init

mall4cloud-common/mall4cloud-common-security/src/main/java/com/mall4j/cloud/common/security/config/PasswordConfig.java

+package com.mall4j.cloud.common.security.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+
+/**
+ * @author FrozenWatermelon
+ * @date 2020/7/3
+ */
+@Configuration
+public class PasswordConfig {
+
+	@Bean
+	public PasswordEncoder passwordEncoder() {
+		return new BCryptPasswordEncoder();
+	}
+
+}

mall4cloud-common/mall4cloud-common-security/src/main/java/com/mall4j/cloud/common/security/constant/InputUserNameEnum.java

+package com.mall4j.cloud.common.security.constant;
+
+/**
+ * 输入的用户名类型枚举 1.username 2.mobile 3.email
+ * @author FrozenWatermelon
+ * @date 2020/7/3
+ */
+public enum InputUserNameEnum {
+
+	/**
+	 * 用户名
+	 */
+	USERNAME(1),
+
+	/**
+	 * 手机号
+	 */
+	PHONE(2),
+
+	/**
+	 * 邮箱
+	 */
+	EMAIL(3),;
+
+	private final Integer value;
+
+	public Integer value() {
+		return value;
+	}
+
+	InputUserNameEnum(Integer value) {
+		this.value = value;
+	}
+
+}

mall4cloud-common/mall4cloud-common-security/src/main/java/com/mall4j/cloud/common/security/filter/AuthFilter.java

