欧美bbbwbbbw肥妇,免费乱码人妻系列日韩,一级黄片

mall整合SpringSecurity及JWT認(rèn)證授權(quán)實(shí)戰(zhàn)下

 更新時(shí)間:2022年06月20日 09:11:13   作者:MacroZheng  
這篇文章主要為大家介紹了mall整合SpringSecurity及JWT認(rèn)證授權(quán)實(shí)戰(zhàn)第二篇,有需要的朋友可以借鑒參考下,希望能夠有所幫助,祝大家多多進(jìn)步,早日升職加薪

摘要

接上一篇,controller和service層的代碼實(shí)現(xiàn)及登錄授權(quán)流程演示。

登錄注冊(cè)功能實(shí)現(xiàn)

添加UmsAdminController類(lèi)

實(shí)現(xiàn)了后臺(tái)用戶(hù)登錄、注冊(cè)及獲取權(quán)限的接口

package com.macro.mall.tiny.controller;
import com.macro.mall.tiny.common.api.CommonResult;
import com.macro.mall.tiny.dto.UmsAdminLoginParam;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import com.macro.mall.tiny.service.UmsAdminService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/**
 * 后臺(tái)用戶(hù)管理
 * Created by macro on 2018/4/26.
 */
@Controller
@Api(tags = "UmsAdminController", description = "后臺(tái)用戶(hù)管理")
@RequestMapping("/admin")
public class UmsAdminController {
    @Autowired
    private UmsAdminService adminService;
    @Value("${jwt.tokenHeader}")
    private String tokenHeader;
    @Value("${jwt.tokenHead}")
    private String tokenHead;
    @ApiOperation(value = "用戶(hù)注冊(cè)")
    @RequestMapping(value = "/register", method = RequestMethod.POST)
    @ResponseBody
    public CommonResult<UmsAdmin> register(@RequestBody UmsAdmin umsAdminParam, BindingResult result) {
        UmsAdmin umsAdmin = adminService.register(umsAdminParam);
        if (umsAdmin == null) {
            CommonResult.failed();
        }
        return CommonResult.success(umsAdmin);
    }
    @ApiOperation(value = "登錄以后返回token")
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    @ResponseBody
    public CommonResult login(@RequestBody UmsAdminLoginParam umsAdminLoginParam, BindingResult result) {
        String token = adminService.login(umsAdminLoginParam.getUsername(), umsAdminLoginParam.getPassword());
        if (token == null) {
            return CommonResult.validateFailed("用戶(hù)名或密碼錯(cuò)誤");
        }
        Map<String, String> tokenMap = new HashMap<>();
        tokenMap.put("token", token);
        tokenMap.put("tokenHead", tokenHead);
        return CommonResult.success(tokenMap);
    }
    @ApiOperation("獲取用戶(hù)所有權(quán)限(包括+-權(quán)限)")
    @RequestMapping(value = "/permission/{adminId}", method = RequestMethod.GET)
    @ResponseBody
    public CommonResult<List<UmsPermission>> getPermissionList(@PathVariable Long adminId) {
        List<UmsPermission> permissionList = adminService.getPermissionList(adminId);
        return CommonResult.success(permissionList);
    }
}

添加UmsAdminService接口

package com.macro.mall.tiny.service;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import java.util.List;
/**
 * 后臺(tái)管理員Service
 * Created by macro on 2018/4/26.
 */
public interface UmsAdminService {
    /**
     * 根據(jù)用戶(hù)名獲取后臺(tái)管理員
     */
    UmsAdmin getAdminByUsername(String username);
    /**
     * 注冊(cè)功能
     */
    UmsAdmin register(UmsAdmin umsAdminParam);
    /**
     * 登錄功能
     * @param username 用戶(hù)名
     * @param password 密碼
     * @return 生成的JWT的token
     */
    String login(String username, String password);
    /**
     * 獲取用戶(hù)所有權(quán)限(包括角色權(quán)限和+-權(quán)限)
     */
    List<UmsPermission> getPermissionList(Long adminId);
}

