springboot基于自定义注解的权限配置AOP+鉴权

最新推荐文章于 2024-05-04 02:10:06 发布
最新推荐文章于 2024-05-04 02:10:06 发布
阅读量501 收藏 1
点赞数
分类专栏: 后端开发(偏java向)经验交流 文章标签: java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/xy294636185/article/details/119331342
版权

WebMvcConfiguration.java

package com.fii.cms.web.config;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.format.FormatterRegistry;
import org.springframework.format.datetime.DateFormatter;
import org.springframework.scheduling.TaskScheduler;
import org.springframework.scheduling.concurrent.ThreadPoolTaskScheduler;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurationSupport;

import javax.annotation.Nullable;

@Configuration
public class WebMvcConfiguration extends WebMvcConfigurationSupport {

    @Value("${swagger.enable}")
    private boolean swaggerEnabled;

    @Override
    protected void addCorsMappings(CorsRegistry registry) {
        registry.addMapping("/**")
                .allowedOrigins("*")
                .allowCredentials(true)
                .allowedMethods("POST", "GET", "PUT", "OPTIONS", "DELETE")
                .allowedHeaders("*")
                .maxAge(3600);
    }

    @Override
    public void addResourceHandlers(ResourceHandlerRegistry registry) {
        if (swaggerEnabled) {
            registry.addResourceHandler("/doc.html")
                    .addResourceLocations("classpath:/META-INF/resources/");
            registry.addResourceHandler("/webjars/**")
                    .addResourceLocations("classpath:/META-INF/resources/webjars/");
        }
        registry.addResourceHandler("/static/**")
                .addResourceLocations("classpath:/static/");
        super.addResourceHandlers(registry);
    }


    /**
     * 格式化
     *
     * @param registry
     */
    public void addFormatters(FormatterRegistry registry) {
        registry.addFormatter(new DateFormatter("yyyy-MM-dd HH:mm:ss"));
    }

    /**
     * 添加拦截器
     *
     * @param registry
     */
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        super.addInterceptors(registry);
        // 添加一个拦截器,检查会话,URL以admin开头的都使用此拦截器
//        registry.addInterceptor(sessionInterceptor).addPathPatterns("/admin/**");
    }

    @Bean
    @Nullable
    public TaskScheduler taskScheduler() {
        ThreadPoolTaskScheduler threadPoolScheduler = new ThreadPoolTaskScheduler();
        threadPoolScheduler.setThreadNamePrefix("SockJS-");
        threadPoolScheduler.setPoolSize(Runtime.getRuntime().availableProcessors());
        threadPoolScheduler.setRemoveOnCancelPolicy(true);
        return threadPoolScheduler;
    }
}

aop.AuthVerifyAOP.java

package com.fii.cms.web.aop;

import com.fii.cms.core.annotation.AuthApis;
import com.fii.cms.core.api.ApiAuthVerify;
import com.fii.cms.core.exception.GlobalException;
import com.fii.cms.core.pojo.vo.app.LocalAppResourceInfo;
import com.fii.cms.core.pojo.vo.user.UserInfoVo;
import com.fii.cms.core.pojo.vo.user.UserParam;
import com.fii.cms.core.resultBody.ResultCode;
import com.fii.cms.user.common.AuthenticationFacade;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.JoinPoint;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Before;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestAttributes;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;

@Aspect
@Component
public class AuthVerifyAop {

    @Value("${oauth.user_cache_key}")
    private String userCacheKey;

    @Autowired
    private AuthenticationFacade facade;

    @Autowired
    private RedisTemplate<String, Object> redisTemplate;

    @Pointcut("@annotation( com.fii.cms.core.annotation.AuthApis)")
    public void doOperation() {
    }

