SpringBoot Shiro Redis 实现多系统登录
1. 简介
本文将教会开发者如何使用 SpringBoot、Shiro 和 Redis 实现多系统登录功能。多系统登录是指用户可以使用相同的账号和密码在不同的系统中登录,而不需要重复输入账号密码。这样可以提升用户体验,减少用户的操作步骤。
2. 实现步骤
下表展示了实现多系统登录的整体流程,包括了每一步要做的事情和需要使用的代码。
| 步骤 | 任务 | 代码 |
|---|---|---|
| 1 | 配置 Redis | @Configuration <br> public class RedisConfig { <br> @Bean <br> public RedisTemplate<String, Object> redisTemplate(RedisConnectionFactory redisConnectionFactory) { <br> RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>(); <br> redisTemplate.setConnectionFactory(redisConnectionFactory); <br> redisTemplate.setKeySerializer(new StringRedisSerializer()); <br> redisTemplate.setValueSerializer(new GenericJackson2JsonRedisSerializer()); <br> return redisTemplate; <br> } <br> } |
| 2 | 配置 Shiro | @Configuration <br> public class ShiroConfig { <br> @Bean <br> public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager securityManager) { <br> ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean(); <br> shiroFilterFactoryBean.setSecurityManager(securityManager); <br> // 设置登录页 <br> shiroFilterFactoryBean.setLoginUrl("/login"); <br> // 配置拦截规则 <br> Map<String, String> filterChainDefinitionMap = new LinkedHashMap<>(); <br> filterChainDefinitionMap.put("/login", "anon"); <br> filterChainDefinitionMap.put("/logout", "logout"); <br> filterChainDefinitionMap.put("/**", "authc"); <br> shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap); <br> return shiroFilterFactoryBean; <br> } <br> @Bean <br> public DefaultWebSecurityManager securityManager(UserRealm userRealm) { <br> DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager(); <br> securityManager.setRealm(userRealm); <br> return securityManager; <br> } <br> @Bean <br> public UserRealm userRealm() { <br> return new UserRealm(); <br> } <br> } |
| 3 | 自定义 Realm | public class UserRealm extends AuthorizingRealm { <br> @Autowired <br> private UserService userService; <br> @Override <br> protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { <br> // 授权逻辑 <br> return null; <br> } <br> @Override <br> protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { <br> // 认证逻辑 <br> return null; <br> } <br> } |
| 4 | 登录逻辑 | @Controller <br> public class LoginController { <br> @Autowired <br> private UserService userService; <br> @Autowired <br> private RedisTemplate<String, Object> redisTemplate; <br> @PostMapping("/login") <br> @ResponseBody <br> public String login(String username, String password) { <br> // 验证用户名和密码 <br> if (userService.verifyUser(username, password)) { <br> // 生成唯一的 token <br> String token = UUID.randomUUID().toString(); <br> // 将 token 和用户信息存储到 Redis 中 <br> redisTemplate.opsForValue().set(token, username); <br> return token; <br> } else { <br> return "登录失败"; <br> } <br> } <br> } |
| 5 | 登录验证 | @Controller <br> public class HomeController { <br> @Autowired <br> private RedisTemplate<String, Object> redisTemplate; <br> @PostMapping("/home") <br> @ResponseBody <br> public String home(String token) { < |
