增加了当前角色

2021-03-05 09:55:58 +08:00
parent a6e9301c4d
commit 5e59749ad5
5 changed files with 16 additions and 5 deletions
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/common/Constants.java
@ -7,5 +7,6 @@ public interface Constants {

 	public static final String AUTHORIZATION_HEADER = "Authorization";
 	public static final String TOKEN_PREFIX = "Bearer ";
+	public static final String CURRENT_ROLE_CODE = "currentRoleCode";
 	
 }
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/SecurityUser.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/entity/SecurityUser.java
@ -143,6 +143,11 @@ public class SecurityUser {
 	 * 职位ID
 	 */
 	private Integer positionId;
+	
+	/**
+	 * 当前用户角色
+	 */
+	private String currentRoleCode;

 	/**
 	 * 用户角色列表
--- a/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
+++ b/mall-ebtp-cloud-security-starter/src/main/java/com/chinaunicom/mall/ebtp/cloud/security/starter/filter/TokenAuthenticationFilter.java
@ -52,14 +52,15 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {

 		// 提取request头信息
 		final String header = request.getHeader(Constants.AUTHORIZATION_HEADER);
+		final String currentRoleCode = request.getHeader(Constants.CURRENT_ROLE_CODE);

 		// 检查请求头是否包含 Bearer 前缀
 		if (StringUtils.startsWith(header, Constants.TOKEN_PREFIX)) {
 			// 移除header的前缀，提取出token字串
 			String authToken = RegExUtils.replaceAll(header, Constants.TOKEN_PREFIX, "");

-			try {// 通过token读取用户信息
-				SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken));
+			try {// 通过token读取用户信息 (新增用户当前角色字段: 2021-03-05)
+				SecurityContextHolder.getContext().setAuthentication(getAuthentication(authToken, currentRoleCode));
 			} catch (Exception e) {
 				log.error(e.getMessage());
 			}
@ -73,7 +74,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 	 * @param token
 	 * @return
 	 */
-	private Authentication getAuthentication(String token) {
+	private Authentication getAuthentication(final String token, final String currentRoleCode) {
 		HttpHeaders headers = new HttpHeaders();
 		// 设置安全头
 		headers.add(HttpHeaders.AUTHORIZATION, String.format("Bearer %s", token));
@ -81,7 +82,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 		ResponseEntity<SecurityUser> entity = restTemplate.exchange(token_uri, HttpMethod.GET,
 				new HttpEntity<String>(headers), SecurityUser.class);

-		return new UsernamePasswordAuthenticationToken(entity.getBody(), token);
+		return new UsernamePasswordAuthenticationToken(entity.getBody().setCurrentRoleCode(currentRoleCode), token);
 	}

 }