{"id":1153,"date":"2023-11-10T18:17:12","date_gmt":"2023-11-10T10:17:12","guid":{"rendered":"http:\/\/www.max-shu.com\/blog\/?p=1153"},"modified":"2023-11-10T18:17:12","modified_gmt":"2023-11-10T10:17:12","slug":"spring-security%e5%92%8cjwt%e7%bb%93%e5%90%88","status":"publish","type":"post","link":"http:\/\/www.max-shu.com\/blog\/?p=1153","title":{"rendered":"Spring Security\u548cJWT\u7ed3\u5408"},"content":{"rendered":"\n

\u5148\u5f15\u5165pom.xml\uff0c\u4e3b\u8981\u770bdependency\u90e8\u5206\uff1a<\/strong><\/h2>\n\n\n\n

<parent>
<groupId>org.springframework.boot<\/groupId>
<artifactId>spring-boot-starter-parent<\/artifactId>
<version>3.1.5<\/version>
<relativePath\/> <!– lookup parent from repository –>
<\/em><\/parent>
<groupId>com.maxshu<\/groupId>
<artifactId>test_SpringSecurity<\/artifactId>
<version>0.0.1-SNAPSHOT<\/version>
<name>test_SpringSecurity<\/name>
<description>test_SpringSecurity<\/description>
<properties>
<java.version>17<\/java.version>
<kotlin.version>1.8.22<\/kotlin.version>
<\/properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot<\/groupId>
<artifactId>spring-boot-starter-data-jpa<\/artifactId>
<\/dependency>
<dependency>
<groupId>org.jetbrains.kotlin<\/groupId>
<artifactId>kotlin-reflect<\/artifactId>
<\/dependency>
<dependency>
<groupId>org.jetbrains.kotlin<\/groupId>
<artifactId>kotlin-stdlib<\/artifactId>
<\/dependency>

<dependency>
<groupId>com.mysql<\/groupId>
<artifactId>mysql-connector-j<\/artifactId>
<scope>runtime<\/scope>
<\/dependency>
<dependency>
<groupId>org.projectlombok<\/groupId>
<artifactId>lombok<\/artifactId>
<optional>true<\/optional>
<\/dependency>
<dependency>
<groupId>org.springframework.boot<\/groupId>
<artifactId>spring-boot-starter-test<\/artifactId>
<scope>test<\/scope>
<\/dependency>

<!– Spring Security –>
<\/em><dependency>
<groupId>org.springframework.boot<\/groupId>
<artifactId>spring-boot-starter-web<\/artifactId>
<\/dependency>
<dependency>
<groupId>org.springframework.boot<\/groupId>
<artifactId>spring-boot-starter-security<\/artifactId>
<\/dependency>

<!– Hutool JWT –>
<\/em><dependency>
<groupId>cn.hutool<\/groupId>
<artifactId>hutool-jwt<\/artifactId>
<version>5.8.22<\/version>
<\/dependency>

<!– GSon, Json –>
<\/em><dependency>
<groupId>com.google.code.gson<\/groupId>
<artifactId>gson<\/artifactId>
<version>2.10.1<\/version>
<\/dependency>

<\/dependencies>


\u4e0b\u9762\u662f\u914d\u7f6e\u6587\u4ef6application.yml\uff1a<\/strong>

server:
address: 0.0.0.0
port: 80

logging:
level:
org.springframework.security.web.FilterChainProxy: trace
org.springframework.security.web.access.ExceptionTranslationFilter: trace
org.springframework.security: debug

spring:
application:
name: test_SpringSecurity
profiles:
active: dev
main.banner-mode: ‘off’
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
username: db
password: db_password
url: jdbc:mysql:\/\/127.0.0.1:3306\/test?useSSL=false&useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia\/Shanghai
jpa:
database: MYSQL
show-sql: true
generate-ddl: true
database-platform: org.hibernate.dialect.MySQLDialect
hibernate:
ddl-auto: update
naming:
implicit-strategy: org.springframework.boot.orm.jpa.hibernate.SpringImplicitNamingStrategy
physical-strategy: org.hibernate.boot.model.naming.CamelCaseToUnderscoresNamingStrategy # Springboot 3.x\u7528
# physical-strategy: org.springframework.boot.orm.jpa.hibernate.SpringPhysicalNamingStrategy # Springboot 2.x\u7528
properties:
hibernate:
format_sql: true
use_sql_comments: true

