目录
前置路由守卫:就是在路由跳转前加上自己得一些业务代码。
添加配置
router.beforeEach((to, from, next) => {
var path = to.path;
if(path==="/login"){
return next();
}
var token = sessionStorage.getItem("token");
if(token){
return next();
}
return next("/login")
})
整合shiro安全框架
添加依赖
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-starter</artifactId>
<version>1.7.0</version>
</dependency>
添加shiro配置类
import com.ytr.system.filter.Myfilter;
import com.ytr.system.realm.MyRealm;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.filter.DelegatingFilterProxy;
import javax.servlet.Filter;
import java.util.HashMap;
/**
* @author Yang
* @ClassName myConfig
* @date 2022/8/7 14:44
*/
@Configuration
public class ShiroConfig {
/*配置shiro管理器*/
@Bean
public DefaultWebSecurityManager securityManager() {
DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
/*设置读取的自定义的relam*/
defaultWebSecurityManager.setRealm(realm());
return defaultWebSecurityManager;
}
/*创建realm配置自定义的relam*/
@Bean
public Realm realm() {
MyRealm myRealm = new MyRealm();
/*设置密码加密器 调用自定义的加密器*/
myRealm.setCredentialsMatcher(credentialsMatcher());
return myRealm;
}
/*设置密码加密器配置*/
@Bean
public CredentialsMatcher credentialsMatcher() {
/*创建密码加密器*/
HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher();
/*设置加密形式*/
credentialsMatcher.setHashAlgorithmName("MD5");
/*设置加密次数*/
credentialsMatcher.setHashIterations(1024);
return credentialsMatcher;
}
/*创建过滤器*/
@Bean(value = "shiroFilter")
public ShiroFilterFactoryBean filterFactoryBean() {
ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
factoryBean.setSecurityManager(securityManager());
//设置拦截规则
HashMap<String, String> map = new HashMap<>();
map.put("/system/login", "anon");
map.put("/**", "authc");
//放行Swagger2页面,需要放行这些
map.put("/swagger-ui.html", "anon");
map.put("/swagger/**", "anon");
map.put("/webjars/**", "anon");
map.put("/swagger-resources/**", "anon");
map.put("/v2/**", "anon");
map.put("/static/**", "anon");
map.put("/doc.html", "anon");
map.put("/swagger2/**", "anon");
factoryBean.setFilterChainDefinitionMap(map);
//设置自定义认证过滤器
HashMap<String, Filter> filterMap = new HashMap<String, Filter>();
filterMap.put("authc", new Myfilter());
factoryBean.setFilters(filterMap);
return factoryBean;
}
@Bean //注册filter
public FilterRegistrationBean<Filter> filterRegistrationBean() {
FilterRegistrationBean<Filter> filterRegistrationBean = new FilterRegistrationBean<>();
filterRegistrationBean.setName("shiroFilter");
filterRegistrationBean.setFilter(new DelegatingFilterProxy());
filterRegistrationBean.addUrlPatterns("/*");
return filterRegistrationBean;
}
//开启shiro注解
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();