spring boot集成shiro+redis+jwt
- 集成shiro作为权限校验框架
- jwt生成token
- redis缓冲token和用户相关得一些数据
Shiro框架简单介绍
Apache Shiro是Java的一个安全框架,旨在简化身份验证和授权。Shiro在JavaSE和JavaEE项目中都可以使用。它主要用来处理身份认证,授权,企业会话管理和加密等。
- 添加依赖(数据库和持久层框架根据实际情况添加)
<!--redis-->
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-pool2</artifactId>
</dependency>
<!--shiro-->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-starter</artifactId>
<version>1.4.1</version>
</dependency>
<!--jwt-->
<dependency>
<groupId>com.auth0</groupId>
<artifactId>java-jwt</artifactId>
<version>3.4.0</version>
</dependency>
- 添加mysql和redis的相关配置
#mysql配置
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.druid.url=jdbc:mysql://localhost:3306/recreation?useUnicode=true&characterEncoding=UTF-8&zeroDateTimeBehavior=convertToNull&serverTimezone=Asia/Shanghai&&allowPublicKeyRetrieval=true&useSSL=false
spring.datasource.druid.username=root
spring.datasource.druid.password=root
spring.datasource.druid.initial-size=5
spring.datasource.druid.min-idle=5
spring.datasource.druid.max-active=20
spring.datasource.druid.max-wait=60000
spring.datasource.druid.time-between-eviction-runs-millis=60000
spring.datasource.druid.min-evictable-idle-time-millis=300000
#配置redis连接信息
spring.redis.database=0
spring.redis.host=localhost
spring.redis.port=6379
spring.redis.password=
spring.redis.timeout=5000
spring.redis.lettuce.pool.min-idle=0
spring.redis.lettuce.pool.max-active=8
spring.redis.lettuce.pool.max-wait=-1ms
spring.redis.lettuce.pool.max-idle=8
spring.redis.jedis.pool.max-active=8
spring.redis.jedis.pool.max-idle=0
spring.redis.jdeis.pool.max-wait=-1
- redis配置类
package com.byyj.config;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cache.annotation.EnableCaching;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import redis.clients.jedis.JedisPool;
import redis.clients.jedis.JedisPoolConfig;
/**
* @ClassName: JedisConfig
* @Auther: wh
* @Date: 2019/5/15 14:25
* @Description:
*/
@Configuration
@EnableCaching
public class JedisConfig {
@Value("${spring.redis.host}")
private String host;
@Value("${spring.redis.port}")
private int port;
@Value("${spring.redis.password}")
private String password;
@Value("${spring.redis.timeout}")
private int timeout;
@Value("${spring.redis.jedis.pool.max-idle}")
private int maxIdle;
@Value("${spring.redis.jdeis.pool.max-wait}")
private long maxWaitMillis;
@Bean
public JedisPool redisPoolFactory() {
JedisPoolConfig jedisPoolConfig = new JedisPoolConfig();
jedisPoolConfig.setMaxIdle(maxIdle);
jedisPoolConfig.setMaxWaitMillis(maxWaitMillis);
JedisPool jedisPool = new JedisPool(jedisPoolConfig, host, port, timeout, password);
return jedisPool;
}
}
- redis操作util类(使用jedis操作)
package com.byyj.util;
import com.byyj.config.JedisConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Repository;
import redis.clients.jedis.Jedis;
import redis.clients.jedis.JedisPool;
/**
* @ClassName: RedisDao
* @Auther: wh
* @Date: 2019/5/15 09:25
* @Description:
*/
@Repository
public class RedisUtil {
@Autowired
private JedisConfig jedisConfig;
private static JedisPool jedisPool = null;
public synchronized Jedis getJedis() {
if (null == jedisPool) {
pooInit();
}
Jedis jedis = null;
try {
jedis = jedisPool.getResource();
} catch (Exception e) {
e.printStackTrace();
} finally {
jedisPool.returnResource(jedis);
}
return jedis;
}
public synchronized void pooInit() {
if (null == jedisPool) {
jedisPool = jedisConfig.redisPoolFactory();
}
}
public void setKey(String key, String value) {
getJedis().set(key, value);
}
public void setex(String key, int seconds, String value) {
getJedis().setex(key, seconds, value);
}
public String getValue(String key) {
return getJedis().get(key);
}
public void del(String key) {
getJedis().del(key);
}
}
如果使用spring-boot-starter-data-redis,redis的配置和util包可以不添加
- 创建JWT util类
package com.byyj.util;
import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTDecodeException;
import com.auth0.jwt.interfaces.DecodedJWT;
import org.springframework.stereotype.Component;
import java.util.Date;
/**
* @ClassName: JWTUtil
* @Auther: wuhao
* @Date: 2021/3/19 15:39
* @Description:
*/
@Component
public class JWTUtil {
public String getUserName(String token){
try {
DecodedJWT jwt = JWT.decode(token);
return jwt.getClaim("username").asString();
} catch (JWTDecodeException e) {
return null;