## 目錄 [SpringSecurity許可權管理系統實戰—一、專案簡介和開發環境準備](https://www.cnblogs.com/codermy/p/13516372.html) [SpringSecurity許可權管理系統實戰—二、日誌、介面文件等實現](https://www.cnblogs.com/codermy/p/13516369.html) [SpringSecurity許可權管理系統實戰—三、主要頁面及介面實現](https://www.cnblogs.com/codermy/p/13516379.html) [SpringSecurity許可權管理系統實戰—四、整合SpringSecurity（上)](https://www.cnblogs.com/codermy/p/13516385.html) [SpringSecurity許可權管理系統實戰—五、整合SpringSecurity（下)](https://www.cnblogs.com/codermy/p/13516388.html) [SpringSecurity許可權管理系統實戰—六、SpringSecurity整合jwt](https://www.cnblogs.com/codermy/p/13516394.html) [SpringSecurity許可權管理系統實戰—七、處理一些問題](https://www.cnblogs.com/codermy/p/13516397.html) [SpringSecurity許可權管理系統實戰—八、AOP 記錄使用者日誌、異常日誌](https://www.cnblogs.com/codermy/p/13533051.html) ## 前言 日誌功能在二的時候其實簡單實現了一下，但是有時我們需要對一些重要功能操作記錄日誌，或是在操作時發生異常，需要記錄異常日誌。但是之前每次發生異常要定位原因我們都要到伺服器去查詢日誌才能找到，或許是搭建一個日誌收集系統（但是本專案中暫不考慮）。那麼我們可以專門做個功能來記錄使用者操作日誌和異常日誌，在把日誌存入資料庫，方便查詢。 ## 一、最終效果    ## 二、新建my_log表  相應欄位都有註釋，很好理解，使用者日誌、異常日誌都存放在這一張表中，通過type來區分，當然也可以拆分成兩張表。 ## 三、新增依賴 ```xml org.springframework.boot spring-boot-starter-aop eu.bitwalker UserAgentUtils 1.21 com.github.pagehelper

pagehelper-spring-boot-starter 1.2.13 cn.hutool hutool-all 5.1.4 ``` ## 四、需要用到的工具類 SecurityUtils ```java /** * @author codermy * @createTime 2020/8/4 */ public class SecurityUtils { /** * 獲取系統使用者名稱稱 * * @return 系統使用者名稱稱 */ public static String getCurrentUsername() { final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { throw new MyException(ResultCode.UNAUTHORIZED, "當前登入狀態過期"); } UserDetails userDetails = (UserDetails) authentication.getPrincipal(); return userDetails.getUsername(); } /** * 取得當前使用者登入IP, 如果當前使用者未登入則返回空字串. * 此方法無用 */ public static String getCurrentUserIp() { final Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); if (authentication == null) { throw new MyException(ResultCode.UNAUTHORIZED, "當前登入狀態過期"); } Object details = authentication.getDetails(); if (!(details instanceof WebAuthenticationDetails)) { return ""; } WebAuthenticationDetails webDetails = (WebAuthenticationDetails) details; return webDetails.getRemoteAddress(); } } ``` LogUtils ```java /** * @author codermy * @createTime 2020/8/7 */ public class LogUtils { private static final char SEPARATOR = '_'; private static final String UNKNOWN = "unknown"; /** * 獲取ip地址 */ public static String getIp(HttpServletRequest request) { String ip = request.getHeader("x-forwarded-for"); if (ip == null || ip.length() == 0 || UNKNOWN.equalsIgnoreCase(ip)) { ip = request.getHeader("Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || UNKNOWN.equalsIgnoreCase(ip)) { ip = request.getHeader("WL-Proxy-Client-IP"); } if (ip == null || ip.length() == 0 || UNKNOWN.equalsIgnoreCase(ip)) { ip = request.getRemoteAddr(); } String comma = ","; String localhost = "127.0.0.1"; if (ip.contains(comma)) { ip = ip.split(",")[0]; } if (localhost.equals(ip)) { // 獲取本機真正的ip地址 try { ip = InetAddress.getLocalHost().getHostAddress(); } catch (UnknownHostException e) { e.printStackTrace(); } } return ip; } /** * 獲取瀏覽器資訊 * @param request * @return */ public static String getBrowser(HttpServletRequest request){ UserAgent userAgent = UserAgent.parseUserAgentString(request.getHeader("User-Agent")); Browser browser = userAgent.getBrowser(); return browser.getName(); } /** * 獲取堆疊資訊 */ public static String