1 什么是微服务
1.1 微服务的由来
- 微服务最早由Martin Fowler和James Lewis于2014年共同剔除,微服务架构风格是一种使用一套小服务来开发单个应用的方式途径,每个服务运行在自己的进程中,并使用轻量级机制通信,通常是HTTP API,这些服务基于业务能力构建,并能够通过自动化部署机制来独立部署,这些服务使用不同的编程语言实现,以及不同数据存储技术,并能够最低限度的集中式管理。
1.2 微服务的优势
- 1️⃣微服务每个模块就相当于一个单独的项目,代码量明显减少,遇到问题相对来说比较好解决。
- 2️⃣微服务每个模块可以使用不同的存储方式(比如有的使用Redis,有的使用MySQL等),每个模块甚至可以有自己的数据库。
- 3️⃣微服务每个模块可以使用不同的开发技术,开发模块更灵活。
1.3 微服务本质
- 1️⃣微服务,关键其实不仅仅是微服务本身,而是系统要提供一套基础的架构,这种架构使得微服务可以独立的部署、运行、升级,不仅如此,这个系统架构还让微服务和微服务之间在结构上“松耦合”,而在功能上则表现为一个统一的整体。这种所谓的“统一的整体”表现出来的是统一风格的界面,统一的权限管理,统一的安全策略,统一的上线过程,统一的日志和审计方法,统一的调度,统一的访问入口等。
- 2️⃣微服务的目的是有效的拆分应用,实现敏捷开发和部署。
2 微服务认证和授权实现思路
2.1 认证授权过程分析
- 1️⃣如果是基于Session,那么Spring Security会对Cookie里面的session id进行解析,找到服务器存储的session信息,然后判断当前用户是否符合请求的要求。
- 2️⃣如果是token,则是解析出token,然后将当前请求加入到Spring Security管理的权限信息中去。
如果系统模块众多,那么每个模块都需要进行授权和认证,所以我们选择基于token的形式进行认证和授权,用户根据用户名和密码进行认证成功,然后获取当前用户角色的一系列的权限值,并以用户名为key,权限列表为value的形式存入Redis缓存,根据用户名相关信息生成token返回,浏览器将token记录到cookie中,每次调用API接口都默认将token携带到header请求头中,Spring Security解析header请求头获取token信息,解析token信息获取当前用户名,根据用户名就可以从Redis中获取权限列表了,这样Spring Security就能够判断当前请求是否有权限访问。
2.2 权限管理模型
3 微服务认证和授权
3.1 实现功能
- 1️⃣登录(认证)。
- 2️⃣添加角色。
- 3️⃣为角色分配菜单。
- 4️⃣添加用户。
- 5️⃣为用户分配角色。
3.2 技术选型
- Maven。
- Spring Boot。
- Spring Security。
- Spring Cloud Alibaba。
- Spring Cloud。
- Spring Data JPA。
- Redis。
- JWT。
- Swagger。
- ……
3.3 准备工作
3.3.1 sql脚本
SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;
-- ----------------------------
-- Table structure for acl_permission
-- ----------------------------
DROP TABLE IF EXISTS `acl_permission`;
CREATE TABLE `acl_permission` (
`id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT \'\' COMMENT \'编号\',
`pid` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT \'\' COMMENT \'所属上级\',
`name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT \'\' COMMENT \'名称\',
`type` int(3) NOT NULL DEFAULT 0 COMMENT \'类型(1:菜单,2:按钮)\',
`permission_value` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT \'权限值\',
`path` varchar(100) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT \'访问路径\',
`component` varchar(100) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT \'组件路径\',
`icon` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT \'图标\',
`status` int(4) NULL DEFAULT NULL COMMENT \'状态(0:禁止,1:正常)\',
`been_deleted` int(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT \'逻辑删除 1(true)已删除, 0(false)未删除\',
`gmt_create` datetime(0) NULL DEFAULT NULL COMMENT \'创建时间\',
`gmt_modified` datetime(0) NULL DEFAULT NULL COMMENT \'更新时间\',
`remark` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT \'备注\',
PRIMARY KEY (`id`) USING BTREE,
INDEX `idx_pid`(`pid`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci COMMENT = \'权限\' ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of acl_permission
-- ----------------------------
INSERT INTO `acl_permission` VALUES (\'1\', \'0\', \'全部数据\', 0, NULL, NULL, NULL, NULL, 1, 0, \'2019-11-15 17:13:06\', \'2019-11-15 17:13:06\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195268474480156673\', \'1\', \'权限管理\', 1, NULL, \'/acl\', \'Layout\', NULL, 1, 0, \'2019-11-15 17:13:06\', \'2019-11-18 13:54:25\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195268616021139457\', \'1195268474480156673\', \'用户管理\', 1, NULL, \'user/list\', \'/acl/user/list\', NULL, 1, 0, \'2019-11-15 17:13:40\', \'2019-11-18 13:53:12\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195268788138598401\', \'1195268474480156673\', \'角色管理\', 1, NULL, \'role/list\', \'/acl/role/list\', NULL, 1, 0, \'2019-11-15 17:14:21\', \'2019-11-15 17:14:21\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195268893830864898\', \'1195268474480156673\', \'菜单管理\', 1, NULL, \'menu/list\', \'/acl/menu/list\', NULL, 1, 0, \'2019-11-15 17:14:46\', \'2019-11-15 17:14:46\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195269143060602882\', \'1195268616021139457\', \'查看\', 2, \'user.list\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:15:45\', \'2019-11-17 21:57:16\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195269295926206466\', \'1195268616021139457\', \'添加\', 2, \'user.add\', \'user/add\', \'/acl/user/form\', NULL, 1, 0, \'2019-11-15 17:16:22\', \'2019-11-15 17:16:22\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195269473479483394\', \'1195268616021139457\', \'修改\', 2, \'user.update\', \'user/update/:id\', \'/acl/user/form\', NULL, 1, 0, \'2019-11-15 17:17:04\', \'2019-11-15 17:17:04\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195269547269873666\', \'1195268616021139457\', \'删除\', 2, \'user.remove\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:17:22\', \'2019-11-15 17:17:22\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195269821262782465\', \'1195268788138598401\', \'修改\', 2, \'role.update\', \'role/update/:id\', \'/acl/role/form\', NULL, 1, 0, \'2019-11-15 17:18:27\', \'2019-11-15 17:19:53\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195269903542444034\', \'1195268788138598401\', \'查看\', 2, \'role.list\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:18:47\', \'2019-11-15 17:18:47\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195270037005197313\', \'1195268788138598401\', \'添加\', 2, \'role.add\', \'role/add\', \'/acl/role/form\', NULL, 1, 0, \'2019-11-15 17:19:19\', \'2019-11-18 11:05:42\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195270442602782721\', \'1195268788138598401\', \'删除\', 2, \'role.remove\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:20:55\', \'2019-11-15 17:20:55\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195270621548568578\', \'1195268788138598401\', \'角色权限\', 2, \'role.acl\', \'role/distribution/:id\', \'/acl/role/roleForm\', NULL, 1, 0, \'2019-11-15 17:21:38\', \'2019-11-15 17:21:38\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195270744097742849\', \'1195268893830864898\', \'查看\', 2, \'permission.list\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:22:07\', \'2019-11-15 17:22:07\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195270810560684034\', \'1195268893830864898\', \'添加\', 2, \'permission.add\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:22:23\', \'2019-11-15 17:22:23\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195270862100291586\', \'1195268893830864898\', \'修改\', 2, \'permission.update\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:22:35\', \'2019-11-15 17:22:35\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195270887933009922\', \'1195268893830864898\', \'删除\', 2, \'permission.remove\', \'\', \'\', NULL, 1, 0, \'2019-11-15 17:22:41\', \'2019-11-15 17:22:41\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195349439240048642\', \'1\', \'讲师管理\', 1, NULL, \'/edu/teacher\', \'Layout\', NULL, 1, 0, \'2019-11-15 22:34:49\', \'2019-11-15 22:34:49\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195349699995734017\', \'1195349439240048642\', \'讲师列表\', 1, NULL, \'list\', \'/edu/teacher/list\', NULL, 1, 0, \'2019-11-15 22:35:52\', \'2019-11-15 22:35:52\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195349810561781761\', \'1195349439240048642\', \'添加讲师\', 1, NULL, \'create\', \'/edu/teacher/form\', NULL, 1, 0, \'2019-11-15 22:36:18\', \'2019-11-15 22:36:18\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195349876252971010\', \'1195349810561781761\', \'添加\', 2, \'teacher.add\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:36:34\', \'2019-11-15 22:36:34\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195349979797753857\', \'1195349699995734017\', \'查看\', 2, \'teacher.list\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:36:58\', \'2019-11-15 22:36:58\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350117270261762\', \'1195349699995734017\', \'修改\', 2, \'teacher.update\', \'edit/:id\', \'/edu/teacher/form\', NULL, 1, 0, \'2019-11-15 22:37:31\', \'2019-11-15 22:37:31\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350188359520258\', \'1195349699995734017\', \'删除\', 2, \'teacher.remove\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:37:48\', \'2019-11-15 22:37:48\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350299365969922\', \'1\', \'课程分类\', 1, NULL, \'/edu/subject\', \'Layout\', NULL, 1, 0, \'2019-11-15 22:38:15\', \'2019-11-15 22:38:15\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350397751758850\', \'1195350299365969922\', \'课程分类列表\', 1, NULL, \'list\', \'/edu/subject/list\', NULL, 1, 0, \'2019-11-15 22:38:38\', \'2019-11-15 22:38:38\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350500512206850\', \'1195350299365969922\', \'导入课程分类\', 1, NULL, \'import\', \'/edu/subject/import\', NULL, 1, 0, \'2019-11-15 22:39:03\', \'2019-11-15 22:39:03\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350612172967938\', \'1195350397751758850\', \'查看\', 2, \'subject.list\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:39:29\', \'2019-11-15 22:39:29\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350687590748161\', \'1195350500512206850\', \'导入\', 2, \'subject.import\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:39:47\', \'2019-11-15 22:39:47\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350831744782337\', \'1\', \'课程管理\', 1, NULL, \'/edu/course\', \'Layout\', NULL, 1, 0, \'2019-11-15 22:40:21\', \'2019-11-15 22:40:21\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195350919074385921\', \'1195350831744782337\', \'课程列表\', 1, NULL, \'list\', \'/edu/course/list\', NULL, 1, 0, \'2019-11-15 22:40:42\', \'2019-11-15 22:40:42\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195351020463296513\', \'1195350831744782337\', \'发布课程\', 1, NULL, \'info\', \'/edu/course/info\', NULL, 