    @Before("doOperation()&&@annotation(authApis)")
    public void before(JoinPoint point, AuthApis authApis) throws GlobalException {
        //获取请求路由
        RequestAttributes requestAttributes = RequestContextHolder.getRequestAttributes();
        assert requestAttributes != null;
        HttpServletRequest request = ((ServletRequestAttributes) requestAttributes).getRequest();
        String requestURI = request.getRequestURI();
        //获取去用户信息
        String account = facade.getCurrentUserName();
        UserInfoVo userInfoVo = (UserInfoVo) redisTemplate.opsForHash().get(userCacheKey, account);
        if (userInfoVo == null)
            throw new GlobalException(ResultCode.USER_NOT_LOGIN);
        //获取用户本系统权限信息
        List<LocalAppResourceInfo> localRes = userInfoVo.getLocalRes();
        if (localRes != null && localRes.size() > 0) {
            List<String> collect = localRes.stream().map(LocalAppResourceInfo::getResourceId).collect(Collectors.toList());
            //通过注解获取被访问接口可允许的权限ID
            String[] value = authApis.value();
            if (value.length == 0)
                //通过路由获取被访问接口可允许的权限ID
                value = ApiAuthVerify.getResourceIds(requestURI);
            if (value == null || value.length == 0)
                throw new GlobalException(ResultCode.PERMISSION_NOT_ALLOW);

            //特殊角色权限认证
            Object[] args = point.getArgs();
            if (!special(args, collect, requestURI))
                throw new GlobalException(ResultCode.PERMISSION_NOT_ALLOW);

            //权限认证
            for (String resource : value) {
                if (collect.contains(resource))
                    return;
            }

        }
        throw new GlobalException(ResultCode.PERMISSION_NOT_ALLOW);
    }

    private boolean special(Object[] args, List<String> collect, String requestURI) {
        //角色编辑接口:接口多用权限处理-根据参数判断接口对应的按钮功能
        if (Objects.equals(ApiAuthVerify.SYS_ROLE_ENABLE.getUri(), requestURI)) {
            String roleName = Objects.isNull(args[1]) ? "" : (String) args[1];
            Integer status = Objects.isNull(args[2]) ? null : (Integer) args[2];
            String[] resourceIds = ApiAuthVerify.SYS_ROLE_ENABLE.getResourceIds();
            if (!StringUtils.isEmpty(roleName)) {
                return collect.contains(resourceIds[0]);
            }
            if (status == null) {
                return collect.contains(resourceIds[1]);
            }
        }
        //用户查询接口多用权限认证
        if (Objects.equals(ApiAuthVerify.SYS_USER_M.getUri(), requestURI)) {
            UserParam userParams = (UserParam) args[0];
            String[] resourceIds = ApiAuthVerify.SYS_USER_M.getResourceIds();
            //查询角色用户列表
            if (StringUtils.isNotEmpty(userParams.getRoleId())) {
                return collect.contains(resourceIds[1]);
            } else {
                if (StringUtils.isNotEmpty(userParams.getOrganizeId())) {
                    if (collect.contains(resourceIds[2]))
                        return true;
                    else
                        return collect.contains(resourceIds[0]);
                }
                return collect.contains(resourceIds[0]);
            }
        }
        return true;
    }
}

AuthApis.java

package com.fii.cms.core.annotation;

import java.lang.annotation.*;

@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD})
@Documented
public @interface AuthApis {
    String[] value() default {};
    String desc()  default "";
}

 ApiAuthVerify.java

package com.fii.cms.core.api;

import java.util.Objects;

