工业级后台API v2
blame | history | raw
fengxiang
2018-02-01 cd16757f2cd963749850d6f8897381a8b7a849ef 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74

package com.moral.security.auth.login;


 


import com.moral.entity.Account;


import com.moral.security.model.UserContext;


import com.moral.service.AccountService;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.security.authentication.AuthenticationProvider;


import org.springframework.security.authentication.BadCredentialsException;


import org.springframework.security.authentication.InsufficientAuthenticationException;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.core.GrantedAuthority;


import org.springframework.security.core.authority.SimpleGrantedAuthority;


import org.springframework.security.core.userdetails.UsernameNotFoundException;


import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


import org.springframework.stereotype.Component;


import org.springframework.util.Assert;


 


import java.util.List;


import java.util.stream.Collectors;


 


/**


 * @author vladimir.stankovic


 * <p>


 * Aug 3, 2016


 */


@Component


public class LoginAuthenticationProvider implements AuthenticationProvider {


    private final BCryptPasswordEncoder encoder;


    private final AccountService accountService;


 


    @Autowired


    public LoginAuthenticationProvider(final AccountService accountService, final BCryptPasswordEncoder encoder) {


        this.accountService = accountService;


        this.encoder = encoder;


    }


 


    /**


     * 用户名和密码认证


     *


     * @param authentication


     * @return


     * @throws AuthenticationException


     */


    @Override


    public Authentication authenticate(Authentication authentication) throws AuthenticationException {


        Assert.notNull(authentication, "No authentication data provided");


 


        String accountName = (String) authentication.getPrincipal();


        String password = (String) authentication.getCredentials();


        LoginMode mode = (LoginMode) authentication.getDetails();


        Account account = accountService.queryAccountByName(accountName).orElseThrow(() -> new UsernameNotFoundException("User not found: " + accountName));


        if (!encoder.matches(password, account.getPassword())) {


            throw new BadCredentialsException("Authentication Failed. Username or Password not valid.");


        }


 


        if (account.getRoles() == null) {


            throw new InsufficientAuthenticationException("User has no roles assigned");


        }


        List<GrantedAuthority> authorities = account.getRoles().stream()


                .map(authority -> new SimpleGrantedAuthority(authority.getName()))


                .collect(Collectors.toList());


 


        UserContext userContext = UserContext.create(account.getAccountName(),mode,account.getOrganizationId(),authorities);


 


        return new UsernamePasswordAuthenticationToken(userContext, null, userContext.getAuthorities());


    }


 


    @Override


    public boolean supports(Class<?> authentication) {


        return (UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication));


    }


}