本项目使用 spring boot,spring security,jwt,mybatis-plus
关于mybatis-plus代码生成的,请看我的另外一篇博客
https://blog.csdn.net/qq_42151769/article/details/103801366
自定义权限不足返回,自定义未登录返回
表结构:
项目截图
添加依赖:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.2.2.RELEASE</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.wm</groupId>
<artifactId>rolesys</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>rolesys</name>
<description>权限系统设计</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<!--security 依赖-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<!--jwt依赖-->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.0</version>
</dependency>
<!-- commons-lang3依赖 -->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.9</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>6.0.6</version>
</dependency>
<!--mybatis-plus依赖-->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.3.0</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
配置文件: application.yml
### 自定义spring security白名单url
security:
ignore:
urls:
- /yu/login
spring:
datasource:
username: root
password: AI@123ai
url: jdbc:mysql://172.16.19.28:3306/ywm_test?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&useSSL=false&zeroDateTimeBehavior=convertToNull&serverTimezone=GMT%2b8
mybatis-plus:
mapper-locations: classpath*:/mapper/*.xml
logging:
level:
root : INFO
com.hfepay: DEBUG
#### 自定义jwt参数
jwt:
tokenHeader: token #JWT存储的请求头
secret: jwt_secret #JWT加解密使用的密钥
expiration: 604800 #JWT的超期限时间(60*60*24)
定义读取配置文件的实体类:
jwtPropertis.java
package com.wm.rolesys.config;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
/***
* @ClassName: JwtProperties
* @Description: 读取定义的jwt配置
* @Author: wm_yu
* @Create_time: 16:18 2019-12-31
*/
@ConfigurationProperties(prefix = "jwt")
@Component
@Data
public class JwtProperties {
private String tokenHeader;
private String secret;
private Integer expiration;
}
自定义spring security白名单url,不进行认证,直接访问
IgnoreUrlsConfig.java
package com.wm.rolesys.config;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;
import java.util.List;
/***
* @ClassName: IgnoreUrlsConfig
* @Description: 不进行权限拦截的url, 如登录, 注册等接口
* @Author: wm_yu
* @Create_time: 17:05 2019-12-31
*/
@ConfigurationProperties(prefix = "security.ignore")
@Component
@Data
public class IgnoreUrlsConfig {
pri