权限管理
权限管理无非就是把某一个接口的使用权限赋给某一个用户。
创建数据库
CREATE TABLE `user` ( `id` bigint(20) NOT NULL AUTO_INCREMENT, `name` varchar(255) DEFAULT NULL COMMENT '名字', `username` varchar(255) DEFAULT NULL, `password` varchar(255) DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=4 DEFAULT CHARSET=utf8 COMMENT='用户测试表';
创建项目
- 创建SpringBoot项目
- 编辑引入依赖
<dependencies> <!--SpringBoot核心--> <dependency> <groupId></groupId> <artifactId>spring-boot-starter</artifactId> </dependency> <dependency> <groupId></groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <!--SpringMVC核心--> <dependency> <groupId></groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <!--Mybatis核心--> <!--<dependency> <groupId></groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.1</version> </dependency>--> <!--mybatis-plus核心--> <dependency> <groupId></groupId> <artifactId>mybatis-plus-boot-starter</artifactId> <version>3.4.2</version> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <!--lombok核心--> <dependency> <groupId></groupId> <artifactId>lombok</artifactId> <version>1.16.14</version> </dependency> </dependencies>
- 编写文件
server: #tomcat端口 port: 8080 spring: #MySQL数据库配置 datasource: url: jdbc:mysql://localhost:3306/springboot_demo?useUnicode=true&characterEncoding=utf-8&serverTimezone=UTC username: root password: 20220101 driver-class-name: mybatis-plus: configuration: log-impl: #实体类路径 typeAliasesPackage: #mapper路径 mapperLocations: classpath:mapper/*.xml # 全局配置id自增 => global-config: db-config: id-type: auto
- 创建包,创建 类,配置mybatis-plus
@Configuration public class MybatisPlusConfig { // 最新版 @Bean // <bean id=""/> public MybatisPlusInterceptor mybatisPlusInterceptor() { MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor(); (new PaginationInnerInterceptor()); return interceptor; } }
- 创建User实体类
package ; @Data @TableName("user") public class User { private Long id; private String name; private String username; private String password; }
- 创建接口,继承mybatis-plus的BaseMapper类
@Mapper public interface UserMapper extends BaseMapper<User> { public List<User> findAll(); }
- mapper目录下创建
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE mapper PUBLIC "-////DTD Mapper 3.0//EN" "/dtd/"> <mapper namespace=""> <select resultType=""> select * from user </select> </mapper>
- 创建接口,继承mybatis-plus的IService类
public interface UserService extends IService<User> { public List<User> findAll(); }
- 创建类,继承ServiceImpl类,实现UserService接口
@Service public class UserServiceImpl extends ServiceImpl<UserMapper,User> implements UserService { @Resource private UserMapper userMapper; @Override public List<User> findAll(){ return (); } }
- 创建类
@RestController @RequestMapping("login") public class UserController { @Autowired private UserServiceImpl service; @RequestMapping("findAll") public List<User> findAll(){ return (); } }
实现拦截器(token方式)
- 创建 拦截器类
package ; public class LoginInterceptor implements HandlerInterceptor { private Logger log = (getClass()); @Autowired private HttpSession httpSession; //Controller逻辑执行之前 @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { ("preHandle...."); String uri = (); ("uri:"+ uri); if (!(handler instanceof HandlerMethod)) { return true; } String token=("qcby-token"); if (!(token)) { // 未登录跳转到登录界面 ("/login/login"); return false; }else { return true; } } //Controller逻辑执行完毕但是视图解析器还未进行解析之前 @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { ("postHandle...."); } //Controller逻辑和视图解析器执行完毕 @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { ("afterCompletion...."); } }
- 创建WebMvcConfig类,设置拦截路径
package ; @Configuration public class WebMvcConfig implements WebMvcConfigurer { @Override public void addInterceptors(InterceptorRegistry registry) { (loginInterceptor()) //拦截的路径(*所有) .addPathPatterns("/**") // 那些路径不拦截 .excludePathPatterns("/login/login","/error"); } @Bean public LoginInterceptor loginInterceptor(){ return new LoginInterceptor(); } }
- 创建类
package ; public class TokenUtil { private static Map<String, User> tokenMap=new HashMap<>(); public static String generateToken(User user){ String token= ().toString(); (token,user); return token; } public static boolean verify(String token){ return (token); } public static User getUser(String token){ return (token); } }
- 编写登录方法
