role_idx1_role_code` (`role_code`) +) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin; + +-- ---------------------------- +-- Records of sys_role +-- ---------------------------- +INSERT INTO `sys_role` VALUES ('1', 'admin', 'admin', null, '2017-10-29 15:45:51', null, '0'); + +-- ---------------------------- +-- Table structure for sys_role_menu +-- ---------------------------- +DROP TABLE IF EXISTS `sys_role_menu`; +CREATE TABLE `sys_role_menu` ( + `role_id` int(11) NOT NULL COMMENT '角色ID', + `menu_id` int(11) NOT NULL COMMENT '菜单ID', + PRIMARY KEY (`role_id`,`menu_id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='角色菜单表'; + +-- ---------------------------- +-- Records of sys_role_menu +-- ---------------------------- +INSERT INTO `sys_role_menu` VALUES ('1', '1'); + +-- ---------------------------- +-- Table structure for sys_user +-- ---------------------------- +DROP TABLE IF EXISTS `sys_user`; +CREATE TABLE `sys_user` ( + `user_id` int(11) NOT NULL AUTO_INCREMENT COMMENT '主键ID', + `username` varchar(64) COLLATE utf8mb4_bin NOT NULL COMMENT '用户名', + `password` varchar(255) COLLATE utf8mb4_bin NOT NULL, + `salt` varchar(255) COLLATE utf8mb4_bin DEFAULT NULL COMMENT '随机盐', + `create_time` timestamp NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间', + `update_time` timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT '修改时间', + `del_flag` char(1) COLLATE utf8mb4_bin DEFAULT '0' COMMENT '0-正常,1-删除', + PRIMARY KEY (`user_id`), + UNIQUE KEY `user_idx1_username` (`username`) +) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin COMMENT='用户表'; + +-- ---------------------------- +-- Records of sys_user +-- ---------------------------- +INSERT INTO `sys_user` VALUES ('1', 'admin', 'admin', null, '2017-10-29 15:45:13', null, '0'); + +-- ---------------------------- +-- Table structure for sys_user_role +-- ---------------------------- +DROP TABLE IF EXISTS `sys_user_role`; +CREATE TABLE `sys_user_role` ( + `user_id` int(11) NOT NULL COMMENT '用户ID', + `role_id` int(11) NOT NULL COMMENT '角色ID', + PRIMARY KEY (`user_id`,`role_id`) +) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='用户角色表'; + +-- ---------------------------- +-- Records of sys_user_role +-- ---------------------------- +INSERT INTO `sys_user_role` VALUES ('1', '1');