發布時間:2018-10-24
技術:springboot,mybatis,maven,shiro
概述
Springboot作為基礎框架,使用mybatis作為持久層框架 使用官方推薦的thymeleaf做為模板引擎,shiro作為安全框架,主流技術,“一網打盡” 基於注解的sql寫法,零XML,極簡配置,一鍵前后台代碼生成
詳細
一、前言
1,java服務端開發人員
2,初級人員開發人員
3,了解spring springboot+maven+mybatis+shrio
3,對框架基本掌握
(2) 你需要准備什么?
1,積極主動學習
2,java框架搭建部署
3,java后端幾大框架掌握如(spring springboot maven mybatis)
二、前期准備工作
軟件環境:eclipse
官方下載:https://www.eclipse.org/downloads/
1丶基本需求
1,實現后台權限管理
-
用戶管理:用戶是系統操作者,該功能主要完成系統用戶配置。
-
機構管理:配置系統組織機構(公司、部門、小組),樹結構展現,可隨意調整上下級。
-
區域管理:系統城市區域模型,如:國家、省市、地市、區縣的維護。
-
菜單管理:配置系統菜單,操作權限,按鈕權限標識等。
-
角色管理:角色菜單權限分配、設置角色按機構進行數據范圍權限划分。
-
字典管理:對系統中經常使用的一些較為固定的數據進行維護,如:是否、男女、類別、級別等。
-
操作日志:系統正常操作日志記錄和查詢;系統異常信息日志記錄和查詢。
-
連接池監視:監視當期系統數據庫連接池狀態,可進行分析SQL找出系統性能瓶頸。
-
工作流引擎:實現業務工單流轉、在線流程設計器。
前端
1. Bootstrap
2. jQuery
3. bootstrap-table
4. layer
5. jsTree
6. summernote
7. jquery-validate
8. jquery-treegrid
三、項目結構
項目目錄結構
數據庫表
eclipse導入,選擇到項目以后,選擇maven,一路默認選擇到打開項目
sql文件復制並在mysql中運行創建好數據庫表
打開application-dev.yml文件,修改其中的數據庫連接+用戶名+密碼。另外一個application-pro.yml文件是 生產環境使用,具體使用哪一個是在application.yml中指定
server:
port: 8080
tomcat:
uri-encoding: utf-8
context-path: /
spring:
thymeleaf:
mode: LEGACYHTML5
cache: false
jackson:
time-zone: GMT+8
date-format: yyyy-MM-dd HH:mm:ss
profiles:
active: dev
http:
multipart:
max-file-size: 30Mb
max-request-size: 30Mb
devtools:
restart:
enabled: true
mybatis:
configuration:
map-underscore-to-camel-case: true
mapper-locations: mybatis/**/*Mapper.xml
typeAliasesPackage: com.system.**.domain
四、程序實現
loginCotrller 登錄接口
package com.system.contrller;
import java.util.List;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.system.common.annotation.Log;
import com.system.common.domain.Tree;
import com.system.common.utils.MD5Utils;
import com.system.common.utils.R;
import com.system.common.utils.ShiroUtils;
import com.system.domain.MenuDO;
import com.system.service.MenuService;
@Controller
public class loginCotrller extends BaseController {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
@Autowired
MenuService menuService;
@GetMapping({ "/", "" })
String welcome(Model model) {
return "redirect:/login";
}
@Log("請求訪問主頁")
@GetMapping({ "/index" })
String index(Model model) {
List<Tree<MenuDO>> menus = menuService.listMenuTree(getUserId());
model.addAttribute("menus", menus);
model.addAttribute("name", getUser().getName());
model.addAttribute("username", getUser().getUsername());
return "index_v1";
}
@GetMapping("/login")
String login() {
return "login";
}
@Log("登錄")
@PostMapping(value="/login")
@ResponseBody
R ajaxLogin(String username, String password) {
password = MD5Utils.encrypt(username, password);
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
Subject subject = SecurityUtils.getSubject();
try {
subject.login(token);
return R.ok();
} catch (AuthenticationException e) {
return R.error("用戶或密碼錯誤");
}
}
@GetMapping("/logout")
String logout() {
ShiroUtils.logout();
return "redirect:/login";
}
@GetMapping("/main")
String main() {
return "main";
}
@GetMapping("/403")
String error403() {
return "403";
}
}
如何配置讓shiro執行我們的自定義sessionManager呢?下面看ShiroConfig類。
import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.session.mgt.eis.MemorySessionDAO;
import org.apache.shiro.session.mgt.eis.SessionDAO;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import com.system.shiro.UserRealm;
import java.util.ArrayList;
import java.util.Collection;
import java.util.LinkedHashMap;
@Configuration
public class ShiroConfig {
@Bean
public EhCacheManager getEhCacheManager() {
EhCacheManager em = new EhCacheManager();
em.setCacheManagerConfigFile("classpath:config/ehcache.xml");
return em;
}
@Bean
UserRealm userRealm(EhCacheManager cacheManager) {
UserRealm userRealm = new UserRealm();
userRealm.setCacheManager(cacheManager);
return userRealm;
}
@Bean
SessionDAO sessionDAO() {
MemorySessionDAO sessionDAO = new MemorySessionDAO();
return sessionDAO;
}
@Bean
public SessionManager sessionManager() {
DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
Collection<SessionListener> listeners = new ArrayList<SessionListener>();
listeners.add(new BDSessionListener());
sessionManager.setSessionListeners(listeners);
sessionManager.setSessionDAO(sessionDAO());
return sessionManager;
}
@Bean
SecurityManager securityManager(UserRealm userRealm) {
DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
manager.setRealm(userRealm);
manager.setCacheManager(getEhCacheManager());
manager.setSessionManager(sessionManager());
return manager;
}
@Bean
ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
shiroFilterFactoryBean.setLoginUrl("/login");
shiroFilterFactoryBean.setSuccessUrl("/index");
shiroFilterFactoryBean.setUnauthorizedUrl("/403");
LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
filterChainDefinitionMap.put("/css/**", "anon");
filterChainDefinitionMap.put("/js/**", "anon");
filterChainDefinitionMap.put("/fonts/**", "anon");
filterChainDefinitionMap.put("/img/**", "anon");
filterChainDefinitionMap.put("/qrimg/**", "anon");
filterChainDefinitionMap.put("/docs/**", "anon");
filterChainDefinitionMap.put("/druid/**", "anon");
filterChainDefinitionMap.put("/upload/**", "anon");
filterChainDefinitionMap.put("/files/**", "anon");
filterChainDefinitionMap.put("/logout", "logout");
filterChainDefinitionMap.put("/", "anon");
filterChainDefinitionMap.put("/blog", "anon");
filterChainDefinitionMap.put("/wx/**", "anon");
filterChainDefinitionMap.put("/dist/**", "anon");
filterChainDefinitionMap.put("/blog/open/**", "anon");
filterChainDefinitionMap.put("/**", "anon");
filterChainDefinitionMap.put("/swagger-ui/**", "anon");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
@Bean("lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
}
@Bean
public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
proxyCreator.setProxyTargetClass(true);
return proxyCreator;
}
@Bean
public ShiroDialect shiroDialect() {
return new ShiroDialect();
}
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(
@Qualifier("securityManager") SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
authorizationAttributeSourceAdvisor.setSecurityManager(securityManager);
return authorizationAttributeSourceAdvisor;
}
}
五、項目運行效果
代碼太多不一一貼出來了讓我們看下展示效果
訪問地址 localhost:8080 如圖
1,用戶管理
2,角色管理
3,系統菜單
