盤縣 網(wǎng)站建設(shè)網(wǎng)站的后期維護(hù)工作一般做什么
鶴壁市浩天電氣有限公司
2026/01/22 10:52:18
盤縣 網(wǎng)站建設(shè),網(wǎng)站的后期維護(hù)工作一般做什么,wordpress怎么轉(zhuǎn)換為靜態(tài)鏈接,怎么建立淘寶客網(wǎng)站授權(quán)授權(quán)是獨立于認(rèn)證的存在認(rèn)證是負(fù)責(zé)如何登錄#xff0c;認(rèn)證成功 登錄成功認(rèn)證成功之后#xff0c;能訪問哪些接口#xff0c;哪些方法認(rèn)證方式的不同#xff0c;不會影響授權(quán)認(rèn)證成功之后#xff0c;能做什么能訪問什么#xff0c;是由授權(quán)決定的查看授權(quán)的配置授權(quán)…授權(quán)授權(quán)是獨立于認(rèn)證的存在認(rèn)證是負(fù)責(zé)如何登錄認(rèn)證成功 登錄成功認(rèn)證成功之后能訪問哪些接口哪些方法認(rèn)證方式的不同不會影響授權(quán)認(rèn)證成功之后能做什么能訪問什么是由授權(quán)決定的查看授權(quán)的配置授權(quán)列表的來源是UserDetails在登錄的時候在UserDetailsService中查詢出來并賦值的想要給授權(quán)列表賦值需要更改登錄的邏輯一、準(zhǔn)備工作在登錄的時候查詢出用戶的角色信息 菜單信息角色授權(quán)授權(quán)碼授權(quán)1、生成代碼根據(jù)數(shù)據(jù)庫生成三張表的代碼2、重新修改登錄接口AdminUserServiceOverride public AdminUser getByUsername(String username) { LambdaQueryWrapperAdminUser queryWrapper new LambdaQueryWrapper(); queryWrapper.eq(AdminUser::getUsername,username); AdminUser adminUser getOne(queryWrapper); if (adminUser ! null){ AdminRole role roleService.getByRid(adminUser.getRoleId().intValue()); adminUser.setAdminRole(role); } return adminUser; }AdminRoleServiceService(adminRoleService) public class AdminRoleServiceImpl extends ServiceImplAdminRoleDao, AdminRole implements AdminRoleService { ? Resource AdminMenuService adminMenuService; ? Override public AdminRole getByRid(Integer uid) { AdminRole adminRole getById(uid); if (adminRole ! null){ //查詢菜單的信息 ListAdminMenu menuList adminMenuService.getListByRid(adminRole.getRid()); adminRole.setMenuList(menuList); } return adminRole; } }AdminMenuDaopublic interface AdminMenuDao extends BaseMapperAdminMenu { ? Select(select menu.* from admin_menu menu,rel_admin_role_menu rel where menu.mid rel.mid and rel.rid #{rid} ) ListAdminMenu selectListByRid(Integer rid); }AdminMenuServiceService(adminMenuService) public class AdminMenuServiceImpl extends ServiceImplAdminMenuDao, AdminMenu implements AdminMenuService { Resource AdminMenuDao adminMenuDao; ? Override public ListAdminMenu getListByRid(Integer rid) { ListAdminMenu allList adminMenuDao.selectListByRid(rid); //打算區(qū)分父子級 //獲取1級菜單 ListAdminMenu oneList allList.stream() .filter(adminMenu - adminMenu.getPid() -1) .toList(); oneList.forEach(one - { //獲取當(dāng)前循環(huán)的1級菜單的子菜單 ListAdminMenu childList allList.stream().map(adminMenu - { if (one.getMid().equals(adminMenu.getPid())) { return adminMenu; } return null; }).filter(Objects::nonNull).toList(); one.setChildList(childList); }); return oneList; } }AdminMenuServic---AI進(jìn)化版Service(adminMenuService) public class AdminMenuServiceImpl extends ServiceImplAdminMenuDao, AdminMenu implements AdminMenuService { Resource AdminMenuDao adminMenuDao; ? Override public ListAdminMenu getListByRid(Integer rid) { ListAdminMenu allList adminMenuDao.selectListByRid(rid); // 使用stream流操作將allList按照父子級分離 // 先按pid分組 MapInteger, ListAdminMenu menuMap allList.stream() .collect(Collectors.groupingBy(AdminMenu::getPid)); // 獲取一級菜單pid為-1的菜單 ListAdminMenu oneList menuMap.getOrDefault(-1, List.of()); // 為每個一級菜單設(shè)置子菜單列表 oneList.forEach(one - { one.setChildList(menuMap.getOrDefault(one.getMid(), List.of())); }); return oneList; } }3、修改UserDetails的授權(quán)方法Override public Collection? extends GrantedAuthority getAuthorities() { ListGrantedAuthority list new ArrayList(); //根據(jù)角色授權(quán) AdminRole adminRole adminUser.getAdminRole(); if (adminRole ! null){ GrantedAuthority authority new SimpleGrantedAuthority(ROLE_ adminRole.getCode()); list.add(authority); } //存儲授權(quán)列表 return list; }二、測試角色授權(quán)編寫測試接口提前明確哪個角色可以訪問 哪個接口。如果一個接口寫完了之后沒有配置權(quán)限表明所有已經(jīng)認(rèn)證的用戶都可以訪問1、已有接口/game/f1/game/f2/game/f32、已有角色admintest3、設(shè)計權(quán)限只有admin角色的用戶可以訪問f1方法只有test角色的用戶可以訪問f2方法只有擁有admin或者test可以訪問f3方法4、實現(xiàn)設(shè)計修改配置類Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { .... http.authorizeHttpRequests(auth - auth //只有admin角色的用戶可以訪問f1方法 .requestMatchers(/game/f1).hasRole(admin) //只有test角色的用戶可以訪問f2方法 .requestMatchers(/game/f2).hasRole(test) //只有擁有admin或者test可以訪問f3方法 .requestMatchers(/game/f3).hasAnyRole(admin,test) .requestMatchers(/loginpage.html, /login/**, /jsonlogin, /phoneLogin) .permitAll() .anyRequest() .authenticated() //其他頁面要登錄之后才能訪問 );//放過登錄接口以及靜態(tài)頁面 return http.build(); .... }三、角色的繼承設(shè)計讓test擁有的權(quán)限admin也擁有admin 擁有 test的權(quán)限// 角色繼承配置 Bean public RoleHierarchy roleHierarchy(){ RoleHierarchyImpl hierarchy new RoleHierarchyImpl(); hierarchy.setHierarchy(ROLE_admin ROLE_test); return hierarchy; } //支持角色繼承的授權(quán)管理器 public AuthorityAuthorizationManagerRequestAuthorizationContext testRoleAuthorizationManager(){ //通過靜態(tài)方法創(chuàng)建實例再綁定角色來繼承 AuthorityAuthorizationManagerRequestAuthorizationContext manager AuthorityAuthorizationManager.hasRole(test); manager.setRoleHierarchy(roleHierarchy()); return manager; }http.authorizeHttpRequests(auth - auth .requestMatchers(/game/f2).access(testRoleAuthorizationManager()) );//放過登錄接口以及靜態(tài)頁面完整配置// 角色繼承配置 Bean public RoleHierarchy roleHierarchy(){ RoleHierarchyImpl hierarchy new RoleHierarchyImpl(); hierarchy.setHierarchy(ROLE_admin ROLE_test); return hierarchy; } //支持角色繼承的授權(quán)管理器 public AuthorityAuthorizationManagerRequestAuthorizationContext testRoleAuthorizationManager(){ //通過靜態(tài)方法創(chuàng)建實例再綁定角色來繼承 AuthorityAuthorizationManagerRequestAuthorizationContext manager AuthorityAuthorizationManager.hasRole(test); manager.setRoleHierarchy(roleHierarchy()); return manager; } Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http.cors(cors - cors.configurationSource(corsConfigurationSource())); http.securityContext(context - context.securityContextRepository(securityContextRepository())); //因為當(dāng)前json登錄功能和用戶名密碼登錄功能類似 // 所以把jsonfilter放到UsernamePasswordAuthenticaitonFilter相同的位置 http.addFilterAt(jsonFilter(), UsernamePasswordAuthenticationFilter.class); http.addFilterAt(phoneFilter(), UsernamePasswordAuthenticationFilter.class); //關(guān)閉csrf 跨域請求偽造的控制 http.csrf(csrf - csrf.disable()); http.authorizeHttpRequests(auth - auth //只有admin角色的用戶可以訪問f1方法 .requestMatchers(/game/f1).hasRole(admin) //只有test角色的用戶可以訪問f2方法 //.requestMatchers(/game/f2).hasRole(test) .requestMatchers(/game/f2).access(testRoleAuthorizationManager()) //只有擁有admin或者test可以訪問f3方法 .requestMatchers(/game/f3).hasAnyRole(admin,test) .requestMatchers(/loginpage.html, /login/**, /jsonlogin, /phoneLogin) .permitAll() .anyRequest() .authenticated() //其他頁面要登錄之后才能訪問 );//放過登錄接口以及靜態(tài)頁面 // ↓配置表單提交 http.formLogin(form - { // 確保認(rèn)證信息被正確設(shè)置并保存到session中 form.loginPage(/loginpage.html) //自定義登錄頁面的路徑 .loginProcessingUrl(/javasmlogin) //表單提交的路徑 .usernameParameter(uname) //自定義用戶名的參數(shù)名默認(rèn)是username .passwordParameter(pwd) //Authentication 是 UsernamePasswordAuthenticationToken-- principal實際的值UserDetails .successHandler(this::createSuccessJson) //AuthenticationException 包含了 登錄失敗之后的 異常信息 .failureHandler((request, response, exception) - createFailJson(response, exception) ) .permitAll(); //以上提到的路徑都放行 }).authenticationManager(jsonAuthenticationManager()); //注銷登錄 http.logout(logout - logout .logoutUrl(/logout) //退出登錄的時候返回用戶信息 .logoutSuccessHandler((r, response, a) - createSuccessJson(response, 退出登錄成功)) .permitAll() ); //未登錄異常提示 http.exceptionHandling().authenticationEntryPoint((request, response, e) - createFailJson(response, 當(dāng)前用戶未登錄請先登錄再訪問)); return http.build(); }四、權(quán)限標(biāo)識授權(quán)1、新建數(shù)據(jù)庫CREATE TABLE admin_user_author ( aid int NOT NULL AUTO_INCREMENT, name varchar(255) DEFAULT NULL, code varchar(255) DEFAULT NULL, PRIMARY KEY (aid) ) ENGINEInnoDB DEFAULT CHARSETutf8mb4 COLLATEutf8mb4_0900_ai_ci;關(guān)系表CREATE TABLE rel_admin_user_author ( aid int NOT NULL, uid int NOT NULL, PRIMARY KEY (aid,uid) USING BTREE ) ENGINEInnoDB DEFAULT CHARSETutf8mb4 COLLATEutf8mb4_0900_ai_ci;2、添加模擬數(shù)據(jù)INSERT INTO qingqing.admin_user_author (name, code) VALUES (圖書, book); INSERT INTO qingqing.admin_user_author (name, code) VALUES (游戲, game); INSERT INTO qingqing.admin_user_author (name, code) VALUES (音樂, music);關(guān)系表INSERT INTO qingqing.rel_admin_user_author (aid, uid) VALUES (1, 1004); INSERT INTO qingqing.rel_admin_user_author (aid, uid) VALUES (2, 1004); INSERT INTO qingqing.rel_admin_user_author (aid, uid) VALUES (3, 1004); INSERT INTO qingqing.rel_admin_user_author (aid, uid) VALUES (1, 1008); INSERT INTO qingqing.rel_admin_user_author (aid, uid) VALUES (2, 1010);3、生成代碼TableField(exist false) private ListAdminUserAuthor authorList;4、登錄的時候查詢授權(quán)碼列表Override public AdminUser getByUsername(String username) { LambdaQueryWrapperAdminUser queryWrapper new LambdaQueryWrapper(); queryWrapper.eq(AdminUser::getUsername,username); AdminUser adminUser getOne(queryWrapper); if (adminUser ! null){ AdminRole role roleService.getByRid(adminUser.getRoleId().intValue()); adminUser.setAdminRole(role); //授權(quán)碼 ListAdminUserAuthor authorList authorService.getListByUid(adminUser.getUid()); adminUser.setAuthorList(authorList); } return adminUser; }Service(adminUserAuthorService) public class AdminUserAuthorServiceImpl extends ServiceImplAdminUserAuthorDao, AdminUserAuthor implements AdminUserAuthorService { Resource AdminUserAuthorDao authorDao; Override public ListAdminUserAuthor getListByUid(Integer uid) { return authorDao.selectListByUid(uid); } }daopublic interface AdminUserAuthorDao extends BaseMapperAdminUserAuthor { Select(select a.