From 7142f4db36e13709183fbf40bfb5121b02133d83 Mon Sep 17 00:00:00 2001
From: click33 <2393584716@qq.com>
Date: Sat, 15 Oct 2022 01:57:34 +0800
Subject: [PATCH] =?UTF-8?q?=E6=B3=A8=E8=A7=A3=E9=89=B4=E6=9D=83=20?=
=?UTF-8?q?=E4=BB=A3=E7=A0=81=E7=A4=BA=E4=BE=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../java/com/pj/SaTokenCaseApplication.java | 3 -
.../java/com/pj/cases/AtCheckController.java | 95 +++++++++++++++++++
.../java/com/pj/cases/KickoutController.java | 2 +
sa-token-doc/use/at-check.md | 12 ++-
sa-token-doc/use/jur-auth.md | 2 +-
sa-token-doc/use/kick.md | 10 ++
sa-token-doc/use/login-auth.md | 2 +-
7 files changed, 118 insertions(+), 8 deletions(-)
create mode 100644 sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/AtCheckController.java
diff --git a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/SaTokenCaseApplication.java b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/SaTokenCaseApplication.java
index 5261af0d..1476151d 100644
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/SaTokenCaseApplication.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/SaTokenCaseApplication.java
@@ -3,8 +3,6 @@ package com.pj;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
-import cn.dev33.satoken.SaManager;
-
/**
* Sa-Token 示例
* @author kong
@@ -15,7 +13,6 @@ public class SaTokenCaseApplication {
public static void main(String[] args) {
SpringApplication.run(SaTokenCaseApplication.class, args);
- System.out.println("\n启动成功:Sa-Token配置如下:" + SaManager.getConfig());
}
}
diff --git a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/AtCheckController.java b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/AtCheckController.java
new file mode 100644
index 00000000..b8df3ee3
--- /dev/null
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/AtCheckController.java
@@ -0,0 +1,95 @@
+package com.pj.cases;
+
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import cn.dev33.satoken.annotation.SaCheckLogin;
+import cn.dev33.satoken.annotation.SaCheckPermission;
+import cn.dev33.satoken.annotation.SaCheckRole;
+import cn.dev33.satoken.annotation.SaIgnore;
+import cn.dev33.satoken.annotation.SaMode;
+import cn.dev33.satoken.util.SaResult;
+
+/**
+ * Sa-Token 注解鉴权示例
+ *
+ * @author kong
+ * @since 2022-10-13
+ */
+@RestController
+@RequestMapping("/at-check/")
+public class AtCheckController {
+
+ /*
+ * 前提1:首先调用登录接口进行登录,代码在 com.pj.cases.LoginAuthController 中有详细解释,此处不再赘述
+ * ---- http://localhost:8081/acc/doLogin?name=zhang&pwd=123456
+ *
+ * 前提2:项目在配置类中注册拦截器 SaInterceptor ,代码在 com.pj.satoken.SaTokenConfigure
+ * 此拦截器将打开注解鉴权功能
+ *
+ * 然后我们就可以使用以下示例中的代码进行注解鉴权了
+ */
+
+ // 登录鉴权 ---- http://localhost:8081/at-check/checkLogin
+ // 登录认证后才可以进入方法
+ @SaCheckLogin
+ @RequestMapping("checkLogin")
+ public SaResult checkLogin() {
+ // 通过注解鉴权后才能进入方法 ...
+ return SaResult.ok();
+ }
+
+ // 权限校验 ---- http://localhost:8081/at-check/checkPermission
+ // 只有具有 user.add 权限的账号才可以进入方法
+ @SaCheckPermission("user.add")
+ @RequestMapping("checkPermission")
+ public SaResult checkPermission() {
+ // ...
+ return SaResult.ok();
+ }
+
+ // 权限校验2 ---- http://localhost:8081/at-check/checkPermission2
+ // 一次性校验多个权限,必须全部拥有,才可以进入方法
+ @SaCheckPermission(value = {"user.add", "user.delete", "user.update"}, mode = SaMode.AND)
+ @RequestMapping("checkPermission2")
+ public SaResult checkPermission2() {
+ // ...
+ return SaResult.ok();
+ }
+
+ // 权限校验3 ---- http://localhost:8081/at-check/checkPermission3
+ // 一次性校验多个权限,只要拥有其中一个,就可以进入方法
+ @SaCheckPermission(value = {"user.add", "user.delete", "user.update"}, mode = SaMode.OR)
+ @RequestMapping("checkPermission3")
+ public SaResult checkPermission3() {
+ // ...
+ return SaResult.ok();
+ }
+
+ // 角色校验 ---- http://localhost:8081/at-check/checkRole
+ // 只有具有 super-admin 角色的账号才可以进入方法
+ @SaCheckRole("super-admin")
+ @RequestMapping("checkRole")
+ public SaResult checkRole() {
+ // ...
