mall整合SpringSecurity和JWT实现认证和授权(二)
接上一篇,controller和service层的代码实现及登录授权流程演示。
登录注册功能实现
添加UmsAdminController类
实现了后台用户登录、注册及获取权限的接口
package com.macro.mall.tiny.controller;
import com.macro.mall.tiny.common.api.CommonResult;
import com.macro.mall.tiny.dto.UmsAdminLoginParam;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import com.macro.mall.tiny.service.UmsAdminService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
/** * 后台用户管理 * Created by macro on 2018/4/26. */
@Controller
@Api(tags = "UmsAdminController", description = "后台用户管理")
@RequestMapping("/admin")
public class UmsAdminController { @Autowired private UmsAdminService adminService; @Value("${jwt.tokenHeader}") private String tokenHeader; @Value("${jwt.tokenHead}") private String tokenHead; @ApiOperation(value = "用户注册") @RequestMapping(value = "/register", method = RequestMethod.POST) @ResponseBody public CommonResult<UmsAdmin> register(@RequestBody UmsAdmin umsAdminParam, BindingResult result) { UmsAdmin umsAdmin = adminService.register(umsAdminParam); if (umsAdmin == null) { CommonResult.failed(); } return CommonResult.success(umsAdmin); } @ApiOperation(value = "登录以后返回token") @RequestMapping(value = "/login", method = RequestMethod.POST) @ResponseBody public CommonResult login(@RequestBody UmsAdminLoginParam umsAdminLoginParam, BindingResult result) { String token = adminService.login(umsAdminLoginParam.getUsername(), umsAdminLoginParam.getPassword()); if (token == null) { return CommonResult.validateFailed("用户名或密码错误"); } Map<String, String> tokenMap = new HashMap<>(); tokenMap.put("token", token); tokenMap.put("tokenHead", tokenHead); return CommonResult.success(tokenMap); } @ApiOperation("获取用户所有权限(包括+-权限)") @RequestMapping(value = "/permission/{adminId}", method = RequestMethod.GET) @ResponseBody public CommonResult<List<UmsPermission>> getPermissionList(@PathVariable Long adminId) { List<UmsPermission> permissionList = adminService.getPermissionList(adminId); return CommonResult.success(permissionList); }
}
添加UmsAdminService接口
package com.macro.mall.tiny.service;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import java.util.List;
/** * 后台管理员Service * Created by macro on 2018/4/26. */
public interface UmsAdminService { /** * 根据用户名获取后台管理员 */ UmsAdmin getAdminByUsername(String username); /** * 注册功能 */ UmsAdmin register(UmsAdmin umsAdminParam); /** * 登录功能 * @param username 用户名 * @param password 密码 * @return 生成的JWT的token */ String login(String username, String password); /** * 获取用户所有权限(包括角色权限和+-权限) */ List<UmsPermission> getPermissionList(Long adminId);
}
添加UmsAdminServiceImpl类
package com.macro.mall.tiny.service.impl;
import com.macro.mall.tiny.common.utils.JwtTokenUtil;
import com.macro.mall.tiny.dao.UmsAdminRoleRelationDao;
import com.macro.mall.tiny.dto.UmsAdminLoginParam;
import com.macro.mall.tiny.mbg.mapper.UmsAdminMapper;
import com.macro.mall.tiny.mbg.model.UmsAdmin;
import com.macro.mall.tiny.mbg.model.UmsAdminExample;
import com.macro.mall.tiny.mbg.model.UmsPermission;
import com.macro.mall.tiny.service.UmsAdminService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.Date;
import java.util.List;
/** * UmsAdminService实现类 * Created by macro on 2018/4/26. */
@Service
public class UmsAdminServiceImpl implements UmsAdminService { private static final Logger LOGGER = LoggerFactory.getLogger(UmsAdminServiceImpl.class); @Autowired private UserDetailsService userDetailsService; @Autowired private JwtTokenUtil jwtTokenUtil; @Autowired private PasswordEncoder passwordEncoder; @Value("${jwt.tokenHead}") private String tokenHead; @Autowired private UmsAdminMapper adminMapper; @Autowired private UmsAdminRoleRelationDao adminRoleRelationDao; @Override public UmsAdmin getAdminByUsername(String username) { UmsAdminExample example = new UmsAdminExample(); example.createCriteria().andUsernameEqualTo(username); List<UmsAdmin> adminList = adminMapper.selectByExample(example); if (adminList != null && adminList.size() > 0) { return adminList.get(0); } return null; } @Override public UmsAdmin register(UmsAdmin umsAdminParam) { UmsAdmin umsAdmin = new UmsAdmin(); BeanUtils.copyProperties(umsAdminParam, umsAdmin); umsAdmin.setCreateTime(new Date()); umsAdmin.setStatus(1); //查询是否有相同用户名的用户 