Shulou(Shulou.com)05/31 Report--

Based on how scaffolding handles SpringBoot backend management projects, this article details the corresponding analysis and solutions to this problem, hoping to help more small partners who want to solve this problem find simpler and easier ways.

A few days ago, quite a few people asked me if there were any scaffolding projects based on SpringBoot. Today I recommend a basic framework scaffolding, especially learn to use jwt + shiro permissions combination! In fact, with SpringBoot, the difficulty of project construction has dropped again and again, but there are still people who want to be lazy, afraid that you will regret it a few years later!

I. Background

Front-end separation has become the standard for Internet project development, and it will lay the foundation for future large-scale distributed architectures. SpringBoot makes code deployment simple, and more and more Internet companies have chosen SpringBoot as their entry-level microframework for microservices.

Mybatis-Plus is a Mybatis enhancement tool with a code generator and provides hibernate like CRUD operations on a single table, while retaining mybatis features to support custom SQL.

Apache Shiro is a powerful and easy-to-use Java security framework, Java officially recommended Shiro, it is easier to use than Spring Security, Spring's own series Spring side4 also changed the permission extension to Shiro.

APIs are becoming more popular now, how do you secure them? JSON Web Tokens(JWT) provide security authentication based on the JSON format. JWT can cross languages, comes with identity information, and is very easy to pass on.

II. Project characteristics

Custom @Log annotation automatically logs to database.

Custom @Pass annotation interface does not need to authenticate identity.

Use JSONObject to uniformly obtain body request parameters, reducing the number of entity classes. Complete the custom @ValidationParam annotation to verify that the request parameters are empty.

Use bcrypt algorithm to encrypt passwords. The famous code hosting website Github and the US military firewall also use this algorithm. Bcrypt algorithm will successfully keep most accounts with low password strength.

Shiro annotation configuration permissions, highly flexible, provides button-level permission control, back-end interface only verifies permissions, regardless of roles. Use custom @CurrentUser annotation to get current login user, Control layer unified exception handling:

Programming declarative transactions with Spring AOP aspects filters request parameters to prevent XSS attacks.

Use POST request login to return token and permission information (service layer addition, deletion, change method naming specification will automatically add things), ensure that the request is stateless, return entity if the attribute is empty does not display.

III. Procedural logic

Fill in the username and password and use POST to request access to the/ login interface, returning token and other information. If it fails, it will directly jump to the 401 error page.

Add Authorization and token returned at login to the Headers of requests that need to be authenticated later.

The server performs token authentication and fails to jump to 401 page.

Use JWT for authentication (login) and Shiro for authorization.

IV. Operational projects

Project Structure:

Download the source code through git, this project is based on JDK1.8

Maven project management, modularization, import IDE directly select liugh-parent pom import

Create database liugh, database code is UTF-8, execute liugh.sql file, initialize data

Modify application-dev.properties, update MySQL account and password

Eclipse, IDEA Run SpringbootApplication.java to start the project. Or run the command mvn clean package in the liugh-parent directory and then java -jar liugh-web.jar in the liugh-web/target directory

Start a redis service

Access login interface: localhost:8081/api/login

Account password: 138888888/123456

Get token Access other interfaces

Attention!!! The requested URL/ api/v1 was not found on this server.

Run screenshots:

This project is annotated and customized with a startup pattern ~

About how to solve the SpringBoot backend management project based on scaffolding, the answer is shared here, I hope the above content can be of some help to everyone, if you still have a lot of doubts, you can pay attention to the industry information channel to learn more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.