howieyuan / shiro-springboot Goto Github PK
View Code? Open in Web Editor NEWshiro 框架的构建以及与 JWT 的整合
shiro 框架的构建以及与 JWT 的整合
new LinkedHashMap<>()
老哥,
JWTFilter.java中的这段:
/**
* 对跨域提供支持
*/
@OverRide
protected boolean preHandle(ServletRequest request, ServletResponse response) throws Exception {
HttpServletRequest httpServletRequest = (HttpServletRequest) request;
HttpServletResponse httpServletResponse = (HttpServletResponse) response;
httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
// 跨域时会首先发送一个option请求,这里我们给option请求直接返回正常状态
if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
httpServletResponse.setStatus(HttpStatus.OK.value());
return false;
}
return super.preHandle(request, response);
}
对跨域的支持已经淘汰了,直接@crossorigin解决一切问题!
realm代码:`package com.shiloh.common.shiro;
import com.shiloh.common.util.JwtUtils;
import com.shiloh.dao.PermissionDao;
import com.shiloh.dao.UserDao;
import com.shiloh.entity.Permission;
import com.shiloh.entity.User;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
@author shiloh
@Date Created in 2019/8/28 16:29
@description 自定义realm
@Modified By:
*/
@component("myShiroRealm")
public class MyShiroRealm extends AuthorizingRealm {
@Autowired
private UserDao userDao;
@Autowired
private PermissionDao permissionDao;
/**
/**
/**
您好,我看了下您的代码token过期时间是24小时,请问如果我在这个过期时间段内访问了你的接口,token过期时间都不会和session过期时间一样往后顺延吗?只要与token创建时间相隔24小时就肯定过期吗?
发现 ShiroConfig 这个系统配置会引起 spring 的 @transactional 声明式事务失效 。 多次测试 但是没找到具体原因
登出的话是不是要让当前这个token失效呢?
如果自定义了角色。权限,这个怎么维护?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.