Merge remote-tracking branch 'origin/dev' into dev

This commit is contained in:
haifeng414 2020-02-13 12:22:12 +08:00
commit 10a9991252
5 changed files with 46 additions and 32 deletions

View File

@ -35,7 +35,8 @@ public class LoginController {
try {
subject.login(token);
if (subject.isAuthenticated()) {
return ResultHolder.success("");
// 返回 userDTO
return ResultHolder.success(subject.getSession().getAttribute("user"));
} else {
return ResultHolder.error("login fail");
}

View File

@ -1,6 +1,8 @@
package io.metersphere.security;
import io.metersphere.dto.UserDTO;
import io.metersphere.service.UserService;
import io.metersphere.user.SessionUser;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
@ -10,6 +12,8 @@ import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.annotation.Resource;
/**
* 自定义Realm 注入service 可能会导致在 service的aop 失效例如@Transactional,
@ -23,6 +27,8 @@ import org.slf4j.LoggerFactory;
public class ShiroDBRealm extends AuthorizingRealm {
private Logger logger = LoggerFactory.getLogger(ShiroDBRealm.class);
@Resource
private UserService userService;
/**
* 权限认证
@ -40,10 +46,16 @@ public class ShiroDBRealm extends AuthorizingRealm {
UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
String userId = token.getUsername();
String password = String.valueOf(token.getPassword());
SessionUser sessionUser = new SessionUser();
UserDTO user = userService.getUserDTO(userId);
String msg;
if (user == null) {
msg = "not exist user is trying to login, user:" + userId;
logger.warn(msg);
throw new UnknownAccountException(msg);
}
// TODO 密码验证roles 等内容填充
sessionUser.setName(userId);
sessionUser.setId(userId);
SessionUser sessionUser = SessionUser.fromUser(user);
SecurityUtils.getSubject().getSession().setAttribute("user", sessionUser);
return new SimpleAuthenticationInfo(userId, password, getName());
}

View File

@ -1,26 +1,18 @@
package io.metersphere.user;
import io.metersphere.dto.UserDTO;
import org.springframework.beans.BeanUtils;
import java.io.Serializable;
public class SessionUser implements Serializable {
public class SessionUser extends UserDTO implements Serializable {
private static final long serialVersionUID = -7149638440406959033L;
private String id;
private String name;
public String getId() {
return id;
public static SessionUser fromUser(UserDTO user) {
SessionUser sessionUser = new SessionUser();
BeanUtils.copyProperties(user, sessionUser);
return sessionUser;
}
public void setId(String id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}

View File

@ -41,6 +41,10 @@
</template>
<script>
import Cookies from 'js-cookie';
const TokenKey = 'Admin-Token';
export default {
name: "Login",
data() {
@ -102,7 +106,9 @@
submit(form) {
this.$refs[form].validate((valid) => {
if (valid) {
this.$post("signin", this.form, function () {
this.$post("signin", this.form, (response) => {
// cookie
Cookies.set(TokenKey, response.data);
window.location.href = "/"
});
} else {

View File

@ -13,15 +13,10 @@
<el-table :data="items" style="width: 100%">
<el-table-column prop="name" label="名称"/>
<el-table-column prop="description" label="描述"/>
<el-table-column width="100">
<el-table-column>
<template slot-scope="scope">
<el-button @click="edit(scope.row)" type="primary" icon="el-icon-edit" size="mini" circle
class="edit"/>
<el-popconfirm title="这个工作空间确定要删除吗?" @onConfirm="del(scope.row)">
<el-button slot="reference" type="primary" icon="el-icon-delete" size="mini"
circle
class="edit"/>
</el-popconfirm>
<el-button @click="edit(scope.row)" type="primary" icon="el-icon-edit" size="mini" circle/>
<el-button @click="del(scope.row)" type="danger" icon="el-icon-delete" size="mini" circle/>
</template>
</el-table-column>
</el-table>
@ -88,9 +83,17 @@
// });
},
del(row) {
this.$get('/workspace/delete/' + row.id, () => {
Message.success('删除成功');
this.list();
this.$confirm('这个工作空间确定要删除吗?', '提示', {
confirmButtonText: '确定',
cancelButtonText: '取消',
type: 'warning'
}).then(() => {
this.$get('/workspace/delete/' + row.id, () => {
Message.success('删除成功');
this.list();
});
}).catch(() => {
});
window.console.log(row);
},