feat(auth): 实现认证功能与Token管理

- 新增AuthController处理登录、登出及Token刷新接口 - 添加CustomDaoAuthenticationProvider支持用户名密码认证 - 引入RefreshTokenAuthenticationToken和RefreshTokenAuthProvider实现刷新令牌认证 - 扩展TokenRedisStorage支持分离存储Access Token与Refresh Token - 更新SecurityProps配置支持独立设置Access与Refresh Token过期时间 - 集成SpringDoc自定义登录/登出API文档 - 添加LoginResponse、TokenRefreshRequest及TokenRefreshResponse DTO类 - 调整WebSecurityConfig以适配新的认证流程与过滤器链配置
2025-11-22 12:05:27 +08:00
parent 5029ae6664
commit c2f2d0518b
15 changed files with 535 additions and 57 deletions
--- a/zkh-common/pom.xml
+++ b/zkh-common/pom.xml
@ -30,6 +30,10 @@
            <groupId>org.springframework.data</groupId>
            <artifactId>spring-data-jpa</artifactId>
        </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-common</artifactId>
+        </dependency>
    </dependencies>

    <build>
--- a/zkh-common/src/main/java/vip/jcfd/common/dto/LoginResponse.java
+++ b/zkh-common/src/main/java/vip/jcfd/common/dto/LoginResponse.java
@ -0,0 +1,25 @@
+package vip.jcfd.common.dto;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+
+/**
+ * 登录响应DTO
+ */
+@Schema(description = "登录响应")
+public record LoginResponse(
+
+    @Schema(description = "访问令牌", example = "550e8400-e29b-41d4-a716-446655440000")
+    String accessToken,
+
+    @Schema(description = "刷新令牌", example = "550e8400-e29b-41d4-a716-446655440001")
+    String refreshToken,
+
+    @Schema(description = "令牌类型", example = "Bearer")
+    String tokenType,
+
+    @Schema(description = "访问令牌过期时间（秒）", example = "1800")
+    long expiresIn,
+
+    @Schema(description = "用户名", example = "admin")
+    String username
+) {}
--- a/zkh-common/src/main/java/vip/jcfd/common/dto/TokenRefreshRequest.java
+++ b/zkh-common/src/main/java/vip/jcfd/common/dto/TokenRefreshRequest.java
@ -0,0 +1,21 @@
+package vip.jcfd.common.dto;
+
+import io.swagger.v3.oas.annotations.Parameter;
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.NotBlank;
+
+/**
+ * Token刷新请求DTO
+ */
+@Schema(description = "Token刷新请求")
+public record TokenRefreshRequest(
+
+    @Parameter(description = "刷新令牌")
+    @NotBlank(message = "刷新令牌不能为空")
+    @Schema(description = "刷新令牌", example = "550e8400-e29b-41d4-a716-446655440000")
+    String refreshToken,
+
+    @Parameter(description = "设备标识")
+    @Schema(description = "设备标识", example = "web-desktop", required = false)
+    String deviceId
+) {}
--- a/zkh-common/src/main/java/vip/jcfd/common/dto/TokenRefreshResponse.java
+++ b/zkh-common/src/main/java/vip/jcfd/common/dto/TokenRefreshResponse.java
@ -0,0 +1,19 @@
+package vip.jcfd.common.dto;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+
+/**
+ * Token刷新响应DTO
+ */
+@Schema(description = "Token刷新响应")
+public record TokenRefreshResponse(
+
+    @Schema(description = "新的访问令牌", example = "550e8400-e29b-41d4-a716-446655440000")
+    String accessToken,
+
+    @Schema(description = "新的刷新令牌", example = "550e8400-e29b-41d4-a716-446655440001")
+    String refreshToken,
+
+    @Schema(description = "令牌类型", example = "Bearer")
+    String tokenType
+) {}