package ; import ; import ; import ; import ; import ; import ; import ; import ; import ; import ; import ; import ; import ; import ; @RestController @RequestMapping("login") public class UserController { @Autowired private UserServiceImpl service; @Autowired private HttpSession session; @RequestMapping(value = "login",method = ) public Map<String,Object> login(User user){ Map<String,Object> map = new HashMap<>(); ("code",0); if((()) || (()) ){ ("msg","用户或者密码为空!"); return map; } QueryWrapper<User> queryWrapper = new QueryWrapper<>(); ("username",()) .eq("password",()); User userDb = (queryWrapper); if(userDb != null){ ("code",1); ("data",userDb); String token= (userDb); ("qcby-token",token); }else{ ("msg","用户名或密码错误!"); } return map; } @GetMapping("findAll") public List<User> findAll(){ return (); } }【注意】 登录成功之后所有方法接口都可以被调用,无法实现权限限制。
权限分配(方法一)
- 数据库创建menu,ref_menu_user表:因为所有接口方法路径存放在数据库中
CREATE TABLE `menu` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(255) COLLATE utf8mb4_bin DEFAULT NULL, `url` varchar(255) COLLATE utf8mb4_bin DEFAULT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=11 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin; CREATE TABLE `ref_menu_user` ( `user_id` bigint(20) NOT NULL, `menu_id` bigint(20) NOT NULL ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_bin;
- 创建Menu实体类
package ; @Data public class Menu { private Integer id; private String name; private String url; }
- 创建MenuMapper接口
package ; public interface MenuMapper { //根据id获取用户能使用的 接口方法路径 public Set<String> getUrlListById(@Param("id") Long id); }
- mapper目录下创建
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE mapper PUBLIC "-////DTD Mapper 3.0//EN" "/dtd/"> <mapper namespace=""> <select resultType=""> select url from menu left join ref_menu_user on =ref_menu_user.menu_id where ref_menu_user.user_id=#{id} </select> </mapper>
- 创建MenuService接口
public interface MenuService { public Set<String> getUrlListById(Long id); }
- 创建MenuServiceImpl类
@Service public class MenuServiceImpl implements MenuService { @Resource private MenuMapper menuMapper; public Set<String> getUrlListById(Long id){ return (id); } }
- 编辑User实体类
@Data @TableName("user") public class User { private Long id; private String name; private String username; private String password; @TableField(exist = false)//数据库查询时忽略 private Set<String> url;//去重存储 }
- 编辑UserController,编写getUrlListById方法,获取授权的方法路径存入User实体类的url属性里面
@RestController @RequestMapping("login") public class UserController { @Autowired private UserServiceImpl service; @Autowired private HttpSession session; @Autowired private MenuServiceImpl menuService; @RequestMapping(value = "login",method = ) public Map<String,Object> login(User user){ Map<String,Object> map = new HashMap<>(); ("code",0); if((()) || (()) ){ ("msg","用户或者密码为空!"); return map; } QueryWrapper<User> queryWrapper = new QueryWrapper<>(); ("username",()) .eq("password",()); User userDb = (queryWrapper); if(userDb != null){ ("code",1); ("data",userDb); String token= (userDb); ("qcby-token",token); /* *重点在这里,把从数据库查询到的方法路径存到实体类的url中 */ Set<String> url=(()); (url); }else{ ("msg","用户名或密码错误!"); } return map; } @RequestMapping("getUrlListById") public Set<String> getUrlListById(Long id){ return (id); } @GetMapping("findAll") public IPage<User> findAll(Page<User> page){ return (page); } }
- 编辑拦截器类(判断用户访问的路径是否被授权给此用户)
package ; public class LoginInterceptor implements HandlerInterceptor { private Logger log = (getClass()); @Autowired private HttpSession httpSession; //Controller逻辑执行之前 @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { ("preHandle...."); String uri = (); ("uri:"+ uri); if (!(handler instanceof HandlerMethod)) { return true; } String token=("qcby-token"); if (!(token)) { // 未登录跳转到登录界面 ("/login/login"); return false; }else { //登录成功 //验证身份 User user=(token); //获取实体类的url属性,被授权的方法路径 Set<String> url=(); //查看用户调用的方法是否在url集合里面 if(!(uri)) throw new Exception("权限不足"); return true; } } //Controller逻辑执行完毕但是视图解析器还未进行解析之前 @Override public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception { ("postHandle...."); } //Controller逻辑和视图解析器执行完毕 @Override public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception { ("afterCompletion...."); } }【注意】 最后需要配置xxxapplication类
package ; import ; import ; import ; @MapperScan("") @SpringBootApplication public class Demo0325Application { public static void main(String[] args) { (, args); } }
源码
源码是本仓库中的demo0326文件 包括数据表,源码;适当更改配置即可运行。