<\/p>\n\n\n\n

\u8981\u5efa\u7acb\u4e00\u4e2a\u914d\u7f6e\u7c7b\uff1a<\/strong><\/h2>\n\n\n\n

@Configuration
@EnableWebSecurity
\/\/@EnableMethodSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true) \/\/controller\u542f\u7528\u6ce8\u89e3\u673a\u5236\u7684\u5b89\u5168,PreAuthorize\u624d\u4f1a\u6709\u6548
public class WebSecurityConfig {
private static final Logger logger = LoggerFactory.getLogger(WebSecurityConfig.class);
@Autowired
private MyAccessDeniedHandler accessDeniedHandler;
@Autowired
private MyUnauthorizedHandler unauthorizedHandler;

@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
return authConfig.getAuthenticationManager();
}

@Bean
public JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter() {
return new JwtAuthenticationTokenFilter();
}
@Bean
public JwtAuthenticationProvider jwtAuthenticationProvider(){
return new JwtAuthenticationProvider();
}

@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}

@Bean
public WebSecurityCustomizer ignoringCustomizer() {
\/\/\u4e0d\u9700\u8981\u9274\u6743\u7684\u8bbf\u95ee\u653e\u8fd9\u91cc\uff0c\u5728filter\u4e4b\u524d\u6267\u884c\uff1a
return (web) -> web.ignoring()
\/\/\u5982\u679c\u8fd9\u4e9b\u8def\u5f84\u6ca1\u6709\u5728Controller\u4e2d\u914d\u7f6e\uff0c\u7528\u8fd9\u4e9b\u8def\u5f84\u6765\u8bbf\u95ee\u7684\u8bdd\u4e5f\u4f1a\u9274\u6743\u5931\u8d25\uff0c\u800c\u4e14\u8981\u8ddfController\u4e2d\u4e25\u683c\u5339\u914d\uff0c\u5305\u62ec\u8bbf\u95ee\u65f6\u5c3e\u90e8\u4e0d\u8981”\/”\u3002
\/\/\u5141\u8bb8\u5bf9\u4e8e\u7f51\u7ad9\u9759\u6001\u8d44\u6e90\u7684\u65e0\u6388\u6743\u8bbf\u95ee
.requestMatchers(HttpMethod.GET,”\/”,”\/*.html”,”\/*.css”,”\/*.js”,”\/static\/**”)
\/\/\u5bf9\u767b\u5f55\u6ce8\u518c\u5141\u8bb8\u533f\u540d\u8bbf\u95ee
.requestMatchers(“\/user\/login”,”\/user\/register”,”\/user\/logout”)
\/\/\u8de8\u57df\u8bf7\u6c42\u4f1a\u5148\u8fdb\u884c\u4e00\u6b21options\u8bf7\u6c42
.requestMatchers(HttpMethod.OPTIONS)
\/\/\u6d4b\u8bd5\u65f6\u5168\u90e8\u8fd0\u884c\u8bbf\u95ee.permitAll();
.requestMatchers(“\/test\/**”);
}

