Security Plugin
对应模块:
io.gitee.lcgyl:lcgyl-security-plugin
安全框架核心,提供认证、授权、会话管理等基础能力,并内置 Spring Boot 自动配置。
✨ 特性
- ✅ 混合模式 - 同时提供 Security Core API 和 Spring Boot AutoConfiguration
- ✅ 认证架构 - 支持多 Realm 认证
- ✅ 授权架构 - RBAC/ABAC 权限模型
- ✅ 会话管理 - 分布式 Session 支持
- ✅ 上下文管理 - SecurityContext 线程安全传递
🚀 快速开始
依赖引入
gradle
implementation 'io.gitee.lcgyl:lcgyl-security-plugin:2.2.0'配置示例
yaml
lcgyl:
security:
enabled: true
authentication:
token-header: Authorization
token-prefix: "Bearer "
session:
timeout: 30m获取当前用户
java
@Service
public class UserService {
@Inject
private SecurityContext securityContext;
public User getCurrentUser() {
Authentication auth = securityContext.getAuthentication();
if (auth != null && auth.isAuthenticated()) {
return (User) auth.getPrincipal();
}
return null;
}
public boolean hasRole(String role) {
return securityContext.hasRole(role);
}
}自定义认证 Realm
java
@Component
public class DatabaseRealm implements AuthenticationRealm {
@Inject
private UserRepository userRepo;
@Override
public Authentication authenticate(AuthenticationToken token) {
UsernamePasswordToken upToken = (UsernamePasswordToken) token;
User user = userRepo.findByUsername(upToken.getUsername());
if (user != null && passwordEncoder.matches(upToken.getPassword(), user.getPassword())) {
return new SimpleAuthentication(user, user.getRoles());
}
throw new AuthenticationException("用户名或密码错误");
}
@Override
public boolean supports(Class<?> tokenClass) {
return UsernamePasswordToken.class.isAssignableFrom(tokenClass);
}
}权限校验
java
@RestController
@RequestMapping("/api/admin")
public class AdminController {
@RequiresRoles("ADMIN")
@GetMapping("/users")
public List<User> listUsers() {
return userService.findAll();
}
@RequiresPermissions("user:delete")
@DeleteMapping("/users/{id}")
public void deleteUser(@PathVariable Long id) {
userService.delete(id);
}
}