public enum ApiAuthVerify {

    /**用户管理*/
    SYS_USER_M("/oauth/user/list", new String[]{"SYS-USER-M","SYS-ROLE-USER","SYS-ORG-USER"}),
    SYS_USER_ENABLE("/oauth/user/status", new String[]{"SYS-USER-ENABLE"}),
    SYS_USER_EDIT("/oauth/update/user", new String[]{"SYS-USER-EDIT"}),
    SYS_USER_RESETPSW("/oauth/reset/password", new String[]{"SYS-USER-RESETPSW"}),
    SYS_USER_IMPORT("/oauth/user/upload", new String[]{"SYS-USER-IMPORT"}),
    SYS_USER_ADD("/oauth/add/user", new String[]{"SYS-USER-ADD"}),
    SYS_USER_CHANGEROLE("/role/add/user/roles", new String[]{"SYS-USER-CHANGEROLE", "SYS-USER-ASSIGNROLE"}),
    SYS_USER_CHANGEORGANIZE("/organize/add/user/organizes", new String[]{"SYS-USER-CHANGEORGANIZE"}),
    SYS_USER_LOOKAUTH("/auth/user/list", new String[]{"SYS-AUTH-M","SYS-USER-LOOKAUTH"}),
    SYS_USER_PERMISSION("/auth/distribution", new String[]{"SYS-AUTH-M","SYS-USER-PERMISSION"}),
    /**角色管理*/
    SYS_ROLE_M("/role/role/list",new String[]{"SYS-ROLE-M"}),
    SYS_ROLE_ADD("/role/add",new String[]{"SYS-ROLE-ADD"}),
    SYS_ROLE_DELETE("/role/delete",new String[]{"SYS-ROLE-DELETE"}),
    SYS_ROLE_ENABLE("/role/edit",new String[]{"SYS-ROLE-EDIT","SYS-ROLE-ENABLE"}),
    SYS_ROLE_ADD_USER("/role/add/role/user",new String[]{"SYS-ROLE-ADD-USER"}),
    SYS_ROLE_DELETE_USER("/role/delete/role/user",new String[]{"SYS-ROLE-DELETE-USER"}),
//    SYS_ROLE_AUTH("",new String[]{"SYS-ROLE-AUTH"}),
    /**组织管理*/
    SYS_ORG_M("/organize/list/info",new String[]{"SYS-ORG-M"}),
    SYS_ORG_ENABLE("/organize/disable",new String[]{"SYS-ORG-ENABLE"}),
    SYS_ORG_EDIT("/organize/edit",new String[]{"SYS-ORG-EDIT"}),
    SYS_ORG_DELETE_USER("/organize/delete/users",new String[]{"SYS-ORG-DELETE-USER"}),
    SYS_ORG_DELETE("/organize/delete",new String[]{"SYS-ORG-DELETE"}),
    SYS_ORG_ADD_USER("/organize/add/users",new String[]{"SYS-ORG-ADD-USER"}),
    SYS_ORG_ADD("/organize/add",new String[]{"SYS-ORG-ADD"}),
    /**权限管理*/
    SYS_AUTH_APP("/auth/app/list",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_ADD("/auth/add/point",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_DELETE("/auth/remove/point",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_EDIT("/auth/edit/point",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_APP_POINTS("/auth/all/point/list",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_POINT_RESOURCE("/auth/point/list",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_ENABLE("/auth/enable/point",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_ROLE_OR_USER("/auth/resource/distribution/list",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_ROLE_OR_USER_POINT("/auth/resource/detail",new String[]{"SYS-ROLE-AUTH","SYS-ROLE-AUTH","SYS-USER-PERMISSION"}),
    SYS_AUTH_CANCEL("/auth/user/invalid",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_IMPORT("/auth/auth/upload",new String[]{"SYS-AUTH-M"}),
    SYS_AUTH_EXPORT("/auth/auth/download",new String[]{"SYS-AUTH-M"}),
    /**权限管理*/
    SYS_APP_REGISTER("/client/add/app",new String[]{"SYS-APP-R","SYS-APP-M"}),
    SYS_APP_LIST("/client/app/list",new String[]{"SYS-APP-R","SYS-APP-M"}),
    SYS_APP_EDIT("/client/app/edit",new String[]{"SYS-APP-R","SYS-APP-M"}),
    SYS_APP_DELETE("/client/app/delete",new String[]{"SYS-APP-R","SYS-APP-M"}),
    /**消息管理**/
    SYS_MESSAGE_HISTORY("/message/history/list",new String[]{"SYS-MESSAGE-HISTORY"})
    ;
    private String uri;
    private String[] resourceIds;

    ApiAuthVerify(String uri, String[] resourceIds) {
        this.uri = uri;
        this.resourceIds = resourceIds;
    }

    public static String[] getResourceIds(String uri) {
        for (ApiAuthVerify verify : ApiAuthVerify.values()) {
            if (Objects.equals(verify.uri, uri))
                return verify.resourceIds;
        }
        return null;
    }

    public String getUri() {
        return uri;
    }

    public String[] getResourceIds() {
        return resourceIds;
    }
}

AuthenticationFacade.java

package com.fii.cms.user.common;

import com.fii.cms.core.exception.GlobalException;
import com.fii.cms.core.resultBody.ResultCode;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Component;
import org.springframework.util.StringUtils;

import java.util.List;


