新增:忽略记录请求日志url配置
This commit is contained in:
ruying408
@@ -1,5 +1,6 @@
|
|||||||
package com.cool;
|
package com.cool;
|
||||||
|
|
||||||
|
import com.cool.core.annotation.TokenIgnore;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import org.springframework.stereotype.Controller;
|
import org.springframework.stereotype.Controller;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
@@ -9,6 +10,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
|||||||
public class Welcome {
|
public class Welcome {
|
||||||
|
|
||||||
@RequestMapping("/")
|
@RequestMapping("/")
|
||||||
|
@TokenIgnore
|
||||||
public String welcome() {
|
public String welcome() {
|
||||||
return "welcome";
|
return "welcome";
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,19 +1,22 @@
|
|||||||
package com.cool.core.security;
|
package com.cool.core.security;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
import lombok.Data;
|
import lombok.Data;
|
||||||
import org.springframework.boot.context.properties.ConfigurationProperties;
|
import org.springframework.boot.context.properties.ConfigurationProperties;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 忽略token地址配置
|
* 忽略地址配置
|
||||||
*/
|
*/
|
||||||
@Data
|
@Data
|
||||||
@Configuration
|
@Configuration
|
||||||
@ConfigurationProperties(prefix = "ignored")
|
@ConfigurationProperties(prefix = "ignored")
|
||||||
public class IgnoredUrlsProperties {
|
public class IgnoredUrlsProperties {
|
||||||
// 忽略权限列表
|
|
||||||
private List<String> urls = new ArrayList<>();
|
// 忽略后台校验权限列表
|
||||||
|
private List<String> adminAuthUrls = new ArrayList<>();
|
||||||
|
|
||||||
|
// 忽略记录请求日志列表
|
||||||
|
private List<String> logUrls = new ArrayList<>();
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,10 +2,16 @@ package com.cool.core.security;
|
|||||||
|
|
||||||
import com.cool.core.annotation.TokenIgnore;
|
import com.cool.core.annotation.TokenIgnore;
|
||||||
import com.cool.modules.base.security.JwtAuthenticationTokenFilter;
|
import com.cool.modules.base.security.JwtAuthenticationTokenFilter;
|
||||||
|
import java.lang.reflect.Method;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
import java.util.Map;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
|
import org.springframework.context.ApplicationContext;
|
||||||
import org.springframework.context.annotation.Bean;
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.Configuration;
|
import org.springframework.context.annotation.Configuration;
|
||||||
|
import org.springframework.core.annotation.AnnotatedElementUtils;
|
||||||
import org.springframework.security.authentication.AuthenticationManager;
|
import org.springframework.security.authentication.AuthenticationManager;
|
||||||
import org.springframework.security.authentication.AuthenticationProvider;
|
import org.springframework.security.authentication.AuthenticationProvider;
|
||||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||||
@@ -13,7 +19,7 @@ import org.springframework.security.config.annotation.authentication.configurati
|
|||||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||||
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
|
||||||
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer;
|
import org.springframework.security.config.annotation.web.configurers.HeadersConfigurer.FrameOptionsConfig;
|
||||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
@@ -21,18 +27,11 @@ import org.springframework.security.web.SecurityFilterChain;
