gateway

2025-12-11 18:30:35 +08:00
parent 99937e9feb
commit 8b211fbad6
35 changed files with 527 additions and 302 deletions
--- a/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/AuthApp.java
+++ b/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/AuthApp.java
@@ -5,10 +5,12 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.cloud.client.discovery.EnableDiscoveryClient;
 import org.springframework.context.annotation.ComponentScan;

@SpringBootApplication
@EnableDubbo  // 启用 Dubbo 服务
+@EnableDiscoveryClient  // 启用 Nacos 服务注册与发现（用于 Gateway 路由）
@ComponentScan(basePackages = {
    "org.xyzh.auth",         // 当前auth模块
    "org.xyzh.common"          // 公共模块
--- a/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/service/impl/AuthServiceImpl.java
+++ b/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/service/impl/AuthServiceImpl.java
@@ -24,6 +24,7 @@ import org.xyzh.common.dto.sys.TbSysPermissionDTO;
 import org.xyzh.common.dto.sys.TbSysViewDTO;
 import org.xyzh.common.redis.service.RedisService;
 import org.xyzh.common.utils.IDUtils;
+import org.xyzh.common.utils.crypto.AesEncryptUtil;
 import org.apache.dubbo.config.annotation.DubboReference;
 import org.apache.dubbo.config.annotation.DubboService;
 import org.slf4j.Logger;
@@ -67,6 +68,9 @@ public class AuthServiceImpl implements AuthService{
    @Autowired
    private LoginStrategyFactory loginStrategyFactory;

+    @Autowired
+    private AesEncryptUtil aesEncryptUtil;
+
    @Override
    public ResultDomain<LoginDomain> getCaptcha(LoginParam loginParam) {
        try {
@@ -236,7 +240,8 @@ public class AuthServiceImpl implements AuthService{
            
            // 5. 验证凭据
            if ("password".equals(loginType)) {
-                if (!strategy.verifyCredential(loginParam.getPassword(), user.getPassword())) {
+                String pwd = aesEncryptUtil.decrypt(loginParam.getPassword());
+                if (!strategy.verifyCredential(pwd, user.getPassword())) {
                    logLoginAttempt(loginParam, user, false, loginAttempt, "密码错误");
                    return ResultDomain.failure("密码错误");
                }
--- a/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/strategy/impl/PasswordLoginStrategy.java
+++ b/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/strategy/impl/PasswordLoginStrategy.java
@@ -7,6 +7,7 @@ import org.xyzh.auth.strategy.LoginStrategy;
 import org.xyzh.common.core.domain.LoginParam;
 import org.xyzh.common.dto.sys.TbSysUserDTO;
 import org.xyzh.common.utils.NonUtils;
+import org.xyzh.common.utils.crypto.AesEncryptUtil;
 import org.xyzh.common.utils.validation.method.EmailValidateMethod;
 import org.xyzh.common.utils.validation.method.PhoneValidateMethod;
 import org.xyzh.api.system.service.SysUserService;
@@ -77,6 +78,7 @@ public class PasswordLoginStrategy implements LoginStrategy {
    @Override
    public boolean verifyCredential(String inputCredential, String storedCredential) {
        // 使用BCrypt的matches方法验证密码（内部会自动处理salt）
+        logger.info(passwordEncoder.encode(inputCredential));
        return passwordEncoder.matches(inputCredential, storedCredential);
    }
 }
--- a/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/strategy/impl/PhoneLoginStrategy.java
+++ b/urbanLifelineServ/auth/src/main/java/org/xyzh/auth/strategy/impl/PhoneLoginStrategy.java
@@ -5,10 +5,11 @@ import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.xyzh.auth.strategy.LoginStrategy;
 import org.xyzh.common.core.domain.LoginParam;
-import org.xyzh.common.dto.sys.TbSysUserDTO;
 import org.xyzh.api.system.service.SysUserService;
 import org.xyzh.api.system.vo.SysUserVO;
 import org.xyzh.common.redis.service.RedisService;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;

 /**
 * @description    PhoneLoginStrategy.java文件描述 手机号登录策略
@@ -19,6 +20,7 @@ import org.xyzh.common.redis.service.RedisService;
 */
@Component
 public class PhoneLoginStrategy implements LoginStrategy {
+    private static final Logger logger = LoggerFactory.getLogger(PhoneLoginStrategy.class);

    @Autowired
    private SysUserService userService;
@@ -57,7 +59,6 @@ public class PhoneLoginStrategy implements LoginStrategy {

    @Override
    public boolean verifyCredential(String inputCredential, String storedCredential) {
-        // 密码验证
        return passwordEncoder.matches(inputCredential, storedCredential);
    }

--- a/urbanLifelineServ/auth/src/main/resources/application.yml
+++ b/urbanLifelineServ/auth/src/main/resources/application.yml
@@ -1,18 +1,20 @@
 # ================== Server ==================
 server:
  port: 8181
-  servlet:
-    context-path: /urban-lifeline/auth
+  # servlet:
+  #   context-path: /urban-lifeline/auth  # 微服务架构下，context-path由Gateway管理，服务本身不需要设置

 # ================== Auth ====================
-urban-lifeline:
-  auth:
-    enabled: false  # 认证服务自己不需要认证
-    whitelist:
-      - /**  # 认证服务的所有接口都放行
+auth:
+  enabled: false  # 认证服务自己不需要认证
+  gateway-mode: false  # 不使用gateway模式（auth服务作为独立服务）
+  whitelist:
+    - /**  # 认证服务的所有接口都放行
 security:
  aes:
-    secret-key: MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=  # Base64 编码，32字节（256位）
+    # AES-256 密钥（Base64编码，必须与所有服务保持一致）
+    # 警告：这是开发环境密钥，生产环境请使用密钥管理系统
+    secret-key: MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=
 # ================== Spring ==================
 spring:
  application: