第105天学习打卡(SpringBootshiro整合
thymeleafSwaggerSp。。。
shiro 整合thymeleaf
在l中整合shiro-thymeleaf
<!--shiro-thymeleaf-->
<!-- mvnrepository/artifact/com.github.theborakompanioni/thymeleaf-extras-shiro -->
<dependency>
<groupId>com.github.theborakompanioni</groupId>
<artifactId>thymeleaf-extras-shiro</artifactId>
<version>2.0.0</version>
</dependency>
添加的代码:
Subject currentSubject = Subject();
Session session = Session();
session.setAttribute("loginUser",user);
完整代码:UserRealm.java
package fig;
import com.kuang.pojo.User;
import com.kuang.service.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.alm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
//⾃定义的 UserRealm  extends AuthorizingRealm
public class UserRealm extends AuthorizingRealm {
@Autowired
UserService userService;
//授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("执⾏了=>授权doGetAuthorizationInfo");
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
info.addStringPermission("user:add");//⽆论什么⽤户等进来都会⾛这个⽅法
//拿到当前登录的这个对象
Subject subject = Subject();
User currentUser = (User) Principal();//拿到user对象
//设置当前⽤户的权限
info.Perms());
return info;
}
//认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.out.println("执⾏了=>认证doGetAuthenticationInfo");
//        //⽤户名,密码数据库中取
//        String name = "root";
//        String password = "123456";
UsernamePasswordToken userToken = (UsernamePasswordToken) token;
//连接真实数据库
User user = userService.Username());
if(user==null){
//没有这个⼈
return null; //爆出异常UnknownAccountException
}
Subject currentSubject = Subject();
Session session = Session();
session.setAttribute("loginUser",user);
//        if (!Username().equals(name)){
//            return null;//抛出异常  UnknownAccountException  ⽤户名不存在
//
//        }
/
/可以加密:MD5  MD5盐值加密  MD5不可逆
//密码认证,shiro做加密
return new SimpleAuthenticationInfo(Pwd(),"");
}
}
ShiroConfig.java
package fig;
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import t.annotation.Bean;
import t.annotation.Configuration;
import java.util.LinkedHashMap;
import java.util.Map;
@Configuration
public class ShiroConfig {
//ShiroFilterFactory  第三步
@Bean
public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager){        ShiroFilterFactoryBean bean = new ShiroFilterFactoryBean();
//设置安全管理器
bean.setSecurityManager(defaultWebSecurityManager);
//添加shiro的内置过滤器
/*
anon : ⽆需认证就可以访问
authc:必须认证了才可能访问
user : 必须拥有记住我,功能才能⽤
perms:拥有对某个资源的权限才能访问
role:拥有某个⾓⾊权限才能访问
*/
//拦截
Map<String, String> filterMap = new LinkedHashMap<>();
/
/授权,正常情况下,没有授权会跳转到未授权页⾯
filterMap.put("/user/add","perms[user:add]"); //是user⽤户还必须有add权限才可以访问
filterMap.put("/user/update","perms[user:update]");
//        filterMap.put("/user/add","authc"); // ⽅法1
//        filterMap.put("/user/update","authc");
//把上⾯两⾏代码合成⼀个
filterMap.put("/user/*","authc");
bean.setFilterChainDefinitionMap(filterMap);
//设置登录的请求
bean.setLoginUrl("/toLogin");
//未授权页⾯
bean.setUnauthorizedUrl("/noauth");
return bean;
}
//DefaultWebSecurityManager  第⼆步
@Bean(name="securityManager")
public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm){
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//关联UserRealm
securityManager.setRealm(userRealm);
return securityManager;
}
//创建 realm对象,需要⾃定义第⼀步
@Bean
public UserRealm userRealm(){
return new UserRealm();
}
//整合ShiroDialect:⽤来整合shiro thymeleaf
@Bean
public ShiroDialect getShiroDialect(){
return new ShiroDialect();
}
}
index.html
<!DOCTYPE html>
<html lang="en" xmlns:th=""
xmlns:shiro="/thymeleaf-extras-shiro">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<h1>⾸页</h1>
