# SpringSecurity+JWT Demo **Repository Path**: renqiang_ok/spring-security-jwt-quick-start ## Basic Information - **Project Name**: SpringSecurity+JWT Demo - **Description**: 新版本SpringSecurity + JWT SpringBoot2.7.3 MyBatisPlus + Postgres - **Primary Language**: Java - **License**: Not specified - **Default Branch**: master - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 1 - **Created**: 2022-09-28 - **Last Updated**: 2022-09-28 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Desc SpringBoot2.7.0之后pringSecurity进行了一次升级, 借此机会重新复习一下SpringSecurity + JWT实现认证过程 ## ENV | 工具/框架 | 版本 | |--------------|----------| | Ubuntu | 22.04.1 | | IDEA | 2022.2.1 | | JDK | 17.03 | | MAVEN | 3.8.1 | | SpringBoot | 2.7.3 | | MyBatis-Plus | 3.5.2 | | springdoc | 1.6.11 | | fastjson | 2.0.12 | | jjwt | 0.11.5 | | hutool | 5.8.5 | ### Postgres ```shell sudo docker pull postgres:14 sudo docker run -d --name pg14 -p 5414:5432 -e POSTGRES_PASSWORD=123456 postgres:14 ``` ### Redis ```shell sudo docker pull redis:6 sudo docker run -d --name redis6 -p 6379:6379 redis:6 ``` ## Tag说明 ```shell # 显示tag列表,并显示描述信息 git tag -n ``` 1. v0.0.1 默认用户名user,密码在控制台 2. v0.0.2 配置固定用户名密码 3. v0.0.3 内存管理用户信息 4. v0.0.4 忽略配置 5. v0.0.5 角色判断 6. v0.0.6 自定义认证接口 7. v0.0.7 整合jwt 8. v0.0.8 基于数据库的认证 9. v0.0.9 密码加密存储 10. v0.1.0 多个密码加密算法并存 ## 其他 ### 新版(springboot2.7.x或者Spring Security 5.7.0-M2)升级 官方说明: > https://spring.io/blog/2022/02/21/spring-security-without-the-websecurityconfigureradapter passwordEncoder变更说明: > https://docs.spring.io/spring-security/site/docs/5.0.13.RELEASE/reference/html/core-services.html#pe-dpe ```txt {id}encodedPassword Such that id is an identifier used to look up which PasswordEncoder should be used and encodedPassword is the original encoded password for the selected PasswordEncoder. The id must be at the beginning of the password, start with { and end with }. If the id cannot be found, the id will be null. For example, the following might be a list of passwords encoded using different id. All of the original passwords are "password". {bcrypt}$2a$10$dXJ3SW6G7P50lGmMkkmwe.20cQQubK3.HZWzG3YB1tlRy.fqvM/BG 1 {noop}password 2 {pbkdf2}5d923b44a6 ``` ### Actuator 官方说明: > https://docs.spring.io/spring-boot/docs/2.7.3/reference/htmlsingle/#actuator.endpoints 配合security需要设置一下,我们这里采用直接忽略的方式,生产环境不可取