feat: sa-token-quick-login 插件支持 Http Basic 方式通过认证

2025-10-26 10:39:02 +08:00 · 2025-04-02 02:54:50 +08:00
parent 18ab60d4d2
commit a7f178da53
8 changed files with 223 additions and 28 deletions
--- a/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/SaQuickRegister.java
+++ b/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/SaQuickRegister.java
@@ -17,10 +17,13 @@ package cn.dev33.satoken.quick;

 import cn.dev33.satoken.context.SaHolder;
 import cn.dev33.satoken.filter.SaServletFilter;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicAccount;
+import cn.dev33.satoken.httpauth.basic.SaHttpBasicUtil;
 import cn.dev33.satoken.quick.config.SaQuickConfig;
 import cn.dev33.satoken.router.SaRouter;
 import cn.dev33.satoken.stp.StpUtil;
 import cn.dev33.satoken.util.SaFoxUtil;
+import cn.dev33.satoken.util.SaResult;
 import cn.dev33.satoken.util.SaTokenConsts;
 import org.springframework.boot.context.properties.ConfigurationProperties;
 import org.springframework.context.annotation.Bean;
@@ -75,11 +78,27 @@ public class SaQuickRegister {
 							.match(SaFoxUtil.convertStringToList(SaQuickManager.getConfig().getInclude()))
 							.notMatch(SaFoxUtil.convertStringToList(SaQuickManager.getConfig().getExclude()))
 							.check(r -> {
-								// 未登录时直接转发到login.html页面
-								if (SaQuickManager.getConfig().getAuth() && ! StpUtil.isLogin()) {
-									SaHolder.getRequest().forward("/saLogin");
-									SaRouter.back();
+
+								// 如果已关闭认证要求，则直接通过
+								if (!SaQuickManager.getConfig().getAuth()) {
+									return;
 								}
+
+								// 如果请求端提供了 Http Basic 认证信息，那么直接使用此认证信息进行登录判断
+								SaHttpBasicAccount hba = SaHttpBasicUtil.getHttpBasicAccount();
+								if(hba != null) {
+									SaResult res = SaQuickManager.getConfig().doLoginHandle.apply(hba.getUsername(), hba.getPassword());
+									if(res.getCode() != SaResult.CODE_SUCCESS) {
+										SaRouter.back(res);
+									}
+								} else {
+									// 未登录时直接转发到 login.html 页面
+									if (! StpUtil.isLogin()) {
+										SaHolder.getRequest().forward("/saLogin");
+										SaRouter.back();
+									}
+								}
+
 							});
 				}).

--- a/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/config/SaQuickConfig.java
+++ b/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/config/SaQuickConfig.java
@@ -15,6 +15,11 @@
 */
 package cn.dev33.satoken.quick.config;

+import cn.dev33.satoken.quick.function.DoLoginHandleFunction;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.dev33.satoken.util.SaFoxUtil;
+import cn.dev33.satoken.util.SaResult;
+
 /**
 * sa-quick 配置类 Model
 * 
@@ -110,8 +115,27 @@ public class SaQuickConfig {
 	public void setExclude(String exclude) {
 		this.exclude = exclude;
 	}
-	
-	
+
+	/**
+	 * 登录处理函数
+	 */
+	public DoLoginHandleFunction doLoginHandle = (name, pwd) -> {
+
+		// 参数完整性校验
+		if(SaFoxUtil.isEmpty(name) || SaFoxUtil.isEmpty(pwd)) {
+			return SaResult.get(500, "请输入账号和密码", null);
+		}
+
+		// 密码校验：将前端提交的 name、pwd 与配置文件中的配置项进行比对
+		if(name.equals(this.getName()) && pwd.equals(this.getPwd())) {
+			StpUtil.login(this.getName());
+			return SaResult.data(StpUtil.getTokenInfo());
+		} else {
+			return SaResult.error("账号或密码输入错误");
+		}
+	};
+
+
 	@Override
 	public String toString() {
 		return "SaQuickConfig{" +
--- a/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/function/DoLoginHandleFunction.java
+++ b/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/function/DoLoginHandleFunction.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2020-2099 sa-token.cc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package cn.dev33.satoken.quick.function;
+
+import cn.dev33.satoken.util.SaResult;
+
+import java.util.function.BiFunction;
+
+/**
+ * 函数式接口：登录处理函数
+ *
+ * <p>  参数：账号、密码  </p>
+ * <p>  返回：登录结果  </p>
+ *
+ * @author click33
+ * @since 1.41.0
+ */
+@FunctionalInterface
+public interface DoLoginHandleFunction extends BiFunction<String, String, SaResult> {
+
+}
--- a/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/web/SaQuickController.java
+++ b/sa-token-plugin/sa-token-quick-login/src/main/java/cn/dev33/satoken/quick/web/SaQuickController.java
@@ -16,9 +16,6 @@
 package cn.dev33.satoken.quick.web;

 import cn.dev33.satoken.quick.SaQuickManager;
-import cn.dev33.satoken.quick.config.SaQuickConfig;
-import cn.dev33.satoken.stp.StpUtil;
-import cn.dev33.satoken.util.SaFoxUtil;
 import cn.dev33.satoken.util.SaResult;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
@@ -56,21 +53,7 @@ public class SaQuickController {
 	@PostMapping("/doLogin")
 	@ResponseBody
 	public SaResult doLogin(@RequestParam("name") String name, @RequestParam("pwd") String pwd) {
-		
-		// 参数完整性校验
-		if(SaFoxUtil.isEmpty(name) || SaFoxUtil.isEmpty(pwd)) {
-			return SaResult.get(500, "请输入账号和密码", null);
-		}
-		
-		// 密码校验：将前端提交的 name、pwd 与配置文件中的配置项进行比对
-		SaQuickConfig config = SaQuickManager.getConfig();
-		if(name.equals(config.getName()) && pwd.equals(config.getPwd())) {
-			StpUtil.login(config.getName());
-			return SaResult.get(200, "ok", StpUtil.getTokenInfo());
-		} else {
-			// 校验失败 
-			return SaResult.get(500, "账号或密码输入错误", null);
-		}
+		return SaQuickManager.getConfig().doLoginHandle.apply(name, pwd);
 	}
 	
 }