Sa-Token is a lightweight Java authority authentication framework, which mainly solves a series of authority-related issues such as login authentication, authority authentication, distributed Session sessions, single sign-on, and OAuth2.0.
The framework is adapted to many common businesses such as kicking people offline, automatic renewal, separation of front and back, distributed conversations, etc. Through Sa-Token, you can realize the authority authentication part of the system in a very simple way
Sa-Token v1.30.0 version update includes the following:
- Added: Added an example of integrating Web-Socket authentication. [important]
- Added: Added an example of integrating Web-Socket (Spring package version) authentication.
- New: Add jfinal integration package
sa-token-jfinal-plugin[important] - Added: Added jboot integration package
sa-token-jboot-plugin(thanks to @nxstv for submitting the pr) StpUtil.getExtra("key")Fix: Fix invalid bug when integrating sa-token-jwt Style mode- Upgrade: upgrade
sa-token-context-dubbodubbo version:2.7.11->2.7.15 - Upgrade: With the help of
flatten-maven-pluginunified version number definition (thanks to the pr submitted by @ruansheng8) [important] - Fix: Fix the problem that the plug-in circular dependency cannot be started
springboot 2.6.xunderquick-login - Optimization:
sa-token-spring-aopChange the dependencysa-token-coreto avoid the problem of starting error reporting in the webflux environment - Optimization: Changed source code annotation device identification to device type to be more semantic
- Fix: Solve the problem that dubbo parameters become lowercase under some protocols, resulting in invalid
Id-Tokenauthentication - Upgrade: Unit test upgrade to JUnit5
- Added: Added
maxLoginCountconfiguration , specifying the maximum number of simultaneous online accounts for the same account [important] - Upgrade: Completely delete the SaTokenAction interface and completely replace it with SaStrategy
- Added: Added
sa-token-dao-redisxplugin , thanks to the pr submitted by @noear [important] - Optimization: Add an exception prompt when parseToken is not configured with a jwt key, thanks to the pr submitted by @BATTLEHAWK00
- Optimization: sso, oauth2 plug-in calls the configuration class to use the getter method, thanks to the pr submitted by @Naah
- Added: New json converter module
- Refactoring: SaTokenListener#doLogin method adds tokenValue parameter [not backward compatible]
- Upgrade: SpringBoot related components depend on version upgrade to
2.5.12 - Documentation: Online Documentation All
AjaxJsonchanged toSaResult - Documentation: "Multi-account authentication" -> Change to "Multi-account authentication"
- Documentation: New dynamic demo diagrams in some chapters [important]
- Upgrade: Top-level exception class
SaTokenExceptionAdd code exception subdivision status code. See [important] for details - Note the upgrade: Affected by the abnormal subdivision status code, the method
NotPermissionExceptionin the class is changed .getCode()getPermission()[not backward compatible] - SSO module upgrade:
- Refactor: SSO module split from core package into standalone plugin
sa-token-sso[important] - Optimization: In the SSO mode three single-point logout callback method, the logout statement is changed to:
stpLogic.logout(loginId)more suitable for the scenario - Fix: Solve the problem of double back parameters caused by the internal implementation inconsistency of some Servlet versions when sso builds the authentication address.
- Upgrade: SSO module provides fine-grained exception handling
- Refactoring: SSO mode three interfaces
/sso/checkTicket,/sso/logout, change the response body format [not backward compatible] - Optimization: SSO mode three single logout building examples are added
try-catchto improve fault tolerance - Optimization:
SsoUtil.singleLogoutchanged toSsoUtil.ssoLogout, and no need to provide secretkey parameter [not backward compatible] - Upgrade: Change the interface call of SSO mode 3 to signature verification. [Important] [Not backward compatible]
- Added: Added an example of docking without sdk in the SSO mode for three times, thanks to @Sa-Potion for the suggestion and feedback [important]
- Refactor: SSO module split from core package into standalone plugin
- sa-token-jwt module upgrade:
- Refactoring:
sa-token-jwtcreation, mandatory verification of loginType [not backward compatible] - Refactoring:
StpLogicJwtForStatelesschange from rewriting login method to rewriting createLoginSession - Refactoring:
SaJwtUtilThe tool class no longer swallows exception messages, and provides fine-grained exception codes. - Refactoring: renamed: StpLogicJwtForStyle -> StpLogicJwtForSimple
- Refactoring: renamed: StpLogicJwtForMix -> StpLogicJwtForMixin
- Fix: Fix the bug that the Extra data may be affected by the old token in
StpLogicJwtForSimplethe mode
- Refactoring:
Code repository: https://gitee.com/dromara/sa-token
Framework function structure diagram:
