一、创建实体类

User.java

  1. package com.ctguyxr.satokendemo.entity;
  3. import com.fasterxml.jackson.annotation.JsonIgnore;
  4. import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
  5. import com.fasterxml.jackson.annotation.JsonProperty;
  6. import lombok.Data;
  7. import org.hibernate.annotations.Proxy;
  9. import javax.persistence.*;
  10. import java.util.List;
  12. /**
  13.  * Created By Intellij IDEA
  14.  *
  15.  * @author Xinrui Yu
  16.  * @date 2021/11/28 11:57 星期日
  17.  */
  18. @Entity
  19. @Data
  20. @Table(name = "t_users")
  21. @JsonIgnoreProperties(value = {"hibernateLazyInitializer"})
  22. public class User {
  24.     @Id
  25.     @GeneratedValue(strategy = GenerationType.IDENTITY)
  26.     private Integer id;
  28.     private String name;
  30.     @JsonProperty(value = "pwd")
  31.     private String password;
  33.     @OneToOne(fetch = FetchType.EAGER,cascade = CascadeType.ALL)
  34.     @JoinColumn(name = "role_id",referencedColumnName = "id")
  35.     private Role role;
  37.     @ManyToMany(fetch = FetchType.EAGER)
  38.     @JoinTable(name = "user_permissions")
  39.     private List<Permissions> permissions;
  40. }

Role.java

  1. package com.ctguyxr.satokendemo.entity;
  3. import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
  4. import lombok.Data;
  6. import javax.persistence.*;
  8. /**
  9.  * Created By Intellij IDEA
  10.  *
  11.  * @author Xinrui Yu
  12.  * @date 2021/11/28 12:50 星期日
  13.  */
  14. @Entity
  15. @Data
  16. @Table(name = "t_roles")
  17. @JsonIgnoreProperties(value = {"hibernateLazyInitializer"})
  18. public class Role {
  20.     @Id
  21.     @GeneratedValue(strategy = GenerationType.IDENTITY)
  22.     private Integer id;
  24.     private String name;
  25. }

Permissions.java

  1. package com.ctguyxr.satokendemo.entity;
  3. import lombok.Data;
  4. import org.hibernate.annotations.Proxy;
  6. import javax.persistence.*;
  8. /**
  9.  * Created By Intellij IDEA
  10.  *
  11.  * @author Xinrui Yu
  12.  * @date 2021/11/28 13:17 星期日
  13.  */
  14. @Entity
  15. @Data
  16. @Table(name = "t_permissions")
  17. @Proxy(lazy = false)
  18. public class Permissions {
  20.     @Id
  21.     @GeneratedValue(strategy = GenerationType.IDENTITY)
  22.     private Integer id;
  23.     private String name;
  24. }

二、拦截器

只将注册和登录的接口暴露,其他的接口全部都要加权限判断

  1. package com.ctguyxr.satokendemo.configures;
  3. import cn.dev33.satoken.interceptor.SaAnnotationInterceptor;
  4. import cn.dev33.satoken.interceptor.SaRouteInterceptor;
  5. import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
  6. import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
  8. /**
  9.  * Created By Intellij IDEA
  10.  *
  11.  * @author Xinrui Yu
  12.  * @date 2021/11/27 19:02 星期六
  13.  */
  15. public class SaTokenConfigure implements WebMvcConfigurer {
  16.     @Override
  17.     public void addInterceptors(InterceptorRegistry registry) {
  18.         registry.addInterceptor(new SaAnnotationInterceptor()).addPathPatterns("/**");
  19.         registry.addInterceptor(new SaRouteInterceptor())
  20.                 .addPathPatterns("/**")
  21.                 .excludePathPatterns("/user/login","user/register");
  22.     }
  23. }

三、控制器

3.1 注册

这里只实现了最简单的注册功能,用户输入用户名和密码,然后后台通过SHA256加密算法,对密码字符串进行加密,加密后的数据存到数据库中,即登陆成功。
image.png
image.png

3.2 登录

将用户输入的密码,通过相同的加密方式,然后和数据库中的密文进行匹配,如果两者是相同的就代表密码正确,将token返回。否则表示密码错误,抛出异常给全局异常捕获器。

controller

  1. @PostMapping("/login")
  2. public JsonMsg doLogin(@RequestBody User user) throws UnsupportedEncodingException, NoSuchAlgorithmException, NameNotEqualsPwdException {
  3.     System.out.println("username:" + user.getName());
  4.     System.out.println("password:" + user.getPassword());
  5.     Boolean flag = userService.login(user.getName(), user.getPassword());
  6.     Integer id = userService.getIdByName(user.getName());
  7.     StpUtil.login(id);
  8.     return JsonMsg.success(StpUtil.getTokenValue());
  9. }

service

  1.     /**
  2.      * 登录
  3.      *
  4.      * @param username 用户名
  5.      * @param password 密码
  6.      * @return 是否登录成功
  7.      */
  8.     @Override
  9.     public Boolean login(String username, String password) throws UnsupportedEncodingException, NoSuchAlgorithmException, NameNotEqualsPwdException {
  10.         String dbPassword = userDao.getByName(username);
  11.         password = EncodeBySHA256.encodeBySHA(password);
  12.         if(!dbPassword.equals(password)){
  13.             throw new NameNotEqualsPwdException("账号或密码错误!");
  14.         }
  15.         return true;
  16.     }

3.3 注销

直接调用 StpUtil.logout 方法,即可注销当前会话。使用注解校验用户是否登录,未登录用户不可注销

  1. @SaCheckLogin
  2. @PostMapping("/logout")
  3. public JsonMsg doLogOut(){
  4.     StpUtil.logout();
  5.     return JsonMsg.success();
  6. }

四、测试接口

4.1 注册

image.png

4.2 登录

image.png
输入错误的密码,则抛出异常给全局异常捕获器处理
image.png

4.3 注销

image.png
注销后本地存的token就被清除了。