1, 0, \'2019-11-15 22:41:06\', \'2019-11-15 22:41:06\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195351159672246274\', \'1195350919074385921\', \'完成发布\', 2, \'course.publish\', \'publish/:id\', \'/edu/course/publish\', NULL, 1, 0, \'2019-11-15 22:41:40\', \'2019-11-15 22:44:01\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195351326706208770\', \'1195350919074385921\', \'编辑课程\', 2, \'course.update\', \'info/:id\', \'/edu/course/info\', NULL, 1, 0, \'2019-11-15 22:42:19\', \'2019-11-15 22:42:19\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195351566221938690\', \'1195350919074385921\', \'编辑课程大纲\', 2, \'chapter.update\', \'chapter/:id\', \'/edu/course/chapter\', NULL, 1, 0, \'2019-11-15 22:43:17\', \'2019-11-15 22:43:17\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195351862889254913\', \'1\', \'统计分析\', 1, NULL, \'/statistics/daily\', \'Layout\', NULL, 1, 0, \'2019-11-15 22:44:27\', \'2019-11-15 22:44:27\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195351968841568257\', \'1195351862889254913\', \'生成统计\', 1, NULL, \'create\', \'/statistics/daily/create\', NULL, 1, 0, \'2019-11-15 22:44:53\', \'2019-11-15 22:44:53\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195352054917074946\', \'1195351862889254913\', \'统计图表\', 1, NULL, \'chart\', \'/statistics/daily/chart\', NULL, 1, 0, \'2019-11-15 22:45:13\', \'2019-11-15 22:45:13\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195352127734386690\', \'1195352054917074946\', \'查看\', 2, \'daily.list\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:45:30\', \'2019-11-15 22:45:30\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195352215768633346\', \'1195351968841568257\', \'生成\', 2, \'daily.add\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:45:51\', \'2019-11-15 22:45:51\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195352547621965825\', \'1\', \'CMS管理\', 1, NULL, \'/cms\', \'Layout\', NULL, 1, 0, \'2019-11-15 22:47:11\', \'2019-11-18 10:51:46\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195352856645701633\', \'1195353513549205505\', \'查看\', 2, \'banner.list\', \'\', NULL, NULL, 1, 0, \'2019-11-15 22:48:24\', \'2019-11-15 22:48:24\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195352909401657346\', \'1195353513549205505\', \'添加\', 2, \'banner.add\', \'banner/add\', \'/cms/banner/form\', NULL, 1, 0, \'2019-11-15 22:48:37\', \'2019-11-18 10:52:10\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195353051395624961\', \'1195353513549205505\', \'修改\', 2, \'banner.update\', \'banner/update/:id\', \'/cms/banner/form\', NULL, 1, 0, \'2019-11-15 22:49:11\', \'2019-11-18 10:52:05\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195353513549205505\', \'1195352547621965825\', \'Bander列表\', 1, NULL, \'banner/list\', \'/cms/banner/list\', NULL, 1, 0, \'2019-11-15 22:51:01\', \'2019-11-18 10:51:29\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195353672110673921\', \'1195353513549205505\', \'删除\', 2, \'banner.remove\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:51:39\', \'2019-11-15 22:51:39\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195354076890370050\', \'1\', \'订单管理\', 1, NULL, \'/order\', \'Layout\', NULL, 1, 0, \'2019-11-15 22:53:15\', \'2019-11-15 22:53:15\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195354153482555393\', \'1195354076890370050\', \'订单列表\', 1, NULL, \'list\', \'/order/list\', NULL, 1, 0, \'2019-11-15 22:53:33\', \'2019-11-15 22:53:58\', NULL);
INSERT INTO `acl_permission` VALUES (\'1195354315093282817\', \'1195354153482555393\', \'查看\', 2, \'order.list\', \'\', \'\', NULL, 1, 0, \'2019-11-15 22:54:12\', \'2019-11-15 22:54:12\', NULL);
INSERT INTO `acl_permission` VALUES (\'1196301740985311234\', \'1195268616021139457\', \'分配角色\', 2, \'user.assgin\', \'user/role/:id\', \'/acl/user/roleForm\', NULL, 1, 0, \'2019-11-18 13:38:56\', \'2019-11-18 13:38:56\', NULL);
-- ----------------------------
-- Table structure for acl_role
-- ----------------------------
DROP TABLE IF EXISTS `acl_role`;
CREATE TABLE `acl_role` (
`id` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'\' COMMENT \'角色id\',
`role_name` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'\' COMMENT \'角色名称\',
`role_code` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT \'角色编码\',
`remark` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT \'备注\',
`been_deleted` int(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT \'逻辑删除 1(true)已删除, 0(false)未删除\',
`gmt_create` datetime(0) NOT NULL COMMENT \'创建时间\',
`gmt_modified` datetime(0) NOT NULL COMMENT \'更新时间\',
PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of acl_role
-- ----------------------------
INSERT INTO `acl_role` VALUES (\'1\', \'普通管理员\', NULL, NULL, 0, \'2019-11-11 13:09:32\', \'2019-11-18 10:27:18\');
INSERT INTO `acl_role` VALUES (\'1193757683205607426\', \'课程管理员\', NULL, NULL, 0, \'2019-11-11 13:09:45\', \'2019-11-18 10:25:44\');
INSERT INTO `acl_role` VALUES (\'1196300996034977794\', \'test\', NULL, NULL, 0, \'2019-11-18 13:35:58\', \'2019-11-18 13:35:58\');
-- ----------------------------
-- Table structure for acl_role_permission
-- ----------------------------
DROP TABLE IF EXISTS `acl_role_permission`;
CREATE TABLE `acl_role_permission` (
`id` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'\',
`role_id` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'\',
`permission_id` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'\',
`been_deleted` int(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT \'逻辑删除 1(true)已删除, 0(false)未删除\',
`gmt_create` datetime(0) NOT NULL COMMENT \'创建时间\',
`gmt_modified` datetime(0) NOT NULL COMMENT \'更新时间\',
`remark` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT \'备注\',
PRIMARY KEY (`id`) USING BTREE,
INDEX `idx_role_id`(`role_id`) USING BTREE,
INDEX `idx_permission_id`(`permission_id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci COMMENT = \'角色权限\' ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of acl_role_permission
-- ----------------------------
INSERT INTO `acl_role_permission` VALUES (\'1196301979754455041\', \'1\', \'1\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979792203778\', \'1\', \'1195268474480156673\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979821563906\', \'1\', \'1195268616021139457\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979842535426\', \'1\', \'1195269143060602882\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979855118338\', \'1\', \'1195269295926206466\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979880284161\', \'1\', \'1195269473479483394\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979913838593\', \'1\', \'1195269547269873666\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979926421506\', \'1\', \'1196301740985311234\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301979951587330\', \'1\', \'1195268788138598401\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980014501889\', \'1\', \'1195269821262782465\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980035473410\', \'1\', \'1195269903542444034\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980052250626\', \'1\', \'1195270037005197313\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980077416450\', \'1\', \'1195270442602782721\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980094193665\', \'1\', \'1195270621548568578\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980119359489\', \'1\', \'1195268893830864898\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980136136706\', \'1\', \'1195270744097742849\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980249382913\', \'1\', \'1195270810560684034\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980270354434\', \'1\', \'1195270862100291586\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980287131649\', \'1\', \'1195270887933009922\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980303908866\', \'1\', \'1195349439240048642\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980320686082\', \'1\', \'1195349699995734017\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980345851905\', \'1\', \'1195349979797753857\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980362629121\', \'1\', \'1195350117270261762\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980383600641\', \'1\', \'1195350188359520258\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980408766465\', \'1\', \'1195349810561781761\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980421349378\', \'1\', \'1195349876252971010\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980438126593\', \'1\', \'1195350299365969922\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980450709506\', \'1\', \'1195350397751758850\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980501041153\', \'1\', \'1195350612172967938\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980517818370\', \'1\', \'1195350500512206850\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980538789889\', \'1\', \'1195350687590748161\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980622675970\', \'1\', \'1195350831744782337\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980639453186\', \'1\', \'1195350919074385921\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980660424705\', \'1\', \'1195351159672246274\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980677201922\', \'1\', \'1195351326706208770\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980698173441\', \'1\', \'1195351566221938690\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980714950658\', \'1\', \'1195351020463296513\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980723339266\', \'1\', \'1195351862889254913\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980744310786\', \'1\', \'1195351968841568257\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980761088001\', \'1\', \'1195352215768633346\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980777865217\', \'1\', \'1195352054917074946\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980794642434\', \'1\', \'1195352127734386690\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980811419650\', \'1\', \'1195352547621965825\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980828196865\', \'1\', \'1195353513549205505\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980844974082\', \'1\', \'1195352856645701633\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980861751298\', \'1\', \'1195352909401657346\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980886917122\', \'1\', \'1195353051395624961\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980928860162\', \'1\', \'1195353672110673921\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980954025986\', \'1\', \'1195354076890370050\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980970803201\', \'1\', \'1195354153482555393\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196301980987580418\', \'1\', \'1195354315093282817\', 