+package com.mall4j.cloud.common.security.filter;
+
+import cn.hutool.core.collection.CollectionUtil;
+import cn.hutool.core.util.StrUtil;
+import com.mall4j.cloud.api.auth.bo.UserInfoInTokenBO;
+import com.mall4j.cloud.api.auth.constant.SysTypeEnum;
+import com.mall4j.cloud.api.auth.feign.TokenFeignClient;
+import com.mall4j.cloud.api.rbac.constant.HttpMethodEnum;
+import com.mall4j.cloud.api.rbac.feign.PermissionFeignClient;
+import com.mall4j.cloud.common.constant.Auth;
+import com.mall4j.cloud.common.feign.FeignInsideAuthConfig;
+import com.mall4j.cloud.common.handler.HttpHandler;
+import com.mall4j.cloud.common.response.ResponseEnum;
+import com.mall4j.cloud.common.response.ServerResponseEntity;
+import com.mall4j.cloud.common.security.AuthUserContext;
+import com.mall4j.cloud.common.security.adapter.AuthConfigAdapter;
+import com.mall4j.cloud.common.util.IpHelper;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.springframework.util.AntPathMatcher;
+
+import jakarta.servlet.*;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * 授权过滤，只要实现AuthConfigAdapter接口，添加对应路径即可：
+ *
+ * @author FrozenWatermelon
+ * @date 2020/7/11
+ */
+@Component
+public class AuthFilter implements Filter {
+
+	private static Logger logger = LoggerFactory.getLogger(AuthFilter.class);
+
+	@Autowired
+	private AuthConfigAdapter authConfigAdapter;
+
+	@Autowired
+	private HttpHandler httpHandler;
+
+	@Autowired
+	private TokenFeignClient tokenFeignClient;
+
+	@Autowired
+	private PermissionFeignClient permissionFeignClient;
+
+	@Autowired
+	private FeignInsideAuthConfig feignInsideAuthConfig;
+
+	@Override
+	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
+			throws IOException, ServletException {
+		HttpServletRequest req = (HttpServletRequest) request;
+		HttpServletResponse resp = (HttpServletResponse) response;
+
+		if (!feignRequestCheck(req)) {
+			httpHandler.printServerResponseToWeb(ServerResponseEntity.fail(ResponseEnum.UNAUTHORIZED));
+			return;
+		}
+
+		if (Auth.CHECK_TOKEN_URI.equals(req.getRequestURI())) {
+			chain.doFilter(req, resp);
+			return;
+		}
+
+
+		List<String> excludePathPatterns = authConfigAdapter.excludePathPatterns();
+
+		// 如果匹配不需要授权的路径，就不需要校验是否需要授权
+		if (CollectionUtil.isNotEmpty(excludePathPatterns)) {
+			for (String excludePathPattern : excludePathPatterns) {
+				AntPathMatcher pathMatcher = new AntPathMatcher();
+				if (pathMatcher.match(excludePathPattern, req.getRequestURI())) {
+					chain.doFilter(req, resp);
+					return;
+				}
+			}
+		}
+
+		String accessToken = req.getHeader("Authorization");
+
+		if (StrUtil.isBlank(accessToken)) {
+			httpHandler.printServerResponseToWeb(ServerResponseEntity.fail(ResponseEnum.UNAUTHORIZED));
+			return;
+		}
+
+		// 校验token，并返回用户信息
+		ServerResponseEntity<UserInfoInTokenBO> userInfoInTokenVoServerResponseEntity = tokenFeignClient
+				.checkToken(accessToken);
+		if (!userInfoInTokenVoServerResponseEntity.isSuccess()) {
+			httpHandler.printServerResponseToWeb(ServerResponseEntity.fail(ResponseEnum.UNAUTHORIZED));
+			return;
+		}
+
+		UserInfoInTokenBO userInfoInToken = userInfoInTokenVoServerResponseEntity.getData();
+
+		// 需要用户角色权限，就去根据用户角色权限判断是否
+		if (!checkRbac(userInfoInToken,req.getRequestURI(), req.getMethod())) {
+			httpHandler.printServerResponseToWeb(ServerResponseEntity.fail(ResponseEnum.UNAUTHORIZED));
+			return;
+		}
+
+		try {
+			// 保存上下文
+			AuthUserContext.set(userInfoInToken);
+
+			chain.doFilter(req, resp);
+		}
+		finally {
+			AuthUserContext.clean();
+		}
+
+	}
+
+	private boolean feignRequestCheck(HttpServletRequest req) {
+		// 不是feign请求，不用校验
+		if (!req.getRequestURI().startsWith(FeignInsideAuthConfig.FEIGN_INSIDE_URL_PREFIX)) {
+			return true;
+		}
+		String feignInsideSecret = req.getHeader(feignInsideAuthConfig.getKey());
+
+		// 校验feign 请求携带的key 和 value是否正确
+		if (StrUtil.isBlank(feignInsideSecret) || !Objects.equals(feignInsideSecret,feignInsideAuthConfig.getSecret())) {
+			return false;
+		}
+		// ip白名单
+		List<String> ips = feignInsideAuthConfig.getIps();
+		// 移除无用的空ip
+		ips.removeIf(StrUtil::isBlank);
+		// 有ip白名单，且ip不在白名单内，校验失败
+		if (CollectionUtil.isNotEmpty(ips)
+				&& !ips.contains(IpHelper.getIpAddr())) {
+			logger.error("ip not in ip White list: {}, ip, {}", ips, IpHelper.getIpAddr());
+			return false;
+		}
+		return true;
+	}
+
+	/**
+	 * 用户角色权限校验
+	 * @param uri uri
+	 * @return 是否校验成功
+	 */
+	public boolean checkRbac(UserInfoInTokenBO userInfoInToken, String uri, String method) {
+
+		if (!Objects.equals(SysTypeEnum.PLATFORM.value(), userInfoInToken.getSysType()) && !Objects.equals(SysTypeEnum.MULTISHOP.value(), userInfoInToken.getSysType())) {
+			return true;
+		}
+
+		ServerResponseEntity<Boolean> booleanServerResponseEntity = permissionFeignClient
+				.checkPermission(userInfoInToken.getUserId(), userInfoInToken.getSysType(),uri,userInfoInToken.getIsAdmin(),HttpMethodEnum.valueOf(method.toUpperCase()).value() );
+
+		if (!booleanServerResponseEntity.isSuccess()) {
+			return false;
+		}
+
+		return booleanServerResponseEntity.getData();
+	}
+
+}

mall4cloud-common/pom.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>mall4cloud</artifactId>
+        <groupId>com.mall4j.cloud</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>mall4cloud-common</artifactId>
+    <packaging>pom</packaging>
+
+    <description>mall4cloud 公共模块</description>
+    <modules>
+        <module>mall4cloud-common-core</module>
+        <module>mall4cloud-common-database</module>
+        <module>mall4cloud-common-cache</module>
+        <module>mall4cloud-common-security</module>
+        <module>mall4cloud-common-order</module>
+        <module>mall4cloud-common-rocketmq</module>
+    </modules>
+
+</project>