+ return SaResult.ok();
+ }
+
+ // 角色权限双重 “or校验” ---- http://localhost:8081/at-check/userAdd
+ // 具备 "user.add"权限 或者 "admin"角色 即可通过校验
+ @RequestMapping("userAdd")
+ @SaCheckPermission(value = "user.add", orRole = "admin")
+ public SaResult userAdd() {
+ return SaResult.data("用户信息");
+ }
+
+ // 忽略校验 ---- http://localhost:8081/at-check/ignore
+ // 使用 @SaIgnore 修饰的方法,无需任何校验即可进入,具体使用示例可参照在线文档
+ @SaIgnore
+ @SaCheckLogin
+ @RequestMapping("ignore")
+ public SaResult ignore() {
+ return SaResult.ok();
+ }
+
+}
diff --git a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/KickoutController.java b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/KickoutController.java
index f233970e..9dcf99ea 100644
--- a/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/KickoutController.java
+++ b/sa-token-demo/sa-token-demo-case/src/main/java/com/pj/cases/KickoutController.java
@@ -18,6 +18,7 @@ public class KickoutController {
/*
* 前提:首先调用登录接口进行登录,代码在 com.pj.cases.LoginAuthController 中有详细解释,此处不再赘述
+ * ---- http://localhost:8081/acc/doLogin?name=zhang&pwd=123456
*/
// 将指定账号强制注销 ---- http://localhost:8081/kickout/logout?userId=10001
@@ -48,6 +49,7 @@ public class KickoutController {
*/
// 根据 Token 值踢人 ---- http://localhost:8081/kickout/kickoutByTokenValue?tokenValue=xxxx-xxxx-xxxx-xxxx已登录账号的token值
+ @RequestMapping("kickoutByTokenValue")
public SaResult kickoutByTokenValue(String tokenValue) {
StpUtil.kickoutByTokenValue(tokenValue);
diff --git a/sa-token-doc/use/at-check.md b/sa-token-doc/use/at-check.md
index c5585b44..e3cfa30b 100644
--- a/sa-token-doc/use/at-check.md
+++ b/sa-token-doc/use/at-check.md
@@ -1,4 +1,10 @@
# 注解鉴权
+
+
+ 本章代码示例:Sa-Token 注解鉴权 —— [ com.pj.cases.AtCheckController.java ]
+
+
---
有同学表示:尽管使用代码鉴权非常方便,但是我仍希望把鉴权逻辑和业务逻辑分离开来,我可以使用注解鉴权吗?当然可以!
@@ -103,12 +109,12 @@ mode有两种取值:
### 4、角色权限双重 “or校验”
-假设有以下业务场景:一个接口在具有权限 `user-add` 或角色 `admin` 时可以调通。怎么写?
+假设有以下业务场景:一个接口在具有权限 `user.add` 或角色 `admin` 时可以调通。怎么写?
``` java
-// 注解式鉴权:只要具有其中一个权限即可通过校验
+// 角色权限双重 “or校验”:具备指定权限或者指定角色即可通过校验
@RequestMapping("userAdd")
-@SaCheckPermission(value = "user-add", orRole = "admin")
+@SaCheckPermission(value = "user.add", orRole = "admin")
public SaResult userAdd() {
return SaResult.data("用户信息");
}
diff --git a/sa-token-doc/use/jur-auth.md b/sa-token-doc/use/jur-auth.md
index e6e695e0..a5416546 100644
--- a/sa-token-doc/use/jur-auth.md
+++ b/sa-token-doc/use/jur-auth.md
@@ -2,7 +2,7 @@
- 本章代码示例:Sa-Token 权限认证 —— [ sa-token-demo-case:com.pj.cases.JurAuthController.java ]
+ 本章代码示例:Sa-Token 权限认证 —— [ com.pj.cases.JurAuthController.java ]
---
diff --git a/sa-token-doc/use/kick.md b/sa-token-doc/use/kick.md
index c5aeaaab..d54f8b46 100644
--- a/sa-token-doc/use/kick.md
+++ b/sa-token-doc/use/kick.md
@@ -1,4 +1,14 @@
# 踢人下线
+
+
+ 本章代码示例:Sa-Token 踢人下线 —— [ com.pj.cases.KickoutController.java ]
+
+
+---
+
+### 设计思路
+
所谓踢人下线,核心操作就是找到指定 `loginId` 对应的 `Token`,并设置其失效。
diff --git a/sa-token-doc/use/login-auth.md b/sa-token-doc/use/login-auth.md
index 531d1eda..541440a3 100644
--- a/sa-token-doc/use/login-auth.md
+++ b/sa-token-doc/use/login-auth.md
@@ -2,7 +2,7 @@
- 本章代码示例:Sa-Token 登录认证 —— [ sa-token-demo-case:com.pj.cases.LoginAuthController.java ]
+ 本章代码示例:Sa-Token 登录认证 —— [ com.pj.cases.LoginAuthController.java ]
---