1. 首頁 > 生活百科 > >

篡改常識的系統最新章節 網站防篡改設備( 二 )

生活百科


RedisModel model = new RedisModel();model.setModelName(token);model.setModelKey("userInfo");Map<String,Object> params = new HashMap<String,Object>();params.put("userName", customerDto.getUsername());CustomerVo customerVo = new CustomerVo();customerVo.setEmail(customerDto.getEmail());customerVo.setPhone(customerDto.getPhone());CustomerVo userInfo = customerService.queryUserByUserName(customerVo);Map<String,Object> userToken = new HashMap<String,Object>();userToken.put("userToken", token);userToken.put("userInfo", userInfo);model.setModelData(userToken);model.setTimeoutType("M");model.setTimeout(redisTokenTimeOut);resultMap.setCode(CommonResultStatus.SUCCESS.getCode());resultMap.setMessage(CommonResultStatus.SUCCESS.getMessage());//寫入為hash實業redisTemplate.opsForHash().put(model.getModelName(), model.getModelKey(), model.getModelData());redisTemplate.expire(model.getModelName(), model.getTimeout(), TimeUnit.MINUTES);@Configuration@EnableWebSecurity@EnableGlobalMethodSecurity(prePostEnabled = true) public class WebSecurityConfig extends WebSecurityConfigurerAdapter {public static final String AUTHORIZATION_HEADER = "x-token";//Authorization//承諾考察的路途private static final String[] AUTH_WITHOUTLIST = {// -- swagger ui"/v2/api-docs", "/swagger-resources", "/swagger-resources/**", "/configuration/ui","/configuration/security", "/swagger-ui.html", "/webjars/**",// other public endpoints of your API may be appended to this array"/druid/**","/health","/info","/info/**",//druid sql 監聽"/hystrix","/hystrix/**","/error","/loggers","/loggers/**","/service-registry/instance-status","/hystrix.stream","/turbine/**","/turbine.stream","/autoconfig","/archaius","/beans","/features","/configprops","/mappings","/auditevents","/env","/env/**","/metrics","/metrics/**","/trace","/trace/**", "/dump","/dump/**", "/jolokia/**","/info/**","/activiti/**", "/logfile/**", "/refresh","/flyway/**", "/liquibase/**","/heapdump","/heapdump/**","/v1/authcenter/login","/v1/authcenter/fiberhomeLogin","/v1/authcenter/registered",//登錄URL"/v1/authcenter/queryAuthInfo",//鑒權URL"/u/ *** s/sendPhone","/citry/getChineseProvinces","/code/getCaptchaImage","/u/ *** s/forgetEmailPwd","/u/ *** s/sendEmail","/citry/getOtherCoutryList","/upload/pngDir/*","/job/getJobList","/u/ *** s/sendLoginEmail","/v1/authcenter/queryUserInfoByMap","/v1/authcenter/forgetPwd","/diagram-viwmer/**","/editor-marketing/**","/modeler.html","/actuator/health"};@Autowiredprivate SecurityUserDetailsService securityUserDetailsService;@Autowiredprivate AuthLogoutSuccessHandler authLogoutSuccessHandler;@Autowiredprivate JWTTokenUtils tokenProvider;@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {//自設置獲得用戶消息樹立暗號加密和默許用DaoAuthenticationProvider加密任選auth.userDetailsService(securityUserDetailsService).passwordEncoder(passwordEncoder());}@Overrideprotected void configure(HttpSecurity http) throws Exception {// 擺設乞求考察戰略// 封閉CSRF、CORShttp.cors().disable().csrf().disable()// 因為運用Token,以是不須要Session.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()// 考證Http乞求.authorizeRequests()// 承諾一切用戶考察首頁 與 登錄.antMatchers(AUTH_WITHOUTLIST).permitAll()// 其它任何乞求都要過程認證經過.anyRequest().authenticated().and()// 用戶頁面須要用戶權力// 樹立登出.logout().logoutSuccessHandler(authLogoutSuccessHandler).permitAll();// 增添JWT filter 在http.addFilterBefore(new JwtAuthenticationTokenFilter(tokenProvider), UsernamePasswordAuthenticationFilter.class);}//確定能否有權力分三步 后盾security 仍舊對地方做了阻擋了,乞求頭必需樹立乞求參數參數1:確定token能否生存(security 已實行)2:token能否靈驗(鑒于redis) 3:考察API能否有權力緩存構造:
["java.util.HashMap",{"userToken": "ISOFTSTONE.eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI0MmRkMGJlZmQwNDg0MmMyODhiN2QxZjVkYTcwMWNjNiIsImF1dGgiOiJ1c2VyIiwiZXhwIjoxNjM1MjMyMzk4fQ.9VqMD0vyu-pe42moNd1QeNWP4KrBvvNYJKDQdQPDi_YKKXPG3l90dNn5wgK2rZXs471Pmeby-BdHPHd2-iNKfA","userInfo": ["com.common.vo.CustomerVo",{"id": "42dd0befd04842c288b7d1f5da701cc6","createTime": ["java.util.Date","2021-06-10"],"updateTime": ["java.util.Date","2021-06-10"],"deleted": 0,"phone": "13797004616","password": "123456","email": "sunlin@fiberhome.com","status": %

推薦閱讀