<!--从session中判断值-->
<div th:if="${session.loginUser==null}">
<a th:href="@{/toLogin}">登录</a>
</div>
<p th:text="${msg}"></p>
<hr>
<div shiro:hasPermission="user:add">
<a th:href="@{/user/add}">add</a>
</div>
<div shiro:hasPermission="user:update">
<a th:href="@{/user/update}">update</a>
</div>
</body>
</html>
连接数据库:
jdbc:mysql://localhost:3306/?serverTimezone=GMT
Swagger
学习⽬标:
了解Swagger的作⽤和概念
了解前后端分离
在SpringBoot中集成Swagger
Swagger简介
shiro安全框架
前后端分离
Vue + SpringBoot
后端时代:前端只⽤管理静态页⾯;html==>后端。模板引擎JSP=>后端是主⼒。
前后端分离时代:
后端:后端控制层,服务层,数据访问层
前端:前端控制层,视图层
伪造后端数据,json交互。已经存在了,不需要后端,前端⼯程依旧能跑出来。
前后端如何交互?===> API
前后端相对独⽴,松耦合
前后端甚⾄可以部署在不同的服务器上;
产⽣⼀个问题:
前后端集成联调,前端⼈员和后端⼈员⽆法做到,及时协商。尽早解决,最终导致问题集中爆发;
解决⽅案:
⾸先指定schema[计划的提纲],实时更新最新API,降低集成的风险
早些年:制定word计划⽂档;
前后端分离:
前端测试后端接⼝:postman
后端提供接⼝,需要实时更新最新的消息及改动。
Swagger
号称世界上最流⾏的APi框架
RestFul Api⽂档在线⾃动⽣成⼯具=>Api⽂档与API定义同步更新。
直接运⾏,可以在线测试API接⼝;
⽀持多种语⾔(Java php)
在项⽬中使⽤Swagger需要springbox
swagger2
ui
SpringBoot集成Swagger
1.新建⼀个SpringBoot-web项⽬
2.导⼊相关依赖
注意点:导⼊最新的3.0.0版本访问不了页⾯,需要降级
<dependencies>
<!-- mvnrepository/artifact/io.springfox/springfox-swagger2 -->
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>2.9.2</version>
</dependency>
<!-- mvnrepository/artifact/io.springfox/springfox-swagger-ui -->
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>2.9.2</version>
</dependency>
3.编写⼀个Hello⼯程
package com.ller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController //由于我们没有页⾯所有要给他返回⼀个字符串
public class HelloController {
@RequestMapping(value = "/hello")
public String hello(){
return "hello";
}
}
**出现的错误: Error starting ApplicationContext. To display the conditions report re-run your applicat
ion with 'debug' enabled. 2021-04-23 19:25:08.794 ERROR 14588 --- [ main] o.s.b.d.LoggingFailureAnalysisReporter : **
⼀般出现这个错误的原因是:另外还存在⼀个项⽬在运⾏,把另外⼀个项⽬关掉即可。
4.配置Swagger==>Config
package com.fig;
import t.annotation.Configuration;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
@Configuration //相当于@Component
@EnableSwagger2  //开启Swagger2
public class SwaggerConfig {
}
配置Swagger
Swagger的bean实例Docket;
package com.fig;
import t.annotation.Bean;
import t.annotation.Configuration;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.ArrayList;
@Configuration //相当于@Component
@EnableSwagger2  //开启Swagger2
public class SwaggerConfig {
//配置了swagger的Docket的bean实例
@Bean
public Docket docket(){
return new Docket(DocumentationType.SWAGGER_2)
.apiInfo(apiInfo());
}
//配置Swagger信息 = apiInfo
private ApiInfo apiInfo(){
/
/作者信息
Contact contact = new Contact("秦疆", "blog.kuangstudy/", "24736743@qq");        return new ApiInfo("狂神的SwaggerAPI⽂档",
"即使再⼩的帆也能远航",
"v1.0", "blog.kuangstudy",
contact, "Apache 2.0",
"/licenses/LICENSE-2.0",
new ArrayList());
}
}
这个拥有所有的扫描接⼝:
Swagger配置扫描接⼝
package com.fig;
import t.annotation.Bean;
import t.annotation.Configuration;
import springfox.documentation.builders.RequestHandlerSelectors;
import springfox.documentation.service.ApiInfo;
import springfox.documentation.service.Contact;
import springfox.documentation.spi.DocumentationType;
import springfox.documentation.spring.web.plugins.Docket;
import springfox.documentation.swagger2.annotations.EnableSwagger2;
import java.util.ArrayList;
@Configuration //相当于@Component
@EnableSwagger2  //开启Swagger2
public class SwaggerConfig {
//配置了swagger的Docket的bean实例
@Bean
public Docket docket(){
return new Docket(DocumentationType.SWAGGER_2)

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。