diff --git a/tashow-module/tashow-module-user/tashow-module-user-biz/src/main/java/com/tashow/cloud/tashowmoduleuserbiz/framework/core/RedisCaptchaServiceImpl.java b/tashow-module/tashow-module-user/tashow-module-user-biz/src/main/java/com/tashow/cloud/tashowmoduleuserbiz/framework/core/RedisCaptchaServiceImpl.java new file mode 100644 index 0000000..426ed0f --- /dev/null +++ b/tashow-module/tashow-module-user/tashow-module-user-biz/src/main/java/com/tashow/cloud/tashowmoduleuserbiz/framework/core/RedisCaptchaServiceImpl.java @@ -0,0 +1,49 @@ +package com.tashow.cloud.tashowmoduleuserbiz.framework.core; + +import com.xingyuv.captcha.service.CaptchaCacheService; +import lombok.Setter; +import org.springframework.data.redis.core.StringRedisTemplate; + +import java.util.concurrent.TimeUnit; + +/** + * 基于 Redis 实现验证码的存储 + * + * @author 星语 + */ +@Setter +public class RedisCaptchaServiceImpl implements CaptchaCacheService { + + private StringRedisTemplate stringRedisTemplate; + + @Override + public String type() { + return "redis"; + } + + @Override + public void set(String key, String value, long expiresInSeconds) { + stringRedisTemplate.opsForValue().set(key, value, expiresInSeconds, TimeUnit.SECONDS); + } + + @Override + public boolean exists(String key) { + return Boolean.TRUE.equals(stringRedisTemplate.hasKey(key)); + } + + @Override + public void delete(String key) { + stringRedisTemplate.delete(key); + } + + @Override + public String get(String key) { + return stringRedisTemplate.opsForValue().get(key); + } + + @Override + public Long increment(String key, long val) { + return stringRedisTemplate.opsForValue().increment(key,val); + } + +} diff --git a/tashow-module/tashow-module-user/tashow-module-user-biz/src/main/java/com/tashow/cloud/tashowmoduleuserbiz/security/config/SecurityConfiguration.java b/tashow-module/tashow-module-user/tashow-module-user-biz/src/main/java/com/tashow/cloud/tashowmoduleuserbiz/security/config/SecurityConfiguration.java new file mode 100644 index 0000000..d23c094 --- /dev/null +++ b/tashow-module/tashow-module-user/tashow-module-user-biz/src/main/java/com/tashow/cloud/tashowmoduleuserbiz/security/config/SecurityConfiguration.java @@ -0,0 +1,40 @@ +package com.tashow.cloud.tashowmoduleuserbiz.security.config; + +import com.tashow.cloud.security.security.config.AuthorizeRequestsCustomizer; +import com.tashow.cloud.systemapi.enums.ApiConstants; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configurers.AuthorizeHttpRequestsConfigurer; + +/** + * System 模块的 Security 配置 + */ +@Configuration(proxyBeanMethods = false, value = "systemSecurityConfiguration") +public class SecurityConfiguration { + + @Bean("systemAuthorizeRequestsCustomizer") + public AuthorizeRequestsCustomizer authorizeRequestsCustomizer() { + return new AuthorizeRequestsCustomizer() { + + @Override + public void customize(AuthorizeHttpRequestsConfigurer.AuthorizationManagerRequestMatcherRegistry registry) { + // TODO 芋艿:这个每个项目都需要重复配置,得捉摸有没通用的方案 + // Swagger 接口文档 + registry.requestMatchers("/v3/api-docs/**").permitAll() + .requestMatchers("/webjars/**").permitAll() + .requestMatchers("/swagger-ui").permitAll() + .requestMatchers("/swagger-ui/**").permitAll(); + // Druid 监控 + registry.requestMatchers("/druid/**").permitAll(); + // Spring Boot Actuator 的安全配置 + registry.requestMatchers("/actuator").permitAll() + .requestMatchers("/actuator/**").permitAll(); + // RPC 服务的安全配置 + registry.requestMatchers(ApiConstants.PREFIX + "/**").permitAll(); + } + + }; + } + +}