1.pom file and add the shiro rely aop
<!-- shiro -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-aop</artifactId>
</dependency>
2. directory hierarchy
store entity bean class
config store configuration class
controller storage control class
dao stored data interface
service storage business class
Public method to store tools
3. The establishment of the entity class
The main entity class are users, roles and permissions category
3.1 user class
Get and set methods are omitted
Some fields can do under the circumstances, but id, username, password and salt are necessary field properties, salt is salt passwords, encryption password necessary attributes
Create a time log in here once last time that Long, should be stored in the form of a time stamp is the time for me, java timestamp obtained is 13 digits exceeds the maximum number of unsigned int
The following is roleList corresponding to a plurality of user roles and the user roles and many to many relationship, the role of the class should have similar properties
3.2 Role category
Omitted get and set
Essential role in class field also id and name, plus you can see the situation described and status
User roles and permissions are many relationships
3.3 Permissions class
Get and set methods are omitted
And the role of similar class, the necessary fields are not many, only the id, name and relationUrl is hoplinks
Permissions and roles are many relationship
3.4 database table
After three entities to establish if your class is not related tables in the database will automatically create a user, role and permission three tables in your database at the moment you save
However, it is recommended to establish their own, should not automatically created for the table comment, the field is not the best field, the following table shows the build table sql
TABLE `user` the CREATE (
` id` int (10) unsigned the AUTO_INCREMENT the NOT NULL,
`username` VARCHAR (20 is) the COMMENT the NOT NULL 'user name, use log',
` password` VARCHAR (32) the COMMENT the NOT NULL 'password' ,
`email` VARCHAR (64) the COMMENT the DEFAULT nULL 'mailbox',
` phone` int (. 11) the COMMENT unsigned the DEFAULT nULL 'telephone number',
`nickname` VARCHAR (32) the CHARACTER the SET nULL the DEFAULT utf8mb4 the COLLATE utf8mb4_0900_ai_ci the COMMENT 'nicknames, null when using the username ',
`salt` VARCHAR (32) the CHARACTER the SET NULL the DEFAULT utf8mb4 the COLLATE utf8mb4_0900_ai_ci the COMMENT' password salt ',
` ip` VARCHAR (. 8) the COMMENT the DEFAULT NULL' last login IP ',
`create_time` BIGINT (13 is) unsigned NOT NULL COMMENT 'registration date',
`last_login` BIGINT (13 is) the COMMENT unsigned the DEFAULT NULL 'Last login time '
`is_use` tinyint (1) unsigned NOT NULL DEFAULT '1' COMMENT ' Status: Normal 0 1 2 Freeze delete',
a PRIMARY KEY (` id`)
) =. 5 ENGINE = the InnoDB the AUTO_INCREMENT the DEFAULT utf8mb4 the COLLATE the CHARSET = = = utf8mb4_0900_ai_ci the COMMENT ' user table';
TABLE `role` the CREATE (
` id` int (10) unsigned the AUTO_INCREMENT the NOT NULL,
`name` VARCHAR (20 is) the COMMENT the NOT NULL 'name',
` description` VARCHAR (255) the COMMENT the DEFAULT NULL 'Description',
`is_use` tinyint (1) unsigned NOT NULL DEFAULT ' 1' COMMENT ' status: normal 0 1 deprecated',
`create_time` BIGINT (13 is) the NOT NULL the DEFAULT unsigned '0' the COMMENT 'created',
` update_time` BIGINT (13 is) the NOT unsigned NULL DEFAULT '0' COMMENT 'update',
a PRIMARY KEY ( `id`)
) = ENGINE the InnoDB the DEFAULT the CHARSET = UTF8 the COMMENT = 'character table';
TABLE `permission` the CREATE (
` id` int (10) unsigned the AUTO_INCREMENT the NOT NULL,
`name` VARCHAR (20 is) the COMMENT the NOT NULL 'name',
` description` VARCHAR (255) the COMMENT the DEFAULT NULL 'Description',
`type` VARCHAR (32) NOT NULL DEFAULT 'menu ' COMMENT ' type: MENU, Botton',
`relation_url` VARCHAR (255) the COMMENT the DEFAULT NULL 'associative links',
` permission` VARCHAR (32) the NOT NULL the DEFAULT' * 'the COMMENT' permission type : * Full create new update delete modify delete view to view, separated by commas between multiple ',
`super_id` int (10) unsigned the DEFAULT NULL the COMMENT' parent of the above mentioned id ',
` create_time` bigint (13) unsigned the NOT NULL the COMMENT 'created',