UmsAdminExample example = new UmsAdminExample(); example.createCriteria().andUsernameEqualTo(umsAdmin.getUsername()); List<UmsAdmin> umsAdminList = adminMapper.selectByExample(example); if (umsAdminList.size() > 0) { return null; } //将密码进行加密操作 String encodePassword = passwordEncoder.encode(umsAdmin.getPassword()); umsAdmin.setPassword(encodePassword); adminMapper.insert(umsAdmin); return umsAdmin; } @Override public String login(String username, String password) { String token = null; try { UserDetails userDetails = userDetailsService.loadUserByUsername(username); if (!passwordEncoder.matches(password, userDetails.getPassword())) { throw new BadCredentialsException("密码不正确"); } UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(authentication); token = jwtTokenUtil.generateToken(userDetails); } catch (AuthenticationException e) { LOGGER.warn("登录异常:{}", e.getMessage()); } return token; } @Override public List<UmsPermission> getPermissionList(Long adminId) { return adminRoleRelationDao.getPermissionList(adminId); }
}
修改Swagger的配置
通过修改配置实现调用接口自带Authorization头,这样就可以访问需要登录的接口了。
package com.macro.mall.tiny.config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import springfox.documentation.builders.ApiInfoBuilder;
import springfox.documentation.builders.PathSelectors;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.ApiKey;
import springfox.documentation.service.AuthorizationScope;
import springfox.documentation.service.SecurityReference;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spi.service.contexts.SecurityContext;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.ArrayList;
import java.util.List;
/** * Swagger2API文档的配置 */
@Configuration
@EnableSwagger2
public class Swagger2Config { @Bean public Docket createRestApi(){ return new Docket(DocumentationType.SWAGGER_2) .apiInfo(apiInfo()) .select() //为当前包下controller生成API文档 .apis(RequestHandlerSelectors.basePackage("com.macro.mall.tiny.controller")) .paths(PathSelectors.any()) .build() //添加登录认证 .securitySchemes(securitySchemes()) .securityContexts(securityContexts()); } private ApiInfo apiInfo() { return new ApiInfoBuilder() .title("SwaggerUI演示") .description("mall-tiny") .contact("macro") .version("1.0") .build(); } private List<ApiKey> securitySchemes() { //设置请求头信息 List<ApiKey> result = new ArrayList<>(); ApiKey apiKey = new ApiKey("Authorization", "Authorization", "header"); result.add(apiKey); return result; } private List<SecurityContext> securityContexts() { //设置需要登录认证的路径 List<SecurityContext> result = new ArrayList<>(); result.add(getContextByPath("/brand/.*")); return result; } private SecurityContext getContextByPath(String pathRegex){ return SecurityContext.builder() .securityReferences(defaultAuth()) .forPaths(PathSelectors.regex(pathRegex)) .build(); } private List<SecurityReference> defaultAuth() { List<SecurityReference> result = new ArrayList<>(); AuthorizationScope authorizationScope = new AuthorizationScope("global", "accessEverything"); AuthorizationScope[] authorizationScopes = new AuthorizationScope[1]; authorizationScopes[0] = authorizationScope; result.add(new SecurityReference("Authorization", authorizationScopes)); return result; }
}
给PmsBrandController接口中的方法添加访问权限
给查询接口添加pms:brand:read权限
给修改接口添加pms:brand:update权限
给删除接口添加pms:brand:delete权限
给添加接口添加pms:brand:create权限
例子:
@PreAuthorize("hasAuthority('pms:brand:read')")
public CommonResult<List<PmsBrand>> getBrandList() { return CommonResult.success(brandService.listAllBrand());
}
认证与授权流程演示
运行项目,访问API
Swagger api地址:http://localhost:8080/swagger-ui.html
未登录前访问接口
登录后访问接口
进行登录操作:登录帐号test 123456
点击Authorize按钮,在弹框中输入登录接口中获取到的token信息
登录后访问获取权限列表接口,发现已经可以正常访问
访问需要权限的接口
由于test帐号并没有设置任何权限,所以他无法访问具有pms:brand:read权限的获取品牌列表接口。
改用其他有权限的帐号登录
改用admin 123456登录后访问,点击Authorize按钮打开弹框,点击logout登出后再重新输入新token。
项目源码地址
https://github.com/macrozheng/mall-learning/tree/master/mall-tiny-04
推荐阅读
mall架构及功能概览
mall学习所需知识点(推荐资料)
mall整合SpringBoot+MyBatis搭建基本骨架
mall整合Swagger-UI实现在线API文档
mall整合Redis实现缓存功能
mall整合SpringSecurity和JWT实现认证和授权(一)
mall整合SpringSecurity和JWT实现认证和授权(二)相关推荐
- GitHub开源项目学习 电商系统Mall (五) mall整合SpringSecurity和JWT实现认证和授权(二)
mall整合SpringSecurity和JWT实现认证和授权(二) https://github.com/macrozheng/mall 登录注册功能实现 UmsAdminController类 实 ...
