In the previous mall project, I was mainly responsible for the management of front-end user login, user registration and member management functions of the mall background management system. At that time, the front-end user login was based on Token login. The specific process is as follows:
First, the user sends a request to the back-end login interface after entering the user name and password at the front-end. After the back-end login interface passes the verification, a Token will be generated and returned to the front-end. The request header is sent to the background, and the logged-in resources can only be accessed after the background verification is completed.
The previous session-based login method is to store user information in the session after the user successfully logs in, but this is not conducive to the horizontal expansion of the program, and as the number of logged-in users increases, it will continue to occupy the memory resources of the server. Now this token-based login method stores user information in the client after successful login, which does not occupy additional memory resources on the server, and through signature and verification, the data can be guaranteed not to be tampered with.
Next, I will talk about the details and specific steps of logging in.
The first is the back-end login interface. I will perform various non-empty judgments and account password comparison verification. If it succeeds, I will call the jwt tool class to generate a Token method and pass in the user id to get a Token. Then I will pass The generated Token is stored in redis, the generated Token is used as the key, and null is used as the value, and then the generated Token can be sent to the front desk
Update here first, and I will talk about the specific steps of my back-end login interception later. Record life love life