q792602257/DataMate
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(auth): 完善API网关JWT认证和权限控制功能

Browse Source 
- 实现网关侧JWT工具类和权限规则匹配器
- 集成JWT认证流程,支持Bearer Token验证
- 添加基于路径和HTTP方法的权限控制机制
- 配置白名单路由规则,优化认证性能
- 更新前端受保护路由组件,实现权限验证
- 添加403禁止访问页面和权限检查逻辑
- 重构登录页面,集成实际认证API调用
- 实现用户信息获取和权限加载功能
- 优化全局异常处理器中的认证错误状态码
- 集成FastJSON2和JJWT依赖库支持
This commit is contained in:
Jerry Yan
2026-02-06 13:11:08 +08:00
parent 719f54bf2e
commit 056cee11cc
33 changed files with 1462 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
backend/shared/domain-common/src/main/resources/mappers/AuthMapper.xml Normal file
View File

@@ -0,0 +1,120 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.datamate.common.auth.infrastructure.persistence.mapper.AuthMapper">
<select id="findUserByUsername" resultType="com.datamate.common.auth.domain.model.AuthUserAccount">
SELECT id,
username,
email,
password_hash AS passwordHash,
full_name AS fullName,
avatar_url AS avatarUrl,
organization,
enabled,
last_login_at AS lastLoginAt
FROM users
WHERE username = #{username}
LIMIT 1
</select>
<select id="findUserById" resultType="com.datamate.common.auth.domain.model.AuthUserAccount">
SELECT id,
username,
email,
password_hash AS passwordHash,
full_name AS fullName,
avatar_url AS avatarUrl,
organization,
enabled,
last_login_at AS lastLoginAt
FROM users
WHERE id = #{userId}
LIMIT 1
</select>
<update id="updateLastLoginAt">
UPDATE users
SET last_login_at = NOW()
WHERE id = #{userId}
</update>
<select id="findRolesByUserId" resultType="com.datamate.common.auth.domain.model.AuthRoleInfo">
SELECT r.id,
r.role_code AS roleCode,
r.role_name AS roleName,
r.description,
r.enabled
FROM t_auth_roles r
INNER JOIN t_auth_user_roles ur ON ur.role_id = r.id
WHERE ur.user_id = #{userId}
ORDER BY r.role_code
</select>
<select id="findPermissionCodesByUserId" resultType="string">
SELECT DISTINCT p.permission_code
FROM t_auth_permissions p
INNER JOIN t_auth_role_permissions rp ON rp.permission_id = p.id
INNER JOIN t_auth_user_roles ur ON ur.role_id = rp.role_id
WHERE ur.user_id = #{userId}
AND p.enabled = 1
ORDER BY p.permission_code
</select>
<select id="listUsers" resultType="com.datamate.common.auth.domain.model.AuthUserSummary">
SELECT id,
username,
email,
full_name AS fullName,
enabled
FROM users
ORDER BY id ASC
</select>
<select id="listRoles" resultType="com.datamate.common.auth.domain.model.AuthRoleInfo">
SELECT id,
role_code AS roleCode,
role_name AS roleName,
description,
enabled
FROM t_auth_roles
ORDER BY role_code ASC
</select>
<select id="listPermissions" resultType="com.datamate.common.auth.domain.model.AuthPermissionInfo">
SELECT id,
permission_code AS permissionCode,
permission_name AS permissionName,
module,
action,
path_pattern AS pathPattern,
method,
enabled
FROM t_auth_permissions
ORDER BY module ASC, action ASC
</select>
<select id="countRolesByIds" resultType="int">
SELECT COUNT(1)
FROM t_auth_roles
WHERE id IN
<foreach collection="roleIds" item="roleId" open="(" separator="," close=")">
#{roleId}
</foreach>
</select>
<delete id="deleteUserRoles">
DELETE
FROM t_auth_user_roles
WHERE user_id = #{userId}
</delete>
<insert id="insertUserRoles">
INSERT INTO t_auth_user_roles (user_id, role_id)
VALUES
<foreach collection="roleIds" item="roleId" separator=",">
(#{userId}, #{roleId})
</foreach>
</insert>
</mapper>