• SpringBoot整合Light Security框架

    官方git地址:https://gitee.com/itmuch/light-security/tree/master

    引入maven

    <dependency>
    <groupId>com.itmuch.security</groupId>
    <artifactId>light-security-spring-boot-starter</artifactId>
    <version>1.0.1-RELEASE</version>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-aop</artifactId>
</dependency>

    配置文件

    server:
  port: 8009
light-security:
  # 权限规则配置:表示用{http-method}方法请求的{path}路径必须具备什么{expression}
  spec-list:
    - http-method: ANY
      path: /login
      expression: "anon()"
    - http-method: ANY
      path: /user
      expression: "hasAnyRoles('user','admin')"
    - http-method: ANY
      path: /user-no-access
      expression: "hasAllRoles('user','admin','xx')"
    - http-method: GET
      path: /error
      expression: "anon()"
    - http-method: ANY
      path: /**
      expression: "hasLogin()"
  jwt:
    # jwt sign算法
    algorithm: hs512
    # jwt secret
    secret: {secret}
    # jwt 有效时间
    expiration-in-second: 1209600

    代码示例

    @RequestMapping
@RestController
@RequiredArgsConstructor(onConstructor = @__(@Autowired))
public class TestController {
    private final UserOperator userOperator;
    private final JwtOperator operator;

    /**
     * 演示如何获取当前登录用户信息
     * - 该路径需要具备user或admin权限才可访问,详见application.yml
     *
     * @return 用户信息
     */
    @GetMapping("/user")
    public User user() {
        return userOperator.getUser();
    }


    /**
     * 模拟登录,颁发token
     *
     * @return token字符串
     */
  @GetMapping("/login")
    public String loginReturnToken() {
        User user = User.builder()
                .id(1)
                .username("张三")
                .roles(Arrays.asList("user", "admin"))
                .build();

         //也可以以下这种方式
        User user = User.builder()
                    .id("用户ID")
                    .username("用户名")
                    .build();

        return operator.generateToken(user);
    }
}

    然后前端访问的时候要携带请求头

    格式为

    Authorization:Bearer token

     这里的token替换成上面颁发的token 注意Bearer和token之间有个空格

    异常捕获处理

    LightSecurityExceptionHandler.java
    package com.ruoyi.exception;

import com.itmuch.lightsecurity.exception.LightSecurityException;
import com.vo.R;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.MethodArgumentNotValidException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.ResponseStatus;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;


/**
 * @ClassName 全局异常处理
 * @Author hupeng <610796224@qq.com>
 * @Date 2019/6/27
 **/
@Slf4j
@ControllerAdvice
public class LightSecurityExceptionHandler {



    /**
     * Light Security相关异常
     *
     * @param exception 异常
     * @return 发生异常时的返回
     */
    @ExceptionHandler(value = {LightSecurityException.class})
    @ResponseBody
    public R error(HttpServletRequest request, LightSecurityException exception, HttpServletResponse response) {
        log.error(exception.toString());
        return R.error(4000, exception.getMessage());

    }




    @ExceptionHandler(value = {Exception.class})
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ResponseBody
    public R allError(Exception exception) {
        log.error(exception.toString());
        return R.error(4000,exception.getMessage());
    }

    /**
     * 处理所有接口数据验证异常
     * @param e
     * @returns
     */
    @ExceptionHandler(MethodArgumentNotValidException.class)
    @ResponseStatus(HttpStatus.BAD_REQUEST)
    @ResponseBody
    public R handleMethodArgumentNotValidException(MethodArgumentNotValidException e){
        String[] str = e.getBindingResult().getAllErrors().get(0).getCodes()[1].split("\.");
        StringBuffer msg = new StringBuffer(str[1]+":");
        msg.append(e.getBindingResult().getAllErrors().get(0).getDefaultMessage());
        return R.error(4001,msg.toString());
    }

    /**
     * 处理自定义异常
     * @param e
     * @return
     */
    @ExceptionHandler(value = BadRequestException.class)
    public R badRequestException(BadRequestException e) {
        return R.error(4002,e.getMessage());
    }


    /**
     * 处理 EntityExist
     * @param e
     * @return
     */
    @ExceptionHandler(value = EntityExistException.class)
    public R entityExistException(EntityExistException e) {
        return R.error(4003,e.getMessage());
    }
}
    R.java 参考:https://www.cnblogs.com/pxblog/p/13792038.html

    -----------------------有任何问题可以在评论区评论,也可以私信我,我看到的话会进行回复,欢迎大家指教------------------------ (蓝奏云官网有些地址失效了,需要把请求地址lanzous改成lanzoux才可以)
  • 相关阅读:
    Leetcode100.相同的树
    Leetcode53. 最大子序列和
    Leetcode35. 搜索插入位置
    Leetcode27.移除元素
    Leetcode 26. 删除排序数组中的重复项
    Leetcode. 1290 二进制链表转整数
    Leetcode.234 回文链表
    Leetcode206.反转链表
    课本 求素数
    循环法求素数 1306 循环求素数10.1.5.253 ====== 1313 筛选法求素数10.1.5.253
  • 原文地址:https://www.cnblogs.com/pxblog/p/14446623.html
Copyright © 2020-2023  润新知