@Bean
public SecurityFilterChain filterChain2(HttpSecurity httpSecurity) throws Exception {
httpSecurity
\/\/\u7531\u4e8e\u4f7f\u7528\u7684\u662fJWT\uff0c\u8fd9\u91cc\u4e0d\u9700\u8981csrf\u9632\u62a4
.csrf((csrf)->csrf.disable())
\/\/\u5df2\u7ecf\u7ecf\u8fc7\u9274\u6743filter\u7684\u8bbf\u95ee\uff0c\u518d\u8d70http\u8fc7\u6ee4\uff1a
.authorizeHttpRequests((authorize) -> authorize
.anyRequest().authenticated());
\/\/\u57fa\u4e8etoken\uff0c\u6240\u4ee5\u4e0d\u9700\u8981session
httpSecurity.sessionManagement((sm)-> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS));
\/\/ \u7981\u7528\u7f13\u5b58
httpSecurity.headers((header)->header.cacheControl((control)->control.disable()));
\/\/\u4f7f\u7528\u81ea\u5b9a\u4e49provider
httpSecurity.authenticationProvider(jwtAuthenticationProvider());
\/\/\u6dfb\u52a0JWT filter
httpSecurity.addFilterBefore(jwtAuthenticationTokenFilter(), UsernamePasswordAuthenticationFilter.class);
\/\/\u6dfb\u52a0\u81ea\u5b9a\u4e49\u672a\u6388\u6743\u548c\u672a\u767b\u5f55\u7ed3\u679c\u8fd4\u56de
httpSecurity.exceptionHandling((handle)->handle
.accessDeniedHandler(accessDeniedHandler)
.authenticationEntryPoint(unauthorizedHandler));