1, \'2019-11-18 13:39:53\', \'2019-11-18 13:39:53\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293070077953\', \'1\', \'1\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293099438081\', \'1\', \'1195268474480156673\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293120409602\', \'1\', \'1195268616021139457\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293153964034\', \'1\', \'1195269143060602882\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293183324162\', \'1\', \'1195269295926206466\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293212684290\', \'1\', \'1195269473479483394\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293237850114\', \'1\', \'1195269547269873666\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293271404545\', \'1\', \'1196301740985311234\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293485314049\', \'1\', \'1195268788138598401\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293506285569\', \'1\', \'1195269821262782465\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293527257089\', \'1\', \'1195269903542444034\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293552422914\', \'1\', \'1195270037005197313\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293565005825\', \'1\', \'1195270442602782721\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293594365954\', \'1\', \'1195270621548568578\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293611143169\', \'1\', \'1195268893830864898\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293627920385\', \'1\', \'1195270744097742849\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293657280513\', \'1\', \'1195349439240048642\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293674057729\', \'1\', \'1195349699995734017\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293690834946\', \'1\', \'1195349979797753857\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293716000770\', \'1\', \'1195350117270261762\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293736972290\', \'1\', \'1195350188359520258\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293749555202\', \'1\', \'1195349810561781761\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293766332417\', \'1\', \'1195349876252971010\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293795692546\', \'1\', \'1195350299365969922\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293812469762\', \'1\', \'1195350397751758850\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293837635586\', \'1\', \'1195350612172967938\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293858607106\', \'1\', \'1195350500512206850\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293875384322\', \'1\', \'1195350687590748161\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293892161538\', \'1\', \'1195350831744782337\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293950881794\', \'1\', \'1195350919074385921\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305293976047617\', \'1\', \'1195351159672246274\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294127042561\', \'1\', \'1195351326706208770\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294156402690\', \'1\', \'1195351566221938690\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294177374209\', \'1\', \'1195351862889254913\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294194151425\', \'1\', \'1195351968841568257\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294223511554\', \'1\', \'1195352215768633346\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294240288770\', \'1\', \'1195352054917074946\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294248677377\', \'1\', \'1195352127734386690\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294248677378\', \'1\', \'1195352547621965825\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294319980546\', \'1\', \'1195353513549205505\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294319980547\', \'1\', \'1195352856645701633\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294319980548\', \'1\', \'1195352909401657346\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294378700802\', \'1\', \'1195353051395624961\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294378700803\', \'1\', \'1195353672110673921\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294458392577\', \'1\', \'1195354076890370050\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294483558402\', \'1\', \'1195354153482555393\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305294500335618\', \'1\', \'1195354315093282817\', 1, \'2019-11-18 13:53:03\', \'2019-11-18 13:53:03\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566656139266\', \'1\', \'1\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566689693698\', \'1\', \'1195268474480156673\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566706470913\', \'1\', \'1195268616021139457\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566740025346\', \'1\', \'1195269143060602882\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566756802561\', \'1\', \'1195269295926206466\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566781968385\', \'1\', \'1195269473479483394\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566811328514\', \'1\', \'1195269547269873666\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566828105730\', \'1\', \'1196301740985311234\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566853271554\', \'1\', \'1195268788138598401\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566878437378\', \'1\', \'1195269821262782465\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566895214593\', \'1\', \'1195269903542444034\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566916186113\', \'1\', \'1195270037005197313\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566949740546\', \'1\', \'1195270442602782721\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566966517761\', \'1\', \'1195270621548568578\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305566991683585\', \'1\', \'1195268893830864898\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567012655106\', \'1\', \'1195270744097742849\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567029432322\', \'1\', \'1195270810560684034\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567042015233\', \'1\', \'1195270862100291586\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567100735490\', \'1\', \'1195270887933009922\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567117512705\', \'1\', \'1195349439240048642\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567142678530\', \'1\', \'1195349699995734017\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567155261442\', \'1\', \'1195349979797753857\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567172038658\', \'1\', \'1195350117270261762\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567188815873\', \'1\', \'1195350188359520258\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567218176001\', \'1\', \'1195349810561781761\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567234953217\', \'1\', \'1195349876252971010\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567251730434\', \'1\', \'1195350299365969922\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567272701954\', \'1\', \'1195350397751758850\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567289479170\', \'1\', \'1195350612172967938\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567310450690\', \'1\', \'1195350500512206850\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567327227905\', \'1\', \'1195350687590748161\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567448862722\', \'1\', \'1195350831744782337\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567478222850\', \'1\', \'1195350919074385921\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567495000065\', \'1\', \'1195351159672246274\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567520165889\', \'1\', \'1195351326706208770\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567541137409\', \'1\', \'1195351566221938690\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567570497538\', \'1\', \'1195351862889254913\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567587274754\', \'1\', \'1195351968841568257\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567604051970\', \'1\', \'1195352215768633346\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567633412098\', \'1\', \'1195352054917074946\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567683743745\', \'1\', \'1195352127734386690\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567721492481\', \'1\', \'1195352547621965825\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567742464002\', \'1\', \'1195353513549205505\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567771824129\', \'1\', \'1195352856645701633\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567792795650\', \'1\', \'1195352909401657346\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567809572866\', \'1\', \'1195353051395624961\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567843127298\', \'1\', \'1195353672110673921\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567868293122\', \'1\', \'1195354076890370050\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567885070338\', \'1\', \'1195354153482555393\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196305567910236162\', \'1\', \'1195354315093282817\', 