这篇博客介绍了如何在SpringBoot项目中结合Shiro和JWT实现用户登录认证和鉴权。包括需求分析、数据库设计、项目搭建过程,涉及用户、角色、权限表结构,以及登录、登出接口,角色和权限管理,并分享了可能遇到的坑和解决方案。
***#一、实战整理SpringBoot中使用Shiro和JWT做认证和鉴权整体大纲简介:
*#1.需求
1.1需求:1)实现用户通过用户名和密码正常登录以及异常检测;2)登录后通过http header返回token;3)每次请求其他接口时,客户端需通过header将token带回,用于登录身份校验;4)服务端负责token的定期刷新,刷新后新的token仍然放到header中返给客户端;5)通过用户-角色-权限配置当前用户的权限,实现菜单权限和接口权限的校验;6)实现账户管理和角色管理的增删改查以及关联关系变动。
*#2.数据库设计-实体关系图-
mysql:先简单说一下数据库表结构–:
常见的五表设计:sys_user、sys_role、sys_permission、sys_user_role、sys_role_permission;
另外我这有一个关联机构表的需求:sys_organ,user表和role表都关联一下机构表即可。
2.1:
CREATE TABLE sys_user (
uid varchar(255) NOT NULL COMMENT ‘主键id’,
yh_code varchar(50) DEFAULT NULL COMMENT ‘编号’,
yh_name varchar(50) DEFAULT NULL COMMENT ‘用户名-登录账号’,
real_name varchar(50) DEFAULT NULL COMMENT ‘真实姓名’,
yh_pwd varchar(50) DEFAULT NULL COMMENT ‘密码’,
yh_repwd varchar(50) DEFAULT NULL COMMENT ‘确认密码’,
unit_code int(4) DEFAULT NULL COMMENT ‘单位编码’,
dz_code int(4) DEFAULT NULL COMMENT ‘职务编码’,
status int(4) DEFAULT NULL COMMENT ‘状态:0-无效,1-有效’,
insert_time timestamp NULL DEFAULT NULL COMMENT ‘插入时间’,
update_time timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT ‘更新时间’,
finish_time timestamp NULL DEFAULT NULL COMMENT ‘完成时间’,
remark varchar(255) DEFAULT NULL COMMENT ‘备注’,
PRIMARY KEY (uid),
UNIQUE KEY yh_name (yh_name)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
2.2:
CREATE TABLE sys_role (
id varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_bin NOT NULL COMMENT ‘主键’,
role_code varchar(50) NOT NULL COMMENT ‘角色编码’,
role_name varchar(50) NOT NULL COMMENT ‘角色名称’,
unit_code int(4) DEFAULT NULL COMMENT ‘所属单位编码’,
available tinyint(5) DEFAULT ‘1’ COMMENT ‘0-无效:1-有效’,
insert_time timestamp NULL DEFAULT NULL COMMENT ‘创建时间’,
begin_time timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP COMMENT ‘角色使用期限得开始时间’,
update_time timestamp NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP COMMENT ‘更新时间’,
finish_time timestamp NULL DEFAULT NULL COMMENT ‘角色使用期限得截止时间’,
remarks varchar(255) DEFAULT NULL COMMENT ‘备注’,
PRIMARY KEY (id)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
2.3:
CREATE TABLE sys_user_role (
id int(4) NOT NULL AUTO_INCREMENT,
role_id varchar(32) DEFAULT NULL,
uid varchar(32) DEFAULT NULL,
status int(4) DEFAULT NULL,
insert_time timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=74 DEFAULT CHARSET=utf8;
2.4:
CREATE TABLE sys_permission (
id int(4) NOT NULL AUTO_INCREMENT COMMENT ‘主键id’,
parent_code int(4) DEFAULT NULL,
qx_code int(11) DEFAULT NULL COMMENT ‘权限编码’,
qx_name varchar(50) COLLATE utf8_czech_ci DEFAULT NULL COMMENT ‘权限名称’,
permission varchar(50) COLLATE utf8_czech_ci DEFAULT NULL COMMENT ‘权限字符串,menu例子:role:*,button例子:role:create,role:update,role:delete,role:view’,
qx_type varchar(50) COLLATE utf8_czech_ci DEFAULT NULL,
qx_router varchar(255) COLLATE utf8_czech_ci DEFAULT NULL COMMENT ‘对应的路径’,
available tinyint(5) DEFAULT ‘1’,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=20 DEFAULT CHARSET=utf8 COLLATE=utf8_czech_ci;
2.5:
CREATE TABLE sys_role_permission (
id int(4) NOT NULL AUTO_INCREMENT COMMENT ‘主键id’,
role_id varchar(32) DEFAULT NULL COMMENT ‘角色id’,
qx_id int(4) DEFAULT ‘0’ COMMENT ‘权限id’,
status int(4) DEFAULT NULL,
insert_time timestamp NULL DEFAULT NULL ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=285 DEFAULT CHARSET=utf8;
2.6:
CREATE TABLE sys_organ (
id int(4) NOT NULL AUTO_INCREMENT COMMENT ‘主键’,
unit_code int(4) DEFAULT NULL COMMENT ‘职务对应的单位编码’,
unit_name varchar(30) DEFAULT NULL,
dz_code int(4) DEFAULT NULL COMMENT ‘职务编码’,
dz_name varchar(30) DEFAULT NULL COMMENT ‘职务名称’,
PRIMARY KEY (id)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
2.7:实体关系图:你们猜这个图我是用什么画的…hhh
*#3.项目搭建-整体结构图
*#4.项目搭建-实体类-Entity
4.1:Organ:
//所属单位编码
private Integer unitCode;
//所属单位名称
private String unitName;
//职务编码
private Integer dzCode;
//职务名称
private String dzName;
4.2:UserInfo:
private static final long serialVersionUID = 6255389136174789169L;
private String userId;
//用户名-即登录账户
private String yhName;
//真实姓名
private String realName;
//密码;
private String yhPwd;
private String yhRepwd;
//所属单位编码:unit_code
private Integer unitCode;
//职务编码:dz_code
private Integer dzCode;
//用户状态,0:创建未认证(比如没有激活,没有输入验证码等等)--等待验证的用户 ,
// 1:正常状态,2:用户被锁定
private Integer status;
private Date insertTime;
private Date updateTime;
private Date finishTime;
private String remark;
@Override
public String toString() {
return "UserInfo{" +
"userId='" + userId + '\'' +
", yhName='" + yhName + '\'' +
", realName='" + realName + '\'' +
", yhPwd='" + yhPwd + '\'' +
", yhRepwd='" + yhRepwd + '\'' +
", unitCode=" + unitCode +
", dzCode=" + dzCode +
", status=" + status +
", insertTime=" + insertTime +
", updateTime=" + updateTime +
", finishTime=" + finishTime +
", remark='" + remark + '\'' +
