feat(sse): sse验证登录

src/main/java/com/dragon/tj/portal/auth/config/WebSecurityConfig.java

@@ -45,8 +45,20 @@ public class WebSecurityConfig {
     @Autowired
     private MySimpleUrlAuthenticationSuccessHandler mySimpleUrlAuthenticationSuccessHandler;
 
+    private static StringBuilder whiteList = new StringBuilder();
+    private static String whiteListSplit = ",";
+
+    /**
+    *
+    *白名单
+    */
+    static {
+        whiteList.append("/test/login" + whiteListSplit);
+        whiteList.append("/subscribe/*" + whiteListSplit);
+    }
     @Bean
     public WebSecurityCustomizer webSecurityCustomizer() {
+
         return (web) -> web.ignoring()
                 // 认证成功后才会忽略
                 .antMatchers("/resources/**");
@@ -60,7 +72,7 @@ public class WebSecurityConfig {
                 .csrf().disable().cors()
                 .and()
                 .authorizeRequests()
-                .antMatchers("/test/login").permitAll()
+                .antMatchers(whiteList.toString().split(whiteListSplit)).permitAll()
                 .anyRequest().authenticated()
                 // .and()
                 // .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)

src/main/java/com/dragon/tj/portal/component/message/SseController.java

@@ -1,6 +1,8 @@
 package com.dragon.tj.portal.component.message;
 
 import com.alibaba.fastjson.JSON;
+import com.dragon.tj.portal.auth.model.LoginUser;
+import com.dragon.tj.portal.auth.service.TokenService;
 import com.dragon.tj.portal.common.base.R;
 import com.dragon.tj.portal.common.dto.message.MessageInfoReq;
 import com.dragon.tj.portal.service.MessageInfoService;
@@ -11,6 +13,7 @@ import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.mvc.method.annotation.SseEmitter;
 
 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.util.Map;
 
@@ -29,6 +32,9 @@ public class SseController {
     @Autowired
     private MessageInfoService messageInfoService;
 
+    @Autowired
+    private TokenService tokenService;
+
     @GetMapping("/subscribe/{clientId}")
     public SseEmitter subscribe(@PathVariable String clientId, HttpServletResponse response) {
 
@@ -46,8 +52,10 @@ public class SseController {
     }
 
     @PostMapping("/publish")
-    public R publish(@Validated @RequestBody MessageInfoReq messageInfoReq) {
+    public R publish(@Validated @RequestBody MessageInfoReq messageInfoReq, HttpServletRequest request) {
         log.info("sseController req param is {}", JSON.toJSONString(messageInfoReq));
+        LoginUser loginUser = tokenService.getLoginUser(request);
+        log.info("sseController current people is {}", JSON.toJSONString(loginUser));
         return messageInfoService.push(messageInfoReq);
     }
 

src/main/resources/application-local.properties

@@ -21,5 +21,15 @@ spring.redis.port=6379
 #redis配置的密码
 #spring.redis.password=123456
 
+##########cas################
+cas.base.url=http://localhost:8080/cas
+cas.login.url=${cas.base.url}/login
+cas.logout.url=${cas.base.url}/logout
+cas.service.url=http://localhost:8081/api/sso/login
 
+logging.level.org.springframework.security=trace
+logging.level.org.jasig.cas=trace
+logging.level.org.apache.kafka=warn
+
+server.port=8080