⼩程序登录JAVA后台,java初级⾯试笔试题
我总结出了很多互联⽹公司的⾯试题及答案,并整理成了⽂档,以及各种学习的进阶学习资料,免费分享给⼤家。
扫描⼆维码或搜索下图红⾊VX号,加VX好友,拉你进【程序员⾯试学习交流】免费领取。也欢迎各位⼀起在里探讨技术。
登录流程时序登录流程时序
具体的登录说明查看
项⽬的结构图:
springboot项⽬搭建
使⽤idea作为开发⼯具,由gradle构建项⽬,搭建springboot项⽬,对这块⼉不熟悉的可以⾃⾏去学习,此处不多赘述。下⾯是核⼼的配置⽂件。l中配置springboot默认的参数,application.properties配置⾃定义的参数,可以统⼀配置在⼀个⽂件中,依据个⼈习惯。
buildscript {
ext {
springBootVersion = '1.5.10.RELEASE'
}
repositories {
mavenLocal()
maven { url 'maven.aliyun/nexus/content/groups/public' }
mavenCentral()
}
dependencies {
classpath("org.springframework.boot:spring-boot-gradle-plugin:${springBootVersion}")    }
}
apply plugin: 'java'
apply plugin: 'org.springframework.boot'
group = 'xin.yangmj'
version = '1.0.1'
sourceCompatibility = 1.8
repositories {
mavenLocal()
maven { url 'maven.aliyun/nexus/content/groups/public' }
mavenCentral()
}
dependencies {
compile('org.springframework.boot:spring-boot-starter-cache')
compile('org.springframework.boot:spring-boot-starter-data-redis')
compile('batis.spring.boot:mybatis-spring-boot-starter:1.3.1')
compile('org.springframework.boot:spring-boot-starter-security')
compile('org.springframework.boot:spring-boot-starter-web')
compile('mysql:mysql-connector-java')
compile('org.springframework.security:spring-security-test')
testCompile('org.springframework.boot:spring-boot-starter-test')
testCompile('org.springframework.boot:spring-boot-starter-test')
compile group: 'org.apachemons', name: 'commons-lang3', version: '3.7'
}
logging:
level:
root: DEBUG
spring:
datasource:
url: jdbc:mysql://localhost/remindme?allowMultiQueries=true&useUnicode=true&characterEncoding=UTF-8        username: root
password: root
driver-class-name: sql.jdbc.Driver
redis:
host: localhost
password:
port: 6379
mybatis:
mapperLocations: classpath:mapper/*.xml
configuration:
mapUnderscoreToCamelCase: true
default-enum-type-handler: org.pe.EnumOrdinalTypeHandler
application.properties
# JWT相关配置
jwt.header=Authorization
# 过期时间
# 注意有⼀个空格
# wechat Auth
auth.wechat.sessionHost=api.weixin.qq/sns/jscode2session auth.wechat.appId=***
auth.wechat.secret=***
antType=authorization_code
权限相关的配置
WebSecurityConfig.java
@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtAuthenticationEntryPoint unauthorizedHandler;
@Bean
public ThirdSessionAuthFilter authenticationTokenFilterBean() throws Exception {
return new ThirdSessionAuthFilter();
}
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity
// 由于使⽤的是JWT,我们这⾥不需要csrf
.csrf().disable()
.exceptionHandling().authenticationEntryPoint(unauthorizedHandler).and()
// 基于token,所以不需要session
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS).and()
.authorizeRequests()
// 允许对test的⽆授权访问
.
antMatchers(HttpMethod.GET, "/test").permitAll()
// 对于获取token的rest api要允许匿名访问
.antMatchers("/auth").permitAll();
// 添加本地地三⽅session filter
httpSecurity
.addFilterBefore(authenticationTokenFilterBean(), UsernamePasswordAuthenticationFilter.class);
// 禁⽤缓存
httpSecurity.headers().cacheControl();有趣的java小程序
}
}
ThirdSessionAuthFilter.java

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。