return httpSecurity.build();
}
}
<\/p>\n\n\n\n

\u4e0b\u9762\u662fJwtAuthenticationProvider\u7c7b\uff1a<\/strong><\/h2>\n\n\n\n
\/\/\u767b\u5f55\u7684\u65f6\u5019\u7528\u6765\u9274\u6743\n<\/em>public class JwtAuthenticationProvider implements AuthenticationProvider {\n    private static final Logger logger <\/em>= LoggerFactory.getLogger<\/em>(JwtAuthenticationProvider.class);\n\n    @Autowired\n    private PasswordEncoder passwordEncoder;\n    @Autowired\n    private UserDetailsService userDetailsService;\n\n    @Override\n    public Authentication authenticate(Authentication authentication) throws AuthenticationException {\n        String username = String.valueOf<\/em>(authentication.getPrincipal());\n        String password = String.valueOf<\/em>(authentication.getCredentials());\n\n        UserDetails userDetails = userDetailsService.loadUserByUsername(username);\n        if(passwordEncoder.matches(password,userDetails.getPassword())){\n            if(userDetails instanceof UserDetailsImpl) {\n                ((UserDetailsImpl)userDetails).setIsLogin(true);\n            }\n            return new UsernamePasswordAuthenticationToken(username, password, userDetails.getAuthorities());\n        }\n        throw new BadCredentialsException(\"Password is error!\");\n    }\n\n    @Override\n    public boolean supports(Class<?> authentication) {\n\/\/        return UsernamePasswordAuthenticationToken.class.equals(authentication);\n        <\/em>return UsernamePasswordAuthenticationToken.class.isAssignableFrom(authentication);\n    }\n}<\/pre>\n\n\n\n
\u4e0b\u9762\u662fJwtAuthenticationTokenFilter\u7c7b\uff1a<\/strong><\/h2>\n\n\n\n
\/\/\u4e0d\u80fd\u5b9a\u4e49\u4e3aComponent\u3001Service\u7b49\u3002\n\/\/\u6240\u6709\u8bbf\u95ee\u90fd\u4f1a\u6765\u8fc7\u6ee4\u3002\n<\/em>public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {\n    private static final Logger logger <\/em>= LoggerFactory.getLogger<\/em>(JwtAuthenticationTokenFilter.class);\n\n    private final static String AUTH_HEADER <\/em>= \"Authorization\";\n    private final static String AUTH_HEADER_TYPE <\/em>= \"Bearer\";\n\n    @Autowired\n    private UserDetailsService userDetailsService;\n    @Autowired\n    private JwtAuthenticationProvider jwtAuthenticationProvider;\n\n    @Override\n    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {\n        \/\/ get token from header:  Authorization: Bearer <token>\n        <\/em>String authHeader = request.getHeader(AUTH_HEADER<\/em>);\n        if (Objects.isNull<\/em>(authHeader) || !authHeader.startsWith(AUTH_HEADER_TYPE<\/em>)){\n            \/\/\u4e0d\u505a\u9274\u6743\u5904\u7406\uff0c\u6240\u4ee5\u4f1a\u76f4\u63a5\u8fd4\u56de\u9274\u6743\u5931\u8d25\n            <\/em>filterChain.doFilter(request,response);\n            return;\n        }\n\n        String authToken = authHeader.split(\" \")[1];\n        logger<\/em>.debug(\"authToken:{}\" , authToken);\n        \/\/verify token\uff0ctoken\u7684\u63d0\u4f9b\u5728AuthController\u7684\u767b\u5f55\u65f6\u7ed9\u7684\u3002\n        <\/em>if (!JWTUtil.verify<\/em>(authToken, MyConstant.JWT_SIGNER<\/em>)) {\n            logger<\/em>.info(\"invalid JWT token.\");\n            \/\/\u4e0d\u505a\u9274\u6743\u5904\u7406\uff0c\u6240\u4ee5\u4f1a\u76f4\u63a5\u8fd4\u56de\u9274\u6743\u5931\u8d25\n            <\/em>filterChain.doFilter(request,response);\n            return;\n        }\n\n        final String userName = (String) JWTUtil.parseToken<\/em>(authToken).getPayload(\"username\");\n        UserDetails userDetails = userDetailsService.loadUserByUsername(userName);\n\n        if(request.getRequestURI().equals(\"\/user\/logout\")){ \/\/\u9000\u51fa\u767b\u5f55\n            <\/em>if(userDetails instanceof UserDetailsImpl) {\n                ((UserDetailsImpl)userDetails).setIsLogin(false);\n            }\n            response.setCharacterEncoding(\"UTF-8\");\n            response.setContentType(\"application\/json;charset=UTF-8\");\n            Message message = new Message<>(true, \"\u9000\u51fa\u767b\u5f55\u6210\u529f\");\n            Gson gson = new Gson();\n            response.getWriter().println(gson.toJson(message));\n            response.getWriter().flush();\n            response.getWriter().close();\n            return; \/\/\u4e0d\u518d\u8fc7\u6ee4\u4e86\u3002\n        <\/em>}\n        if(userDetails instanceof UserDetailsImpl){\n            if(!