1, \'2019-11-18 13:54:08\', \'2019-11-18 13:54:08\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702601695234\', \'1\', \'1\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702652026881\', \'1\', \'1195268474480156673\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702668804098\', \'1\', \'1195268616021139457\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702698164226\', \'1\', \'1195269143060602882\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702723330049\', \'1\', \'1195269295926206466\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702744301569\', \'1\', \'1195269473479483394\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702765273089\', \'1\', \'1195269547269873666\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702790438913\', \'1\', \'1196301740985311234\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702945628161\', \'1\', \'1195268788138598401\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312702970793985\', \'1\', \'1195269821262782465\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703000154114\', \'1\', \'1195269903542444034\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703025319938\', \'1\', \'1195270037005197313\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703046291458\', \'1\', \'1195270442602782721\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703063068673\', \'1\', \'1195270621548568578\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703084040193\', \'1\', \'1195268893830864898\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703113400321\', \'1\', \'1195270744097742849\', 0, \'2019-11-18 14:22:29\', \'2019-11-18 14:22:29\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703134371842\', \'1\', \'1195270810560684034\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703159537665\', \'1\', \'1195270862100291586\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703184703490\', \'1\', \'1195270887933009922\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703209869313\', \'1\', \'1195349439240048642\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703230840834\', \'1\', \'1195349699995734017\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703251812354\', \'1\', \'1195349979797753857\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703272783873\', \'1\', \'1195350117270261762\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703293755394\', \'1\', \'1195350188359520258\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703327309826\', \'1\', \'1195349810561781761\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703348281345\', \'1\', \'1195349876252971010\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703365058561\', \'1\', \'1195350299365969922\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703386030082\', \'1\', \'1195350397751758850\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703440556034\', \'1\', \'1195350612172967938\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703486693378\', \'1\', \'1195350500512206850\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703511859202\', \'1\', \'1195350687590748161\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703654465537\', \'1\', \'1195350831744782337\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703683825665\', \'1\', \'1195350919074385921\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703700602882\', \'1\', \'1195351159672246274\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703717380098\', \'1\', \'1195351326706208770\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703738351618\', \'1\', \'1195351566221938690\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703759323137\', \'1\', \'1195351020463296513\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703776100353\', \'1\', \'1195351862889254913\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703792877570\', \'1\', \'1195351968841568257\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703830626305\', \'1\', \'1195352215768633346\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703843209217\', \'1\', \'1195352054917074946\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703868375041\', \'1\', \'1195352127734386690\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703889346561\', \'1\', \'1195352547621965825\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703901929473\', \'1\', \'1195353513549205505\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703918706689\', \'1\', \'1195352856645701633\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703952261121\', \'1\', \'1195352909401657346\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703973232642\', \'1\', \'1195353051395624961\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312703990009857\', \'1\', \'1195353672110673921\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312704048730114\', \'1\', \'1195354076890370050\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312704069701633\', \'1\', \'1195354153482555393\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
INSERT INTO `acl_role_permission` VALUES (\'1196312704094867457\', \'1\', \'1195354315093282817\', 0, \'2019-11-18 14:22:30\', \'2019-11-18 14:22:30\', NULL);
-- ----------------------------
-- Table structure for acl_user
-- ----------------------------
DROP TABLE IF EXISTS `acl_user`;
CREATE TABLE `acl_user` (
`id` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL COMMENT \'会员id\',
`username` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT \'\' COMMENT \'微信openid\',
`password` varchar(64) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NOT NULL DEFAULT \'\' COMMENT \'密码\',
`nick_name` varchar(50) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT \'昵称\',
`been_deleted` int(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT \'逻辑删除 1(true)已删除, 0(false)未删除\',
`gmt_create` datetime(0) NOT NULL COMMENT \'创建时间\',
`gmt_modified` datetime(0) NOT NULL COMMENT \'更新时间\',
`remark` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_general_ci NULL DEFAULT NULL COMMENT \'备注\',
PRIMARY KEY (`id`) USING BTREE,
UNIQUE INDEX `uk_username`(`username`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_general_ci COMMENT = \'用户表\' ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of acl_user
-- ----------------------------
INSERT INTO `acl_user` VALUES (\'1\', \'admin\', \'$2a$10$VgjWFFU4wQviC8kOnuAOyuuS7S1zkotmqQl4OcFSkN3lsJvuTm9vG\', \'admin\', 0, \'2019-11-01 10:39:47\', \'2019-11-01 10:39:47\', NULL);
INSERT INTO `acl_user` VALUES (\'2\', \'test\', \'$2a$10$VgjWFFU4wQviC8kOnuAOyuuS7S1zkotmqQl4OcFSkN3lsJvuTm9vG\', \'test\', 0, \'2019-11-01 16:36:07\', \'2019-11-01 16:40:08\', NULL);
-- ----------------------------
-- Table structure for acl_user_role
-- ----------------------------
DROP TABLE IF EXISTS `acl_user_role`;
CREATE TABLE `acl_user_role` (
`id` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'\' COMMENT \'主键id\',
`role_id` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'0\' COMMENT \'角色id\',
`user_id` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL DEFAULT \'0\' COMMENT \'用户id\',
`been_deleted` int(1) UNSIGNED NOT NULL DEFAULT 0 COMMENT \'逻辑删除 1(true)已删除, 0(false)未删除\',
`gmt_create` datetime(0) NOT NULL COMMENT \'创建时间\',
`gmt_modified` datetime(0) NOT NULL COMMENT \'更新时间\',
`remark` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT \'备注\',
PRIMARY KEY (`id`) USING BTREE,
INDEX `idx_role_id`(`role_id`) USING BTREE,
INDEX `idx_user_id`(`user_id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic;
-- ----------------------------
-- Records of acl_user_role
-- ----------------------------
INSERT INTO `acl_user_role` VALUES (\'1\', \'1\', \'1\', 0, \'2019-11-11 13:09:53\', \'2019-11-11 13:09:53\', NULL);
SET FOREIGN_KEY_CHECKS = 1;
3.3.2 搭建项目工程
- 1️⃣创建父工程acl-parent:管理依赖版本。
- 2️⃣在父工程创建子模块:
- acl-common模块:常用的工具类等。
- api-gateway模块:API网关。
- service-acl模块:权限业务模块。
3.4 Spring Security 微服务权限方案图示
3.5 项目工程
3.5.1 总工程acl-parent的pom
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.sunxiaping</groupId>
<artifactId>acl-parent</artifactId>
<packaging>pom</packaging>
<version>1.0</version>
<modules>
<module>acl-common</module>
<module>api-gateway</module>