@Component
public class AuthenticationFacade {

    public Authentication getAuthentication() {
        return SecurityContextHolder.getContext().getAuthentication();
    }

    public String getCurrentUserName() {
        Object o = getAuthentication().getPrincipal();
        String username = "";
        if (o instanceof User)
            username = ((User) o).getUsername();
        if (o instanceof String) {
            username = (String) o;
        }
        return username;
    }

    public void verifyLogin(){
        String currentUserName = getCurrentUserName();
        if (StringUtils.isEmpty(currentUserName))
            throw new GlobalException(ResultCode.USER_NOT_LOGIN);
    }

    public boolean verifyAuthen(String role){
        List<GrantedAuthority> grantedAuthorities = AuthorityUtils.commaSeparatedStringToAuthorityList(role);
        return getAuthentication().getAuthorities().contains(grantedAuthorities.get(0));
    }

    public boolean verifySuperAuthen(){
        return verifyAuthen("ROLE_ADMIN");
    }
}

OauthController.java

package com.fii.cms.user.controller;

import com.fii.cms.core.annotation.AuthApis;
import com.fii.cms.core.pojo.vo.user.*;
import com.fii.cms.core.resultBody.PageBody;
import com.fii.cms.core.resultBody.ResultBody;
import com.fii.cms.user.service.UserService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;

@Api(tags = "oauth用户相关")
@RequestMapping("oauth")
@RestController
public class OauthUserController {

    @Autowired
    private UserService userService;

    @ApiOperation(value = "获取当前用户信息", httpMethod = "GET")
    @RequestMapping("/current/user")
    public ResultBody<UserInfoVo> getCurrentUserInfo() {
        return ResultBody.success(userService.getCurrentUserInfo());
    }

    @ApiOperation(value = "获取指定用户信息", httpMethod = "GET")
    @RequestMapping("/user")
    public ResultBody<UserInfoVo> getUserInfo(@ApiParam(value = "用户ID", required = true) @RequestParam String userId) {
        return userService.getUserInfo(userId);
    }

    @ApiOperation(value = "获取简单用户信息", httpMethod = "GET")
    @RequestMapping("/user/simple")
    public ResultBody<List<UserSimpleInfoVo>> getUserSimpleInfo(@ApiParam(value = "用户工号/姓名") @RequestParam(required = false) String account) {
        return userService.getUserSimpleInfo(account);
    }

    @AuthApis
    @ApiOperation(value = "获取用户信息列表", httpMethod = "POST")
    @PostMapping("/user/list")
    public ResultBody<PageBody<List<UserInfoVo>>> getUserInfoList(@ApiParam(value = "用户信息") @RequestBody(required = false) UserParam userParam) {
        return userService.getUserInfoList(userParam);
    }

    @AuthApis
    @ApiOperation(value = "添加用户信息用户信息", httpMethod = "POST")
    @PostMapping("/add/user")
    public ResultBody addUser(@ApiParam(value = "用户信息") @Validated @RequestBody AddUserVo addUserVo) {
        return userService.addUser(addUserVo);
    }

    @AuthApis
    @ApiOperation(value = "修改用户信息用户信息", httpMethod = "POST")
    @PostMapping("/update/user")
    public ResultBody updateUser(@ApiParam(value = "用户信息") @Validated @RequestBody AddUserVo addUserVo) {
        return userService.updateUser(addUserVo);
    }

    @ApiOperation(value = "修改个人用户信息用户信息", httpMethod = "POST")
    @PostMapping("/update/personal")
    public ResultBody updatePersonal(@ApiParam(value = "用户信息") @Validated @RequestBody UserPersonalVo addUserVo) {
        return userService.updatePersonal(addUserVo);
    }

    @AuthApis
    @ApiOperation(value = "禁用用户", httpMethod = "POST")
    @PostMapping("/user/status")
    public ResultBody editUserStatus(@ApiParam(value = "用户Id:多个用英文逗号隔开") @RequestParam String userId,
                                     @ApiParam(value = "启用状态:0为启用,1为未启用") @RequestParam Integer status) {
        return userService.editUserStatus(userId, status);
    }

    @AuthApis
    @ApiOperation(value = "重置密码", httpMethod = "POST")
    @PostMapping("/reset/password")
    public ResultBody resetPassword(@ApiParam(value = "用户Id") @RequestParam String userId,
                                    @ApiParam(value = "密码") @RequestParam String password) {
        return userService.resetPassword(userId, password);
    }

    @ApiOperation(value = "修改密码", httpMethod = "POST")
    @PostMapping("/edit/password")
    public ResultBody editPassword(@ApiParam(value = "用户Id",required = true) @RequestParam String userId,
                                   @ApiParam(value = "旧密码",required = true) @RequestParam String oldPassword,
                                   @ApiParam(value = "新密码",required = true) @RequestParam String newPassword) {
        return userService.editPassword(userId, oldPassword, newPassword);
    }