((UserDetailsImpl)userDetails).getIsLogin()){ \/\/\u6ca1\u6709\u767b\u5f55\uff0c\u5373\u4f7f\u5e26\u4e86AUTH\u5b57\u6bb5\u4e5f\u4e0d\u884c\n                \/\/\u4e0d\u505a\u9274\u6743\u5904\u7406\uff0c\u6240\u4ee5\u4f1a\u76f4\u63a5\u8fd4\u56de\u9274\u6743\u5931\u8d25\n                <\/em>filterChain.doFilter(request,response);\n                return;\n            }\n        }\n\n\n        \/\/\u5e26\u4e86token\uff0c\u4e14\u5df2\u7ecf\u767b\u5f55\u7684\u5904\u7406\u3002\n        \/\/ \u6ce8\u610f\uff0c\u8fd9\u91cc\u4f7f\u7528\u7684\u662f3\u4e2a\u53c2\u6570\u7684\u6784\u9020\u65b9\u6cd5\uff0c\u6b64\u6784\u9020\u65b9\u6cd5\u5c06\u8ba4\u8bc1\u72b6\u6001\u8bbe\u7f6e\u4e3atrue\n        <\/em>UsernamePasswordAuthenticationToken authentication =\n                new UsernamePasswordAuthenticationToken(userDetails.getUsername(), userDetails.getPassword(), userDetails.getAuthorities());\n        authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));\n\n        \/\/\u5c06\u8ba4\u8bc1\u8fc7\u4e86\u51ed\u8bc1\u4fdd\u5b58\u5230security\u7684\u4e0a\u4e0b\u6587\u4e2d\u4ee5\u4fbf\u4e8e\u5728\u7a0b\u5e8f\u4e2d\u4f7f\u7528\n        <\/em>SecurityContextHolder.getContext<\/em>().setAuthentication(authentication);\n\n        filterChain.doFilter(request, response);\n    }\n}<\/pre>\n\n\n\n
\u4e0b\u9762\u662fMyAccessDeniedHandler\u7c7b\uff1a<\/strong><\/h2>\n\n\n\n
@Component\npublic class MyAccessDeniedHandler implements AccessDeniedHandler {\n    private static final Logger logger <\/em>= LoggerFactory.getLogger<\/em>(MyAccessDeniedHandler.class);\n\n    @Override\n    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {\n        \/\/logger.error(\"access error: \"+accessDeniedException.getMessage(), accessDeniedException);\n        logger<\/em>.error(\"access error: \"+accessDeniedException.getMessage());\n        response.setCharacterEncoding(\"UTF-8\");\n        response.setContentType(\"application\/json;charset=UTF-8\");\n        Message message = new Message<>(false, \"\u7981\u6b62\u8bbf\u95ee\");\n        Gson gson = new Gson();\n        response.getWriter().println(gson.toJson(message));\n        response.getWriter().flush();\n        response.getWriter().close();\n    }\n}<\/pre>\n\n\n\n
\u4e0b\u9762\u662fMyUnauthorizedHandler\u7c7b\uff1a<\/strong><\/h2>\n\n\n\n
@Component
public class MyUnauthorizedHandler implements AuthenticationEntryPoint {
    private static final Logger logger <\/em>= LoggerFactory.getLogger<\/em>(MyUnauthorizedHandler.class);
    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
        \/\/logger.error(\"Unauthorized error: \"+authException.getMessage(), authException);
<\/em>        <\/em>logger<\/em>.error(\"Unauthorized error: \"+authException.getMessage());
        response.setCharacterEncoding(\"UTF-8\");
        response.setContentType(\"application\/json;charset=UTF-8\");
        Message message = new Message<>(false, \"\u8ba4\u8bc1\u5931\u8d25\");
        Gson gson = new Gson();
        response.getWriter().println(gson.toJson(message));
        response.getWriter().flush();
        response.getWriter().close();
    }
}<\/pre>\n\n\n\n
\u4e0b\u9762\u662fMyConstant\u7c7b\uff1a<\/strong><\/p>\n\n\n\n
public class MyConstant {\n    private static final String JWT_SIGN_KEY <\/em>= \"yunbu_key_de$xxSia4R2#@dffDE\";\n    <\/em>public static final HMacJWTSigner JWT_SIGNER <\/em>= new HMacJWTSigner(\n            AlgorithmUtil.getAlgorithm<\/em>(\"HMD5\"), JWT_SIGN_KEY<\/em>.getBytes(StandardCharsets.UTF_8<\/em>));\n}<\/pre>\n\n\n\n
\u672c\u5730\u8c03\u8bd5\u9700\u8981\uff0c\u589e\u52a0\u4e00\u4e2aCORS_Filter\u7c7b\u6765\u5141\u8bb8\u8de8\u57df\u8bf7\u6c42\uff1a<\/strong><\/p>\n\n\n\n
@Component\npublic class CORS_Filter implements Filter {\n    @Override\n    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {\n        HttpServletRequest reqs = (HttpServletRequest) req;\n        String curOrigin = reqs.getHeader(\"Origin\");\n        HttpServletResponse response = (HttpServletResponse) res;\n        response.setHeader(\"Access-Control-Allow-Origin\", curOrigin == null ? \"true\" : curOrigin);\n        response.setHeader(\"Access-Control-Allow-Credentials\", \"true\");\n        response.setHeader(\"Access-Control-Allow-Methods\", \"POST, PUT, PATCH, GET, OPTIONS, DELETE, HEAD\");\n        response.setHeader(\"Access-Control-Max-Age\", \"3600\");\n        response.setHeader(\"Access-Control-Allow-Headers\", \"Origin, X-Api-Key, Aaccess-Control-Allow-Origin, Authority, Authorization, Content-Type, Accept, Version-Info, X-Requested-With\");\n\/\/        response.setContentType(\"application\/json;charset=UTF-8\");\n        <\/em>chain.doFilter(req, res);\n\n    }\n}<\/pre>\n\n\n\n
\u4e0b\u9762\u4e3aRole\u548cUser\u76f8\u5173\u7684\u51e0\u4e2a\u7c7b\uff1a<\/strong><\/h2>\n\n\n\n
@Data
@AllArgsConstructor
@NoArgsConstructor
public class Role {
    private RoleType roleType;
}<\/pre>\n\n\n\n
public enum RoleType {\n    ADMIN<\/em>(\"admin\"),\n    USER<\/em>(\"user\");\n\n    private String roleName;\n\n    RoleType(String roleName) {\n        this.roleName = roleName;\n    }\n\n    public String getRoleName() {\n        return roleName;\n    }\n}\n<\/pre>\n\n\n\n
@Data
@AllArgsConstructor
@NoArgsConstructor
public class User {
    private String userName;
    private String password;

