SpringBoot+SpringJPA+Swagger+Shiro 快速搭建前后端分离的权限管理系统 完整毕设

# SpringBoot+SpringJPA+Swagger+Shiro 快速搭建前后端分离的权限管理系统 前前后端分离，一般都是通过 token\实现，本项目也是一样；用户登录时，生成 token 及 token 过期时间，token 与用户是一一对应关系，调用接口的时候，把\token\放到\header 或 请求参数\中，服务端就知道是谁在调用接口。 # Let's do it!!  介绍：这次我们使用 Shiro 快速搭建前后端分离的权限管理系统 利用 JPA 帮我们管理数据库，Swagger Knife4j 帮我搭建 Web 测试环境； 后台基于 SpringBoot JPA Knife4j Shiro 前端基于 VUE ElementUI 注意：主要观察 token 的使用方法！ ## 第一步：新建工程 pom 文件 application.yml 巴拉巴拉这里省略，这里贴出需要用到的依赖： ```html <!--starter--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter</artifactId> </dependency> <!-- test--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <!--web--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <!--validation--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-validation</artifactId> </dependency> <!--JPA--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-data-jpa</artifactId> </dependency> <!--JDBC--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-jdbc</artifactId> </dependency> <!--lombok--> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </dependency> <!-- shiro--> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring</artifactId> <version>1.3.2</version> </dependency> <!--mysql-connector--> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <!-- druid-spring-boot-starter --> <dependency> <groupId>com.alibaba</groupId> <artifactId>druid-spring-boot-starter</artifactId> <version>1.1.10</version> </dependency> <!-- swagger --> <dependency> <groupId>com.spring4all</groupId> <artifactId>swagger-spring-boot-starter</artifactId> <version>1.8.0.RELEASE</version> </dependency> <!-- knife4j --> <dependency> <groupId>com.github.xiaoymin</groupId> <artifactId>knife4j-spring-boot-starter</artifactId> <version>2.0.2</version> </dependency> <!-- commons-lang --> <dependency> <groupId>commons-lang</groupId> <artifactId>commons-lang</artifactId> <version>2.6</version> </dependency> ``` ## 第二步：准备好要用的包包和类类  ## 第三步：编写登陆入口 为了方便这里不做密码加盐加密： ```java @RestController public class ShiroController { private final ShiroService shiroService; public ShiroController(ShiroService shiroService) { this.shiroService = shiroService; } /** * 登录 */ @ApiOperation(value = "登陆", notes = "参数:用户名 密码") @PostMapping("/sys/login") public Map<String, Object> login(@RequestBody @Validated LoginDTO loginDTO, BindingResult bindingResult) { Map<String, Object> result = new HashMap<>(); if (bindingResult.hasErrors()) { result.put("status", 400); result.put("msg", bindingResult.getFieldError().getDefaultMessage()); return result; } String username = loginDTO.getUsername(); String password = loginDTO.getPassword(); //用户信息 User user = shiroService.findByUsername(username); //账号不存在、密码错误 if (user == null || !user.getPassword().equals(password)) { result.put("status", 400); result.put("msg", "账号或密码有误"); } else { //生成token，并保存到数据库 result = shiroService.createToken(user.getUserId()); result.put("status", 200); result.put("msg", "登陆成功"); } return result; } /** * 退出 */ @ApiOperation(value = "登出", notes = "参数:token") @PostMapping("/sys/logout") public Map<String, Object> logout(@RequestHeader("token")String token) { Map<String, Object> result = new HashMap<>(); shiroService.logout(token); result.put("status", 200); result.put("msg", "您已安全退出系统"); return result; } } ``` ## 第四步：编写 ShiroService 中的方法 主要是生成一个 token 返回给前端。 ```java /** * @Author 大誌 * @Date 2019/3/30 22:18 * @Version 1.0 */ @Service public class ShiroServiceImpl implements ShiroService { @Autowired private UserRepository userRepository; @Autowired private SysTokenRepository sysTokenRepository; /** * 根据username查找用户 * * @param username * @return User */ @Override public User findByUsername(String username) { User user = userRepository.findByUsername(username); return user; } //12小时后过期 private final static int EXPIRE = 3600 * 12; @Override /** * 生成一个token *@param [userId] *@return Result */ public Map<String, Object> createToken(Integer userId) { Map<String, Object> result = new HashMap<>(); //生成一个token String token = TokenGenerator.generateValue(); //当前时间 Date now = new Date(); //过期时间 Date expireTime = new Date(now.getTime() + EXPIRE * 1000); //判断是否生成过token SysToken tokenEntity = sysTokenRepository.findByUserId(userId); if (tokenEntity == null) { tokenEntity = new SysToken(); tokenEntity.setUserId(userId); tokenEntity.setToken(token); tokenEntity.setUpdateTime(now); tokenEntity.setExpireTime(expireTime); //保存token sysTokenRepository.save(tokenEntity); } else { tokenEntity.setToken(token); tokenEntity.setUpdateTime(now); tokenEntity.setExpireTime(expireTime); //更新token sysTokenRepository.save(tokenEntity); } result.put("token", token); result.put("expire", EXPIRE); return result; } @Override public void logout(String token) { SysToken byToken = findByToken(token); //生成一个token token = TokenGenerator.generateValue(); //修改token SysToken tokenEntity = new SysToken(); tokenEntity.setUserId(byToken.getUserId()); tokenEntity.setToken(token); sysTokenRepository.save(tokenEntity); } @Override public SysToken findByToken(String accessToken) { return sysTokenRepository.findByToken(accessToken); } @Override public User findByUserId(Integer userI