Sign in Sign up
Explore Enterprise Education Gitee Premium Gitee AI
Open Source > Development Lib > Security Dev &&
Scan WeChat QR to Pay
Cancel
Complete
Watch
Unwatch Watching Releases Only Ignoring
40 Star 288 Fork 69

baomidou/shaun

Code Issues 1 Pull Requests 0 Wiki Insights Pipelines
Service
Create your Gitee Account
Explore and code with more than 12 million developers,Free private repositories !:)
Sign up
Clone or Download
Branches 2
Tags 0
contribute
Sync branch
Create Pull Request
known more
See difference Through Pull Request Sync
Sync branch
Through Pull Request Sync
A Pull Request will be created to the current
branch and will be merged in to complete the sync
Cancel
Notice: Creating folder will generate an empty file .keep, because not support in Git
gradle
shaun-core
shaun-spring-boot-starter
shaun-togglz
tests
.gitignore
CHANGELOG.md
LICENSE
README.md
build.gradle
gradle.properties
gradlew
gradlew.bat
license.txt
settings.gradle
Loading...
README
Apache-2.0

基于 pac4j-jwt 的 WEB 安全组件

简介

主要依托 pac4j-jwt 来提供默认使用 JWT 的 WEB 安全组件

JDK shaun spring boot
17 2.x 3.x
8 1.x 2.x

优点

  • 迅速集成,只需要少量配置+代码即可实现基本的接口防护
  • 默认使用 jwt 进行身份认证
  • 灵活的 jwt 配置,默认签名+加密
  • 更多高级功能只需实现对应接口并注入到spring容器内
  • 本框架各类均不会使用session(pac4j提供的类除外)
  • 前后端不分离下,能依托pac4j的各种client快速集成三方登录(redirect跳转那种),例如oauth(qq,微信) 和 cas。

模块简介

  • shaun-core: 核心包。
  • shaun-togglz: 提供对 togglzUserProvider 一个实现类
  • shaun-spring-boot-starter: spring boot 快速启动包。
  • tests下: 各种测试演示。

安装

  1. 引入: shaun-spring-boot-starter 和 spring-boot-starter-web
<dependency>
    <groupId>com.baomidou</groupId>
    <artifactId>shaun-spring-boot-starter</artifactId>
    <version>Latest Version</version>
</dependency>
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
    <version>spring-boot-version</version>
</dependency>
  1. 配置 application.yml

详情查看 wiki

shaun:
  ......
  security:
    ......
  actuator:
    ......
  thirdParty:
    ......

更多 yml 配置点此查看

  1. 编写登陆代码
import com.baomidou.shaun.core.mgt.SecurityManager;

@Service
public class LoginServiceImpl implements LoginService {

    @Autowired
    private SecurityManager securityManager;

    @Override
    @Transactional
    public String login() {
        // 登录成功后把用户角色权限信息存储到profile中
        final TokenProfile profile = new TokenProfile();
        profile.setId(userId.toString());
        //profile.addRole(role:String);  
        //profile.setRoles(roles:Set);  
        //profile.addPermission(permission:String);
        //profile.setPermissions(permissions:Set);
        //profile.addAttribute("key","value");
        final String token = securityManager.login(profile);
        //如果选择token存cookie里,securityManager.login会进行自动操作
        return token;
    }
  1. 注解权限拦截:

@HasAuthorization , @HasPermission , @HasRole

支持注解在method上以及class

例:

@HasPermission(value = {"add", "edit"}, logical = Logical.BOTH) //权限必须同时存在
@HasPermission(value = {"add", "edit"}, logical = Logical.ANY)  //权限任一存在(默认)
  1. 如何获取用户信息(不需要安全拦截的接口获取不到哦)
TokenProfile profile = ProfileHolder.getProfile();
Copyright 2019-${year} baomidou (wonderming@vip.qq.com) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Starred
288
Star
288
Fork
69

About

基于 pac4j-jwt 的 WEB 安全组件 expand collapse
No labels
Java and 2 more languages
Java
98.6%
HTML
1.4%
Apache-2.0
Use Apache-2.0
Cancel

Releases

No release

The Open Source Evaluation Index is derived from the OSS Compass evaluation system, which evaluates projects around the following three dimensions

1. Open source ecosystem

  • Productivity: To evaluate the ability of open-source projects to output software artifacts and open-source value.
  • Innovation: Used to evaluate the degree of diversity of open source software and its ecosystem.
  • Robustness: Used to evaluate the ability of open-source projects to resist internal and external interference and self recover in the face of changing development environments.

2. Collaboration, People, Software

  • Collaboration: represents the degree and depth of collaboration in open source development behavior.
  • Observe the influence of core personnel in open source projects, and examine the evaluations of users and developers on open source projects from a third-party perspective.
  • Software: Evaluate the value of products exported from open-source projects and their ultimate destination. It is also a concrete manifestation of "open source software", one of the oldest mainstream directions in open source evaluation.

3. Evaluation model

    Based on the dimensions of "open source ecosystem" and "collaboration, people, and software", identify quantifiable indicators directly or indirectly related to this goal, quantitatively evaluate the health and ecology of open source projects, and ultimately form an open source evaluation index.

Contributors

All

Activities

Load More
can not load any more
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
Java
1
https://gitee.com/baomidou/shaun.git
git@gitee.com:baomidou/shaun.git
baomidou
shaun
shaun
master
Going to Help Center

Search

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
Comment
Repository Report
Back to the top