    private static Boolean isLogin <\/em>= false;  \/\/static<\/em>\u662f\u4e34\u65f6\u6d4b\u8bd5\u4e3a\u4e86\u4fdd\u6301\u767b\u5f55\u72b6\u6001\uff0c\u540e\u7eed\u632a\u5230\u6570\u636e\u5e93\u540e\u5c31\u4e0d\u80fd\u7528<\/em>static<\/em>\u4e86\u3002
<\/em>    <\/em>public static void setIsLogin(Boolean isLogin){
        User.isLogin <\/em>= isLogin;
    }
    public static Boolean getIsLogin(){
        return User.isLogin<\/em>;
    }

    private List<Role> roles;
}<\/pre>\n\n\n\n
@RequiredArgsConstructor
public class UserDetailsImpl implements UserDetails {
    private final User user;

    public void setIsLogin(Boolean isLogin){
        User.setIsLogin<\/em>(isLogin);
    }
    public Boolean getIsLogin(){
        return User.getIsLogin<\/em>();
    }

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return user.getRoles()
                .stream()
                .map(role -> new SimpleGrantedAuthority(role.getRoleType().getRoleName()))
                .collect(Collectors.toList<\/em>());
    }

    @Override
    public String getPassword() {
        return user.getPassword();
    }

    @Override
    public String getUsername() {
        return user.getUserName();
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}<\/pre>\n\n\n\n
@Service\npublic class UserDetailsServiceImpl implements UserDetailsService {\n    @Autowired\n    private PasswordEncoder passwordEncoder;\n\n    @Override\n    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {\n        User user = getUserByName(username);\n        if(user == null){\n            throw new UsernameNotFoundException(\"User isn't exist!\");\n        }\n        return new UserDetailsImpl(user);\n    }\n\n    public User getUserByName(String userName) {\n        if (!\"007\".equals(userName)) {\n            return null; \/\/\u627e\u4e0d\u5230user\n        <\/em>}\n\n\/\/        List<Role> roles = List.of(new Role(RoleType.ADMIN), new Role(RoleType.USER));\n\/\/        List<Role> roles = List.of( new Role(RoleType.USER));\n        <\/em>List<Role> roles = List.of<\/em>( new Role(RoleType.ADMIN<\/em>));\n        return new User(userName, passwordEncoder.encode(\"123456\"), roles);\n    }\n}<\/pre>\n\n\n\n
\u51e0\u4e2a\u548c\u524d\u7aef\u6253\u4ea4\u9053\u7684DTO\u7c7b\uff1a<\/h2>\n\n\n\n
@Data
public class Message<T> {
    private Boolean success;
    private String msg;
    private Page page = null;
    private List<T> dataList = null;

    public Message(){
        ;
    }

    public Message(Boolean success, String msg){
        setSuccessAndMsg(success, msg);
    }
    public void setSuccessAndMsg(Boolean success, String msg){
        this.success = success;
        this.msg = msg;
    }