* from admin_user_author a ,rel_admin_user_author rel where a.aid rel.aid and rel.uid #{uid} ) ListAdminUserAuthor selectListByUid(Integer uid); }5、修改LoginUserDetailsOverride public Collection? extends GrantedAuthority getAuthorities() { ListGrantedAuthority list new ArrayList(); //根據(jù)角色授權(quán) AdminRole adminRole adminUser.getAdminRole(); if (adminRole ! null){ GrantedAuthority authority new SimpleGrantedAuthority(ROLE_ adminRole.getCode()); list.add(authority); } //授權(quán)碼列表 ListAdminUserAuthor authorList adminUser.getAuthorList(); if (authorList ! null !authorList.isEmpty()){ authorList.forEach(a -{ list.add(new SimpleGrantedAuthority(a.getCode())); }); } //存儲授權(quán)列表 return list; }6、設(shè)計測試book能訪問f4game能訪問f5book,game,music 都能訪問f6http.authorizeHttpRequests(auth - auth .requestMatchers(/game/f4).hasAuthority(book) .requestMatchers(/game/f5).hasAuthority(game) .requestMatchers(/game/f6).hasAnyAuthority(book,game,music) .requestMatchers(/loginpage.html, /login/**, /jsonlogin, /phoneLogin) .permitAll() .anyRequest() .authenticated() //其他頁面要登錄之后才能訪問 );7、修改403返回jsonhttp.exceptionHandling(ex - ex //處理 401 未登錄/未認(rèn)證 用戶訪問未攜帶cookie/未通過登錄 .authenticationEntryPoint((request, response, e) - { createFailJson(response, 當(dāng)前用戶未登錄請先登錄再訪問); }) //處理 403 已經(jīng)登錄權(quán)限不足 .accessDeniedHandler((request, response, e) - { createFailJson(response, 權(quán)限不足無法訪問); }) );有一些特殊情況下這個請求會優(yōu)先進(jìn)入JavasmExceptionAdvice從而不觸發(fā)上面的 exceptionHandling修改自定義異常//import org.springframework.security.access.AccessDeniedException; //import org.springframework.security.core.AuthenticationException; //單獨的聲明處理Security產(chǎn)生的異常信息直接向上拋出不返回json走Security的異常流程 ExceptionHandler({AccessDeniedException.class, AuthenticationException.class}) public void handleSecurityException(Exception e) throws Exception{ throw e; }五、授權(quán)注解如果需要控制的url地址過多需要大量的配置在配置類中需要使用注解來簡化配置開啟注解//securedEnabled → 開啟Secured注解 //prePostEnabled → 開啟PreAuthorize/PostAuthorize 注解默認(rèn)已經(jīng)開啟 //Secured注解 實用性 沒有PreAuthorize好所以很大可能用不到 EnableMethodSecurity(securedEnabled true,prePostEnabled true)1、Secured角色的繼承會失效GetMapping(/f1) Secured(ROLE_admin) public R f1(){ return R.ok(F1); } Secured(ROLE_test) GetMapping(/f2) public R f2(){ return R.ok(F2); } Secured({ROLE_admin,ROLE_test}) GetMapping(/f3) public R f3(){ return R.ok(F3); }2、PreAuthorize使用比較多方法執(zhí)行【之前】生效角色繼承生效PreAuthorize(hasRole(ROLE_admin)) GetMapping(/f5) public R f5(){ return R.ok(F5); } PreAuthorize(hasRole(ROLE_test)) GetMapping(/f6) public R f6(){ return R.ok(F6); } PreAuthorize(hasAnyRole(ROLE_admin,ROLE_test)) GetMapping(/f7) public R f7(){ return R.ok(F7); }PreAuthorize(hasAuthority(game)) GetMapping(/f8) public R f8(){ return R.ok(F8); } PreAuthorize(hasAuthority(book)) GetMapping(/f9) public R f9(){ return R.ok(F9); } PreAuthorize(hasAnyAuthority(music,book)) GetMapping(/f10) public R f10(){ return R.ok(F10); }3、PostAuthorize方法執(zhí)行【之后】返回之前生效用法和PreAuthorize一模一樣只是生效的時機不一樣方法不論是否有權(quán)限都會被執(zhí)行1次但是能不能返回看權(quán)限PostAuthorize(hasAnyAuthority(mucic,book)) GetMapping(/f11) public