选煤厂安全管理平台后台代码
查看 | 历史 | 提交 | 提交对比
houzhongjian
2024-11-22 c18e5a14aa49877a49a07ffd8f3b3917d5aca55a
提交 | 用户 | 时间
c18e5a 1 package com.iailab.module.sms.util;
H 2
3 import com.iailab.framework.security.core.LoginUser;
4 import org.springframework.lang.Nullable;
5 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
6 import org.springframework.security.core.Authentication;
7 import org.springframework.security.core.context.SecurityContext;
8 import org.springframework.security.core.context.SecurityContextHolder;
9 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
10 import org.springframework.util.StringUtils;
11
12 import javax.servlet.http.HttpServletRequest;
13 import java.util.Collections;
14
15 /**
16  * 安全服务工具类
17  *
18  * @author 芋道源码
19  */
20 public class SecurityUtils {
21
22     public static final String AUTHORIZATION_BEARER = "Bearer";
23
24     private SecurityUtils() {}
25
26     /**
27      * 从请求中,获得认证 Token
28      *
29      * @param request 请求
30      * @param header 认证 Token 对应的 Header 名字
31      * @return 认证 Token
32      */
33     public static String obtainAuthorization(HttpServletRequest request, String header) {
34         String authorization = request.getHeader(header);
35         if (!StringUtils.hasText(authorization)) {
36             return null;
37         }
38         int index = authorization.indexOf(AUTHORIZATION_BEARER + " ");
39         if (index == -1) { // 未找到
40             return null;
41         }
42         return authorization.substring(index + 7).trim();
43     }
44
45     /**
46      * 获得当前认证信息
47      *
48      * @return 认证信息
49      */
50     public static Authentication getAuthentication() {
51         SecurityContext context = SecurityContextHolder.getContext();
52         if (context == null) {
53             return null;
54         }
55         return context.getAuthentication();
56     }
57
58     /**
59      * 获取当前用户
60      *
61      * @return 当前用户
62      */
63     @Nullable
64     public static LoginUser getLoginUser() {
65         Authentication authentication = getAuthentication();
66         if (authentication == null) {
67             return null;
68         }
69         return authentication.getPrincipal() instanceof LoginUser ? (LoginUser) authentication.getPrincipal() : null;
70     }
71
72     /**
73      * 获得当前用户的编号,从上下文中
74      *
75      * @return 用户编号
76      */
77     @Nullable
78     public static Long getLoginUserId() {
79         LoginUser loginUser = getLoginUser();
80         return loginUser != null ? loginUser.getId() : null;
81     }
82
83     /**
84      * 设置当前用户
85      *
86      * @param loginUser 登录用户
87      * @param request 请求
88      */
89     public static void setLoginUser(LoginUser loginUser, HttpServletRequest request) {
90         // 创建 Authentication,并设置到上下文
91         Authentication authentication = buildAuthentication(loginUser, request);
92         SecurityContextHolder.getContext().setAuthentication(authentication);
93     }
94
95     private static Authentication buildAuthentication(LoginUser loginUser, HttpServletRequest request) {
96         // 创建 UsernamePasswordAuthenticationToken 对象
97         UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
98                 loginUser, null, Collections.emptyList());
99         authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
100         return authenticationToken;
101     }
102
103 }