SpringBoot單點登錄實現(xiàn)過程詳細分析

更新時間：2022年12月02日 16:52:33 作者：披著星光的鯨魚

這篇文章主要介紹了SpringBoot單點登錄實現(xiàn)過程，單點登錄英文全稱Single?Sign?On，簡稱就是SSO。它的解釋是：在多個應(yīng)用系統(tǒng)中，只需要登錄一次，就可以訪問其他相互信任的應(yīng)用系統(tǒng)

1.具體實現(xiàn)步驟

添加攔截器,設(shè)置UUID作為唯一標(biāo)識，存入數(shù)據(jù)庫中

通過當(dāng)前登陸者的賬戶進行查詢

如果當(dāng)前登陸者session中存入的UUID與我們數(shù)據(jù)庫中的UUID值相同則通過

否則返回false,表示已在其他設(shè)備或瀏覽器登錄登錄

2.代碼展示

首先我們新建一個Spring項目

添加以下幾個依賴

yml配置文件

server:
port: 8080
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://127.0.0.1:3306/userdb?characterEncoding=utf-8&&severTimezone=utc
username: root
password: root
thymeleaf:
mode: HTML5
cache: false
suffix: .html
prefix: classpath:/templates/
mybatis:
mapper-locations: classpath:/mapper/*.xml #引入mapper文件
type-aliases-package: com.bdqn.springsso.pojo #引入類型別名

pom.xml配置文件

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.5</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.bdqn</groupId>
    <artifactId>springsso</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>springsso</name>
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>1.8</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.mybatis.spring.boot</groupId>
            <artifactId>mybatis-spring-boot-starter</artifactId>
            <version>2.2.2</version>
        </dependency>
        <dependency>
            <groupId>com.mysql</groupId>
            <artifactId>mysql-connector-j</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <excludes>
                        <exclude>
                            <groupId>org.projectlombok</groupId>
                            <artifactId>lombok</artifactId>
                        </exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>
</project>

后臺代碼

在java目錄下建立以下幾個包，并在resources中建立mapper包

首先進行 pojo層實體類User 的編寫

注意：在MySQL中創(chuàng)建表時 uuid 的數(shù)據(jù)類型為 varchar 長度一定要給大一點不然就會運行報錯

package com.bdqn.springsso.pojo;
import lombok.Data;
@Data
public class User {
    //用戶id
    private Integer id;
    //賬戶
    private String username;
    //密碼
    private String password;
    //uuid
    private String uuid;
}

再進行 mapper層 UserMapper接口的編寫

package com.bdqn.springsso.mapper;
import com.bdqn.springsso.pojo.User;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
@Mapper
public interface UserMapper {
    //根據(jù)姓名和密碼查詢
    User chekLogin(@Param("username") String username, @Param("password") String password);
    //根據(jù)姓名修改uuid
    void update(@Param("uuid") String uuid,@Param("username") String username);
    //根據(jù)姓名查詢uuid
    String getUUID(@Param("username") String username);
}

再進行 service層 UserService 和 UserServiceImpl 的編寫

package com.bdqn.springsso.service;
import com.bdqn.springsso.pojo.User;
public interface UserService {
    //根據(jù)姓名和密碼查詢
    User chekLogin(String username, String password);
    //根據(jù)姓名修改uuid
    void update(String uuid,String username);
}

package com.bdqn.springsso.service;
import com.bdqn.springsso.mapper.UserMapper;
import com.bdqn.springsso.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@Service
public class UserServiceImpl implements UserService {
    @Autowired
    private UserMapper userMapper;
    @Override
    public User chekLogin(String username, String password) {
        return userMapper.chekLogin(username,password);
    }
    @Override
    public void update(String uuid,String username) {
        userMapper.update(uuid,username);
    }
}

再是 interceptor層 UserInterceptor攔截器的編寫

package com.bdqn.springsso.interceptor;
import com.bdqn.springsso.mapper.UserMapper;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class UserInterceptor implements HandlerInterceptor {
    private UserMapper userMapper;
    public UserInterceptor(UserMapper userMapper){
        this.userMapper=userMapper;
    }
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HttpSession session = request.getSession();
        String username = (String) session.getAttribute("username");
        //數(shù)據(jù)庫
        String UUID=userMapper.getUUID(username);
        //session
        String uuid = (String)session.getAttribute("uuid");
        System.out.println("uuid = " + uuid);
        System.out.println("UUID = " + UUID);
        if(UUID.equals(uuid)){
            return true;
        }else  {
            System.out.println("攔截"+request.getRequestURI());
            response.sendRedirect("/login");
            response.setStatus(401);
            return false;
        }
    }
}

再是 controller層 UserController

package com.bdqn.springsso.controller;
import com.bdqn.springsso.pojo.User;
import com.bdqn.springsso.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
import java.util.UUID;
@Controller
@CrossOrigin
public class UserController {
    @Autowired
    private UserService userService;
    //登錄
    @RequestMapping("/")
    public String goLogin(){
        return "login";
    }
    //登錄驗證
    @RequestMapping("/login")
    public String chekLogin(String username, String password, HttpSession session){
        User user=userService.chekLogin(username,password);
        if (user==null){
            return  "login";
        }else {
            session.setAttribute("username",username);
            String uuid= UUID.randomUUID().toString().replace("-", "");
            System.out.println("uuid = " + uuid);
            userService.update(uuid,username);
            session.setAttribute("uuid",uuid);
            return "index";
        }
    }
    //測試
    @RequestMapping("/test")
    @ResponseBody
    public String test(){
        return "成功";
    }
}

再是 config層 MvcConfig 的編寫

package com.bdqn.springsso.config;
import com.bdqn.springsso.interceptor.UserInterceptor;
import com.bdqn.springsso.mapper.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class MvcConfig implements WebMvcConfigurer {
    @Autowired
    private UserMapper userMapper;
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //添加攔截器，排除/路徑和 /login路徑
        registry.addInterceptor(new UserInterceptor(userMapper))
                .excludePathPatterns("/","/login");
    }
}

最后是 userMapper.xml 的編寫

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.bdqn.springsso.mapper.UserMapper">
    <update id="update">
        update user set uuid=#{uuid} where username=#{username}
    </update>
    <select id="chekLogin" resultType="com.bdqn.springsso.pojo.User">
        select * from user where username=#{username} and password=#{password}
    </select>
    <select id="getUUID" resultType="java.lang.String">
        select uuid from user where username=#{username}
    </select>
</mapper>

前臺代碼

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
  <meta charset="UTF-8">
  <title>Login Module</title>
</head>
<body>
<h1 style="text-align: center">歡迎來到登錄頁面</h1>
<form style="text-align: center" th:action="@{/login}" method="post">
  用戶：<input type="text" name="username"><br>
  密碼：<input type="password" name="password"><br>
  <button type="submit">登錄</button>
</form>
</body>
</html>

index.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>登錄成功</h1>
<a th:href="@{/test}" rel="external nofollow" >測試</a>
</body>
</html>