<module>service-acl</module>
</modules>
<properties>
<jwt.version>0.9.1</jwt.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<java.version>1.8</java.version>
<hutool.version>5.4.7</hutool.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-devtools</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>cn.hutool</groupId>
<artifactId>hutool-all</artifactId>
<version>${hutool.version}</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-boot-starter</artifactId>
<version>3.0.0</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<scope>provided</scope>
</dependency>
<dependency>
<scope>runtime</scope>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-impl</artifactId>
<version>0.11.2</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-api</artifactId>
<version>0.11.2</version>
</dependency>
<dependency>
<scope>runtime</scope>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt-jackson</artifactId>
<version>0.11.2</version>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>2.3.3.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-dependencies</artifactId>
<version>Hoxton.SR8</version>
<type>pom</type>
<scope>import</scope>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-alibaba-dependencies</artifactId>
<version>2.2.1.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
</project>
3.5.2 acl-common模块
- pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>acl-parent</artifactId>
<groupId>com.sunxiaping</groupId>
<version>1.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>acl-common</artifactId>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
</dependencies>
</project>
- GuliException.java
package com.sunxiaping.acl.exceptionhandler;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
/**
* 自定义异常
*
* @author 许大仙
* @version 1.0
* @since 2020-10-30 14:38
*/
@Setter
@Getter
@AllArgsConstructor //生成有参数构造方法
@NoArgsConstructor //生成无参数构造
public class GuliException extends RuntimeException {
private Integer code;//状态码
private String msg;//异常信息
}
3.5.3 api-gateway模块
- pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>acl-parent</artifactId>
<groupId>com.sunxiaping</groupId>
<version>1.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>api-gateway</artifactId>
<dependencies>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-openfeign</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.cloud</groupId>
<artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
</project>
- application.yml
server:
port: 9015
spring:
application:
name: api-gateway
cloud:
# 服务发现和配置中心Nacos
nacos:
discovery:
server-addr: 127.0.0.1:8848 # 配置Nacos的地址
config:
server-addr: 127.0.0.1:8848 # 配置中心的地址
file-extension: yml # 执行yaml格式的配置
# 微服务网关
gateway:
discovery:
locator:
enabled: true # 开启从注册中心动态创建路由的功能,利用微服务名进行路由
lower-case-service-id: true # 微服务名称以小写形式呈现
# routes:
# # 配置路由: 路由id,路由到微服务的uri,断言(判断条件)
# - id: service-acl # 路由id
# #
# uri: lb://service-acl # 路由到微服务的uri。 lb://xxx,lb代表从注册中心获取服务列表,xxx代表需要转发的微服务的名称
# predicates: # 断言(判断条件)
# # - Path=/product/**
# - Path=/service-acl/**
# filters: # 配置路由过滤器 http://localhost:7007/product-service/product/findById/1 --> http://localhost:7007/product/findById/1
# - RewritePath=/service-acl/(?<segment>.*), /$\{segment} # 路径重写的过滤器
management:
endpoints:
web:
exposure:
include: \'*\'
- APIGatewayApplication.java
package com.sunxiaping.acl;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
/**
* @author 许大仙
* @version 1.0
* @since 2020-10-30 13:24
*/
@EnableDiscoveryClient
@SpringBootApplication
public class APIGatewayApplication {
public static void main(String[] args) {
SpringApplication.run(APIGatewayApplication.class, args);
}
}
3.5.4 service-acl模块
- pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<parent>
<artifactId>acl-parent</artifactId>
<groupId>com.sunxiaping</groupId>
<version>1.0</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>service-acl</artifactId>
<dependencies>
<dependency>
<groupId>com.sunxiaping</groupId>
<artifactId>acl-common</artifactId>
<version>1.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba.cloud</groupId>
<artifactId>spring-cloud-starter-alibaba-nacos-discovery</artifactId>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
</dependencies>
</project>
- application.yml
server:
port: 9016
spring:
application:
name: service-acl
cloud:
# 服务发现和配置中心Nacos
nacos:
discovery:
server-addr: 127.0.0.1:8848 # 配置Nacos的地址
config:
server-addr: 127.0.0.1:8848 # 配置中心的地址
file-extension: yml # 执行yaml格式的配置
# 配置数据源
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://192.168.1.57:3306/test?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false&serverTimezone=GMT%2B8&allowPublicKeyRetrieval=true&nullCatalogMeansCurrent=true
username: root
password: 123456
# Hikari 连接池配置
hikari:
# 最小空闲连接数量
minimum-idle: 5
# 空闲连接存活最大时间,默认600000(10分钟)
idle-timeout: 180000
# 连接池最大连接数,默认是10
maximum-pool-size: 1000
# 此属性控制从池返回的连接的默认自动提交行为,默认值:true
auto-commit: true
# 连接池名称
pool-name: HikariCP
# 此属性控制池中连接的最长生命周期,值0表示无限生命周期,默认1800000即30分钟
max-lifetime: 1800000
# 数据库连接超时时间,默认30秒,即30000
connection-timeout: 30000
connection-test-query: SELECT 1
data-source-properties:
useInformationSchema: true
# JPA
jpa:
hibernate:
ddl-auto: update # 第一次建表create 后面用update
naming:
physical-strategy: org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy
use-new-id-generator-mappings: false
show-sql: true
database: mysql
database-platform: org.hibernate.dialect.MySQL8Dialect
properties:
hibernate: com.jason.config.MySQL5TableType
open-in-view: true
# redis
redis:
database: 0
port: 6379
host: 127.0.0.1
management:
endpoints:
web:
exposure:
include: \'*\'
springfox:
documentation:
open-api:
enabled: false
- ServiceApplication.java
package com.sunxiaping.acl;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
import org.springframework.transaction.annotation.EnableTransactionManagement;
import springfox.documentation.oas.annotations.EnableOpenApi;
/**
* 启动类
*
* @author 许大仙
* @version 1.0
* @since 2020-11-03 16:31
*/
@EnableOpenApi
@SpringBootApplication
@EnableTransactionManagement
@EnableJpaAuditing
//@EntityScan(basePackages = "com.sunxiaping.acl.domain")
public class ServiceApplication {
public static void main(String[] args) {
SpringApplication.run(ServiceApplication.class, args);
}
}
-
实体类:
- BaseModel.java
package com.sunxiaping.acl.domain.base; import com.fasterxml.jackson.annotation.JsonFormat; import com.fasterxml.jackson.annotation.JsonIgnore; import lombok.Getter; import lombok.Setter; import org.hibernate.annotations.GenericGenerator; import org.springframework.data.annotation.CreatedDate; import org.springframework.data.annotation.LastModifiedDate; import org.springframework.data.jpa.domain.support.AuditingEntityListener; import javax.persistence.*; import java.io.Serializable; import java.util.Date; /** * 所有实体类的抽象父类 * * @author 许大仙 * @version 1.0 * @since 2020-11-03 11:11 */ @MappedSuperclass @Setter @Getter @EntityListeners(AuditingEntityListener.class) public abstract class BaseModel implements Serializable { @Id @Column(name = "`id`", columnDefinition = "varchar(255) comment \'主键\'") @GenericGenerator(name = "idGenerator", strategy = "uuid") @GeneratedValue(generator = "idGenerator") private String id; @JsonIgnore @Column(name = "`been_deleted`", columnDefinition = "int comment \'逻辑删除 0表示逻辑未删除 1表示逻辑删除\' default 0 ") private Integer beenDeleted; @Temporal(TemporalType.TIMESTAMP) @CreatedDate @Column(name = "`gmt_create`", columnDefinition = "datetime comment \'创建时间\'") @JsonIgnore @JsonFormat(locale = "zh", timezone = "GMT+8", pattern = "yyyy-MM-dd HH:mm:ss") private Date created; @Temporal(TemporalType.TIMESTAMP) @LastModifiedDate @Column(name = "`gmt_modified`", columnDefinition = "datetime comment \'修改时间\'") @JsonIgnore @JsonFormat(locale = "zh", timezone = "GMT+8", pattern = "yyyy-MM-dd HH:mm:ss") private Date updated; @Column(name = "`remark`", columnDefinition = "varchar(255) comment \'备注\'") private String remark; }- AclUser.java
package com.sunxiaping.acl.domain; import com.sunxiaping.acl.domain.base.BaseModel; import lombok.Getter; import lombok.Setter; import org.hibernate.annotations.*; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Table; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 11:11 */ @Entity @Setter @Getter @Table(name = "`acl_user`") @org.hibernate.annotations.Table(appliesTo = "`acl_user`", comment = "用户表") @SQLDelete(sql = "UPDATE `acl_user` SET `been_deleted` = 1 WHERE id = ? and version = ?") @SQLDeleteAll(sql = "UPDATE `acl_user` SET `been_deleted` = 1 WHERE id = ? and version = ?") @Where(clause = "`been_deleted` = 0") @DynamicInsert @DynamicUpdate public class AclUser extends BaseModel { @Column(name = "`username`", columnDefinition = "varchar(255) comment \'用户名\'") private String username; @Column(name = "`password`", columnDefinition = "varchar(255) comment \'密码\'") private String password; @Column(name = "`nick_name`", columnDefinition = "varchar(255) comment \'昵称\'") private String nickname; }- AclUserRole.java
package com.sunxiaping.acl.domain; import com.sunxiaping.acl.domain.base.BaseModel; import lombok.Getter; import lombok.Setter; import org.hibernate.annotations.*; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Table; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 14:47 */ @Entity @Setter @Getter @Table(name = "`acl_user_role`") @org.hibernate.annotations.Table(appliesTo = "`acl_user_role`", comment = "用户角色表") @SQLDelete(sql = "UPDATE `acl_user_role` SET `been_deleted` = 1 WHERE id = ? and version = ?") @SQLDeleteAll(sql = "UPDATE `acl_user_role` SET `been_deleted` = 1 WHERE id = ? and version = ?") @Where(clause = "`been_deleted` = 0") @DynamicInsert @DynamicUpdate public class AclUserRole extends BaseModel { @Column(name = "`role_id`", columnDefinition = "varchar(255) comment \'角色的id\'") private String roleId; @Column(name = "`user_id`", columnDefinition = "varchar(255) comment \'用户的id\'") private String userId; }- AclRole.java