    @Data
    @AllArgsConstructor
    @NoArgsConstructor
    public static class Page{
        private Integer num;
        private Integer size;
        private Integer total;
        private Long totalRec;
    }
}<\/p>\n\n\n\n
@Data
public class SignInReq {
    private String username;
    private String password;
}<\/pre>\n\n\n\n
@Data\n@AllArgsConstructor\npublic class JWTAuthToken {\n    String jwtToken;\n}<\/pre>\n\n\n\n
\u6700\u540e\u4e24\u4e2acontroller\u7c7b\uff0c\u7b2c\u4e00\u4e2a\u5904\u7406\u767b\u9646\u6ce8\u518c\uff1a<\/strong><\/h2>\n\n\n\n
@RestController\n@RequestMapping(\"\/user\")\npublic class AuthController {\n    private static final Logger logger <\/em>= LoggerFactory.getLogger<\/em>(AuthController.class);\n\n    @Autowired\n    private AuthenticationManager authenticationManager;\n\n    <\/em>@PostMapping (\"\/login\")\n    public Message<JWTAuthToken> postLogin(@RequestBody SignInReq req) {\n        logger<\/em>.info(\"postLogin, req: {}\", req);\n        UsernamePasswordAuthenticationToken authenticationToken =\n                new UsernamePasswordAuthenticationToken(req.getUsername(), req.getPassword());\n        authenticationManager.authenticate(authenticationToken); \/\/<\/em>\u5728<\/em>config<\/em>\u91cc\u8bbe\u7f6e\u4e86\u4e4b\u540e\uff0c\u8fd9\u91cc\u4f1a\u8c03\u7528<\/em>JwtAuthenticationProvider<\/em>\u7684\u9274\u6743\n<\/em>\n<\/em>        <\/em>\/\/<\/em>\u4e0a\u4e00\u6b65\u6ca1\u6709\u629b\u51fa\u5f02\u5e38\u8bf4\u660e\u767b\u5f55\u6210\u529f\uff0c\u6211\u4eec\u5411\u7528\u6237\u9881\u53d1<\/em>jwt<\/em>\u4ee4\u724c\uff0c\u68c0\u9a8c\u5728<\/em>JwtAuthenticationTokenFilter<\/em>\u91cc\u9762\u3002\n<\/em>        <\/em>String token = JWT.create<\/em>()\n                .setPayload(\"username\", req.getUsername())\n                .setSigner(MyConstant.JWT_SIGNER<\/em>)\n                .sign();\n\n        \/\/<\/em>\u767b\u5f55\u6210\u529f\uff0c\u8fd4\u56de<\/em>JWT<\/em>\u683c\u5f0f\u7684<\/em>token<\/em>\u7ed9\u5ba2\u6237\u7aef\u540e\u7eed\u518d\u8bf7\u6c42\u65f6\u4ece<\/em>Header<\/em>\u7684\n<\/em>        <\/em>JWTAuthToken jwtAuthToken = new JWTAuthToken(token);\n        Message<JWTAuthToken> message = new Message<>(true, \"\");\n        message.setDataList(new ArrayList<JWTAuthToken>(Arrays.asList<\/em>(jwtAuthToken)));\n        return message;\n    }\n\n    @GetMapping (\"\/login\")\n    public String getLogin() {\n        logger<\/em>.info(\"getLogin\");\n        return \"getLogin\";\n    }\n\n    @PostMapping (\"\/register\")\n    public Message<String> postRegister(@RequestBody SignInReq req) {\n        logger<\/em>.info(\"postRegister, req: {}\", req);\n        \/\/<\/em>\u5b58\u5165\u6570\u636e\u5e93\u3002\n<\/em>        <\/em>Message<String> message = new Message<>(true, \"\");\n        message.setDataList(new ArrayList<String>(Arrays.asList<\/em>(\"\u6ce8\u518c\u6210\u529f\")));\n        return message;\n    }\n}<\/pre>\n\n\n\n
\u7b2c\u4e8c\u4e2a\u7528\u6765\u5904\u7406\u4e1a\u52a1\uff1a<\/strong><\/p>\n\n\n\n
