redis存储token

欢迎关注博主公众号「Java大师」, 专注于分享Java领域干货文章http://www.javaman.cn/sb2/redis-token

在实际开发中,token需要保存在redis中,今天我们就来介绍下token怎么存储在redis中

密码模式实现代码

2.1 创建pom.xml

<?xml version="1.0" encoding="UTF-8"?>

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">

    <modelVersion>4.0.0</modelVersion>

    <parent>

        <groupId>org.springframework.boot</groupId>

        <artifactId>spring-boot-starter-parent</artifactId>

        <version>2.2.6.RELEASE</version>

        <relativePath/> <!-- lookup parent from repository -->

    </parent>

    <groupId>com.dashi</groupId>

    <artifactId>springsecurity-oauth</artifactId>

    <version>0.0.1-SNAPSHOT</version>

    <name>springsecurity-oauth</name>

    <description>Demo project for Spring Boot</description>

    <properties>

        <java.version>1.8</java.version>

        <spring-cloud.version>Greenwich.SR2</spring-cloud.version>

    </properties>

    <dependencies>

        <dependency>

            <groupId>org.springframework.cloud</groupId>

            <artifactId>spring-cloud-starter-oauth2</artifactId>

            <version>2.2.5.RELEASE</version>

        </dependency>

        <!--security依赖-->

        <dependency>

            <groupId>org.springframework.cloud</groupId>

            <artifactId>spring-cloud-starter-security</artifactId>

            <version>2.2.5.RELEASE</version>

        </dependency>

        <!--boot依赖-->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter</artifactId>

        </dependency>

        <!--boot依赖-->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-web</artifactId>

        </dependency>

        <!--test依赖-->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-test</artifactId>

            <scope>test</scope>

        </dependency>

        <!--redis依赖 -->

        <dependency>

            <groupId>org.springframework.boot</groupId>

            <artifactId>spring-boot-starter-data-redis</artifactId>

        </dependency>

        <!--commons-pool2对象依赖 -->

        <dependency>

            <groupId>org.apache.commons</groupId>

            <artifactId>commons-pool2</artifactId>

        </dependency>

    </dependencies>

    <build>

        <plugins>

            <plugin>

                <groupId>org.springframework.boot</groupId>

                <artifactId>spring-boot-maven-plugin</artifactId>

            </plugin>

        </plugins>

    </build>

    <dependencyManagement>

        <dependencies>

            <dependency>

                <groupId>org.springframework.cloud</groupId>

                <artifactId>spring-cloud-dependencies</artifactId>

                <version>${spring-cloud.version}</version>

                <type>pom</type>

                <scope>import</scope>

            </dependency>

        </dependencies>

    </dependencyManagement>

</project>

2.2 创建springsecurity配置文件

package com.dashi.springsecurityoauth.config;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration

@EnableWebSecurity

public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean

    public PasswordEncoder passwordEncoder(){

        return new BCryptPasswordEncoder();

    }

    @Bean

    public AuthenticationManager authenticationManager() throws Exception {

        return super.authenticationManager();

    }

    @Override

    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable()

                .authorizeRequests()

                .antMatchers("/oauth/**","/login/**","/logout/**")

                .permitAll()

                .anyRequest()

                .authenticated()

                .and()

                .formLogin()

                .permitAll();

    }

}

2.3 创建UserService实现UserDetailService接口

package com.dashi.springsecurityoauth.model;

import org.springframework.security.core.GrantedAuthority;

import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;

import java.util.List;

public class User implements UserDetails {

    private String username;

    private String password;

    private List<GrantedAuthority> authorities;

    public User(String username, String password, List<GrantedAuthority> authorities) {

        this.username = username;

        this.password = password;

        this.authorities = authorities;

    }

    @Override

    public Collection<? extends GrantedAuthority> getAuthorities() {

        return this.authorities;

    }

    @Override

    public String getPassword() {

        return this.password;