mall4cloud-gateway/pom.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>mall4cloud</artifactId>
+        <groupId>com.mall4j.cloud</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>mall4cloud-gateway</artifactId>
+    <packaging>jar</packaging>
+
+    <dependencies>
+        <!--注册中心客户端-->
+        <dependency>
+            <groupId>com.alibaba.cloud</groupId>
+            <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-loadbalancer</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-bootstrap</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba.cloud</groupId>
+            <artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-gateway</artifactId>
+        </dependency>
+        <!--接口文档-->
+        <dependency>
+            <groupId>com.github.xiaoymin</groupId>
+            <artifactId>knife4j-gateway-spring-boot-starter</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+</project>

mall4cloud-gateway/src/main/java/com/mall4j/cloud/gateway/GatewayApplication.java

+package com.mall4j.cloud.gateway;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+/**
+ * @author FrozenWatermelon
+ * @date 2020/7/23
+ */
+@SpringBootApplication(scanBasePackages = { "com.mall4j.cloud" })
+public class GatewayApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(GatewayApplication.class, args);
+	}
+
+}

mall4cloud-gateway/src/main/resources/bootstrap.yml

+server:
+  port: 8000
+spring:
+  application:
+    name: @artifactId@
+  cloud:
+    nacos:
+      discovery:
+        server-addr: ${NACOS_HOST:192.168.1.46}:${NACOS_PORT:8848}
+        username: nacos
+        password: nacos
+      config:
+        server-addr: ${spring.cloud.nacos.discovery.server-addr}
+        file-extension: yml
+        namespace: @nacos.namespace@
+        shared-configs:
+          - application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
+        username: ${spring.cloud.nacos.discovery.username}
+        password: ${spring.cloud.nacos.discovery.password}
+  profiles:
+    active: @profiles.active@

mall4cloud-gateway/target/classes/bootstrap.yml

+server:
+  port: 8000
+spring:
+  application:
+    name: mall4cloud-gateway
+  cloud:
+    nacos:
+      discovery:
+        server-addr: ${NACOS_HOST:192.168.1.46}:${NACOS_PORT:8848}
+        username: nacos
+        password: nacos
+      config:
+        server-addr: ${spring.cloud.nacos.discovery.server-addr}
+        file-extension: yml
+        namespace: 
+        shared-configs:
+          - application-${spring.profiles.active}.${spring.cloud.nacos.config.file-extension}
+        username: ${spring.cloud.nacos.discovery.username}
+        password: ${spring.cloud.nacos.discovery.password}
+  profiles:
+    active: dev

mall4cloud-leaf/pom.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <parent>
+        <artifactId>mall4cloud</artifactId>
+        <groupId>com.mall4j.cloud</groupId>
+        <version>1.0-SNAPSHOT</version>
+    </parent>
+    <modelVersion>4.0.0</modelVersion>
+
+    <artifactId>mall4cloud-leaf</artifactId>
+    <packaging>jar</packaging>
+
+    <description>mall4cloud 基于美团leaf的生成id服务</description>
+    <dependencies>
+        <dependency>
+            <groupId>com.mysql</groupId>
+            <artifactId>mysql-connector-j</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.mybatis.spring.boot</groupId>
+            <artifactId>mybatis-spring-boot-starter</artifactId>
+        </dependency>
+        <!--注册中心客户端-->
+        <dependency>
+            <groupId>com.alibaba.cloud</groupId>
+            <artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.cloud</groupId>
+            <artifactId>spring-cloud-starter-loadbalancer</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.alibaba.cloud</groupId>
+            <artifactId>spring-cloud-starter-alibaba-nacos-config</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.mall4j.cloud</groupId>
+            <artifactId>mall4cloud-api-leaf</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.mall4j.cloud</groupId>
+            <artifactId>mall4cloud-common-core</artifactId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+</project>

mall4cloud-leaf/src/main/java/com/mall4j/cloud/leaf/IDGen.java

+package com.mall4j.cloud.leaf;
+
+import com.mall4j.cloud.leaf.common.Result;
+
+/**
+ * @author leaf
+ */
+public interface IDGen {
+
+	/**
+	 * get
+	 * @param key key
+	 * @return Result
+	 */
+	Result get(String key);
+
+	/**
+	 * init
+	 * @return inited
+	 */
+	boolean init();
+
+}