@RestController\n@RequestMapping(\"\/aaa\")\npublic class TestController {\n    private static final Logger logger <\/em>= LoggerFactory.getLogger<\/em>(TestController.class);\n\n    @RequestMapping(\"\/aaa\")\n    public Message<String> aaa() {\n        logger<\/em>.info(\"aaa\");\n        Message<String> message = new Message<>(true, \"\");\n        message.setDataList(new ArrayList<String>(Arrays.asList<\/em>(\"aaa\")));\n        return message;\n    }\n\n    @PreAuthorize(\"hasAuthority('admin')\") \/\/\u9700\u8981\u4ee5\u4ec0\u4e48\u89d2\u8272\u6765\u8bbf\u95ee\n    <\/em>@GetMapping(\"\/bbb\")\n    public Message<String> bbb(){\n        Message<String> message = new Message<>(true, \"\");\n        message.setDataList(new ArrayList<String>(Arrays.asList<\/em>(\"bbb\")));\n        return message;\n    }\n\n    @PreAuthorize(\"hasAuthority('user')\")\n    @GetMapping(\"\/ccc\")\n    public Message<String> ccc(){\n        Message<String> message = new Message<>(true, \"\");\n        message.setDataList(new ArrayList<String>(Arrays.asList<\/em>(\"ccc\")));\n        return message;\n    }\n\n    @PreAuthorize(\"hasAuthority('user') || hasAuthority('admin')\")\n    @GetMapping(\"\/ddd\")\n    public Message<String> ddd(){\n        Message<String> message = new Message<>(true, \"\");\n        message.setDataList(new ArrayList<String>(Arrays.asList<\/em>(\"ddd\")));\n        return message;\n    }\n}<\/pre>\n\n\n\n
\u6211\u4eec\u4f7f\u7528curl\u6765\u6a21\u62df\u6ce8\u518c\u3001\u767b\u9646\u3001\u8bbf\u95ee\u3001\u9000\u51fa\u767b\u5f55\u7b49\u64cd\u4f5c\uff1a<\/strong><\/h2>\n\n\n\n
\/\/\u6ce8\u518c<\/strong>(\u5b58\u6570\u636e\u5e93\u65f6\u624d\u6709\u7528\uff0c\u73b0\u5728\u4e34\u65f6\u6d4b\u8bd5\u56fa\u5b9a\u4e86\u7528\u6237\u6ca1\u610f\u4e49)\uff1a curl -X POST -H 'Content-Type:application\/json' -d '{\"username\":\"007\",\"password\":\"123456\"}'  'http:\/\/127.0.0.1\/user\/register'<\/em>\n\n\/\/\u6a21\u62df\u767b\u5f55<\/strong>\uff1a curl -X POST -H 'Content-Type:application\/json' -d '{\"username\":\"007\",\"password\":\"123456\"}'  'http:\/\/127.0.0.1\/user\/login'\n\/\/\u4f1a\u6253\u5370\u51fa\u8fd4\u56de\u7684 token\uff0c\u8bb0\u4f4f\u8be5token\u3002<\/em>\n\n\/\/\u6a21\u62df\u767b\u5f55\u540e\u7684\u8bbf\u95ee<\/strong>\uff1acurl -X GET -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJITUQ1In0.eyJ1c2VybmFtZSI6IjAwNyJ9.nj2Wp_-CCQGZ44-8uomApw' 'http:\/\/127.0.0.1\/aaa\/aaa'\n\/\/\u8fd9\u91cc\u8def\u5f84\/aaa\/aaa\u3001\/aaa\/bbb\u3001\/aaa\/ccc\u3001\/aaa\/ddd\u7684\u5904\u7406\u53c2\u8003\uff1aTestController<\/em>\n\n\/\/\u6a21\u62df\u9000\u51fa\u767b\u5f55<\/strong>\uff1a curl -X GET  -H 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJITUQ1In0.eyJ1c2VybmFtZSI6IjAwNyJ9.nj2Wp_-CCQGZ44-8uomApw' 'http:\/\/127.0.0.1\/user\/logout'<\/em><\/pre>\n\n\n\n

<\/p>\n","protected":false},"excerpt":{"rendered":"
\u5148\u5f15\u5165pom.xml\uff0c\u4e3b\u8981\u770bdependency\u90e8\u5206\uff1a <parent> <groupId>org …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[63,13],"tags":[889,888,887,890,75,174,74],"class_list":["post-1153","post","type-post","status-publish","format-standard","hentry","category-63","category-13","tag-jwt","tag-security","tag-spring","tag-web-token","tag-75","tag-174","tag-74"],"views":965,"_links":{"self":[{"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1153","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1153"}],"version-history":[{"count":1,"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1153\/revisions"}],"predecessor-version":[{"id":1154,"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=\/wp\/v2\/posts\/1153\/revisions\/1154"}],"wp:attachment":[{"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1153"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1153"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.max-shu.com\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1153"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}