添加UmsAdminServiceImpl類(lèi)

package com.macro.mall.tiny.service.impl;
import com.macro.mall.tiny.common.utils.JwtTokenUtil;
import com.macro.mall.tiny.dao.UmsAdminRoleRelationDao;
import com.macro.mall.tiny.dto.UmsAdminLoginParam;
import com.macro.mall.tiny.mbg.mapper.UmsAdminMapper;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsAdminExample;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import com.macro.mall.tiny.service.UmsAdminService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.Date;
import java.util.List;
/**
 * UmsAdminService實(shí)現(xiàn)類(lèi)
 * Created by macro on 2018/4/26.
 */
@Service
public class UmsAdminServiceImpl implements UmsAdminService {
    private static final Logger LOGGER = LoggerFactory.getLogger(UmsAdminServiceImpl.class);
    @Autowired
    private UserDetailsService userDetailsService;
    @Autowired
    private JwtTokenUtil jwtTokenUtil;
    @Autowired
    private PasswordEncoder passwordEncoder;
    @Value("${jwt.tokenHead}")
    private String tokenHead;
    @Autowired
    private UmsAdminMapper adminMapper;
    @Autowired
    private UmsAdminRoleRelationDao adminRoleRelationDao;
    @Override
    public UmsAdmin getAdminByUsername(String username) {
        UmsAdminExample example = new UmsAdminExample();
        example.createCriteria().andUsernameEqualTo(username);
        List<UmsAdmin> adminList = adminMapper.selectByExample(example);
        if (adminList != null && adminList.size() > 0) {
            return adminList.get(0);
        }
        return null;
    }
    @Override
    public UmsAdmin register(UmsAdmin umsAdminParam) {
        UmsAdmin umsAdmin = new UmsAdmin();
        BeanUtils.copyProperties(umsAdminParam, umsAdmin);
        umsAdmin.setCreateTime(new Date());
        umsAdmin.setStatus(1);
        //查詢(xún)是否有相同用戶(hù)名的用戶(hù)
        UmsAdminExample example = new UmsAdminExample();
        example.createCriteria().andUsernameEqualTo(umsAdmin.getUsername());
        List<UmsAdmin> umsAdminList = adminMapper.selectByExample(example);
        if (umsAdminList.size() > 0) {
            return null;
        }
        //將密碼進(jìn)行加密操作
        String encodePassword = passwordEncoder.encode(umsAdmin.getPassword());
        umsAdmin.setPassword(encodePassword);
        adminMapper.insert(umsAdmin);
        return umsAdmin;
    }
    @Override
    public String login(String username, String password) {
        String token = null;
        try {
            UserDetails userDetails = userDetailsService.loadUserByUsername(username);
            if (!passwordEncoder.matches(password, userDetails.getPassword())) {
                throw new BadCredentialsException("密碼不正確");
            }
            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
            SecurityContextHolder.getContext().setAuthentication(authentication);
            token = jwtTokenUtil.generateToken(userDetails);
        } catch (AuthenticationException e) {
            LOGGER.warn("登錄異常:{}", e.getMessage());
        }
        return token;
    }
    @Override
    public List<UmsPermission> getPermissionList(Long adminId) {
        return adminRoleRelationDao.getPermissionList(adminId);
    }
}

