本人使用的是spring boot
写一个工具类如下:
package com.test.package;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.stereotype.Component;
@Component
public class SpringContextUtil implements ApplicationContextAware {
private static ApplicationContext applicationContext;
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
SpringContextUtil.applicationContext = applicationContext;
}
public static ApplicationContext getApplicationContext() {
return applicationContext;
}
//通过名字获取上下文中的bean
public static Object getBean(String name){
return applicationContext.getBean(name);
}
//通过类型获取上下文中的bean
public static Object getBean(Class<?> requiredType){
return applicationContext.getBean(requiredType);
}
}
在你要使用的地方直接使用即可:(我要使用
JedisServer 这个server 类
),此处作为权限认证部分
package com.huis.portal.filter;
import com.alibaba.fastjson.JSON;
import com.huis.common.util.JsonResultEntity;
import com.huis.portal.SpringContextUtil;
import com.huis.portal.service.JedisServer;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;
import org.springframework.web.filter.OncePerRequestFilter;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Date;
import java.util.List;
import java.util.Map;
public class JwtAuthenticationFilter extends OncePerRequestFilter {
private JedisServer jedisServer = (JedisServer) SpringContextUtil.getBean("jedisServerImpl");
private static final PathMatcher PATH_MATCHER = new AntPathMatcher();
public JwtAuthenticationFilter() {
}
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
JsonResultEntity JsonResultEntity = new JsonResultEntity();
JsonResultEntity.setCode(201);
JsonResultEntity.setMessage("token有误");
String uid = "";
try {
if (isSellerProtectedUrl(request)) {
Map<String, Object> claims = JwtUtil.validateTokenAndGetClaims(request, response);
String url = request.getServletPath();
uid = (String) claims.get("uid");
String time = claims.get("exp") + "000";
Date date1 = new Date(Long.parseLong(time));
if (new Date().after(date1)) {
response.setCharacterEncoding("UTF-8");
response.getWriter().print(JSON.toJSONString(JsonResultEntity));
return;
}
String resource = (String) claims.get("RESOURCE" + uid);
List<String> list = (List<String>) JSON.parse(resource);
JsonResultEntity.setCode(202);
JsonResultEntity.setMessage("您无此操作权限");
if (list != null && list.size() > 1) {
if (!list.contains(url)) {
response.setCharacterEncoding("UTF-8");
response.getWriter().print(JSON.toJSONString(JsonResultEntity));
return;
}
} else {
response.setCharacterEncoding("UTF-8");
response.getWriter().print(JSON.toJSONString(JsonResultEntity));
return;
}
}
} catch (Exception e) {
response.setCharacterEncoding("UTF-8");
response.getWriter().print(JSON.toJSONString(JsonResultEntity));
return;
}
request.setAttribute("uid", uid);
filterChain.doFilter(request, response);
}
private boolean isSellerProtectedUrl(HttpServletRequest request) {
//从redis获取所有权限进行匹配
String allResource = jedisServer.get("REDIS_KEY_FOR_ALL_RESOURCE");
List<String> list = (List<String>) JSON.parse(allResource);
for (String str : list) {
if (PATH_MATCHER.match(str, request.getServletPath())) {
return true;
}
}
return false;
}
要用到的统一返回工具类
package com.huis.common.util;
public class JsonResultEntity {
private Object data;
private String message;
private Integer code;
public Object getData() {
return data;
}
public void setData(Object data) {
this.data = data;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
public Integer getCode() {
return code;
}
public void setCode(Integer code) {
this.code = code;
}
}
JWT类
package com.huis.portal.filter;
import com.alibaba.fastjson.JSON;
import com.huis.common.util.JsonResultEntity;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class JwtUtil {
public static final long EXPIRATION_TIME = 1000 * 60 * 60 * 24 * 10;
public static final String SECRET = "P@hu12ceshi";
public static final String TOKEN_PREFIX = "ceshi";
public static final String HEADER_STRING = "ceshi";
public static final String ROLE = "ceshi";
// 为后台生成token并将权限放入token内(resource为JSON格式)
public static String generateTokenForSeller(String uid, Date gentTime, String resource) {
HashMap<String, Object> map = new HashMap<>();
// 可以把任何安全的数据放到map里面
map.put(ROLE, uid);
map.put("RESOURCE"+uid, resource);
map.put("uid", uid);
map.put("gentTime", gentTime);
String jwt = Jwts.builder()
.setClaims(map)
.setExpiration(new Date(gentTime.getTime() + EXPIRATION_TIME))
.signWith(SignatureAlgorithm.HS512, SECRET)
.compact();
return TOKEN_PREFIX + jwt;
}
// 验证token
public static Map<String, Object> validateTokenAndGetClaims(HttpServletRequest request, HttpServletResponse response) throws IOException {