- GitHub开源项目学习 电商系统Mall (四) mall整合SpringSecurity和JWT实现认证和授权(一)
mall整合SpringSecurity和JWT实现认证和授权(一) https://github.com/macrozheng/mall 跳过了官方Learning中较简单的Swagger-UI的实 ...
- 解决测试失败问题:mall商城项目》mall整合SpringSecurity和JWT实现认证和授权(二)》改用其他有权限的帐号登录
目录 原因 修改办法 原因 权限值不对 修改办法 1.打开数据库中的ums_admin表 2.复制id=1那一行的password,如下: 3.替换id=6那一行中的password,点击√,如下: ...
- 商城项目(三)整合SpringSecurity和JWT实现认证和授权
整合SpringSecurity和JWT实现认证和授权 环境搭建 SpringSecurity JWT Hutool 项目使用表说明 ums_admin:后台用户表 ums_role:后台用户角色表 ...
- 5.1基于JWT的认证和授权「深入浅出ASP.NET Core系列」
原文:5.1基于JWT的认证和授权「深入浅出ASP.NET Core系列」 希望给你3-5分钟的碎片化学习,可能是坐地铁.等公交,积少成多,水滴石穿,码字辛苦,如果你吃了蛋觉得味道不错,希望点个赞,谢 ...
- SpringBoot+SpringSecurity+JWT实现认证和授权
SprinBoot 系列文章: Spring Boot入门之Hello Spring Boot SpringBoot 配置多个JdbcTemplate SpringBoot 整合Mybatis CAS ...
- Springboot整合shiro基于url身份认证和授权认证
你还不会shiro吗? 前奏 shiro核心配置文件(rolesFilter可选). 身份认证 多表登录源如何操作? 授权管理 如何解决界面多角色/资源问题 访问效果 权限管理在日常开发中很重要,所以 ...
- 实践剖析.NET Core如何支持Cookie滑动过期和JWT混合认证、授权
[导读]为防止JWT Token被窃取,我们将Token置于Cookie中,但若与第三方对接,调用我方接口进行认证.授权此时仍需将Token置于请求头,通过实践并联系理论,我们继续开始整活 首先我们实 ...
- ASP.NET Core WebAPI中使用JWT Bearer认证和授权
为什么是 JWT Bearer ASP.NET Core 在 Microsoft.AspNetCore.Authentication 下实现了一系列认证, 包含 Cookie, JwtBearer, ...
- 整合SpringSecurity OAuth2 JWT (附原因)一步步来如此简单
梳理整合 SpringCloud 和 SpringSecurity OAuth2 的搭建流程,网上看了一些,感觉都很差强人意,所以决定梳理下,不多说了开鲁吧. 首先要搭建微服务基础加包版本,基于阿里系 ...
最新文章
- NVIDIA深度学习Tensor Core性能解析(上)
- 童国华正式执掌大唐电信集团
- OpenGL编程指南4:双缓冲实现运行
- 20211108 det(AB)=det(A)det(B)
- 机器学习(八)——在线学习、K-Means算法、混合高斯模型和EM算法
- 你真的懂ArrayList吗?说说foreach与iterator时remove的区别
- 数值运算pythonmopn_Python SciPy库——拟合与插值
- python的sorted函数和operator.itemgetter函数
- GB35114 A级过检
- matlab求刚度,求整体刚度矩阵matlab程序.doc
- 设计模式 | 装饰者模式及典型应用
- 性能测试线上培训班怎么选 3点教你在线选好培训班
- Linux 环境变量的那些事
- 2022年登高架设免费试题及登高架设复审考试
- Uncaught Error: USERKEY_PLAT_NOMATCH 的原因和解决办法
- py使用errorbar绘制误差棒图
- Windows中安装GCC教程
- RiruEdxposed学习研究(二)手把手编译Riru和Edxposed工程源码
- [Luogu P3147] [BZOJ 4576] [USACO16OPEN]262144
- 会考成绩计算机为d对报专业影响,高中毕业生会考 不再计分改为评级