修改Swagger的配置

通過(guò)修改配置實(shí)現(xiàn)調(diào)用接口自帶Authorization頭,這樣就可以訪問(wèn)需要登錄的接口了。

package com.macro.mall.tiny.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.ArrayList;
import java.util.List;
/**
 * Swagger2API文檔的配置
 */
@Configuration
@EnableSwagger2
public class Swagger2Config {
    @Bean
    public Docket createRestApi(){
        return new Docket(DocumentationType.SWAGGER_2)
                .apiInfo(apiInfo())
                .select()
                //為當(dāng)前包下controller生成API文檔
                .apis(RequestHandlerSelectors.basePackage("com.macro.mall.tiny.controller"))
                .paths(PathSelectors.any())
                .build()
                //添加登錄認(rèn)證
                .securitySchemes(securitySchemes())
                .securityContexts(securityContexts());
    }
    private ApiInfo apiInfo() {
        return new ApiInfoBuilder()
                .title("SwaggerUI演示")
                .description("mall-tiny")
                .contact("macro")
                .version("1.0")
                .build();
    }
    private List&lt;ApiKey&gt; securitySchemes() {
        //設(shè)置請(qǐng)求頭信息
        List&lt;ApiKey&gt; result = new ArrayList&lt;&gt;();
        ApiKey apiKey = new ApiKey("Authorization", "Authorization", "header");
        result.add(apiKey);
        return result;
    }
    private List&lt;SecurityContext&gt; securityContexts() {
        //設(shè)置需要登錄認(rèn)證的路徑
        List&lt;SecurityContext&gt; result = new ArrayList&lt;&gt;();
        result.add(getContextByPath("/brand/.*"));
        return result;
    }
    private SecurityContext getContextByPath(String pathRegex){
        return SecurityContext.builder()
                .securityReferences(defaultAuth())
                .forPaths(PathSelectors.regex(pathRegex))
                .build();
    }
    private List&lt;SecurityReference&gt; defaultAuth() {
        List&lt;SecurityReference&gt; result = new ArrayList&lt;&gt;();
        AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything");
        AuthorizationScope[] authorizationScopes = new AuthorizationScope[1];
        authorizationScopes[0] = authorizationScope;
        result.add(new SecurityReference("Authorization", authorizationScopes));
        return result;
    }
}

給PmsBrandController接口中的方法添加訪問(wèn)權(quán)限

  • 給查詢(xún)接口添加pms:brand:read權(quán)限
  • 給修改接口添加pms:brand:update權(quán)限
  • 給刪除接口添加pms:brand:delete權(quán)限
  • 給添加接口添加pms:brand:create權(quán)限

例子:

@PreAuthorize("hasAuthority('pms:brand:read')")
public CommonResult<List<PmsBrand>> getBrandList() {
    return CommonResult.success(brandService.listAllBrand());
}

認(rèn)證與授權(quán)流程演示

運(yùn)行項(xiàng)目,訪問(wèn)API

Swagger api地址:http://localhost:8080/swagger-ui.html

未登錄前訪問(wèn)接口

登錄后訪問(wèn)接口

進(jìn)行登錄操作:登錄帳號(hào)test 123456

點(diǎn)擊Authorize按鈕,在彈框中輸入登錄接口中獲取到的token信息

登錄后訪問(wèn)獲取權(quán)限列表接口,發(fā)現(xiàn)已經(jīng)可以正常訪問(wèn)

訪問(wèn)需要權(quán)限的接口

由于test帳號(hào)并沒(méi)有設(shè)置任何權(quán)限,所以他無(wú)法訪問(wèn)具有pms:brand:read權(quán)限的獲取品牌列表接口。

改用其他有權(quán)限的帳號(hào)登錄

改用admin 123456登錄后訪問(wèn),點(diǎn)擊Authorize按鈕打開(kāi)彈框,點(diǎn)擊logout登出后再重新輸入新token。

項(xiàng)目源碼地址github.com/macrozheng/…

mall持續(xù)更新地址:https://github.com/macrozheng/mall

以上就是mall整合SpringSecurity及JWT認(rèn)證授權(quán)實(shí)戰(zhàn)下的詳細(xì)內(nèi)容,更多關(guān)于mall整合SpringSecurity JWT的資料請(qǐng)關(guān)注腳本之家其它相關(guān)文章!

相關(guān)文章

  • IDEA 打開(kāi)java文件對(duì)應(yīng)的class路徑的操作步驟

    IDEA 打開(kāi)java文件對(duì)應(yīng)的class路徑的操作步驟

    這篇文章主要介紹了IDEA 打開(kāi)java文件對(duì)應(yīng)的class路徑的操作步驟,本文分步驟給大家介紹的非常詳細(xì),對(duì)大家的學(xué)習(xí)或工作具有一定的參考借鑒價(jià)值,需要的朋友可以參考下
    2020-10-10
  • SpringSceurity實(shí)現(xiàn)短信驗(yàn)證碼登陸

    SpringSceurity實(shí)現(xiàn)短信驗(yàn)證碼登陸

    這篇文章主要介紹了SpringSceurity實(shí)現(xiàn)短信驗(yàn)證碼登陸,本文通過(guò)實(shí)例代碼給大家介紹的非常詳細(xì),對(duì)大家的學(xué)習(xí)或工作具有一定的參考借鑒價(jià)值,需要的朋友可以參考下
    2020-06-06
  • 詳解Maven POM(項(xiàng)目對(duì)象模型)

