SpringBoot后端开发shiro权限管理

  • Shiro权限管理
  • 新建shiroConfiguration
  • 数据库创建
  • 控制器操作
  • 微服务
  • 简介
  • 创建module


Shiro权限管理

新建shiroConfiguration

ShiroConfiguration.java:

public class ShiroConfiguration {

    //创建realm
    @Bean
    public NewsRealm getRealm(){return new NewsRealm();}

    //创建安全管理器
    @Bean
    public SecurityManager securityManager(NewsRealm realm){
        DefaultWebSecurityManager webSecurityManager = new DefaultWebSecurityManager(realm);
        //将自定义reaLm交给安全管理器统一调度管理
        return  webSecurityManager;
    }

    //配置shiro过滤工厂
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
        ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
        shiroFilterFactoryBean.setSecurityManager(securityManager);
        //通用配置
        shiroFilterFactoryBean.setLoginUrl("/admin");
        shiroFilterFactoryBean.setUnauthorizedUrl("/admin");
        /*
        * key:请求路径
        * value:请求类型
        * */
        Map<String,String> filterMap = new LinkedHashMap<>();
        filterMap.put("/admin/login","anon");
        filterMap.put("/admin/news","perms[user-news]");
        filterMap.put("/admin/types","perms[user-types]");
        filterMap.put("/admin/tags","perms[user-tags]");
        //显示该路径下所有url都需要认证
        filterMap.put("/admin/**","authc");

        shiroFilterFactoryBean.setFilterChainDefinitionMap(filterMap);
        return shiroFilterFactoryBean;

    }

    //开启shiro注解支持
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager){
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }


}

其中过滤器类型有如下图所示:

springboot多权限 springboot权限菜单管理_数据库


授权管理的整体结构如下:

springboot多权限 springboot权限菜单管理_spring_02

数据库创建

在数据库创建如下数据:

t_role:

springboot多权限 springboot权限菜单管理_User_03


t_permission:

springboot多权限 springboot权限菜单管理_springboot多权限_04


t_role_permissions:

springboot多权限 springboot权限菜单管理_User_05


t_user_roles:

springboot多权限 springboot权限菜单管理_User_06


t_user:

springboot多权限 springboot权限菜单管理_数据库_07


这样之后就分别给id为1,2,3的用户分配了新闻管理,分类管理,和标签管理的权限。

控制器操作

然后需要修改Controller中的login操作:

@PostMapping("/login")
    public String login(@RequestParam String username, @RequestParam String password,
                        HttpSession session, RedirectAttributes attributes){
        try{
            //构造登录令牌
            UsernamePasswordToken upToken = new UsernamePasswordToken(username,password);
            //获取subject
            Subject subject = SecurityUtils.getSubject();
            subject.login(upToken);
            User user = (User) subject.getPrincipal();
            session.setAttribute("user",user);
            return "admin/index";
        }catch (Exception e){
            attributes.addFlashAttribute("message","用户名或密码错误");
            return "redirect:/admin";
        }
    }

这样之后就可以对用户的权限进行管理,这里实现的是点击了权限之外的地方就会返回登录界面,是比较基础的。还可以进一步进行提示操作等等。

微服务

简介

特点: 单一职责、自治

组件:

  • Eureka:服务治理组件,包含了服务注册中心,服务注册与发现机制的实现;
  • Zuul:网关组件;
  • Ribbon:负载均衡;
  • Feign:服务调用;
  • Hystrix:容错管理组件;

创建module

在Idea中选择新建一个module:

springboot多权限 springboot权限菜单管理_spring_08

选中Sping initializr:

springboot多权限 springboot权限菜单管理_User_09


添加如下依赖:

Web:

  • Spring Web

SQL:

  • Spring Data JDBC
  • MyBatis Framework
  • Mysql Driver

创建完成后在pom.xml文件中添加如下依赖:

<dependency>
    <groupId>tk.mybatis</groupId>
    <artifactId>mapper-spring-boot-starter</artifactId>
    <version>2.0.4</version>
</dependency>

创建如下的包结构:

springboot多权限 springboot权限菜单管理_数据库_10


新建一个User实体类:

@Table(name = "tb_user")
public class User  implements Serializable {

    private static final long serialVersionUID = -1203619350515120953L;

    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private Long id;
    private String username;
    private String password;
    private String name;
    private Integer age;
    private Integer sex;
    private Date birthday;
    private Date created;
    private Date updated;

    public static long getSerialVersionUID() {
        return serialVersionUID;
    }

    @Override
    public String toString() {
        return "User{" +
                "id=" + id +
                ", username='" + username + '\'' +
                ", password='" + password + '\'' +
                ", name='" + name + '\'' +
                ", age=" + age +
                ", sex=" + sex +
                ", birthday=" + birthday +
                ", created=" + created +
                ", updated=" + updated +
                '}';
    }
    //省略了get和set方法
}

mapper下创建UserMapper:

@org.apache.ibatis.annotations.Mapper
public interface UserMapper extends Mapper<User> {
}

在Service包下新建UserService.java:

@Service
public class UserService {
    @Autowired(required = false)
    private UserMapper userMapper;
    
    public User queryById(Long id){
        return this.userMapper.selectByPrimaryKey(id);
    }
}

在Controller包中新建UserController.java:

@RestController
@RequestMapping("user")
public class UserController {
    
    @Autowired
    private UserService userService;
    
    @GetMapping("{id}")
    public User queryById(@PathVariable("id") Long id){
        return this.userService.queryById(id);
    }
}

对application.yml文件进行配置:

server:
  port: 8081
spring:
  datasource:
    url: jdbc:mysql://localhost:3306/provider?useSSl=true&characterEncoding=utf8&serverTimezone=Asia/Shanghai
    username: root
    password: 123456
    driver-class-name: com.mysql.cj.jdbc.Driver
mybatis:
  type-aliases-package: com.roger.service.provider.po

然后启动服务,就能获取到数据库中user的信息:

springboot多权限 springboot权限菜单管理_springboot多权限_11