redis存储token

欢迎关注博主公众号「Java大师」, 专注于分享Java领域干货文章http://www.javaman.cn/sb2/redis-token

在实际开发中,token需要保存在redis中,今天我们就来介绍下token怎么存储在redis中

密码模式实现代码

2.1 创建pom.xml

<?xml version="1.0" encoding="UTF-8"?>

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">

    <modelVersion>4.0.0</modelVersion>

    <parent>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-parent</artifactId>

        <version>2.2.6.RELEASE</version>

        <relativePath/> <!-- lookup parent from repository -->

    </parent>

    <groupId>com.dashi</groupId>

    <artifactId>springsecurity-oauth</artifactId>

    <version>0.0.1-SNAPSHOT</version>

    <name>springsecurity-oauth</name>

    <description>Demo project for Spring Boot</description>

    <properties>

        <java.version>1.8</java.version>

        <spring-cloud.version>Greenwich.SR2</spring-cloud.version>

    </properties>

    <dependencies>

        <dependency>

            <groupId>org.springframework.cloud</groupId>

            <artifactId>spring-cloud-starter-oauth2</artifactId>

            <version>2.2.5.RELEASE</version>

        </dependency>

        <!--security依赖-->

        <dependency>

            <groupId>org.springframework.cloud</groupId>

            <artifactId>spring-cloud-starter-security</artifactId>

            <version>2.2.5.RELEASE</version>

        </dependency>

        <!--boot依赖-->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter</artifactId>

        </dependency>

        <!--boot依赖-->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-web</artifactId>

        </dependency>

        <!--test依赖-->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-test</artifactId>

            <scope>test</scope>

        </dependency>

        <!--redis依赖 -->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-data-redis</artifactId>

        </dependency>

        <!--commons-pool2对象依赖 -->

        <dependency>

            <groupId>org.apache.commons</groupId>

            <artifactId>commons-pool2</artifactId>

        </dependency>

    </dependencies>

    <build>

        <plugins>

            <plugin>

                <groupId>org.springframework.boot</groupId>

                <artifactId>spring-boot-maven-plugin</artifactId>

            </plugin>

        </plugins>

    </build>

    <dependencyManagement>

        <dependencies>

            <dependency>

                <groupId>org.springframework.cloud</groupId>

                <artifactId>spring-cloud-dependencies</artifactId>

                <version>${spring-cloud.version}</version>

                <type>pom</type>

                <scope>import</scope>

            </dependency>

        </dependencies>

    </dependencyManagement>

</project>

2.2 创建springsecurity配置文件

package com.dashi.springsecurityoauth.config;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration

@EnableWebSecurity

public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean

    public PasswordEncoder passwordEncoder(){

        return new BCryptPasswordEncoder();

    }

    @Bean

    public AuthenticationManager authenticationManager() throws Exception {

        return super.authenticationManager();

    }

    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable()

                .authorizeRequests()

                .antMatchers("/oauth/**","/login/**","/logout/**")

                .permitAll()

                .anyRequest()

                .authenticated()

                .and()

                .formLogin()

                .permitAll();

    }

}

2.3 创建UserService实现UserDetailService接口

package com.dashi.springsecurityoauth.model;

import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;

import java.util.List;

public class User implements UserDetails {

    private String username;

    private String password;

    private List<GrantedAuthority> authorities;

    public User(String username, String password, List<GrantedAuthority> authorities) {

        this.username = username;

        this.password = password;

        this.authorities = authorities;

    }

    @Override

    public Collection<? extends GrantedAuthority> getAuthorities() {

        return this.authorities;

    }

    @Override

    public String getPassword() {

        return this.password;

    }

    @Override

    public String getUsername() {

        return this.username;

    }

    @Override

    public boolean isAccountNonExpired() {

        return true;

    }

    @Override

    public boolean isAccountNonLocked() {

        return true;

    }

    @Override

    public boolean isCredentialsNonExpired() {

        return true;

    }

    @Override

    public boolean isEnabled() {

        return true;

    }

}

2.4 创建redis配置

package com.dashi.springsecurityoauth.config;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.data.redis.connection.RedisConnectionFactory;

import org.springframework.security.oauth2.provider.token.TokenStore;

import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

@Configuration

public class RedisConfig {

    @Autowired

    private RedisConnectionFactory redisConnectionFactory;

    @Bean

    public TokenStore redisTokenStore(){

        return new RedisTokenStore(redisConnectionFactory);

    }

}

2.5 application.properties配置文件修改

spring.redis.host=localhost

2.6 创建认证服务

package com.dashi.springsecurityoauth.config;

import com.dashi.springsecurityoauth.service.UserService;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.beans.factory.annotation.Qualifier;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;

import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;

import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;

import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;

import org.springframework.security.oauth2.provider.token.TokenStore;

@Configuration

@EnableAuthorizationServer

public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired

    private PasswordEncoder passwordEncoder;

    @Autowired

    private AuthenticationManager authenticationManager;

    @Autowired

    private UserService userService;

    @Autowired

    @Qualifier("redisTokenStore")

    private TokenStore tokenStore;

    /**

     * 密码模式采用AuthorizationServerEndpointsConfigurer配置

     * @param endpoints

     * @throws Exception

     */

    @Override

    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

        endpoints.authenticationManager(authenticationManager)

                .userDetailsService(userService)

          		//token存储

                .tokenStore(tokenStore);

    }

    /**

     * 授权码模式采用ClientDetailsServiceConfigurer

     * @param clients

     * @throws Exception

     */

    @Override

    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

        clients.inMemory()

                .withClient("admin")

                .secret(passwordEncoder.encode("112233"))

                .accessTokenValiditySeconds(3600)

                .redirectUris("http://www.baidu.com")