|
|||||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||||
import org.springframework.util.DigestUtils;
|
import org.springframework.util.DigestUtils;
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.core.annotation.AnnotatedElementUtils;
|
|
||||||
import org.springframework.context.ApplicationContext;
|
|
||||||
import org.springframework.web.method.HandlerMethod;
|
import org.springframework.web.method.HandlerMethod;
|
||||||
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
import org.springframework.web.servlet.mvc.method.RequestMappingInfo;
|
||||||
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
|
import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping;
|
||||||
import org.springframework.web.util.pattern.PathPattern;
|
import org.springframework.web.util.pattern.PathPattern;
|
||||||
|
|
||||||
import java.lang.reflect.Method;
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.List;
|
|
||||||
import java.util.Map;
|
|
||||||
|
|
||||||
@EnableWebSecurity
|
@EnableWebSecurity
|
||||||
@Configuration
|
@Configuration
|
||||||
@Slf4j
|
@Slf4j
|
||||||
@@ -60,11 +59,11 @@ public class JwtSecurityConfig {
|
|||||||
.authorizeHttpRequests(
|
.authorizeHttpRequests(
|
||||||
conf -> {
|
conf -> {
|
||||||
conf.requestMatchers(
|
conf.requestMatchers(
|
||||||
ignoredUrlsProperties.getUrls().toArray(String[]::new))
|
ignoredUrlsProperties.getAdminAuthUrls().toArray(String[]::new))
|
||||||
.permitAll();
|
.permitAll();
|
||||||
conf.requestMatchers("/admin/**").authenticated();
|
conf.requestMatchers("/admin/**").authenticated();
|
||||||
})
|
})
|
||||||
.headers(config -> config.frameOptions(HeadersConfigurer.FrameOptionsConfig::disable))
|
.headers(config -> config.frameOptions(FrameOptionsConfig::disable))
|
||||||
// 允许网页iframe
|
// 允许网页iframe
|
||||||
.csrf(AbstractHttpConfigurer::disable)
|
.csrf(AbstractHttpConfigurer::disable)
|
||||||
.sessionManagement(conf -> conf.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
.sessionManagement(conf -> conf.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
|
||||||
@@ -93,7 +92,7 @@ public class JwtSecurityConfig {
|
|||||||
}
|
}
|
||||||
// 遍历 tokenIgnoreCtr.value()
|
// 遍历 tokenIgnoreCtr.value()
|
||||||
for (String path : tokenIgnoreCtr.value()) {
|
for (String path : tokenIgnoreCtr.value()) {
|
||||||
ignoredUrlsProperties.getUrls().add(String.join("/", urls) + "/" + path);
|
ignoredUrlsProperties.getAdminAuthUrls().add(String.join("/", urls) + "/" + path);
|
||||||
}
|
}
|
||||||
handlerCtr.add(handlerMethod.getBeanType().getName());
|
handlerCtr.add(handlerMethod.getBeanType().getName());
|
||||||
});
|
});
|
||||||
@@ -112,7 +111,7 @@ public class JwtSecurityConfig {
|
|||||||
for (PathPattern path : requestMappingInfo.getPathPatternsCondition().getPatterns()) {
|
for (PathPattern path : requestMappingInfo.getPathPatternsCondition().getPatterns()) {
|
||||||
url.append(path);
|
url.append(path);
|
||||||
}
|
}
|
||||||
ignoredUrlsProperties.getUrls().add(url.toString());
|
ignoredUrlsProperties.getAdminAuthUrls().add(url.toString());
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,5 +1,8 @@
|
|||||||
package com.cool.core.security;
|
package com.cool.core.security;
|
||||||
|
|
||||||
|
import java.util.Collection;
|
||||||
|
import java.util.Iterator;
|
||||||
|
import java.util.List;
|
||||||
import lombok.RequiredArgsConstructor;
|
import lombok.RequiredArgsConstructor;
|