getStackTrace(Throwable throwable){ StringWriter sw = new StringWriter(); try (PrintWriter pw = new PrintWriter(sw)) { throwable.printStackTrace(pw); return sw.toString(); } } } ``` RequestHolder ```java /** * @author codermy * @createTime 2020/8/4 */ public class RequestHolder { /** * 獲取HttpServletRequest物件 * @return */ public static HttpServletRequest getHttpServletRequest() { return ((ServletRequestAttributes) Objects.requireNonNull(RequestContextHolder.getRequestAttributes())).getRequest(); } } ``` ## 五、相應實體類 這個部分省略，沒有什麼技術含量，根據資料庫來就行 ## 六、自定義操作日誌的註解類 ```java /** * @author codermy * @createTime 2020/8/4 */ @Target(ElementType.METHOD)//註解放置的目標位置,METHOD是可註解在方法級別上 @Retention(RetentionPolicy.RUNTIME)//註解在哪個階段執行 public @interface MyLog { String value() default ""; } ``` 關於java自定義註解可以看看[這篇文章](https://blog.csdn.net/Andyzhu_2005/article/details/81355399?utm_medium=distribute.pc_relevant.none-task-blog-BlogCommendFromMachineLearnPai2-3.edu_weight&depth_1-utm_source=distribute.pc_relevant.none-task-blog-BlogCommendFromMachineLearnPai2-3.edu_weight) ## 七、新建切面類 這其實很好理解，就是我們學習spring時,aop的幾種通知。 ```java /** * @author codermy * @createTime 2020/8/4 */ @Component @Aspect @Slf4j public class LogAspect { //注入logService用於將日誌存入資料庫 @Autowired private MyLogService logService; ThreadLocal currentTime = new ThreadLocal<>(); /** * 設定操作日誌切入點 記錄操作日誌 在註解的位置切入程式碼 */ @Pointcut("@annotation(com.codermy.myspringsecurityplus.log.aop.MyLog)") public void logPoinCut() { } /** * 配置環繞通知,使用在方法logPointcut()上註冊的切入點 * * @param joinPoint join point for advice */ @Around("logPoinCut()") public Object saveSysLog(ProceedingJoinPoint joinPoint)throws Throwable{ Object result; currentTime.set(System.currentTimeMillis());//記錄方法的執行時間 result = joinPoint.proceed(); MyLog log = new MyLog("INFO",System.currentTimeMillis() - currentTime.get());//定義日誌型別 currentTime.remove(); HttpServletRequest request = RequestHolder.getHttpServletRequest(); logService.save(SecurityUtils.getCurrentUsername(), LogUtils.getBrowser(request), LogUtils.getIp(request),joinPoint, log); return result; } /** * 配置異常通知 * * @param joinPoint join point for advice * @param e exception */ @AfterThrowing(pointcut = "logPoinCut()", throwing = "e") public void logAfterThrowing(JoinPoint joinPoint, Throwable e) { MyLog log = new MyLog("ERROR",System.currentTimeMillis() - currentTime.get()); currentTime.remove(); log.setExceptionDetail(LogUtils.getStackTrace(e)); HttpServletRequest request = RequestHolder.getHttpServletRequest(); logService.save(SecurityUtils.getCurrentUsername(), LogUtils.getBrowser(request), LogUtils.getIp(request), (ProceedingJoinPoint)joinPoint, log); } } ``` ## 八、相應方法及介面 dao ```java /** * @author codermy * @createTime 2020/8/8 */ @Mapper public interface LogDao { /** * 儲存日誌 * @param log */ @Insert("insert into my_log(user_name,ip,description,params,type,exception_detail,browser,method,time,create_time)values(#{userName},#{ip},#{description},#{params},#{type},#{exceptionDetail},#{browser},#{method},#{time},now())") void save(MyLog log); /** * 分頁返回所有使用者日誌 * @param logQuery 查詢條件 * @return */ List getFuzzyLogByPage( @Param("logQuery") LogQuery logQuery); /** * 分頁返回所有錯誤日誌 * @param logQuery 查詢條件 * @return */ List getFuzzyErrorLogByPage(@Param("logQuery") LogQuery logQuery); /** * 刪除所有日誌 * @param type 日誌型別 */ @Delete("delete from my_log where type = #{type}") void delAllByInfo(String type); } ``` LogMapper.xml ```xml