//    @ApiOperation(value = "发送验证码", httpMethod = "POST")
//    @PostMapping("/send/code")
//    public ResultBody sendCode(@ApiParam(value = "用户工号") @RequestParam String account,
//                               HttpServletRequest request) {
//        return userService.sendCode(account, request);
//    }

    @ApiOperation(value = "忘记密码", httpMethod = "POST")
    @PostMapping("/forget/password")
    public ResultBody forgetPassword(@ApiParam(value = "用户工号") @RequestParam String account,
                                     @ApiParam(value = "验证码") @RequestParam String code,
                                     @ApiParam(value = "新密码") @RequestParam String passwordNew,
                                     HttpServletRequest request) {
        return userService.forgetPassword(account, code, passwordNew, request);
    }

    @ApiOperation(value = "登录", httpMethod = "POST")
    @PostMapping("/login")
    public ResultBody login() {
        return ResultBody.success();
    }

    @ApiOperation(value = "登出", httpMethod = "GET")
    @GetMapping("/logout")
    public ResultBody logout(HttpServletRequest request) {
        return userService.logout(request);
    }

    @ApiOperation(value = "服务端登录获取token", httpMethod = "GET")
    @GetMapping("get/token")
    public ResultBody getToken() {
        return ResultBody.success(userService.getToken());
    }

//    @ApiOperation(value = "使token失效", httpMethod = "GET")
//    @GetMapping("/revokeToken")
//    public ResultBody revokeToken(HttpServletRequest request) {
//        return userService.revokeToken(request);
//    }

    @ApiOperation(value = "用户导入模板下载", httpMethod = "GET")
    @GetMapping("download/template")
    public void downloadTemplate(HttpServletResponse response) {
        userService.downloadTemplate(response);
    }

    @AuthApis
    @ApiOperation(value = "用户批量上传", httpMethod = "POST")
    @PostMapping("user/upload")
    public ResultBody userUpload(@RequestParam("file") MultipartFile file) throws IOException {
        return userService.userUpload(file);
    }

