second commit by ailanyin

ailanyin-security/pom.xml

@@ -37,5 +37,10 @@
             <groupId>io.jsonwebtoken</groupId>
             <artifactId>jjwt-jackson</artifactId>
         </dependency>
+        <!-- websocket-->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-websocket</artifactId>
+        </dependency>
     </dependencies>
 </project>

ailanyin-security/src/main/java/com/ailanyin/security/config/BaseSecurityConfig.java

@@ -5,6 +5,7 @@ import com.ailanyin.security.filter.XssFilter;
 import com.ailanyin.security.handle.NoPermissionResult;
 import com.ailanyin.security.handle.NoTokenResult;
 import com.ailanyin.security.service.SecurityUserService;
+import com.ailanyin.security.service.WebSocketService;
 import com.ailanyin.security.utils.JwtTokenUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
@@ -12,11 +13,13 @@ import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.web.socket.server.standard.ServerEndpointExporter;
 
 /**
  * @author ailanyin
@@ -47,7 +50,7 @@ public class BaseSecurityConfig extends WebSecurityConfigurerAdapter {
                 .and()
                 .authorizeRequests()
                 // 允许对于网站静态资源的无授权访问
-                .antMatchers(HttpMethod.GET,
+                .antMatchers(
                         "/",
                         "/*.*",
                         "/favicon.ico",
@@ -56,14 +59,12 @@ public class BaseSecurityConfig extends WebSecurityConfigurerAdapter {
                         "/**/*.js",
                         "/swagger-resources/**",
                         "/v2/api-docs/**",
-                        "/druid/**"
-                )
-                .permitAll()
-                // 对以下允许匿名访问(不带token)
-                .antMatchers("/login",
+                        "/druid/**",
+                        "/login",
                         "/register",
                         "/captchaImage",
-                        "/getRouters")
+                        "/getRouters"
+                )
                 .permitAll()
                 //跨域请求会先进行一次options请求
                 .antMatchers(HttpMethod.OPTIONS)
@@ -78,6 +79,15 @@ public class BaseSecurityConfig extends WebSecurityConfigurerAdapter {
 
     }
 
+    //忽略websocket拦截
+    @Override
+    public void configure(WebSecurity webSecurity){
+        webSecurity.ignoring().antMatchers(
+                "/ws/asset"
+        );
+    }
+
+
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.userDetailsService(userDetailsService())
@@ -125,4 +135,14 @@ public class BaseSecurityConfig extends WebSecurityConfigurerAdapter {
     public XssFilter xssFilter() {
         return new XssFilter();
     }
+
+    @Bean
+    public WebSocketService webSocketService() {
+        return new WebSocketService();
+    }
+
+    @Bean
+    public ServerEndpointExporter serverEndpointExporter(){
+        return  new ServerEndpointExporter();
+    }
 }

ailanyin-security/src/main/java/com/ailanyin/security/filter/JwtAuthenticationTokenFilter.java

@@ -1,5 +1,6 @@
 package com.ailanyin.security.filter;
 
+import com.ailanyin.security.service.WebSocketService;
 import com.ailanyin.security.utils.JwtTokenUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
@@ -36,6 +37,18 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request,
                                     HttpServletResponse response,
                                     FilterChain chain) throws ServletException, IOException {
+
+        if (request.getRequestURI().endsWith("/importData")) {
+            try {
+                WebSocketService.BroadCastInfo("{\n" +
+                        "  \"isRefresh\":true\n" +
+                        "}");
+            } catch (IOException e) {
+                WebSocketService.BroadCastInfo("{\n" +
+                        "  \"isRefresh\":true\n" +
+                        "}");
+            }
+        }
         // The part after "Bearer "
         String authHeader = request.getHeader(this.tokenHeader);
         if (authHeader != null && authHeader.startsWith(this.tokenHead)) {

ailanyin-security/src/main/java/com/ailanyin/security/service/WebSocketService.java

@@ -0,0 +1,112 @@
+package com.ailanyin.security.service;
+
+import org.springframework.stereotype.Component;
+
+import javax.websocket.*;
+import javax.websocket.server.ServerEndpoint;
+import java.io.IOException;
+import java.util.concurrent.CopyOnWriteArraySet;
+import java.util.concurrent.atomic.AtomicInteger;
+
+/**
+ * @author ailanyin
+ * @version 1.0
+ * @since 2021/12/24 0024 上午 11:47
+ */
+@ServerEndpoint(value = "/ws/asset")
+@Component
+public class WebSocketService {
+
+    private static final AtomicInteger OnlineCount = new AtomicInteger(0);
+    private static CopyOnWriteArraySet<Session> SessionSet = new CopyOnWriteArraySet<Session>();
+
+
+    /**
+     * 连接建立成功调用的方法
+     */
+    @OnOpen
+    public void onOpen(Session session) {
+        SessionSet.add(session);
+        int cnt = OnlineCount.incrementAndGet();
+        SendMessage(session, "{\n" +
+                "  \"isConnect\":true\n" +
+                "}");
+    }
+
+    /**
+     * 连接关闭调用的方法
+     */
+    @OnClose
+    public void onClose(Session session) {
+        SessionSet.remove(session);
+        int cnt = OnlineCount.decrementAndGet();
+    }
+
+    /**
+     * 收到客户端消息后调用的方法
+     *
+     * @param message
+     *            客户端发送过来的消息
+     */
+    @OnMessage
+    public void onMessage(String message, Session session) {
+        SendMessage(session, "收到消息，消息内容："+message);
+
+    }
+
+    /**
+     * 出现错误
+     * @param session
+     * @param error
+     */
+    @OnError
+    public void onError(Session session, Throwable error) {
+        error.printStackTrace();
+    }
+
+    /**
+     * 发送消息，实践表明，每次浏览器刷新，session会发生变化。
+     * @param session
+     * @param message
+     */
+    public static void SendMessage(Session session, String message) {
+        try {
+            session.getBasicRemote().sendText(message);
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
+
+    /**
+     * 群发消息
+     * @param message
+     * @throws IOException
+     */
+    public static void BroadCastInfo(String message) throws IOException {
+        for (Session session : SessionSet) {
+            if(session.isOpen()){
+                SendMessage(session, message);
+            }
+        }
+    }
+
+    /**
+     * 指定Session发送消息
+     * @param sessionId
+     * @param message
+     * @throws IOException
+     */
+    public static void SendMessage(String message,String sessionId) throws IOException {
+        Session session = null;
+        for (Session s : SessionSet) {
+            if(s.getId().equals(sessionId)){
+                session = s;
+                break;
+            }
+        }
+        if(session!=null){
+            SendMessage(session, message);
+        }
+    }
+
+}