Merge remote-tracking branch 'origin/dev' into dev

2020-02-13 12:22:12 +08:00 · 2020-02-13 12:22:12 +08:00 · 10a9991252
parent 62c7ab8617 b70d79bd90
commit 10a9991252
5 changed files with 46 additions and 32 deletions
--- a/backend/src/main/java/io/metersphere/controller/LoginController.java
+++ b/backend/src/main/java/io/metersphere/controller/LoginController.java
@ -35,7 +35,8 @@ public class LoginController {
        try {
            subject.login(token);
            if (subject.isAuthenticated()) {
-                return ResultHolder.success("");
+                // 返回 userDTO
+                return ResultHolder.success(subject.getSession().getAttribute("user"));
            } else {
                return ResultHolder.error("login fail");
            }
--- a/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java
+++ b/backend/src/main/java/io/metersphere/security/ShiroDBRealm.java
@ -1,6 +1,8 @@
 package io.metersphere.security;


+import io.metersphere.dto.UserDTO;
+import io.metersphere.service.UserService;
 import io.metersphere.user.SessionUser;
 import org.apache.shiro.SecurityUtils;
 import org.apache.shiro.authc.*;
@ -10,6 +12,8 @@ import org.apache.shiro.subject.PrincipalCollection;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

+import javax.annotation.Resource;
+

 /**
 * 自定义Realm 注入service 可能会导致在 service的aop 失效，例如@Transactional,
@ -23,6 +27,8 @@ import org.slf4j.LoggerFactory;
 public class ShiroDBRealm extends AuthorizingRealm {

    private Logger logger = LoggerFactory.getLogger(ShiroDBRealm.class);
+    @Resource
+    private UserService userService;

    /**
     * 权限认证
@ -40,10 +46,16 @@ public class ShiroDBRealm extends AuthorizingRealm {
        UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
        String userId = token.getUsername();
        String password = String.valueOf(token.getPassword());
-        SessionUser sessionUser = new SessionUser();
+        UserDTO user = userService.getUserDTO(userId);
+        String msg;
+        if (user == null) {
+            msg = "not exist user is trying to login, user:" + userId;
+            logger.warn(msg);
+            throw new UnknownAccountException(msg);
+        }
+        // TODO 密码验证，roles 等内容填充

-        sessionUser.setName(userId);
-        sessionUser.setId(userId);
+        SessionUser sessionUser = SessionUser.fromUser(user);
        SecurityUtils.getSubject().getSession().setAttribute("user", sessionUser);
        return new SimpleAuthenticationInfo(userId, password, getName());
    }
--- a/backend/src/main/java/io/metersphere/user/SessionUser.java
+++ b/backend/src/main/java/io/metersphere/user/SessionUser.java
@ -1,26 +1,18 @@
 package io.metersphere.user;

+import io.metersphere.dto.UserDTO;
+import org.springframework.beans.BeanUtils;
+
 import java.io.Serializable;

-public class SessionUser implements Serializable {
+public class SessionUser extends UserDTO implements Serializable {

    private static final long serialVersionUID = -7149638440406959033L;
-    private String id;
-    private String name;

-    public String getId() {
-        return id;
+    public static SessionUser fromUser(UserDTO user) {
+        SessionUser sessionUser = new SessionUser();
+        BeanUtils.copyProperties(user, sessionUser);
+        return sessionUser;
    }

-    public void setId(String id) {
-        this.id = id;
-    }
-
-    public String getName() {
-        return name;
-    }
-
-    public void setName(String name) {
-        this.name = name;
-    }
 }
--- a/frontend/src/login/Login.vue
+++ b/frontend/src/login/Login.vue
@ -41,6 +41,10 @@
 </template>

 <script>
+  import Cookies from 'js-cookie';
+
+  const TokenKey = 'Admin-Token';
+
  export default {
    name: "Login",
    data() {
@ -102,7 +106,9 @@
      submit(form) {
        this.$refs[form].validate((valid) => {
          if (valid) {
-            this.$post("signin", this.form, function () {
+            this.$post("signin", this.form, (response) => {
+              // 登录信息保存 cookie
+              Cookies.set(TokenKey, response.data);
              window.location.href = "/"
            });
          } else {
--- a/frontend/src/performance/components/settings/Workspace.vue
+++ b/frontend/src/performance/components/settings/Workspace.vue
@ -13,15 +13,10 @@
      <el-table :data="items" style="width: 100%">
        <el-table-column prop="name" label="名称"/>
        <el-table-column prop="description" label="描述"/>
-        <el-table-column width="100">
+        <el-table-column>
          <template slot-scope="scope">
-            <el-button @click="edit(scope.row)" type="primary" icon="el-icon-edit" size="mini" circle
-                       class="edit"/>
-            <el-popconfirm title="这个工作空间确定要删除吗？" @onConfirm="del(scope.row)">
-              <el-button slot="reference" type="primary" icon="el-icon-delete" size="mini"
-                         circle
-                         class="edit"/>
-            </el-popconfirm>
+            <el-button @click="edit(scope.row)" type="primary" icon="el-icon-edit" size="mini" circle/>
+            <el-button @click="del(scope.row)" type="danger" icon="el-icon-delete" size="mini" circle/>
          </template>
        </el-table-column>
      </el-table>
@ -88,9 +83,17 @@
        // });
      },
      del(row) {
-        this.$get('/workspace/delete/' + row.id, () => {
-          Message.success('删除成功');
-          this.list();
+        this.$confirm('这个工作空间确定要删除吗?', '提示', {
+          confirmButtonText: '确定',
+          cancelButtonText: '取消',
+          type: 'warning'
+        }).then(() => {
+          this.$get('/workspace/delete/' + row.id, () => {
+            Message.success('删除成功');
+            this.list();
+          });
+        }).catch(() => {
+
        });
        window.console.log(row);
      },