bot_ym
/
water-management-system
Прати 6
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
智慧水务管理系统 - 精河县供水工程综合管理平台
38 Комити
2 Гране
Дрво: 56ce90f89d
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from '56ce90f89d'
${ noResults }
water-management-system/wm-revenue/src/main/resources/db/V3__sso_tables.sql

V3__sso_tables.sql 4.8KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 
  1. -- SSO单点登录表结构

  2. -- 创建SSO令牌表

  3. CREATE TABLE IF NOT EXISTS sso_token (

  4.     id BIGSERIAL PRIMARY KEY,

  5.     user_id VARCHAR(50) NOT NULL,

  6.     username VARCHAR(100) NOT NULL,

  7.     token VARCHAR(500) NOT NULL,

  8.     create_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  9.     expire_time TIMESTAMP NOT NULL,

  10.     status INTEGER DEFAULT 1,

  11.     last_use_time TIMESTAMP,

  12.     INDEX idx_token (token),

  13.     INDEX idx_user_id (user_id),

  14.     INDEX idx_expire_time (expire_time)

  15. );

  16. 

  17. -- 创建应用注册表

  18. CREATE TABLE IF NOT EXISTS app_registry (

  19.     id BIGSERIAL PRIMARY KEY,

  20.     app_name VARCHAR(100) NOT NULL UNIQUE,

  21.     app_key VARCHAR(200) NOT NULL UNIQUE,

  22.     app_secret VARCHAR(500) NOT NULL,

  23.     redirect_uri VARCHAR(500) NOT NULL,

  24.     description TEXT,

  25.     status INTEGER DEFAULT 1,

  26.     create_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  27.     update_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  28.     admin_user VARCHAR(100),

  29.     INDEX idx_app_key (app_key),

  30.     INDEX idx_status (status)

  31. );

  32. 

  33. -- 创建SSO访问日志表

  34. CREATE TABLE IF NOT EXISTS sso_access_log (

  35.     id BIGSERIAL PRIMARY KEY,

  36.     user_id VARCHAR(50),

  37.     username VARCHAR(100),

  38.     app_name VARCHAR(100),

  39.     action VARCHAR(50) NOT NULL, -- login, logout, validate, token_exchange

  40.     ip_address VARCHAR(50),

  41.     user_agent TEXT,

  42.     token_used VARCHAR(500),

  43.     status INTEGER DEFAULT 1, -- 1:成功, 0:失败

  44.     error_message TEXT,

  45.     create_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  46.     INDEX idx_user_id (user_id),

  47.     INDEX idx_username (username),

  48.     INDEX idx_app_name (app_name),

  49.     INDEX idx_create_time (create_time)

  50. );

  51. 

  52. -- 创建应用接入记录表

  53. CREATE TABLE IF NOT EXISTS app_access_log (

  54.     id BIGSERIAL PRIMARY KEY,

  55.     app_key VARCHAR(200) NOT NULL,

  56.     app_name VARCHAR(100) NOT NULL,

  57.     client_id VARCHAR(200),

  58.     action VARCHAR(50) NOT NULL, -- register, validate, auth, token_request

  59.     ip_address VARCHAR(50),

  60.     user_agent TEXT,

  61.     request_data TEXT,

  62.     response_data TEXT,

  63.     status INTEGER DEFAULT 1,

  64.     create_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  65.     INDEX idx_app_key (app_key),

  66.     INDEX idx_create_time (create_time)

  67. );

  68. 

  69. -- 创建权限配置表

  70. CREATE TABLE IF NOT EXISTS app_permission (

  71.     id BIGSERIAL PRIMARY KEY,

  72.     app_key VARCHAR(200) NOT NULL,

  73.     permission_name VARCHAR(100) NOT NULL,

  74.     permission_code VARCHAR(200) NOT NULL,

  75.     resource_type VARCHAR(50), -- api, menu, button

  76.     resource_id VARCHAR(200),

  77.     is_enabled INTEGER DEFAULT 1,

  78.     create_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  79.     update_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  80.     UNIQUE KEY uk_app_key_permission (app_key, permission_code),

  81.     INDEX idx_app_key (app_key),

  82.     INDEX idx_permission_code (permission_code)

  83. );

  84. 

  85. -- 创建Token刷新记录表

  86. CREATE TABLE IF NOT EXISTS refresh_token (

  87.     id BIGSERIAL PRIMARY KEY,

  88.     user_id VARCHAR(50) NOT NULL,

  89.     username VARCHAR(100) NOT NULL,

  90.     access_token VARCHAR(500) NOT NULL,

  91.     refresh_token VARCHAR(500) NOT NULL,

  92.     client_id VARCHAR(200) NOT NULL,

  93.     scope VARCHAR(500),

  94.     create_time TIMESTAMP DEFAULT CURRENT_TIMESTAMP,

  95.     expire_time TIMESTAMP NOT NULL,

  96.     last_use_time TIMESTAMP,

  97.     is_revoked INTEGER DEFAULT 0,

  98.     INDEX idx_access_token (access_token),

  99.     INDEX idx_refresh_token (refresh_token),

  100.     INDEX idx_user_id (user_id),

  101.     INDEX idx_client_id (client_id)

  102. );

  103. 

  104. -- 插入默认的OAuth2客户端配置

  105. INSERT INTO app_registry (app_name, app_key, app_secret, redirect_uri, description, admin_user) VALUES

  106. ('营收管理前端', 'revenue-frontend', 'revenue-frontend-secret-2026', 'http://localhost:3000/oauth/callback', '营收管理平台前端应用', 'admin'),

  107. ('微信网厅', 'wechat-mall', 'wechat-mall-secret-2026', 'http://localhost:8080/wechat/callback', '微信网上营业厅应用', 'admin'),

  108. ('移动端应用', 'mobile-app', 'mobile-app-secret-2026', 'http://localhost:4000/auth/callback', '移动端应用', 'admin')

  109. ON CONFLICT (app_name) DO NOTHING;

  110. 

  111. -- 创建SSO触发器:自动清理过期Token

  112. CREATE OR REPLACE FUNCTION clean_expired_tokens()

  113. RETURNS TRIGGER AS $$

  114. BEGIN

  115.     DELETE FROM sso_token WHERE expire_time < NOW();

  116.     DELETE FROM refresh_token WHERE expire_time < NOW();

  117.     RETURN NEW;

  118. END;

  119. $$ LANGUAGE plpgsql;

  120. 

  121. -- 创建SSO触发器:当插入token时更新最后使用时间

  122. CREATE OR REPLACE FUNCTION update_last_use_time()

  123. RETURNS TRIGGER AS $$

  124. BEGIN

  125.     IF NEW.status = 1 THEN

  126.         UPDATE sso_token SET last_use_time = NOW() 

  127.         WHERE token = NEW.token AND id != NEW.id;

  128.     END IF;

  129.     RETURN NEW;

  130. END;

  131. $$ LANGUAGE plpgsql;

  132. 

  133. -- 创建触发器

  134. CREATE TRIGGER trigger_clean_expired_tokens

  135.     BEFORE INSERT OR UPDATE OR DELETE ON sso_token

  136.     EXECUTE FUNCTION clean_expired_tokens();

  137. 

  138. CREATE TRIGGER trigger_update_last_use_time

  139.     AFTER UPDATE ON sso_token

  140.     FOR EACH ROW

  141.     EXECUTE FUNCTION update_last_use_time();