    }

    @Override

    public String getUsername() {

        return this.username;

    }

    @Override

    public boolean isAccountNonExpired() {

        return true;

    }

    @Override

    public boolean isAccountNonLocked() {

        return true;

    }

    @Override

    public boolean isCredentialsNonExpired() {

        return true;

    }

    @Override

    public boolean isEnabled() {

        return true;

    }

}

2.4 创建redis配置

package com.dashi.springsecurityoauth.config;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.data.redis.connection.RedisConnectionFactory;

import org.springframework.security.oauth2.provider.token.TokenStore;

import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;

@Configuration

public class RedisConfig {

    @Autowired

    private RedisConnectionFactory redisConnectionFactory;

    @Bean

    public TokenStore redisTokenStore(){

        return new RedisTokenStore(redisConnectionFactory);

    }

}

2.5 application.properties配置文件修改

spring.redis.host=localhost

2.6 创建认证服务

package com.dashi.springsecurityoauth.config;

import com.dashi.springsecurityoauth.service.UserService;

import org.springframework.beans.factory.annotation.Autowired;

import org.springframework.beans.factory.annotation.Qualifier;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.authentication.AuthenticationManager;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;

import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;

import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;

import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;

import org.springframework.security.oauth2.provider.token.TokenStore;

@Configuration

@EnableAuthorizationServer

public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {

    @Autowired

    private PasswordEncoder passwordEncoder;

    @Autowired

    private AuthenticationManager authenticationManager;

    @Autowired

    private UserService userService;

    @Autowired

    @Qualifier("redisTokenStore")

    private TokenStore tokenStore;

    /**

     * 密码模式采用AuthorizationServerEndpointsConfigurer配置

     * @param endpoints

     * @throws Exception

     */

    @Override

    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {

        endpoints.authenticationManager(authenticationManager)

                .userDetailsService(userService)

          		//token存储

                .tokenStore(tokenStore);

    }

    /**

     * 授权码模式采用ClientDetailsServiceConfigurer

     * @param clients

     * @throws Exception

     */

    @Override

    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {

        clients.inMemory()

                .withClient("admin")

                .secret(passwordEncoder.encode("112233"))

                .accessTokenValiditySeconds(3600)

                .redirectUris("http://www.baidu.com")

                .scopes("all")

                //配置grant_type,表示授权码授权

                //.authorizedGrantTypes("authorization_code");

                //密码模式

                .authorizedGrantTypes("password");

    }

}

2.7 创建资源服务

package com.dashi.springsecurityoauth.config;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;

import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

@Configuration

@EnableResourceServer

public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    @Override

    public void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests()

                .anyRequest()

                .authenticated()

                .and()

                .requestMatchers()

          		//以/user开头的地址根据token访问资源

                .antMatchers("/user/**");

    }

}

2.8 打开postman,填入下面内容获取token

2.9 通过token访问授保护的资源

2.8 redis存储,通过RDM发现token已经存储在redis中了

redis存储token的更多相关文章

  1. 讨论两种Redis中Token的存储方式

    摘要:本文讨论一个问题:存储token时,token与对应用户id谁来作为key? 问题起源问题起源于要给公司的后台管理系统添加权限管理,选用的是开源框架shiro,而原本系统上是采用token做了登 ...

  2. nginx+iis+redis+Task.MainForm构建分布式架构 之 (redis存储分布式共享的session及共享session运作流程)

    本次要分享的是利用windows+nginx+iis+redis+Task.MainForm组建分布式架构,上一篇分享文章制作是在windows上使用的nginx,一般正式发布的时候是在linux来配 ...

  3. RESTful登录设计(基于Spring及Redis的Token鉴权)

    转载自:http://www.scienjus.com/restful-token-authorization/ http://m.blog.csdn.net/article/details?id=4 ...