R f11(){ System.out.println(這個日志會被執(zhí)行不論是否有權(quán)限); return R.ok(F11); }4、PreFilter過濾參數(shù)參數(shù)必須是集合才能生效PreFilter(filterObject.ishot 1) GetMapping(/f13) public ListGame f13(RequestBody ListGame list){ return list; }5、PostFilter過濾返回值返回值必須是集合才能過濾GetMapping(/f12) PostFilter(filterObject.sort 5) public ListGame f12(){ ListGame list gameService.list(); return list; }六、自定義的方法去校驗授權(quán)1、測試基本原理寫一個自己的方法讓授權(quán)成功也能像role或者Authority那樣控制方法能否訪問Component(auth1) public class JavasmAuthorize { public boolean test(String code){ System.out.println(code); //test方法返回的數(shù)據(jù)如果是true表示允許訪問當(dāng)前的方法 //如果返回false表示沒有權(quán)限訪問當(dāng)前方法 return false; } }使用GetMapping(/f14) //尋找名字是auth1的bean對象調(diào)用里面的.test方法傳入?yún)?shù)ttttt PreAuthorize(auth1.test(ttttt)) public R f14(){ return R.ok(-----------f14); }2、官方驗證Component(auth2) public class JavasmAuthorize2 { //code 權(quán)限標(biāo)識 public boolean f1(String code) { //獲取登錄用戶信息 Object principal SecurityContextHolder.getContext().getAuthentication().getPrincipal(); if (principal instanceof LoginUserDetails) { LoginUserDetails loginUserDetails (LoginUserDetails) principal; //獲取授權(quán)列表 Collection? extends GrantedAuthority authorities loginUserDetails.getAuthorities(); //判斷 code 是否在授權(quán)列表中 return authorities .stream() .anyMatch(grantedAuthority - grantedAuthority.getAuthority().equals(code) ); } return false; } }使用PreAuthorize(auth2.f1(book)) GetMapping(/f15) public R f15(){ return R.ok(-----------f15); }3、使用自己的方法Component(auth3) public class JavasmAuthorize3 { Resource LoginService loginService; public boolean f1(String code){ LoginUserDetails loginUser loginService.getLoginUser(); //授權(quán)列表 ListAdminUserAuthor authorList loginUser.getAdminUser().getAuthorList(); ListString list authorList.stream().map(AdminUserAuthor::getCode).toList(); return list.contains(code); } }使用PreAuthorize(auth3.f1(book)) GetMapping(/f16) public R f16(){ return R.ok(-----------f16); }4、菜單授權(quán)授權(quán)判定Component(menuAuth) public class MenuAuthorize { public boolean check(String url){ Object principal SecurityContextHolder.getContext().getAuthentication().getPrincipal(); if (principal instanceof LoginUserDetails){ LoginUserDetails loginUserDetails (LoginUserDetails) principal; return loginUserDetails.checkMenu(url); } return false; } }修改LoginUserDetailspublic boolean checkMenu(String url) { if (adminUser ! null adminUser.getAdminRole() ! null) { //獲取菜單列表 ListAdminMenu menuList adminUser.getAdminRole().getMenuList(); //獲取子菜單的Stream流 StreamString childUrlStream menuList.stream() .map(AdminMenu::getChildList) .flatMap(Collection::stream) .map(AdminMenu::getUrl); //獲取父菜單的Stream流 StreamString firstUrlStream menuList.stream().map(AdminMenu::getUrl); //兩個流混到一起再篩選出url地址 ListString urlList Stream.concat(childUrlStream, firstUrlStream).toList(); return urlList.contains(url); } return false; }使用PreAuthorize(menuAuth.check(/user/list)) GetMapping(/f17) public R f17(){ return R.ok(-----------f17); }總結(jié)PreAuthorize菜單授權(quán)