springboot security jwt aouth2整合完整代码
时间: 2023-10-03 14:06:28 浏览: 118
这是一个基于Spring Boot、Spring Security、JWT和OAuth2的示例项目,实现了用户注册、登录、注销、刷新令牌、访问受保护资源等功能。
## 技术栈
- Spring Boot 2.5.4
- Spring Security 5.5.1
- Spring Data JPA 2.5.4
- MySQL 8.0.26
- JWT 0.11.2
- OAuth2 2.5.4
- Lombok 1.18.20
## 数据库配置
在MySQL数据库中新建一个名为`springboot_security_jwt_oauth2`的数据库,执行以下SQL语句创建用户表:
```sql
CREATE TABLE `user` (
`id` bigint(20) NOT NULL AUTO_INCREMENT COMMENT '主键ID',
`username` varchar(255) NOT NULL COMMENT '用户名',
`password` varchar(255) NOT NULL COMMENT '密码',
`enabled` tinyint(1) NOT NULL DEFAULT '1' COMMENT '是否启用',
`create_time` datetime NOT NULL COMMENT '创建时间',
PRIMARY KEY (`id`),
UNIQUE KEY `uk_username` (`username`)
) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=utf8mb4 COMMENT='用户表';
```
## 项目结构
```
├── src/main/java
│ └── com
│ └── example
│ └── demo
│ ├── DemoApplication.java
│ ├── config
│ │ ├── JwtConfig.java
│ │ ├── MyPasswordEncoder.java
│ │ └── SecurityConfig.java
│ ├── controller
│ │ ├── LoginController.java
│ │ └── UserController.java
│ ├── dao
│ │ ├── UserRepository.java
│ │ └── UserRoleRepository.java
│ ├── entity
│ │ ├── User.java
│ │ └── UserRole.java
│ ├── exception
│ │ ├── JwtAuthenticationException.java
│ │ └── UserNotFoundException.java
│ ├── service
│ │ ├── AuthService.java
│ │ ├── UserService.java
│ │ └── impl
│ │ ├── AuthServiceImpl.java
│ │ └── UserServiceImpl.java
│ ├── util
│ │ ├── JwtTokenUtil.java
│ │ └── JwtUserDetailsService.java
│ └── web
│ ├── JwtAuthenticationEntryPoint.java
│ ├── JwtAuthenticationFilter.java
│ ├── JwtAuthorizationFilter.java
│ ├── RestResponse.java
│ └── UserNotFoundExceptionHandler.java
└── src/main/resources
├── application.properties
├── static
└── templates
```
- `config`:Spring Security和JWT的配置类
- `controller`:控制器类,处理请求和响应
- `dao`:数据访问层,使用Spring Data JPA实现
- `entity`:实体类
- `exception`:异常类
- `service`:服务层接口和实现类
- `util`:工具类,包括JWT生成和解析、用户认证等
- `web`:Web相关类,包括异常处理、JWT过滤器等
## API文档
### 用户注册
- URL:`/api/register`
- Method:POST
- Request:
```json
{
"username": "test",
"password": "123456"
}
```
- Response:
```json
{
"code": 200,
"message": "注册成功",
"data": {
"id": 1,
"username": "test",
"password": "$2a$10$8uFJ3zZB.Sd7K3YB2K3Y/OfVhF4oJXeS3j0R2A3RG1c2UJWuXkSdC",
"enabled": true,
"createTime": "2021-10-01T08:16:28.000+00:00"
}
}
```
### 用户登录
- URL:`/api/login`
- Method:POST
- Request:
```json
{
"username": "test",
"password": "123456"
}
```
- Response:
```json
{
"code": 200,
"message": "登录成功",
"data": {
"accessToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX1VTRVIiLCJleHAiOjE2MzI5NjQwODh9.5Syf8x3CZaLl0yHrXyXjJ4Qz4jJnVR3S4yIDg6GQ6puknFkJ9QWgJzJ5pB0tZzHfrGz2K1VJvJkHrOjLUQJWzA",
"tokenType": "Bearer",
"expiresIn": 3600
}
}
```
### 用户注销
- URL:`/api/logout`
- Method:POST
- Request Header:
```
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX1VTRVIiLCJleHAiOjE2MzI5NjQwODh9.5Syf8x3CZaLl0yHrXyXjJ4Qz4jJnVR3S4yIDg6GQ6puknFkJ9QWgJzJ5pB0tZzHfrGz2K1VJvJkHrOjLUQJWzA
```
- Response:
```json
{
"code": 200,
"message": "注销成功"
}
```
### 刷新令牌
- URL:`/api/refresh`
- Method:POST
- Request Header:
```
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX1VTRVIiLCJleHAiOjE2MzI5NjQwODh9.5Syf8x3CZaLl0yHrXyXjJ4Qz4jJnVR3S4yIDg6GQ6puknFkJ9QWgJzJ5pB0tZzHfrGz2K1VJvJkHrOjLUQJWzA
```
- Response:
```json
{
"code": 200,
"message": "刷新令牌成功",
"data": {
"accessToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX1VTRVIiLCJleHAiOjE2MzI5NjQxMzQsImlhdCI6MTYzMjk2MDUzNH0.2hWq8dLJ7s9G6MqQ8Gg7kNvGzeOaJQFb4eBZ9RcB6N8lP3kglz8W_KXMh8r4oJZkzy5HOVZrB5YSEKNxZyY5lg",
"tokenType": "Bearer",
"expiresIn": 3600
}
}
```
### 获取当前用户信息
- URL:`/api/user/info`
- Method:GET
- Request Header:
```
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ0ZXN0Iiwicm9sZXMiOiJST0xFX1VTRVIiLCJleHAiOjE2MzI5NjQxMzQsImlhdCI6MTYzMjk2MDUzNH0.2hWq8dLJ7s9G6MqQ8Gg7kNvGzeOaJQFb4eBZ9RcB6N8lP3kglz8W_KXMh8r4oJZkzy5HOVZrB5YSEKNxZyY5lg
```
- Response:
```json
{
"code": 200,
"message": "获取用户信息成功",
"data": {
"id": 1,
"username": "test",
"password": null,
"enabled": true,
"createTime": "2021-10-01T08:16:28.000+00:00",
"authorities": [
{
"authority": "ROLE_USER"
}
]
}
}
```
### 获取所有用户信息
- URL:`/api/user/all`
- Method:GET
- Response:
```json
{
"code": 200,
"message": "获取所有用户信息成功",
"data": [
{
"id": 1,
"username": "test",
"password": null,
"enabled": true,
"createTime": "2021-10-01T08:16:28.000+00:00",
"authorities": [
{
"authority": "ROLE_USER"
}
]
}
]
}
```
## 完整代码
完整代码请参考[GitHub](https://github.com/zhongshijun/springboot-security-jwt-oauth2)。
阅读全文