    詳解Maven POM(項(xiàng)目對(duì)象模型)

    這篇文章主要介紹了Maven POM(項(xiàng)目對(duì)象模型)的相關(guān)資料,文中講解非常細(xì)致,代碼幫助大家更好的理解和學(xué)習(xí),感興趣的朋友可以了解下
    2020-07-07
  • SpringBoot啟動(dòng)流程SpringApplication準(zhǔn)備階段源碼分析

    SpringBoot啟動(dòng)流程SpringApplication準(zhǔn)備階段源碼分析

    這篇文章主要為大家介紹了SpringBoot啟動(dòng)流程SpringApplication準(zhǔn)備階段源碼分析,有需要的朋友可以借鑒參考下,希望能夠有所幫助,祝大家多多進(jìn)步,早日升職加薪
    2023-04-04
  • Java自動(dòng)取款機(jī)ATM案例實(shí)現(xiàn)

    Java自動(dòng)取款機(jī)ATM案例實(shí)現(xiàn)

    本文主要介紹了Java自動(dòng)取款機(jī)ATM案例實(shí)現(xiàn),整個(gè)過(guò)程可以分為三部分:登錄賬戶(hù)和執(zhí)行取款操作,文中通過(guò)示例代碼介紹的非常詳細(xì),對(duì)大家的學(xué)習(xí)或者工作具有一定的參考學(xué)習(xí)價(jià)值,需要的朋友們下面隨著小編來(lái)一起學(xué)習(xí)學(xué)習(xí)吧
    2023-08-08
  • Spring?Boot騰訊云短信申請(qǐng)與使用示例

    Spring?Boot騰訊云短信申請(qǐng)與使用示例

    這篇文章主要介紹了Spring?Boot騰訊云短信申請(qǐng)與使用,本文通過(guò)實(shí)例代碼圖文相結(jié)合給大家介紹的非常詳細(xì),對(duì)大家的學(xué)習(xí)或工作具有一定的參考借鑒價(jià)值,需要的朋友可以參考下
    2021-12-12
  • Java對(duì)敏感數(shù)據(jù)進(jìn)行加密的方法詳解

    Java對(duì)敏感數(shù)據(jù)進(jìn)行加密的方法詳解

    敏感數(shù)據(jù)的加密是數(shù)據(jù)安全的重要方面,尤其是對(duì)于手機(jī)號(hào)和身份證號(hào)這類(lèi)個(gè)人信息,本文主要為大家介紹了Java對(duì)敏感數(shù)據(jù)進(jìn)行加密的相關(guān)方法,希望對(duì)大家有所幫助
    2024-03-03
  • SpringCloud微服務(wù)集成Dubbo的詳細(xì)過(guò)程

    SpringCloud微服務(wù)集成Dubbo的詳細(xì)過(guò)程

    Apache?Dubbo?是一款易用、高性能的?WEB?和?RPC?框架,同時(shí)為構(gòu)建企業(yè)級(jí)微服務(wù)提供服務(wù)發(fā)現(xiàn)、流量治理、可觀測(cè)、認(rèn)證鑒權(quán)等能力、工具與最佳實(shí)踐,這篇文章主要介紹了SpringCloud微服務(wù)集成Dubbo,需要的朋友可以參考下
    2024-03-03
  • 淺析Java ClassName.this中類(lèi)名.this關(guān)鍵字的理解

    淺析Java ClassName.this中類(lèi)名.this關(guān)鍵字的理解

    Java ClassName.this中類(lèi)名.this關(guān)鍵字 的理解大家都了解多少,有不太了解的朋友可以參考下本文一起學(xué)習(xí)學(xué)習(xí)
    2016-05-05
  • Spring對(duì)事務(wù)管理的支持

    Spring對(duì)事務(wù)管理的支持

    今天小編就為大家分享一篇關(guān)于Spring對(duì)事務(wù)管理的支持,小編覺(jué)得內(nèi)容挺不錯(cuò)的,現(xiàn)在分享給大家,具有很好的參考價(jià)值,需要的朋友一起跟隨小編來(lái)看看吧
    2019-01-01

最新評(píng)論