  4. Redis存储Tomcat集群的Session

    Redis存储Tomcat集群的Session 如何 做到把新开发的代码推送到到生产系统中部署,生产系统要能够零宕机.对使用用户零影响. 设想 是使用集群来搞定,通过通知负载均衡Nginx,取下集群中 ...

  5. redis 存储session实现session共享

    nginx 作为代理 tomcat集群 redis存储共享session nginx采用轮询方式将动态请求反向代理给tomcat,tomcat通过加载相应jar包方式实现获得redis中共享的sess ...

  6. Tomcat 使用Redis存储Session

    Tomcat Redis Session Github 地址. 下载 commons-pool2-2.2.jar,jedis-2.5.2.jar,tomcat-redis-session-manage ...

  7. Asp.net Core 使用Redis存储Session

    前言 Asp.net Core 改变了之前的封闭,现在开源且开放,下面我们来用Redis存储Session来做一个简单的测试,或者叫做中间件(middleware). 对于Session来说褒贬不一, ...

  8. php使用redis存储

    一.Redis扩展模块 # wget https://codeload.github.com/phpredis/phpredis/zip/develop -O phpredis.zip # unzip ...

  9. Redis 存储、查询

    [TOC] 数据存储 假设我们在MySQL数据库中有这样一张表: mysql> desc user_info; Field Type Null Key Default Extra id int( ...

随机推荐

  1. TensorFlow 机器学习秘籍中文第二版·翻译完成

    原文:TensorFlow Machine Learning Cookbook 协议:CC BY-NC-SA 4.0 不要担心自己的形象,只关心如何实现目标.--<原则>,生活原则 2.3 ...

  2. Git常用命令(超实用)

    Git常用命令 一.Git常用命令 1.1 创建SSH Key 1.2 仓库 1.3 增加/删除文件 1.4 代码提交 1.5 分支 1.6 标签 1.7 查看信息 1.8 远程同步 1.9 撤销 1 ...

  3. Mysql8.0主从配置

    环境Centos7.6 ,mysql8.0 Mysql主从配置 1.1 配置环境: 本人在vm下做的实验,linux版本是centos的7.0版本,然后Mysql版本为此时较新的8.0.13版本.做最 ...

  4. 无法加载 mcrypt (外链,英语) 扩展,请检查您的 PHP 配置。

    转载请注明来源:https://www.cnblogs.com/hookjc/ 需要安装libcrytp,在下面的地址下载libmarypt: ftp://mcrypt.hellug.gr/pub/c ...

  5. opencv结构IplImage

    转载请注明来源:https://www.cnblogs.com/hookjc/ typedef struct _IplImage{int nSize;                    /* Ip ...

  6. 通过Python自带模块SimpleHTTPServer快速共享服务的配置文件

    简介 SimpleHTTPServer是Python 2自带的一个模块,是Python的Web服务器,简单小巧,快速启动. 它在Python 3已经合并到http.server模块中. SimpleH ...

  7. OC和C对比

    1.源文件对比 C语言中常见源文件.h头文件,.c文件 文件扩展名 源类型 .h 头文件,用于存放函数声明 .c C语言源文件,用于实现头文件中声明的方法 OC中的源文件.h头文件,.m与.mm的实现 ...

  8. Keepalived配置与使用(1)

    介绍 Keepalived是一个基于VRRP协议来实现的WEB服务高可用方案,可以利用其来避免单点故障.一个WEB服务至少会有2台服务器运行Keepalived,一台为主服务器(MASTER),一台为 ...

  9. .netcore基础知识(一)

    先来说说web服务器  先来一张图 一个典型的进程外托管模型 我们先看kestrel这一部分 我们在它前面放了一个方向代理服务器nginx 对http请求做预处理 kestrel本身是可以直接用作we ...

  10. MLlib学习——基本数据类型

    数据类型--基于RDD的API 本地矢量 标记点 本地矩阵 分布式矩阵 RowMatrix(行矩阵) IndexedRowMatrix(索引行矩阵) CoordinateMatrix(坐标矩阵) Bl ...