||||||
import lombok.extern.slf4j.Slf4j;
|
import lombok.extern.slf4j.Slf4j;
|
||||||
import org.springframework.security.access.AccessDecisionManager;
|
import org.springframework.security.access.AccessDecisionManager;
|
||||||
@@ -11,10 +14,6 @@ import org.springframework.security.core.GrantedAuthority;
|
|||||||
import org.springframework.security.web.FilterInvocation;
|
import org.springframework.security.web.FilterInvocation;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
|
||||||
import java.util.Collection;
|
|
||||||
import java.util.Iterator;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 权限管理决断器 判断用户拥有的权限或角色是否有资源访问权限
|
* 权限管理决断器 判断用户拥有的权限或角色是否有资源访问权限
|
||||||
*/
|
*/
|
||||||
@@ -31,7 +30,7 @@ public class MyAccessDecisionManager implements AccessDecisionManager {
|
|||||||
if (configAttributes == null) {
|
if (configAttributes == null) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
List<String> urls = ignoredUrlsProperties.getUrls();
|
List<String> urls = ignoredUrlsProperties.getAdminAuthUrls();
|
||||||
String url = ((FilterInvocation) o).getRequestUrl().split("[?]")[0];
|
String url = ((FilterInvocation) o).getRequestUrl().split("[?]")[0];
|
||||||
if (urls.contains(url)) {
|
if (urls.contains(url)) {
|
||||||
return;
|
return;
|
||||||
|
|||||||
@@ -2,15 +2,13 @@ package com.cool.modules.base.entity.sys;
|
|||||||
|
|
||||||
import com.cool.core.base.BaseEntity;
|
import com.cool.core.base.BaseEntity;
|
||||||
import com.mybatisflex.annotation.Column;
|
import com.mybatisflex.annotation.Column;
|
||||||
import com.tangzc.autotable.annotation.Index;
|
|
||||||
|
|
||||||
import com.tangzc.mybatisflex.autotable.annotation.ColumnDefine;
|
|
||||||
import com.mybatisflex.annotation.Table;
|
import com.mybatisflex.annotation.Table;
|
||||||
|
import com.tangzc.autotable.annotation.Index;
|
||||||
|
import com.tangzc.mybatisflex.autotable.annotation.ColumnDefine;
|
||||||
|
import java.util.List;
|
||||||
import lombok.Getter;
|
import lombok.Getter;
|
||||||
import lombok.Setter;
|
import lombok.Setter;
|
||||||
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
@Getter
|
@Getter
|
||||||
@Setter
|
@Setter
|
||||||
@Table(value = "base_sys_menu", comment = "系统菜单表")
|
@Table(value = "base_sys_menu", comment = "系统菜单表")
|
||||||
@@ -22,7 +20,7 @@ public class BaseSysMenuEntity extends BaseEntity<BaseSysMenuEntity> {
|
|||||||
@ColumnDefine(comment = "菜单名称")
|
@ColumnDefine(comment = "菜单名称")
|
||||||
private String name;
|
private String name;
|
||||||
|
|
||||||
@ColumnDefine(comment = "权限")
|
@ColumnDefine(comment = "权限", type = "text")
|
||||||
private String perms;
|
private String perms;
|
||||||
|
|
||||||
@ColumnDefine(comment = "类型 0:目录 1:菜单 2:按钮", type = "tinyint", defaultValue = "0")
|
@ColumnDefine(comment = "类型 0:目录 1:菜单 2:按钮", type = "tinyint", defaultValue = "0")
|
||||||
|
|||||||
@@ -1,10 +1,12 @@
|
|||||||
package com.cool.modules.base.service.sys.impl;
|
package com.cool.modules.base.service.sys.impl;
|
||||||
|
|
||||||
import cn.hutool.core.date.DateUtil;
|
import cn.hutool.core.date.DateUtil;
|
||||||
|
import cn.hutool.core.text.AntPathMatcher;
|
||||||
import cn.hutool.core.util.StrUtil;
|
import cn.hutool.core.util.StrUtil;
|
||||||
import cn.hutool.json.JSONObject;
|
import cn.hutool.json.JSONObject;
|
||||||
import cn.hutool.json.JSONUtil;
|
import cn.hutool.json.JSONUtil;
|
||||||
import com.cool.core.base.BaseServiceImpl;
|
import com.cool.core.base.BaseServiceImpl;