}

xy294636185
关注
专栏目录
SpringBoot集成shiro+redis+jwt实现无状态授权验证
liangshitian的博客
01-03 3万+
前言 1.放弃Cookie,Session,使用JWT进行鉴权,完全实现无状态鉴权。 2.JWT密钥支持过期时间;jwt作为创建验证token工具,并选择一种验证方式与算法。 3.使用redis做缓存处理,缓存token等等登录信息,以实现单点登录与超时登录功能。 4.密码加密(采用AES-128 + Base64的方式)。 5.根据RefreshToken自动刷新AccessToken...
权限控制:自定义注解AOP注入
some_mushroom的博客
09-02 416
1、自定义注解 自定义注解可以写业务需要的函数逻辑,验证权限 自定义注解有两个必要的元注解: (1)Target 用来描述注解的修饰范围,共四种: (a)TYPE:类、接口、enum (b)METHOD:方法 (c)PARAMETER:方法变量 (d)PACKAFE:包 (2)Retention 用来控制该注解的生命周期,共三种: (a)SOURCE:源文件中有效,编译无效 (b)CLASS:随源文件编译至class文件中,运行时无效 (c)RUNTIME:运行时也有效 举个栗子 @Target({ Ele
springboot下的aop实现权限控制
weixin_44310277的博客
01-15 787
添加aop依赖 <!-- AOP配置依赖 --> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-aop</artifactId> <version&gt...
SpringBoot中使用Spring-AOP实现接口鉴权
qq_42582773的博客
09-27 1720
Spring AOP实现接口鉴权
基于Springboot Aop实现注解鉴权式框架
Codewarning
10-16 2283
使用spring boot AOP开发的轻量级、简单的注解鉴定角色和权限的框架
springboot:通过aop注解进行接口权限判断
Wanankl的博客
02-02 545
通过aop注解进行接口权限判断
SpringBoot:切面AOP实现权限校验:实例演示与注解全解
最新发布
2401_84152223的博客
05-04 672
蚂蚁面试比较重视基础,所以Java那些基本功一定要扎实。蚂蚁的工作环境还是挺赞的,因为我面的是稳定性保障部门,还有许多单独的小组,什么三年1班,很有青春的感觉。面试官基本水平都比较高,基本都P7以上,除了基础还问了不少架构设计方面的问题,收获还是挺大的。经历这次面试我还通过一些渠道发现了需要大厂真实面试主要有:蚂蚁金服、拼多多、阿里云、百度、唯品会、携程、丰巢科技、乐信、软通动力、OPPO、银盛支付、中国平安等初,中级,高级Java面试题集合,附带超详细答案,希望能帮助到大家。
SpringBoot AOP各种注解自定义注解鉴权使用案例(免费下载)
02-24
SpringBoot中,AOP的使用更为简洁,它简化了配置过程,使得开发者可以更专注于业务逻辑。 首先,我们来看看SpringBoot AOP中的各种注解。最基础的是`@Aspect`,用于标记一个类为切面类,这个类中会包含切点...
SpringBoot整合shiro+鉴权过程+登录接口
weixin_45136521的博客
12-05 1101
加入maven依赖 <!-- shiro --> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-core</artifactId> <version>${shiro.version}</version> </dependency> <dependency> <g.
springboot+swagger+shiro+jwt+redis
热门推荐
qq_41595149的博客
05-25 1万+
springboot+shiro+jwt+redis 要实现的功能 登陆认证 权限控制 自动延长token过期时间 实现步骤 1,准备环境 1.1,创建一个springboot项目,导入 2,整合shiro 2.1,添加shiro依赖 在pom文件添加依赖 <!--shiro--> <dependency> ...
简单用一个登录鉴权来说明 Spring Boot 如何使用 Spring AOP
m0_73533108的博客
09-04 327
简单用一个登录鉴权来说明 Spring Boot 如何使用 Spring AOP
SpringBoot使用AOP+注解实现简单的权限验证的方法
08-25
主要介绍了SpringBoot使用AOP+注解实现简单的权限验证的方法,小编觉得挺不错的,现在分享给大家,也给大家做个参考。一起跟随小编过来看看吧
Spring Boot AOP权限控制模块开发
03-02
Spring Boot AOP权限控制模块开发,利用AOP功能完成属于自己的权限模块开发
SpringBoot 切面AOP实现权限校验:实例演示与注解全解
chali1314的博客
03-30 772
本文转载自:https://blog.csdn.net/mu_wind/article/details/102758005 理解AOP 什么是AOP AOP体系与概念 AOP实例 第一个实例 第二个实例 AOP相关注解 @Pointcut @Around @Before @After @AfterReturning @..
自定义注解+AOP
liaguaya的博客
12-13 180
自定义注解+aop实现
SpringBoot Spring AOP 各种注解自定义注解鉴权使用示范
HumorChen的博客
02-24 1257
AOP其实最方便的就是你不需要改动原来的函数代码便能够再函数前函数后等切入时机上做一些你的逻辑处理,比如鉴权、日志、看函数执行耗时等等,就很方便,不需要你再去把代码嵌入到原来的每个函数了。@within @target等注解请参见其他人的博客如https://blog.csdn.net/qq_23167527/article/details/78623639。本次讲解示范的项目代码免费下载地址:https://download.csdn.net/download/HumorChen99/15447816。
自定义注解实现SpringAOP
weixin_47661043的博客
02-08 1294
自定义注解实现SpringAOP
springboot+自定义注解+AOP实现权限控制(一)
laoyog
01-15 2896
文末有下载链接!!! 通过自定义注解+AOP可以学习到: 1. 权限控制框架的底层的一些实现,以及权限控制的流程 2. 拦截器和AOP的区别 3. 通过自定义注解来学习spring注解实现 一. 权限控制 在之前项目里的权限控制,一般会选择这几种方案: 1. shiro 2. spring security 3. JWT 4. 自定义拦截器 ...
springboot自定义注解权限认证
qq_39324871的博客
04-24 1221
创建注解类 import java.lang.annotation.*; @Target({ElementType.METHOD}) @Retention(RetentionPolicy.RUNTIME) @Documented public @interface AuthToken { } 创建拦截器 import com.rz.common.annotation.AuthToke...
SpringBoot+AOP自定义权限注解
07-25
在Spring Boot中使用AOP自定义权限注解可以通过以下步骤实现: 1. 首先,在pom.xml文件中添加Spring Boot AOP的依赖: ``` <groupId>org.springframework.boot <artifactId>spring-boot-starter-aop ``` \[1\] ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值