一、创建实体类
User.java
package com.ctguyxr.satokendemo.entity;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonProperty;
import lombok.Data;
import org.hibernate.annotations.Proxy;
import javax.persistence.*;
import java.util.List;
/**
* Created By Intellij IDEA
*
* @author Xinrui Yu
* @date 2021/11/28 11:57 星期日
*/
@Entity
@Data
@Table(name = "t_users")
@JsonIgnoreProperties(value = {"hibernateLazyInitializer"})
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Integer id;
private String name;
@JsonProperty(value = "pwd")
private String password;
@OneToOne(fetch = FetchType.EAGER,cascade = CascadeType.ALL)
@JoinColumn(name = "role_id",referencedColumnName = "id")
private Role role;
@ManyToMany(fetch = FetchType.EAGER)
@JoinTable(name = "user_permissions")
private List<Permissions> permissions;
}
Role.java
package com.ctguyxr.satokendemo.entity;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import lombok.Data;
import javax.persistence.*;
/**
* Created By Intellij IDEA
*
* @author Xinrui Yu
* @date 2021/11/28 12:50 星期日
*/
@Entity
@Data
@Table(name = "t_roles")
@JsonIgnoreProperties(value = {"hibernateLazyInitializer"})
public class Role {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Integer id;
private String name;
}
Permissions.java
package com.ctguyxr.satokendemo.entity;
import lombok.Data;
import org.hibernate.annotations.Proxy;
import javax.persistence.*;
/**
* Created By Intellij IDEA
*
* @author Xinrui Yu
* @date 2021/11/28 13:17 星期日
*/
@Entity
@Data
@Table(name = "t_permissions")
@Proxy(lazy = false)
public class Permissions {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Integer id;
private String name;
}
二、拦截器
只将注册和登录的接口暴露,其他的接口全部都要加权限判断
package com.ctguyxr.satokendemo.configures;
import cn.dev33.satoken.interceptor.SaAnnotationInterceptor;
import cn.dev33.satoken.interceptor.SaRouteInterceptor;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
/**
* Created By Intellij IDEA
*
* @author Xinrui Yu
* @date 2021/11/27 19:02 星期六
*/
public class SaTokenConfigure implements WebMvcConfigurer {
@Override
public void addInterceptors(InterceptorRegistry registry) {
registry.addInterceptor(new SaAnnotationInterceptor()).addPathPatterns("/**");
registry.addInterceptor(new SaRouteInterceptor())
.addPathPatterns("/**")
.excludePathPatterns("/user/login","user/register");
}
}
三、控制器
3.1 注册
这里只实现了最简单的注册功能,用户输入用户名和密码,然后后台通过SHA256加密算法,对密码字符串进行加密,加密后的数据存到数据库中,即登陆成功。
3.2 登录
将用户输入的密码,通过相同的加密方式,然后和数据库中的密文进行匹配,如果两者是相同的就代表密码正确,将token返回。否则表示密码错误,抛出异常给全局异常捕获器。
controller
@PostMapping("/login")
public JsonMsg doLogin(@RequestBody User user) throws UnsupportedEncodingException, NoSuchAlgorithmException, NameNotEqualsPwdException {
System.out.println("username:" + user.getName());
System.out.println("password:" + user.getPassword());
Boolean flag = userService.login(user.getName(), user.getPassword());
Integer id = userService.getIdByName(user.getName());
StpUtil.login(id);
return JsonMsg.success(StpUtil.getTokenValue());
}
service
/**
* 登录
*
* @param username 用户名
* @param password 密码
* @return 是否登录成功
*/
@Override
public Boolean login(String username, String password) throws UnsupportedEncodingException, NoSuchAlgorithmException, NameNotEqualsPwdException {
String dbPassword = userDao.getByName(username);
password = EncodeBySHA256.encodeBySHA(password);
if(!dbPassword.equals(password)){
throw new NameNotEqualsPwdException("账号或密码错误!");
}
return true;
}
3.3 注销
直接调用 StpUtil.logout 方法,即可注销当前会话。使用注解校验用户是否登录,未登录用户不可注销
@SaCheckLogin
@PostMapping("/logout")
public JsonMsg doLogOut(){
StpUtil.logout();
return JsonMsg.success();
}
四、测试接口
4.1 注册
4.2 登录
4.3 注销
注销后本地存的token就被清除了。