String token = request.getHeader(HEADER_STRING);
if (token == null) {
JsonResultEntity JsonResultEntity = new JsonResultEntity();
JsonResultEntity.setCode(201);
JsonResultEntity.setMessage("token有误");
response.setCharacterEncoding("UTF-8");
response.getWriter().print(JSON.toJSONString(JsonResultEntity));
return null;
}
Map<String, Object> body = Jwts.parser()
.setSigningKey(SECRET)
.parseClaimsJws(token.replace(TOKEN_PREFIX, ""))
.getBody();
return body;
}
}
要用到的VO类
package com.huis.dao.vo;
import java.io.Serializable;
public class UserVo implements Serializable{
private Integer uid;
private String email;
private String mobile;
private String username;
private String token;
private String openId;
private String sessionKey;
private Integer staus;
private String shopId;
//get和set 方法
}
登陆的时候将个人拥有的权限放到token里面,将需要管理的权限放到redis里面
SellerUsersEntity checkUser = sellerUsersService.checkUser(username);sellerUsersService.updateLastLogin(checkUser.getUid());checkUser = sellerUsersService.checkUser(username);List<String> list = resourcesService.findUserPermissions(checkUser.getUid());if(list.size() == 0 || list==null) { list.add("您没有权限");}String jwt = JwtUtil.generateTokenForSeller(String.valueOf(checkUser.getUid()), new Date(),JSON.toJSONString(list));UserVo userVo = new UserVo();userVo.setUid(checkUser.getUid());userVo.setToken(jwt);userVo.setUsername(username);List<String> resourceList = resourcesMapper.queryAllResource();jedisServer.set(UsersStatusEnum.REDIS_KEY_FOR_ALL_RESOURCE.getMessage(),JSON.toJSONString(resourceList));
权限下面5张表。增删改查操作自行解决
用户表,
package com.huis.dao.entity;
import java.util.Date;
/**
* @author luowangcheng
*/
public class SellerUsersEntity {
private Integer uid;
private String username;
private String password;
private String salt;
private String mobile;
private Integer status;
private Date regTime;
private Date lastTime;
//get和set 方法
}
CREATE TABLE `seller_users` (
`uid` int(10) unsigned NOT NULL AUTO_INCREMENT COMMENT '用户ID',
`username` varchar(64) NOT NULL DEFAULT '' COMMENT '用户名',
`password` varchar(32) NOT NULL DEFAULT '' COMMENT '密码',
`salt` varchar(6) NOT NULL DEFAULT '' COMMENT '密码加盐',
`mobile` varchar(16) DEFAULT '' COMMENT '手机号',
`status` tinyint(4) unsigned DEFAULT '0' COMMENT '账号状态',
`reg_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '创建时间',
`last_time` datetime NOT NULL DEFAULT CURRENT_TIMESTAMP COMMENT '最后一次登录时间',
PRIMARY KEY (`uid`)
) ENGINE=InnoDB AUTO_INCREMENT=69 DEFAULT CHARSET=utf8 COMMENT='后台用户信息表';
用户角色表。
package com.huis.dao.entity;
import java.io.Serializable;
public class UserRole implements Serializable{
private Integer uid;
private Integer roleId;
//get和set 方法
}
CREATE TABLE `user_role` (
`uid` int(11) DEFAULT NULL,
`role_id` int(11) DEFAULT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
角色表,
package com.huis.dao.entity;
import java.io.Serializable;
public class Role implements Serializable{
//角色id
private Integer id;
//角色名
private String roleDesc;
//所属部门id
private Integer departmentId;
//所属部门名
private String departmentName;
//get和set 方法
}
CREATE TABLE `role` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`role_desc` varchar(255) DEFAULT NULL,
`department_id` int(11) DEFAULT NULL,
`department_name` varchar(255) DEFAULT '',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=22 DEFAULT CHARSET=utf8;
角色权限表。
package com.huis.dao.entity;
import java.io.Serializable;
public class RoleResources implements Serializable{
private Integer roleId;
private Integer resourcesId;
//get和set 方法
}
CREATE TABLE `role_resources` (
`role_id` int(11) NOT NULL,
`resources_id` int(11) NOT NULL,
PRIMARY KEY (`role_id`,`resources_id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
权限表
package com.huis.dao.entity;
import java.io.Serializable;
public class Resources implements Serializable{
private Integer id;
/**
* 资源名称
*/
private String name;
/**
* 资源url
*/
private String resourceUrl;
/**
* 资源类型 1:菜单 2:按钮
*/
private Integer type;
/**
* 父资源
*/
private Integer parentId;
/**
* 排序
*/
private Integer sort;
//get和set 方法
}
CREATE TABLE `resources` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` varchar(255) DEFAULT NULL COMMENT '资源名称',
`resource_url` varchar(255) DEFAULT NULL COMMENT '资源url',
`type` int(11) DEFAULT NULL COMMENT '资源类型 1:菜单 2:按钮',
`parent_id` int(11) DEFAULT NULL COMMENT '父资源',
`sort` int(11) DEFAULT NULL COMMENT '排序',
PRIMARY KEY (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=84 DEFAULT CHARSET=utf8;
来源:https://www.cnblogs.com/hahahehexixihoho/p/9729327.html