您好,登录后才能下订单哦!
密码登录
登录注册
点击 登录注册 即表示同意《亿速云用户服务条款》
# SpringBoot+JWT+Shiro+MybatisPlus如何实现Restful快速开发后端脚手架
## 一、技术选型背景
现代企业级应用开发对后端框架的要求越来越高,需要同时满足快速开发、安全认证、数据持久化和RESTful风格等需求。本文介绍的组合方案:
- **SpringBoot 2.7**:提供快速启动和自动配置能力
- **JWT**:实现无状态认证
- **Shiro**:轻量级权限控制框架
- **MybatisPlus 3.5**:增强型ORM框架
- **Swagger**:API文档生成
## 二、项目初始化
### 1. 创建SpringBoot项目
```xml
<!-- 核心依赖 -->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<!-- JWT支持 -->
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<!-- Shiro整合 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring-boot-starter</artifactId>
<version>1.11.0</version>
</dependency>
<!-- MybatisPlus -->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.5.3.1</version>
</dependency>
public class JwtUtils {
private static final String SECRET = "your-secret-key";
private static final long EXPIRE = 604800L; // 7天
public static String generateToken(String userId) {
return Jwts.builder()
.setSubject(userId)
.setIssuedAt(new Date())
.setExpiration(new Date(System.currentTimeMillis() + EXPIRE * 1000))
.signWith(SignatureAlgorithm.HS512, SECRET)
.compact();
}
// 验证和解析方法...
}
public class JwtFilter extends AuthenticatingFilter {
@Override
protected AuthenticationToken createToken(...) {
String jwt = getRequest().getHeader("Authorization");
return new JwtToken(jwt);
}
@Override
protected boolean onAccessDenied(...) {
// 验证逻辑
}
}
@Configuration
public class ShiroConfig {
@Bean
public ShiroFilterFactoryBean shiroFilter(...) {
ShiroFilterFactoryBean factory = new ShiroFilterFactoryBean();
Map<String, Filter> filters = new HashMap<>();
filters.put("jwt", new JwtFilter());
factory.setFilters(filters);
// 设置过滤规则
Map<String,String> filterMap = new LinkedHashMap<>();
filterMap.put("/login", "anon");
filterMap.put("/**", "jwt");
factory.setFilterChainDefinitionMap(filterMap);
return factory;
}
}
public class JwtRealm extends AuthorizingRealm {
@Override
public boolean supports(AuthenticationToken token) {
return token instanceof JwtToken;
}
@Override
protected AuthorizationInfo doGetAuthorizationInfo(...) {
// 权限校验逻辑
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(...) {
// 认证逻辑
}
}
mybatis-plus:
mapper-locations: classpath*:/mapper/**/*.xml
global-config:
db-config:
id-type: auto
configuration:
map-underscore-to-camel-case: true
public interface BaseService<T> extends IService<T> {
// 自定义通用方法
}
public abstract class BaseServiceImpl<M extends BaseMapper<T>, T>
extends ServiceImpl<M, T> implements BaseService<T> {
// 实现扩展
}
@Data
public class Result<T> {
private int code;
private String msg;
private T data;
public static <T> Result<T> success(T data) {
return new Result<>(200, "success", data);
}
}
@RestControllerAdvice
public class GlobalExceptionHandler {
@ExceptionHandler(ShiroException.class)
public Result<String> handleShiroException(...) {
// 权限异常处理
}
@ExceptionHandler(Exception.class)
public Result<String> handleException(...) {
// 通用异常处理
}
}
public class CodeGenerator {
public static void main(String[] args) {
AutoGenerator generator = new AutoGenerator();
// 数据源配置
// 全局配置
// 包配置
// 策略配置
generator.execute();
}
}
mvn clean package -DskipTests
java -jar your-app.jar
/login获取token本方案通过整合SpringBoot+JWT+Shiro+MybatisPlus实现了:
完整项目源码可访问:GitHub示例项目 “`
(注:实际文章约1600字,此处为精简版核心内容展示。完整版应包含更多实现细节、配置示例和原理说明)
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。