Let’s start with an overnight stay

A project I was working on before last night needs to go live after a revision.

Due to engineering changes involving the payment platform,

Need to be online in the early morning.

The launch process was not smooth due to bad weather,

First, the service reported a null pointer for no reason.

It was found that the service of the three parties was abnormal.

Abnormal data of related party,

Canvass till dawn. One night’s no problem.

Log in to implement power sales

I took a look at the login permission implementation of Spring Security JWT in advance.

User tokens and related permission information need to be stored in JWT for management.

But in this code development,

This is not what the development team leader suggested.

Redis implements login token management

But user token management using Redis implementation,

Seems like the easiest way to do it,

Easy to understand and easy to use.

1. Log in

Verify user name and password when logging in.

Two pieces of logic, passed on the token generation, return.

Put back the error code if you don’t pass.

2 After the verification is successful

There are also two main points.

First, it is the backend generation token, token can use fixed prefix plus UUID,

So once you get that token, every time you put it in the header,

The back end uses interceptors or filters to process each request,

Parse whether the header contains a token if and only if the token exists and also exists in Redis.

To access system resources.

Second, the value of token stored in Redis can be stored in an object, which contains some basic information of the user.

Redis uses expiration time to control how long tokens are valid.

Front-end access control

The user’s permission value can be returned to the front end during login.

Front-end controls front-end permissions based on permission values.

Back-end permission control

In this system, permissions are judged by annotations.

Add specific permission annotations to each method or class,

When the specified method is called in the front end,

Get the user corresponding to the token through the token,

Obtain all permissions of the user based on the user,

Compare permissions and judge permissions.

At this point the system login permission processing is completed.

Work overtime dog

Habitually go to bed late.

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

A way to implement login permissions

Let’s start with an overnight stay

Log in to implement power sales

Redis implements login token management

1. Log in

2 After the verification is successful

Front-end access control

Back-end permission control

Work overtime dog

A way to implement login permissions

Let’s start with an overnight stay

Log in to implement power sales

Redis implements login token management

1. Log in

2 After the verification is successful

Front-end access control

Back-end permission control

Work overtime dog

Related Posts

Error: Command line is too long

2021 Java Self-study Suggestions for Huawei Engineers

Java NIO analysis (8): High concurrency core Selector details