|
||||||
|
import com.cool.core.security.IgnoredUrlsProperties;
|
||||||
import com.cool.core.util.IPUtils;
|
import com.cool.core.util.IPUtils;
|
||||||
import com.cool.modules.base.entity.sys.BaseSysLogEntity;
|
import com.cool.modules.base.entity.sys.BaseSysLogEntity;
|
||||||
import com.cool.modules.base.entity.sys.BaseSysUserEntity;
|
import com.cool.modules.base.entity.sys.BaseSysUserEntity;
|
||||||
@@ -35,10 +37,13 @@ public class BaseSysLogServiceImpl extends BaseServiceImpl<BaseSysLogMapper, Bas
|
|||||||
|
|
||||||
private final CoolSecurityUtil coolSecurityUtil;
|
private final CoolSecurityUtil coolSecurityUtil;
|
||||||
|
|
||||||
|
private final IgnoredUrlsProperties ignoredUrlsProperties;
|
||||||
|
|
||||||
private final IPUtils ipUtils;
|
private final IPUtils ipUtils;
|
||||||
|
|
||||||
@Value("${cool.log.maxJsonLength:1024}")
|
@Value("${cool.log.maxJsonLength:1024}")
|
||||||
private int maxJsonLength;
|
private int maxJsonLength;
|
||||||
|
private static final AntPathMatcher antPathMatcher = new AntPathMatcher();
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Object page(
|
public Object page(
|
||||||
@@ -68,6 +73,10 @@ public class BaseSysLogServiceImpl extends BaseServiceImpl<BaseSysLogMapper, Bas
|
|||||||
@Override
|
@Override
|
||||||
public void record(HttpServletRequest request, JSONObject requestParams) {
|
public void record(HttpServletRequest request, JSONObject requestParams) {
|
||||||
String requestURI = request.getRequestURI();
|
String requestURI = request.getRequestURI();
|
||||||
|
if (isIgnoreUrl(requestURI)) {
|
||||||
|
// 配置了忽略记录请求日志
|
||||||
|
return;
|
||||||
|
}
|
||||||
String ipAddr = ipUtils.getIpAddr(request);
|
String ipAddr = ipUtils.getIpAddr(request);
|
||||||
JSONObject userInfo = coolSecurityUtil.userInfo(requestParams);
|
JSONObject userInfo = coolSecurityUtil.userInfo(requestParams);
|
||||||
|
|
||||||
@@ -87,6 +96,11 @@ public class BaseSysLogServiceImpl extends BaseServiceImpl<BaseSysLogMapper, Bas
|
|||||||
recordAsync(requestURI, ipAddr, userId, newJSONObject);
|
recordAsync(requestURI, ipAddr, userId, newJSONObject);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private boolean isIgnoreUrl(String requestURI) {
|
||||||
|
return ignoredUrlsProperties.getLogUrls().stream()
|
||||||
|
.anyMatch(url -> antPathMatcher.match(url, requestURI));
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
@Async
|
@Async
|
||||||
public void recordAsync(String requestURI, String ip, Long userId, JSONObject params) {
|
public void recordAsync(String requestURI, String ip, Long userId, JSONObject params) {
|
||||||
|
|||||||
@@ -68,9 +68,10 @@ spring:
|
|||||||
threadPriority: 9
|
threadPriority: 9
|
||||||
threadsInheritContextClassLoaderOfInitializingThread: true
|
threadsInheritContextClassLoaderOfInitializingThread: true
|
||||||
|
|
||||||
# 忽略鉴权url
|
# 忽略url
|
||||||
ignored:
|
ignored:
|
||||||
urls:
|
# 忽略后台鉴权url
|
||||||
|
adminAuthUrls:
|
||||||
- /
|
- /
|
||||||
- /upload/**
|
- /upload/**
|
||||||
- /actuator/**
|
- /actuator/**
|
||||||
@@ -85,7 +86,11 @@ ignored:
|
|||||||
- /js/*
|
- /js/*
|
||||||
- /druid/**
|
- /druid/**
|
||||||
- /admin/base/open/**
|
- /admin/base/open/**
|
||||||
|
# 忽略记录请求日志url
|
||||||
|
logUrls:
|
||||||
|
- /*
|
||||||
|
- /css/*
|
||||||
|
- /js/*
|
||||||
# 文档
|
# 文档
|
||||||
springdoc:
|
springdoc:
|
||||||
api-docs:
|
api-docs:
|
||||||
|
|||||||
Reference in New Issue
Block a user