`update_time` BIGINT (13 is) the COMMENT unsigned the NOT NULL 'update',
` is_use` tinyint (. 1) the NOT NULL the DEFAULT unsigned '. 1'COMMENT 'Status: Normal 0 1 deprecated',
a PRIMARY KEY ( `id`)
) ENGINE = InnoDB DEFAULT CHARSET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci COMMENT = 'permission table';
4. placed shiro
4.1 Establish MyRealm.java in the config
This class action is to do a link check permissions and login authentication, login authentication should all understand, is to distinguish between links to check whether a user has the role has permission to access this link
MyRealm class inheritance AuthorizingRealm
4.1.1 Link check
Link verification method for the two-loop through all of the user role permissions eleven out whether there is proof access
4.1.2 login authentication
In the method, some comments also incomplete to say, the main thing to say is new SimpleAuthentication four parameters
user refers to the user class
user.getPassword () refers to the user password stored in the database
ByteSource.Util.bytes (user.getSalt ()) refers to the user password salt
getName () is the realm of name
4.2 in the same category established ShiroConfig.java config package
4.2.1 filter methods shiroFilter
Comment has been said very clearly, here we emphasize that
Is that this method is executed order / ** must be placed behind
4.2.2 The remaining method
Note that the number of hash algorithm and hash algorithm first method requires, we need to match the method of registration, or login go wrong
5. Registration
Registration and login codes will be shown in the form of a process, rather than directly to an interface of a class code and paste it directly
5.1 front-end registration page
Login.html established in src / main / resources / templates in
Here to register and sign in one interface
Front page effect
A very simple interface specifically how to write is not to discuss the
5.2 UserController established in the controller package, and then establish registration control method regist
5.3 Service Pack establish UserService class, the write controller class registration method regist need to use ()
A basic understanding of the above two methods should not be difficult, but more use of two tools
One is EncryptionUtil and Complex
Complex Method isNumber tool or the like is not demonstrated, this is just a simple way to determine whether the character string is converted into a digital or other methods Long
The method also put a little while later EncryptionUtil
5.4 Establish UserRepository repository interface in the dao package
This interface you do not have to implement it, it will automatically go through what you offer inquiry
For example findByUsername will automatically take the string you provide in a database to match the username field
5.5 establish Complex.java and EncryptionUtil.java two tools in tools package
Complex is a complex tool, are stored as static methods can be called directly with a variety of classes and methods, there is no correlation method
EncryptionUtil is designed to do the work of encryption tools
This method is the original password string coming encrypted
salt is the salt generated password system, a string of 32 characters
The password is the password of the original salt + password twice encrypted using md5 hashing algorithm to here () method which is described class matches ShiroConfig hashedCredentialsMatcher
Return to map the password and encryption password salt
Here the entire registration process even completed
6. Log
6.1 front-end code
Also in the login.html
Here th: src = "@ {/ validateCode}" the grammatical thymeleaf, is to request a rear end with a "/ validateCode" annotated get codes, not described here first
Front Display
5.2 Control category
Also create a login method UserController the login ()
But the situation here is only login process fails, the success of the treatment in ShiroConfig
Specific methods to explain comments also said that comparisons to understand
@resource following two lines can be ignored, that is the method used by the verification code
For Service and Repository will not repeat show, log need to use UserService.findByNameOrPhone mentioned earlier () method with the registered overlap