package com.sunxiaping.acl.domain; import com.sunxiaping.acl.domain.base.BaseModel; import lombok.Getter; import lombok.Setter; import org.hibernate.annotations.*; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Table; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 14:30 */ @Entity @Setter @Getter @Table(name = "`acl_role`") @org.hibernate.annotations.Table(appliesTo = "`acl_role`", comment = "角色表") @SQLDelete(sql = "UPDATE `acl_role` SET `been_deleted` = 1 WHERE id = ? and version = ?") @SQLDeleteAll(sql = "UPDATE `acl_role` SET `been_deleted` = 1 WHERE id = ? and version = ?") @Where(clause = "`been_deleted` = 0") @DynamicInsert @DynamicUpdate public class AclRole extends BaseModel { @Column(name = "`role_name`", columnDefinition = "varchar(255) comment \'角色名\'") private String roleName; @Column(name = "`role_code`", columnDefinition = "varchar(255) comment \'角色编码\'") private String roleCode; }- AclRolePermission.java
package com.sunxiaping.acl.domain; import com.sunxiaping.acl.domain.base.BaseModel; import lombok.Getter; import lombok.Setter; import org.hibernate.annotations.*; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Table; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 14:49 */ @Entity @Setter @Getter @Table(name = "`acl_role_permission`") @org.hibernate.annotations.Table(appliesTo = "`acl_role_permission`", comment = "角色权限表") @SQLDelete(sql = "UPDATE `acl_role_permission` SET `been_deleted` = 1 WHERE id = ? and version = ?") @SQLDeleteAll(sql = "UPDATE `acl_role_permission` SET `been_deleted` = 1 WHERE id = ? and version = ?") @Where(clause = "`been_deleted` = 0") @DynamicInsert @DynamicUpdate public class AclRolePermission extends BaseModel { @Column(name = "`role_id`", columnDefinition = "varchar(255) comment \'角色的id\'") private String roleId; @Column(name = "`permission_id`", columnDefinition = "varchar(255) comment \'权限的id\'") private String permissionId; }- AclPermission.java
package com.sunxiaping.acl.domain; import com.sunxiaping.acl.domain.base.BaseModel; import lombok.Getter; import lombok.Setter; import org.hibernate.annotations.*; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Table; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 14:39 */ @Entity @Setter @Getter @Table(name = "`acl_permission`") @org.hibernate.annotations.Table(appliesTo = "`acl_permission`", comment = "权限表") @SQLDelete(sql = "UPDATE `acl_permission` SET `been_deleted` = 1 WHERE id = ? and version = ?") @SQLDeleteAll(sql = "UPDATE `acl_permission` SET `been_deleted` = 1 WHERE id = ? and version = ?") @Where(clause = "`been_deleted` = 0") @DynamicInsert @DynamicUpdate public class AclPermission extends BaseModel { @Column(name = "`name`", columnDefinition = "varchar(255) comment \'权限名称\'") private String name; @Column(name = "`type`", columnDefinition = "int comment \'类型\'") private int type; @Column(name = "`permission_value`", columnDefinition = "varchar(255) comment \'权限值\'") private String permissionValue; @Column(name = "`path`", columnDefinition = "varchar(255) comment \'访问路径\'") private String path; @Column(name = "`component`", columnDefinition = "varchar(255) comment \'组件路径\'") private String component; @Column(name = "`status`", columnDefinition = "int comment \'状态\'") private int status; @Column(name = "`pid`", columnDefinition = "varchar(255) comment \'所属上级\'") private String pid; } -
dao层接口:
- AclUserRepository.java
package com.sunxiaping.acl.repository; import com.sunxiaping.acl.domain.AclUser; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaSpecificationExecutor; import org.springframework.stereotype.Repository; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 16:19 */ @Repository public interface AclUserRepository extends JpaRepository<AclUser, String>, JpaSpecificationExecutor<AclUser> { }- AclUserRoleRepository.java
package com.sunxiaping.acl.repository; import com.sunxiaping.acl.domain.AclUserRole; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaSpecificationExecutor; import org.springframework.stereotype.Repository; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 16:20 */ @Repository public interface AclUserRoleRepository extends JpaRepository<AclUserRole, String>, JpaSpecificationExecutor<AclUserRole> { }- AclRoleRepository.java
package com.sunxiaping.acl.repository; import com.sunxiaping.acl.domain.AclRole; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaSpecificationExecutor; import org.springframework.stereotype.Repository; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 16:21 */ @Repository public interface AclRoleRepository extends JpaRepository<AclRole, String>, JpaSpecificationExecutor<AclRole> { }- AclRolePermissionRepository.java
package com.sunxiaping.acl.repository; import com.sunxiaping.acl.domain.AclRolePermission; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaSpecificationExecutor; import org.springframework.stereotype.Repository; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 16:21 */ @Repository public interface AclRolePermissionRepository extends JpaRepository<AclRolePermission, String>, JpaSpecificationExecutor<AclRolePermission> { }- AclPermissionRepository.java
package com.sunxiaping.acl.repository; import com.sunxiaping.acl.domain.AclPermission; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.JpaSpecificationExecutor; import org.springframework.stereotype.Repository; /** * @author 许大仙 * @version 1.0 * @since 2020-11-03 16:24 */ @Repository public interface AclPermissionRepository extends JpaRepository<AclPermission, String>, JpaSpecificationExecutor<AclPermission> { } -
业务层接口和实现类:
- AclUserService.java
package com.sunxiaping.acl.service; /** * @author 许大仙 * @version 1.0 * @since 2020-11-04 09:13 */ public interface AclUserService { }- AclUserServiceImpl.java
package com.sunxiaping.acl.service.impl; import com.sunxiaping.acl.service.AclUserService; import org.springframework.stereotype.Service; import javax.transaction.Transactional; /** * @author 许大仙 * @version 1.0 * @since 2020-11-04 09:26 */ @Service @Transactional public class AclUserServiceImpl implements AclUserService { }- AclRoleService.java
package com.sunxiaping.acl.service; import com.sunxiaping.acl.domain.AclRole; /** * @author 许大仙 * @version 1.0 * @since 2020-11-04 09:13 */ public interface AclRoleService { /** * 添加角色 * * @param aclRole */ void add(AclRole aclRole); }- AclRoleServiceImpl.java
package com.sunxiaping.acl.service.impl; import com.sunxiaping.acl.domain.AclRole; import com.sunxiaping.acl.repository.AclRoleRepository; import com.sunxiaping.acl.service.AclRoleService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import javax.transaction.Transactional; /** * @author 许大仙 * @version 1.0 * @since 2020-11-06 13:09 */ @Service @Transactional public class AclRoleServiceImpl implements AclRoleService { @Autowired private AclRoleRepository aclRoleRepository; @Override public void add(AclRole aclRole) { aclRoleRepository.save(aclRole); } }- UserDetailsServiceImpl.java
package com.sunxiaping.acl.service.impl; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.util.StrUtil; import com.google.common.collect.Lists; import com.sunxiaping.acl.domain.AclPermission; import com.sunxiaping.acl.domain.AclRolePermission; import com.sunxiaping.acl.domain.AclUser; import com.sunxiaping.acl.domain.AclUserRole; import com.sunxiaping.acl.repository.AclPermissionRepository; import com.sunxiaping.acl.repository.AclRolePermissionRepository; import com.sunxiaping.acl.repository.AclUserRepository; import com.sunxiaping.acl.repository.AclUserRoleRepository; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.domain.Example; import org.springframework.data.jpa.domain.Specification; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Component; import javax.persistence.criteria.CriteriaBuilder; import javax.persistence.criteria.Predicate; import javax.transaction.Transactional; import java.util.Collection; import java.util.List; import java.util.Optional; import java.util.stream.Collectors; /** * @author 许大仙 * @version 1.0 * @since 2020-11-04 09:27 */ @Component(value = "userDetailsService") @Transactional public class UserDetailsServiceImpl implements UserDetailsService { @Autowired private AclUserRepository aclUserRepository; @Autowired private AclUserRoleRepository aclUserRoleRepository; @Autowired private AclRolePermissionRepository aclRolePermissionRepository; @Autowired private AclPermissionRepository aclPermissionRepository; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { Optional.ofNullable(username).orElseThrow(() -> new RuntimeException("用户名不能为空")); AclUser aclUserExample = new AclUser(); aclUserExample.setBeenDeleted(0); aclUserExample.setUsername(username); Optional<AclUser> optional = aclUserRepository.findOne(Example.of(aclUserExample)); if (!optional.isPresent()) { throw new RuntimeException("用户在数据库中不存在"); } AclUser aclUser = optional.get(); Collection<? extends GrantedAuthority> authorities = Lists.newArrayList(); AclUserRole aclUserRoleExample = new AclUserRole(); aclUserRoleExample.setBeenDeleted(0); aclUserRoleExample.setUserId(aclUser.getId()); List<AclUserRole> aclUserRoleList = aclUserRoleRepository.findAll(Example.of(aclUserRoleExample)); if (CollUtil.isNotEmpty(aclUserRoleList)) { List<String> roleIdList = aclUserRoleList.stream().map(AclUserRole::getRoleId).collect(Collectors.toList()); List<AclRolePermission> aclRolePermissionList = aclRolePermissionRepository.findAll((Specification<AclRolePermission>) (root, criteriaQuery, criteriaBuilder) -> { List<Predicate> predicateList = Lists.newArrayList(); CriteriaBuilder.In<String> in = criteriaBuilder.in(root.get("roleId")); for (String id : roleIdList) { in.value(id); } predicateList.add(in); return criteriaQuery.where(predicateList.toArray(new Predicate[predicateList.size()])).getRestriction(); }); if (CollUtil.isNotEmpty(aclRolePermissionList)) { List<String> permissionIdList = aclRolePermissionList.stream().map(AclRolePermission::getPermissionId).collect(Collectors.toList()); List<AclPermission> aclPermissionList = aclPermissionRepository.findAll((Specification<AclPermission>) (root, criteriaQuery, criteriaBuilder) -> { List<Predicate> predicateList = Lists.newArrayList(); CriteriaBuilder.In<String> in = criteriaBuilder.in(root.get("id")); for (String id : permissionIdList) { in.value(id); } predicateList.add(in); return criteriaQuery.where(predicateList.toArray(new Predicate[predicateList.size()])).getRestriction(); }); authorities = AuthorityUtils.commaSeparatedStringToAuthorityList(aclPermissionList.stream().map(AclPermission::getPermissionValue).filter(StrUtil::isNotEmpty).collect(Collectors.joining(","))); } } UserDetails userDetails = new User(aclUser.getUsername(), aclUser.getPassword(), true, true, true, true, authorities); return userDetails; } } -
工具类:
- RsaUtils.java
package com.sunxiaping.acl.utils; import java.io.File; import java.io.IOException; import java.nio.file.Files; import java.nio.file.Paths; import java.security.*; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.util.Base64; /** * RSA算法 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 15:31 */ public class RsaUtils { private static final int DEFAULT_KEY_SIZE = 2048; private static final String SECRET = "Hello World"; private static String PRIVATE_KEY_FILE = new StringBuilder(System.getProperty("user.home")).append(File.separator).append("auth_key").append(File.separator).append("id_key_rsa").toString(); private static String PUBLIC_KEY_FILE = new StringBuilder(System.getProperty("user.home")).append(File.separator).append("auth_key").append(File.separator).append("id_key_rsa.pub").toString(); /** * 从文件中读取公钥 * * @param filename 公钥保存路径,相对于classpath * @return 公钥对象 * @throws Exception */ public static PublicKey getPublicKey(String filename) throws Exception { byte[] bytes = readFile(filename); return getPublicKey(bytes); } /** * 获取默认的公钥 * * @return * @throws Exception */ public static PublicKey getDefaultPublicKey() throws Exception { generateDefaultKey(); return getPublicKey(PUBLIC_KEY_FILE); } /** * 从文件中读取密钥 * * @param filename 私钥保存路径,相对于classpath * @return 私钥对象 * @throws Exception */ public static PrivateKey getPrivateKey(String filename) throws Exception { byte[] bytes = readFile(filename); return getPrivateKey(bytes); } /** * 获取默认生成的私钥 * * @return * @throws Exception */ public static PrivateKey getDefaultPrivateKey() throws Exception { generateDefaultKey(); return getPrivateKey(PRIVATE_KEY_FILE); } /** * 获取公钥 * * @param bytes 公钥的字节形式 * @return * @throws Exception */ private static PublicKey getPublicKey(byte[] bytes) throws Exception { bytes = Base64.getDecoder().decode(bytes); X509EncodedKeySpec spec = new X509EncodedKeySpec(bytes); KeyFactory factory = KeyFactory.getInstance("RSA"); return factory.generatePublic(spec); } /** * 获取密钥 * * @param bytes 私钥的字节形式 * @return * @throws Exception */ private static PrivateKey getPrivateKey(byte[] bytes) throws NoSuchAlgorithmException, InvalidKeySpecException { bytes = Base64.getDecoder().decode(bytes); PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(bytes); KeyFactory factory = KeyFactory.getInstance("RSA"); return factory.generatePrivate(spec); } /** * 根据密文,生存rsa公钥和私钥,并写入指定文件 * * @param publicKeyFilename 公钥文件路径 * @param privateKeyFilename 私钥文件路径 * @param secret 生成密钥的密文 */ private static void generateKey(String publicKeyFilename, String privateKeyFilename, String secret) throws Exception { KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); SecureRandom secureRandom = new SecureRandom(secret.getBytes()); keyPairGenerator.initialize(DEFAULT_KEY_SIZE, secureRandom); KeyPair keyPair = keyPairGenerator.genKeyPair(); // 获取公钥并写出 byte[] publicKeyBytes = keyPair.getPublic().getEncoded(); publicKeyBytes = Base64.getEncoder().encode(publicKeyBytes); writeFile(publicKeyFilename, publicKeyBytes); // 获取私钥并写出 byte[] privateKeyBytes = keyPair.getPrivate().getEncoded(); privateKeyBytes = Base64.getEncoder().encode(privateKeyBytes); writeFile(privateKeyFilename, privateKeyBytes); } /** * 生成默认的公钥和私钥文件 * * @throws Exception */ private static void generateDefaultKey() throws Exception { //如果不存在公钥和私钥,就生成对应的文件 if (!Files.exists(Paths.get(PUBLIC_KEY_FILE)) || !Files.exists(Paths.get(PRIVATE_KEY_FILE))) { if (!Files.exists(Paths.get(PUBLIC_KEY_FILE).getParent())) { Files.createDirectory(Paths.get(PUBLIC_KEY_FILE).getParent()); } if (!Files.exists(Paths.get(PRIVATE_KEY_FILE).getParent())) { Files.createDirectory(Paths.get(PRIVATE_KEY_FILE).getParent()); } Files.createFile(Paths.get(PUBLIC_KEY_FILE)); Files.createFile(Paths.get(PRIVATE_KEY_FILE)); } generateKey(PUBLIC_KEY_FILE, PRIVATE_KEY_FILE, RsaUtils.SECRET); } private static byte[] readFile(String fileName) throws IOException { return Files.readAllBytes(new File(fileName).toPath()); } private static void writeFile(String destPath, byte[] bytes) throws IOException { File dest = new File(destPath); if (!dest.getParentFile().exists()) { dest.getParentFile().mkdirs(); } if (!dest.exists()) { dest.createNewFile(); } Files.write(dest.toPath(), bytes); } }- Result.java
package com.sunxiaping.acl.utils; import lombok.AllArgsConstructor; import lombok.Getter; import lombok.Setter; import java.util.HashMap; import java.util.Map; /** * 封装统一返回结果 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 14:19 */ @Setter @Getter @AllArgsConstructor public class Result { private Boolean success; private Integer code; private String message; private Map<String, Object> data = new HashMap<String, Object>(); //把构造方法私有 private Result() { } //成功静态方法 public static Result ok() { Result r = new Result(); r.setSuccess(true); r.setCode(20000); r.setMessage("成功"); return r; } //失败静态方法 public static Result error() { Result r = new Result(); r.setSuccess(false); r.setCode(20001); r.setMessage("失败"); return r; } public Result success(Boolean success) { this.setSuccess(success); return this; } public Result message(String message) { this.setMessage(message); return this; } public Result code(Integer code) { this.setCode(code); return this; } public Result data(String key, Object value) { this.data.put(key, value); return this; } public Result data(Map<String, Object> map) { this.setData(map); return this; } }- ResponseUtil.java
package com.sunxiaping.acl.utils; import cn.hutool.http.HttpStatus; import com.fasterxml.jackson.databind.ObjectMapper; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * @author 许大仙 * @version 1.0 * @since 2020-10-30 14:24 */ public interface ResponseUtil { static void out(HttpServletResponse response, Result r) { ObjectMapper mapper = new ObjectMapper(); response.setStatus(HttpStatus.HTTP_OK); response.setContentType("application/json; charset=UTF-8"); try { mapper.writeValue(response.getWriter(), r); } catch (IOException e) { e.printStackTrace(); } } }- UnAccessDeniedHandler.java
package com.sunxiaping.acl.utils; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.web.access.AccessDeniedHandler; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * @author 许大仙 * @version 1.0 * @since 2020-11-02 02:07 */ public class UnAccessDeniedHandler implements AccessDeniedHandler { @Override public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException e) throws IOException, ServletException { ResponseUtil.out(response, Result.error()); } }- UnAuthenticationEntryPoint.java
package com.sunxiaping.acl.utils; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * 未认证端点 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 16:50 */ public class UnAuthenticationEntryPoint implements AuthenticationEntryPoint { @Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException e) throws IOException, ServletException { ResponseUtil.out(response, Result.error()); } }- JwtTokenManager.java
package com.sunxiaping.acl.utils; import io.jsonwebtoken.CompressionCodecs; import io.jsonwebtoken.Jwts; import io.jsonwebtoken.SignatureAlgorithm; import org.springframework.stereotype.Component; import java.sql.Date; import java.time.LocalDateTime; import java.time.ZoneId; /** * Jwt的token管理器,根据用户名生成token,从token中解析出用户名 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 15:31 */ @Component public class JwtTokenManager { private static final int EXPIRE = 7 * 24 * 60 * 60; /** * 生成Jwt token * * @param username * @return * @throws Exception */ public String createJwtToken(String username) throws Exception { return Jwts.builder() .setSubject(username) .setExpiration(Date.from(LocalDateTime.now().plusSeconds(EXPIRE).atZone(ZoneId.systemDefault()).toInstant())) .signWith(RsaUtils.getDefaultPrivateKey(), SignatureAlgorithm.RS256) .compressWith(CompressionCodecs.GZIP) .compact(); } /** * 从Jwt token中提取username * * @param token * @return */ public String parseJwtToken(String token) throws Exception { return Jwts.parserBuilder().setSigningKey(RsaUtils.getDefaultPublicKey()).build().parseClaimsJws(token).getBody().getSubject(); } }- JwtTokenLogoutHandler.java