                .scopes("all")

                //配置grant_type,表示授权码授权

                //.authorizedGrantTypes("authorization_code");

                //密码模式

                .authorizedGrantTypes("password");

    }

}

2.7 创建资源服务

package com.dashi.springsecurityoauth.config;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;

import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

@Configuration

@EnableResourceServer

public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Override

    public void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()

                .anyRequest()

                .authenticated()

                .and()

                .requestMatchers()

          		//以/user开头的地址根据token访问资源

                .antMatchers("/user/**");

    }

}

2.8 打开postman,填入下面内容获取token

2.9 通过token访问授保护的资源

2.8 redis存储,通过RDM发现token已经存储在redis中了

redis存储token的更多相关文章

  1. 讨论两种Redis中Token的存储方式

    摘要:本文讨论一个问题:存储token时,token与对应用户id谁来作为key? 问题起源问题起源于要给公司的后台管理系统添加权限管理,选用的是开源框架shiro,而原本系统上是采用token做了登 ...

  2. nginx+iis+redis+Task.MainForm构建分布式架构 之 (redis存储分布式共享的session及共享session运作流程)

    本次要分享的是利用windows+nginx+iis+redis+Task.MainForm组建分布式架构,上一篇分享文章制作是在windows上使用的nginx,一般正式发布的时候是在linux来配 ...

  3. RESTful登录设计(基于Spring及Redis的Token鉴权)

    转载自:http://www.scienjus.com/restful-token-authorization/ http://m.blog.csdn.net/article/details?id=4 ...

  4. Redis存储Tomcat集群的Session

    Redis存储Tomcat集群的Session 如何 做到把新开发的代码推送到到生产系统中部署,生产系统要能够零宕机.对使用用户零影响. 设想 是使用集群来搞定,通过通知负载均衡Nginx,取下集群中 ...

  5. redis 存储session实现session共享

    nginx 作为代理 tomcat集群 redis存储共享session nginx采用轮询方式将动态请求反向代理给tomcat,tomcat通过加载相应jar包方式实现获得redis中共享的sess ...

  6. Tomcat 使用Redis存储Session

    Tomcat Redis Session Github 地址. 下载 commons-pool2-2.2.jar,jedis-2.5.2.jar,tomcat-redis-session-manage ...

  7. Asp.net Core 使用Redis存储Session

    前言 Asp.net Core 改变了之前的封闭,现在开源且开放,下面我们来用Redis存储Session来做一个简单的测试,或者叫做中间件(middleware). 对于Session来说褒贬不一, ...

  8. php使用redis存储

    一.Redis扩展模块 # wget https://codeload.github.com/phpredis/phpredis/zip/develop -O phpredis.zip # unzip ...

  9. Redis 存储、查询

    [TOC] 数据存储 假设我们在MySQL数据库中有这样一张表: mysql> desc user_info; Field Type Null Key Default Extra id int( ...

随机推荐

  1. 实用的linux 命令

    1. 查看当前文件夹下文件或文件夹所占磁盘的大小 du -sh *|sort -rh 2. 查找某个进程号,脚本或程序所在目录的方法 ll /proc/进程id 3. awk 的用法 (1)累加: a ...

  2. mysql 相关练习题

    /* 自己查询自己 把一张表看成是两张表. 表的设计. SELECT * FROM depart; SELECT d1. NAME '部门', d2. NAME '分部门' FROM depart d ...

  3. 火爆的文字游戏你玩了吗?「GitHub 热点速览 v.22.06」

    不知道你有没有被 Wordle 这款游戏刷屏,在本期热点速览的特推部分选了一个 React 编写的开源版本同你分享,而本次公众号摘要也是一个提示, 只不过这个只能盲猜了.别小瞧 Wordle 这个游戏 ...

  4. python办公自动化系列之金蝶K3自动登录(一)

    做办公自动化的小伙伴都知道,驱动SAP GUI我们有SAP原生提供的[脚本录制与回放]以及SAP Scripting API可参考:驱动Office Excel等,我们有微软提供的[录制宏]功能:驱动 ...

  5. 统信UOS系统部署.Net Core 5.0

    平时很少用Linux,需要的时候才查资料,记录下遇到的问题和解决办法.这次部署的系统是统信UOS,arm64位CPU 第一步:安装.Net Core 5.0运行环境 统信UOS是基于Debian 10 ...

  6. RedHat Linux 忘记密码

    一.无法进入系统 在虚拟机开机3秒时按e 选择第二个选项带有quite的那个 进入界面后,在quite后,空格+single 进入单用户模式 然后输入passwd +账号(要修改的账号) 输入新的密码 ...

  7. 友盟分享,极光推送Demo

    友盟分享SDK下载及官方文档 http://dev.umeng.com/social/ios/detail-share 1.注册应用获取App友盟Appkey(556d14ad67e58eb08400 ...

  8. MySQL事务以及存储引擎

    MySQL事务以及存储引擎 目录 MySQL事务以及存储引擎 一.事务 1. 事务的概念 2. 事务的ACID特点 (1)原子性 (2)一致性 (3)隔离性 ①事务之间的相互影响 ②MySQL事务支持 ...

  9. Solution -「多校联训」古老的序列问题

    \(\mathcal{Description}\)   Link.   给定序列 \(\{a_n\}\),和 \(q\) 次形如 \([L,R]\) 的询问,每次回答 \[\sum_{[l,r]\su ...

  10. CentOS 7.6 部署 GlusterFS 分布式存储系统

    文章目录 GlusterFS简介 环境介绍 开始GlusterFS部署 配置hosts解析 配置GlusterFS 创建文件系统 安装GlusterFS 启动GlusterFS 将节点加入到主机池 创 ...