Home Explore Help
Sign In
yonge
/
edu-saas
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

update

yonge 5 years ago
parent
bf0dfe1c49
commit
0f376464d8
2 changed files with 29 additions and 8 deletions
Split View Show Diff Stats
  1. 14 0
      edu-auth/edu-auth-server/src/main/java/com/keao/edu/auth/core/filter/PhoneLoginAuthenticationFilter.java
  2. 15 8
      edu-auth/edu-auth-server/src/main/java/com/keao/edu/auth/core/filter/UsernameAuthenticationFilter.java

+ 14 - 0
edu-auth/edu-auth-server/src/main/java/com/keao/edu/auth/core/filter/PhoneLoginAuthenticationFilter.java
View File 

@@ -7,8 +7,10 @@ import javax.servlet.ServletException;
 
 import javax.servlet.http.HttpServletRequest;
 
 import javax.servlet.http.HttpServletResponse;
 
 
+import org.apache.commons.lang3.StringUtils;
 
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 
 import org.springframework.security.authentication.AuthenticationServiceException;
 
+import org.springframework.security.authentication.LockedException;
 
 import org.springframework.security.core.Authentication;
 
 import org.springframework.security.core.AuthenticationException;
 
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 
@@ -17,12 +19,14 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import com.keao.edu.auth.api.entity.LoginEntity;
 
 import com.keao.edu.auth.api.util.SecurityConstants;
 
 import com.keao.edu.auth.config.token.PhoneAuthenticationToken;
 
+import com.keao.edu.datasource.DataSourceContextHolder;
 
 
 public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 
 
 	private static final String SPRING_SECURITY_RESTFUL_PHONE_KEY = "phone";
 
 	private static final String SPRING_SECURITY_RESTFUL_VERIFY_CODE_KEY = "smsCode";
 
 	private static final String clientIdParameter = "clientId";
 
+	private static final String tenantIdParameter = "tenantId";
 
 
 	private static final String SPRING_SECURITY_RESTFUL_LOGIN_URL = "/smsLogin";
 
 	private boolean postOnly = true;
 
@@ -36,6 +40,16 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 
 		if (postOnly && !request.getMethod().equals("POST")) {
 
 			throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
 
 		}
 
+		
+		String tenantId = request.getHeader(tenantIdParameter);
 
+		if (StringUtils.isBlank(tenantId)) {
 
+			tenantId = request.getParameter(tenantIdParameter);
 
+		}
 
+		if(StringUtils.isBlank(tenantId)){
 
+			throw new LockedException("缺少商户编号参数");
 
+		}
 
+		
+		DataSourceContextHolder.setDataSourceKey(tenantId);
 
 
 		AbstractAuthenticationToken authRequest;
 
 		// 手机验证码登陆

+ 15 - 8
edu-auth/edu-auth-server/src/main/java/com/keao/edu/auth/core/filter/UsernameAuthenticationFilter.java
View File 

@@ -7,6 +7,7 @@ import javax.servlet.ServletException;
 
 import javax.servlet.http.HttpServletRequest;
 
 import javax.servlet.http.HttpServletResponse;
 
 
+import org.apache.commons.lang3.StringUtils;
 
 import org.springframework.security.authentication.AuthenticationServiceException;
 
 import org.springframework.security.authentication.LockedException;
 
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
@@ -20,6 +21,7 @@ import org.springframework.util.Assert;
 
 import com.keao.edu.auth.api.dto.SysUserInfo;
 
 import com.keao.edu.auth.api.util.SecurityConstants;
 
 import com.keao.edu.auth.service.SysUserService;
 
+import com.keao.edu.datasource.DataSourceContextHolder;
 
 
 public class UsernameAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
 
 
@@ -31,6 +33,7 @@ public class UsernameAuthenticationFilter extends AbstractAuthenticationProcessi
 
 	private String usernameParameter = "username";
 
 	private String passwordParameter = "password";
 
 	private String clientIdParameter = "clientId";
 
+	private String tenantIdParameter = "tenantId";
 
 	private boolean postOnly = true;
 
 
 	// ~ Constructors
 
@@ -47,6 +50,16 @@ public class UsernameAuthenticationFilter extends AbstractAuthenticationProcessi
 
 		if (postOnly && !request.getMethod().equals("POST")) {
 
 			throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
 
 		}
 
+		
+		String tenantId = request.getHeader(tenantIdParameter);
 
+		if (StringUtils.isBlank(tenantId)) {
 
+			tenantId = request.getParameter(tenantIdParameter);
 
+		}
 
+		if(StringUtils.isBlank(tenantId)){
 
+			throw new LockedException("缺少商户编号参数");
 
+		}
 
+		
+		DataSourceContextHolder.setDataSourceKey(tenantId);
 
 
 		String username = obtainUsername(request);
 
 		String password = obtainPassword(request);
 
@@ -69,14 +82,8 @@ public class UsernameAuthenticationFilter extends AbstractAuthenticationProcessi
 
 			throw new UsernameNotFoundException("404.9");
 
 		}
 
 	
-//		if (userInfo.getSysUser().getUserType() != SysUserType.SYSTEM && !StringUtils.equalsIgnoreCase(clientId, userInfo.getSysUser().getUserType().getCode())) {
 
-//			throw new LockedException("登录失败");
 
-//		}
 
-		if("EDUCATION".equals(clientId)){
 
-			clientId = "SYSTEM";
 
-		}
 
-		if (!userInfo.getSysUser().getUserType().contains(clientId)) {
 
-			throw new LockedException("用户不存在,请联系教务老师");
 
+		if (!StringUtils.upperCase(userInfo.getSysUser().getUserType()).contains(StringUtils.upperCase(clientId))) {
 
+			throw new UsernameNotFoundException("用户不存在");
 
 		}
 
 
 		UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(SecurityConstants.USERNAME_PRINCIPAL_PREFIX + username,