package com.sunxiaping.acl.utils; import cn.hutool.core.util.StrUtil; import lombok.AllArgsConstructor; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.logout.LogoutHandler; /** * 退出的处理器 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 15:27 */ @AllArgsConstructor public class JwtTokenLogoutHandler implements LogoutHandler { private JwtTokenManager jwtTokenManager; private RedisTemplate redisTemplate; @Override public void logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, Authentication authentication) { //从请求头Header中获取JwtToken String jwtToken = request.getHeader("Authorization"); //解析JwtToken,查询Redis,如果存在对应的值,则删除 if (StrUtil.isNotEmpty(jwtToken)) { try { String username = jwtTokenManager.parseJwtToken(jwtToken); if (redisTemplate.hasKey(username)) { redisTemplate.delete(username); } ResponseUtil.out(response, Result.ok()); } catch (Exception e) { throw new RuntimeException(e); } } } } -
Jwt相关的过滤器
- JwtTokenFilter.java
package com.sunxiaping.acl.filter; import com.fasterxml.jackson.databind.ObjectMapper; import com.sunxiaping.acl.domain.AclUser; import com.sunxiaping.acl.utils.JwtTokenManager; import com.sunxiaping.acl.utils.ResponseUtil; import com.sunxiaping.acl.utils.Result; import lombok.AllArgsConstructor; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Collection; import java.util.List; import java.util.stream.Collectors; /** * 生成JwtToken的过滤器 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 16:55 */ @AllArgsConstructor public class JwtTokenFilter extends UsernamePasswordAuthenticationFilter { private JwtTokenManager jwtTokenManager; private RedisTemplate redisTemplate; private AuthenticationManager authenticationManager; /** * 试图认证的方法 * * @param request * @param response * @return * @throws AuthenticationException */ @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { try { AclUser user = new ObjectMapper().readValue(request.getInputStream(), AclUser.class); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword()); return authenticationManager.authenticate(authRequest); } catch (IOException e) { e.printStackTrace(); throw new RuntimeException(e.getMessage()); } } /** * 认证成功之后,生成token * * @param request * @param response * @param chain * @param authResult * @throws IOException * @throws ServletException */ @Override protected void successfulAuthentication(HttpServletRequest request, HttpServletResponse response, FilterChain chain, Authentication authResult) throws IOException, ServletException { try { //认证成功后,得到认证成功之后的用户信息,UserDetails的实现类 User user = (User) authResult.getPrincipal(); //根据用户名生成token信息 String username = user.getUsername(); String jwtToken = jwtTokenManager.createJwtToken(username); //将用户名和权限列表放入到Redis中 Collection<GrantedAuthority> authorities = user.getAuthorities(); List<String> permissionValueList = authorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()); redisTemplate.opsForValue().set(username, permissionValueList); //将token返回 ResponseUtil.out(response, Result.ok().data("token", jwtToken)); } catch (Exception e) { ResponseUtil.out(response, Result.error()); } } /** * 认证失败 * * @param request * @param response * @param failed * @throws IOException * @throws ServletException */ @Override protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException { ResponseUtil.out(response, Result.error()); } }- JwtVerifyFilter.java
package com.sunxiaping.acl.filter; import cn.hutool.core.collection.CollUtil; import cn.hutool.core.util.StrUtil; import com.google.common.collect.Lists; import com.sunxiaping.acl.utils.JwtTokenManager; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; import javax.servlet.FilterChain; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.List; import java.util.stream.Collectors; /** * 验证JwtToken的过滤器 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 16:56 */ public class JwtVerifyFilter extends BasicAuthenticationFilter { private JwtTokenManager jwtTokenManager; private RedisTemplate redisTemplate; public JwtVerifyFilter(AuthenticationManager authenticationManager, JwtTokenManager jwtTokenManager, RedisTemplate redisTemplate) { super(authenticationManager); this.redisTemplate = redisTemplate; this.jwtTokenManager = jwtTokenManager; } @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { //获取当前认证成功的用户的权限信息 UsernamePasswordAuthenticationToken authRequest = getAuthentication(request); //如果有权限信息,放到权限的上下文中 if (null != authRequest) { SecurityContextHolder.getContext().setAuthentication(authRequest); } chain.doFilter(request, response); } private UsernamePasswordAuthenticationToken getAuthentication(HttpServletRequest request) { //从Header头中获取token String jwtToken = request.getHeader("Authorization"); if (StrUtil.isNotEmpty(jwtToken)) { try { String username = jwtTokenManager.parseJwtToken(jwtToken); //从Redis中获取权限信息 List<String> permissionValueList = (List<String>) redisTemplate.opsForValue().get(username); List<GrantedAuthority> authorities = Lists.newArrayList(); if (CollUtil.isNotEmpty(permissionValueList)) { String authorityString = permissionValueList.stream().collect(Collectors.joining(",")); authorities = AuthorityUtils.commaSeparatedStringToAuthorityList(authorityString); } return new UsernamePasswordAuthenticationToken(username, jwtToken, authorities); } catch (Exception e) { throw new RuntimeException(e.getMessage()); } } return null; } } -
配置类:
- RedisConfig.java
package com.sunxiaping.acl.config; import com.fasterxml.jackson.annotation.JsonAutoDetect; import com.fasterxml.jackson.annotation.PropertyAccessor; import com.fasterxml.jackson.databind.ObjectMapper; import org.springframework.cache.annotation.EnableCaching; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.redis.cache.RedisCacheConfiguration; import org.springframework.data.redis.cache.RedisCacheManager; import org.springframework.data.redis.connection.RedisConnectionFactory; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer; import org.springframework.data.redis.serializer.RedisSerializationContext; import org.springframework.data.redis.serializer.RedisSerializer; import org.springframework.data.redis.serializer.StringRedisSerializer; import java.time.Duration; /** * Redis的配置类 * * @author 许大仙 * @version 1.0 * @since 2020-10-30 14:33 */ @EnableCaching @Configuration public class RedisConfig { @Bean public RedisTemplate redisTemplate(RedisConnectionFactory redisConnectionFactory) { RedisTemplate<Object, Object> redisTemplate = new RedisTemplate<>(); redisTemplate.setConnectionFactory(redisConnectionFactory); redisTemplate.setDefaultSerializer(new Jackson2JsonRedisSerializer<>(Object.class)); //开启事务 redisTemplate.setEnableTransactionSupport(true); return redisTemplate; } /** * 自定义Redis缓存管理器 * * @param factory * @return */ @Bean public RedisCacheManager redisCacheManager(RedisConnectionFactory factory) { RedisSerializer<String> redisSerializer = new StringRedisSerializer(); Jackson2JsonRedisSerializer jackson2JsonRedisSerializer = new Jackson2JsonRedisSerializer<>(Object.class); //解决查询缓存转换异常的问题 ObjectMapper om = new ObjectMapper(); om.setVisibility(PropertyAccessor.ALL, JsonAutoDetect.Visibility.ANY); om.enableDefaultTyping(ObjectMapper.DefaultTyping.NON_FINAL); jackson2JsonRedisSerializer.setObjectMapper(om); // 配置序列化(解决乱码的问题) RedisCacheConfiguration config = RedisCacheConfiguration.defaultCacheConfig() .entryTtl(Duration.ZERO) .serializeKeysWith(RedisSerializationContext.SerializationPair.fromSerializer(redisSerializer)) .serializeValuesWith(RedisSerializationContext.SerializationPair.fromSerializer(jackson2JsonRedisSerializer)) .disableCachingNullValues(); RedisCacheManager cacheManager = RedisCacheManager.builder(factory) .cacheDefaults(config) .build(); return cacheManager; } }- SpringSecurityConfig.java
package com.sunxiaping.acl.config; import com.sunxiaping.acl.filter.JwtTokenFilter; import com.sunxiaping.acl.filter.JwtVerifyFilter; import com.sunxiaping.acl.utils.JwtTokenLogoutHandler; import com.sunxiaping.acl.utils.JwtTokenManager; import com.sunxiaping.acl.utils.UnAccessDeniedHandler; import com.sunxiaping.acl.utils.UnAuthenticationEntryPoint; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; /** * @author 许大仙 * @version 1.0 * @since 2020-10-30 15:35 */ @Configuration @EnableWebSecurity @EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true) public class SpringSecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private JwtTokenManager jwtTokenManager; @Autowired private RedisTemplate redisTemplate; @Autowired @Qualifier(value = "userDetailsService") private UserDetailsService userDetailsService; @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); } /** * 配置那些请求不拦截 * * @param web * @throws Exception */ @Override public void configure(WebSecurity web) throws Exception { web.ignoring().antMatchers( "/favicon.ico", "*/v2/api-docs", "*/v3/api-docs", "*/webjars/**", "/*/api-docs", "/swagger**/**", "/doc.html", "/v3/**"); } @Override protected void configure(HttpSecurity http) throws Exception { http.cors().and().csrf().disable() .authorizeRequests() .antMatchers("/login").permitAll() .anyRequest() .authenticated() .and() .logout().logoutUrl("/logout").addLogoutHandler(new JwtTokenLogoutHandler(jwtTokenManager, redisTemplate)).permitAll() .and() .addFilter(new JwtTokenFilter(jwtTokenManager, redisTemplate, authenticationManager())) .addFilter(new JwtVerifyFilter(authenticationManager(), jwtTokenManager, redisTemplate)) //设置Session策略 .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) .and().exceptionHandling() //认证错误 .authenticationEntryPoint(new UnAuthenticationEntryPoint()) //无权访问 .accessDeniedHandler(new UnAccessDeniedHandler()); } }