``` MyLogServiceImpl ```java /** * @author codermy * @createTime 2020/8/4 */ @Service public class MyLogServiceImpl implements MyLogService { @Autowired private LogDao logDao; //返回使用者日誌 @Override public Result getFuzzyInfoLogByPage(Integer offectPosition, Integer limit, LogQuery logQuery) { Page page = PageHelper.offsetPage(offectPosition,limit); List fuzzyLogByPage = logDao.getFuzzyLogByPage(logQuery); return Result.ok().count(page.getTotal()).data(fuzzyLogByPage).code(ResultCode.TABLE_SUCCESS); } //返回異常日誌 @Override public Result getFuzzyErrorLogByPage(Integer offectPosition, Integer limit, LogQuery logQuery) { Page page = PageHelper.offsetPage(offectPosition,limit); List fuzzyErrorLogByPage = logDao.getFuzzyErrorLogByPage(logQuery); return Result.ok().count(page.getTotal()).data(fuzzyErrorLogByPage).code(ResultCode.TABLE_SUCCESS); } //儲存日誌到資料庫 @Override @Transactional(rollbackFor = Exception.class) public void save(String userName, String browser, String ip, ProceedingJoinPoint joinPoint, MyLog log) { MethodSignature signature = (MethodSignature) joinPoint.getSignature(); Method method = signature.getMethod(); com.codermy.myspringsecurityplus.log.aop.MyLog myLog = method.getAnnotation(com.codermy.myspringsecurityplus.log.aop.MyLog.class); // 方法路徑 String methodName = joinPoint.getTarget().getClass().getName()+"."+signature.getName()+"()"; StringBuilder params = new StringBuilder("{"); //引數值 Object[] argValues = joinPoint.getArgs(); //引數名稱 String[] argNames = ((MethodSignature)joinPoint.getSignature()).getParameterNames(); if(argValues != null){ for (int i = 0; i < argValues.length; i++) { params.append(" ").append(argNames[i]).append(": ").append(argValues[i]); } } // 描述 if (log != null) { log.setDescription(myLog.value()); } assert log != null; log.setIp(ip); String loginPath = "login"; if(loginPath.equals(signature.getName())){ try { assert argValues != null; userName = new JSONObject(argValues[0]).get("userName").toString(); }catch (Exception e){ e.printStackTrace(); } } log.setMethod(methodName); log.setUserName(userName); log.setParams(params.toString() + " }"); log.setBrowser(browser); logDao.save(log); } //刪除異常日誌 @Override @Transactional(rollbackFor = Exception.class) public void delAllByError() { logDao.delAllByInfo("ERROR"); } //刪除使用者日誌 @Override @Transactional(rollbackFor = Exception.class) public void delAllByInfo() { logDao.delAllByInfo("INFO"); } } ``` LogController ```java /** * @author codermy * @createTime 2020/8/8 */ @Controller @RequestMapping("/api") @Api(tags = "系統：日誌管理") public class LogController { @Autowired private MyLogService logService; @GetMapping("/log/index") public String logIndex(){ return "system/log/log"; } @GetMapping("/log") @ResponseBody @ApiOperation(value = "日誌列表") @PreAuthorize("hasAnyAuthority('log:list')") public Result logList(PageTableRequest pageTableRequest, LogQuery logQuery){ pageTableRequest.countOffset(); logQuery.setLogType("INFO"); return logService.getFuzzyInfoLogByPage(pageTableRequest.getOffset(),pageTableRequest.getLimit(),logQuery); } @DeleteMapping("/log") @MyLog("刪除所有INFO日誌") @ResponseBody @ApiOperation("刪除所有INFO日誌") @PreAuthorize("hasAnyAuthority('log:del')") public Result