'}';
}
4.3:SysRole:
private String id;
private String role_code;//角色标识码:admin
private String name;//角色名称
//所属单位编码:unit_code
private Integer unitCode;
private Date insert_time;
private Date update_time;
private Date finish_time;
private String remarks;
4.4:SysUserRole:
private String userId;
//登录账户-用户名
private String yhName;
//真实姓名
private String realName;
//密码;
private String yhPwd;
private String yhRepwd;
//所属单位编码:unit_code
private Integer unitCode;
//职务编码:dz_code
private Integer dzCode;
//用户状态,0:创建未认证(比如没有激活,没有输入验证码等等)--等待验证的用户 ,
// 1:正常状态,2:用户被锁定
private Integer status;
private Date insertTime;
private Date updateTime;
private Date finishTime;
private String remark;
private String roleId;
private String role_code;//角色标识码:admin
private String name;//角色名称
4.5:SysPermission:
private Integer id;//主键
private Integer qxCode;
private String qxName;//名称
private String qxRoutre;//资源路径
private String permission; //权限字符串,menu例子:role:*,button例子:role:create,role:update,role:delete,role:view
private String resourceType;//资源类型,[menu|button]
private Integer parentCode; //父编号
4.6:SysRolePermission:
private String roleId;
private Integer ydll;
private Integer ydRwxf;
private Integer ydYjpz;
private Integer ydZdyhhhx;
private Integer zhXz;
private Integer zhSc;
private Integer zhBj;
private Integer zhCx;
private Integer jsXc;
private Integer jsSc;
private Integer jsBj;
private Integer qxid;
private List<Integer> qxIds;
*#5.项目搭建-POM.XML
其中主要新增的是:shiro-spring、java-jwt、jjwt
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.0.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.2.0</version>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.7.0</version>
</dependency>
<!-- JWT -->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.3.0</version>
</dependency>
<!-- springboot支持mybatis起步依赖 -->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml</artifactId>
<version>3.9</version>
</dependency>
<!-- mysql -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>3.4.6</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<!--redis依赖-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-redis</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter</artifactId>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.32</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.7</version>
</dependency>
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.5</version>
</dependency>
<!-- https://mvnrepository.com/artifact/org.apache.commons/commons-collections4 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
<version>4.0</version>
</dependency>
<!--@Slf4j注解日志的依赖-->
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.2</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-thymeleaf</artifactId>
</dependency>
<!--redis-->
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>2.9.0</version>
</dependency>
<!-- 内置服务器使用 Undertow -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-undertow</artifactId>
</dependency>
<!-- https://mvnrepository.com/artifact/com.google.guava/guava -->
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>28.2-jre</version>
</dependency>
<!--<dependency>
<groupId>com.surfilter</groupId>
<artifactId>codec-utils</artifactId>
<version>1.0.0</version>
</dependency>-->
<dependency>
<groupId>org.jsoup</groupId>
<artifactId>jsoup</artifactId>
<version>1.9.2</version>
</dependency>
<!-- post 调用x-www-form-urlencoded参数 -->
<dependency>
<groupId>commons-httpclient</groupId>
<artifactId>commons-httpclient</artifactId>
<version>3.1</version>
</dependency>
<!--分页插件-->
<dependency>
<groupId>com.github.pagehelper</groupId>
<artifactId>pagehelper-spring-boot-starter</artifactId>
<version>1.2.5</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.aliyun.oss/aliyun-sdk-oss -->
<dependency>
<groupId>com.aliyun.oss</groupId>
<artifactId>aliyun-sdk-oss</artifactId>
<version>2.8.2</version>
</dependency>
<!--clickhouse-->
<dependency>
<groupId>ru.yandex.clickhouse</groupId>
<artifactId>clickhouse-jdbc</artifactId>
<version>0.1.53</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.0.18</version>
</dependency>
<dependency>
<groupId> org.springframework.boot </groupId>
<artifactId> spring-boot-configuration-processor </artifactId>
<optional> true </optional>
</dependency>
<dependency>
<groupId>com.sun.mail</groupId>
<artifactId>javax.mail</artifactId>
<version>1.5.4</version>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi</artifactId>
<version>3.8-beta4</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-mail</artifactId>
</dependency>
<dependency>
<groupId>javax.persistence</groupId>
<artifactId>javax.persistence-api</artifactId>
<version>2.2</version>
</dependency>
<!--</
最低0.47元/天 解锁文章
2676
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
