Python combat community
Java combat community
Long press to identify the QR code below, add as required
Scan QR code to follow to add customer service
Enter the Python community▲
Scan QR code to follow to add customer service
Enter the Java community ▲
Author: huanzi-qch
Source: cnblogs.com/huanzi-qch/p/11534203.html
Preface
This is a simple and universal background management system, the main functions are: authority management, menu management, user management, system settings, real-time logs, real-time monitoring, API encryption, and login users to modify passwords, configure personalized menus, etc.
Technology stack
Front end: layui
java后端:SpringBoot + Thymeleaf + WebSocket + Spring Security + SpringData-Jpa + MySql
Engineering structure description
The java part, html, js, css part are all stored in a sub-directory under a single table
Run preview
The effect is first to see, the specific introduction is below, and the detailed introduction is carried out by function point
Demo
log in
(For the convenience of demonstration, the type of the password input box is changed to text) The configuration file branch selection, the dev environment does not need to enter the verification code.
Support multiple login restrictions at the same time.
Allow/prohibit multiple accounts online.
Soft delete
Restrict login IP address
Account expired
More login restrictions, you can continue to expand.
System settings
Here is a simple system property setting. If you want to support more configurations, you can expand it yourself (such as here: user management initial, reset password).
Some new functions have been added to the system settings, see "Supplemental Update" at the end of the article
Menu management
Menu management is a layui Tree
authority management
Add, delete, modify
Dynamic permission loading
The loading of permissions is not written in the code, but dynamically read from the database, and the permission set is updated every time the save method is called.
1. Daji has ROLE_USER permission, the permission content is empty, and he has no right to access the path under /sys/ (http://localhost:8888/sys/sysUser/get/1)
2. Use the sa super administrator to edit the authority management, add /sys/** to the authority content of ROLE_USER, and Da has the authority to access immediately (http://localhost:8888/sys/sysUser/get/1)
User Management
It mainly includes the maintenance of user information, login restrictions, and the distribution of menus and permissions.
Modifying user permissions will take effect the next time you log in.
Modifying the user menu takes effect by refreshing the system.
User management adds "current online user" management, see "Supplemental Update" at the end of the article for details
Login user information
Basic Information
The logged-in user can only modify part of the information, such as name and password
change Password
The password is encrypted by MD5 and converted into a hexadecimal string for storage. In addition to actively changing the password, the user can also call the administrator to reset the password.
Personalized menu
Users can configure their own personalized shortcut menu.
Real-time log
Using websocket, the log is output to the web page in real time, refreshed every second.
Note: The log configuration here only configures the dev environment, and the prod environment is not yet empty. Remember to configure it before releasing the production environment, otherwise the log file generated will not enter the log content!
real time monitoring
Real-time monitoring is the system hardware environment and jvm runtime memory. Note: Because I don’t have a Linux environment yet, I only tested the windows environment. If you have any questions, please give feedback in time. Thank you!
Use websocket to output data to the web page in real time, refreshed every 1 second.
API encryption
Request parameter encryption
Response data encryption
1. A new API encryption switch is added to the system settings, which can be turned off and on with one click;
Enable API encryption
Turn off API encryption
Key points explained
1. Customize URL access permissions, dynamic permissions to read, you need to customize the configuration of the authentication data source, authentication manager, and interceptor. For detailed steps, please refer to: https://www.jianshu.com/p/0a06496e75ea;
2. In API encryption, because the login verification is done by Spring Security, we must complete the decryption operation before the UsernamePasswordAuthenticationFilter obtains the account and password. It happens that our verification verification code operation is before it, and the response data is encrypted at the same time Operation, so the API encryption of the login part is not enough to follow our previous blog. It needs to be decrypted in CaptchaFilterConfig. After decryption, a new custom RequestWrapper sets Parameter, and this new object is passed to doFilter for further processing.
3. It is still the issue of API encryption. We generate the back-end RSA key pair when the program starts. Normally, we can get it from the front-end when we visit the login page to log in, but in the development environment, we usually enable it. Hot deployment function, the program may restart automatically after changing the code, but the login user information is still kept in the local thread, the system is still logged in and the login page is not redirected, resulting in the back-end public key has been changed, but the front-end still uses the old one The back-end public key of, all causes the encryption and decryption to fail; solution: also obtain the back-end public key when accessing the index homepage, so that you can refresh the page after the idea is hot deployed during development (the latest code has been submitted to solve the hot deployment After refreshing the page or API encryption and decryption failed; now refresh the page after hot deployment)
4. Many people don't know that the project has a tool class CodeDOM.java that can generate a complete set of single table additions, deletions, modifications, and back-end codes.
Configure the database and specify the code generation parent location.
Run the main function to generate a set of single-table addition, deletion, modification, and query background codes with one click.
postscript
This is just a relatively simple and general back-end system. If you join the workflow, you can upgrade to a basic platform. To simplify business development, some general system functions are organized into independent projects, and specific business functions are embedded through iframes.
1. Added the use of Baidu rich text.
Corresponding to the field type, mysql should be changed to longtext
2. Added the ""Remember Me"" function, that is, rememberMe. For the principle and source code exploration, please see the blog of this big guy:
https://blog.csdn.net/qq_37142346/article/details/80114609
Need to add a table, I also updated the SQL file.
4. New system colors are added to the system settings. The colors of the head and left menu can be switched according to mood (SQL files have been updated simultaneously)
5. The user management module adds "current online users" management, which can view current online users in real time and perform forced offline operations on current online users.
Source code address acquisition:
Recognize the QR code below, and reply after paying attention [Management System]
To get the download link
Scan the QR code above to follow and reply: management system
Linux 学习笔记
同时,还有一份珍贵的 Linux 基础资料免费共享给大家!不论是高级开发和运维工程师,Linux 命令熟练程度,决定了你的职场上限!
资料介绍这份资料非常全面且详细,从 Linux 常用命令到 Linux 常用操作,再到网络管理、性能优化,几乎覆盖了 Linux 基础学习的方方面面,非常适合初学者入门!资料也按目录进行编排,每一章下面都有更具体的内容:而且,这份资料不是扫描版的,里面的文字都可以直接复制,非常便于我们学习:
如何获取?1. 识别并关注公众号「程序员专栏」;
2. 在下面公众号后台回复关键字「Linux笔记」。
????长按上方二维码 2 秒
回复「Linux笔记」即可获取资料