2023-10-25

百度地图api入门

高德地图同理

申请ak

百度地图api
然后去控制台咯
应用管理
我的应用
创建
选择浏览器端
看人家写的字妈的

整合vue

index.html中加入<script type="text/javascript" src="https://api.map.baidu.com/getscript?v=3.0&ak=mabprYrnx9ibaol35dSI7eGqGGLR3A2H"></script>注意是getscript不是api
加入div设置id为[id]
方法放入onMounted中
记得设置格式不然成长条了

api

这东西还是不要用ts了，满屏幕红吓死了

大多数

// 创建map
const map = new BMapGL.Map('map');
// 创建标点
const point = new BMapGL.Point(116.404, 39.915);
// 设置中心点和放大倍数
map.centerAndZoom(point, 9);
// 允许滚轮缩放
map.enableScrollWheelZoom(true);
// 3d视图（加个角度咯）
map.setHeading(64.5);   //设置地图旋转角度
map.setTilt(73);       //设置地图的倾斜角度
// 标记，标点
map.addOverlay(new BMap.Marker(point));
// 跳转
map.panTo(point);

少数

// 设置地图类型为地球模式
map.setMapType(BMAP_EARTH_MAP);
1.标准地图：BMAP_NORMAL_MAP
2.地球模式：BMAP_EARTH_MAP
3.普通卫星地图：BMAP_SATELLITE_MAP
// 添加控件
// 个性化制图
// 。。。

问题

报错

A parser-blocking, cross site (i.e. different eTLD+1) script

把script中的api改成getScript

和官网不一致

仔细读文档啊铁咩

scipt是1.0版本外加type=webgl

然后就可以按照官网的写BMapGL了

2023-10-25

oauth入门

认证服务器

依赖

<dependencies>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-security</artifactId>
        <version>2.2.5.RELEASE</version>
    </dependency>
    <dependency>
        <groupId>org.springframework.cloud</groupId>
        <artifactId>spring-cloud-starter-oauth2</artifactId>
        <version>2.2.5.RELEASE</version><!-- 这一行不加可能会报错 -->
    </dependency>

    <!--    seata和oauth的神奇反应    -->
    <dependency>
        <groupId>com.alibaba.cloud</groupId>
        <artifactId>spring-cloud-starter-alibaba-seata</artifactId>
        <scope>test</scope>
    </dependency>

认证服务器

package cn.sdadgz.oauth;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;

/**
 * 授权服务器
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/8 16:39:17
 */
@Configuration
@EnableAuthorizationServer
@RequiredArgsConstructor
public class AuthorizationServer extends AuthorizationServerConfigurerAdapter {

    private final AuthorizationCodeServices authorizationCodeServices;
    private final AuthenticationManager authenticationManager;
    private final UserDetailsService userDetailsService;
    private final AuthorizationServerTokenServices tokenServices;
    private final PasswordEncoder passwordEncoder;

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        // 客户端详情服务
        clients.inMemory()
                .withClient("client1") // 客户端名字
                .secret(passwordEncoder.encode("123456")) // 密文
                .resourceIds("/test") // 拥有的资源列表
                .authorizedGrantTypes("authorization_code", "password", "client_credentials", "implicit", "refresh_token") // 允许的授权方式
                .scopes("all") // 允许的授权范围
                .autoApprove(false) // false，手动点授权
                .redirectUris("https://sdadgz.cn"); // 回调地址
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints
                .authenticationManager(authenticationManager)
                .userDetailsService(userDetailsService)
                .authorizationCodeServices(authorizationCodeServices)
                .tokenServices(tokenServices)
                .allowedTokenEndpointRequestMethods(HttpMethod.POST);
    }

    @Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        security
                .tokenKeyAccess("permitAll()") // oauth/token_key
                .checkTokenAccess("permitAll()") // oauth/check_token
                .allowFormAuthenticationForClients();
    }

}

token存储

uuid存储

package cn.sdadgz.oauth;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;

/**
 * 令牌配置
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/8 18:47:58
 */
@Configuration
@RequiredArgsConstructor
public class TokenConfig {

    @Bean
    public TokenStore tokenStore() {
        return new InMemoryTokenStore();
    }

}

jwt存储

package cn.sdadgz.oauth;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.InMemoryTokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

/**
 * 令牌配置
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/8 18:47:58
 */
@Configuration
@RequiredArgsConstructor
public class TokenConfig {
    
    public static final String SIGN_KEY = "password";

    @Bean
    public TokenStore tokenStore(){
        return new JwtTokenStore(accessTokenConverter());
    }

    @Bean
    public JwtAccessTokenConverter accessTokenConverter(){
        JwtAccessTokenConverter converter = new JwtAccessTokenConverter();
        converter.setSigningKey(SIGN_KEY);
        return converter;
    }

}

UserDetails用户

package cn.sdadgz.oauth;

import cn.hutool.extra.spring.SpringUtil;
import lombok.NoArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.password.PasswordEncoder;

import java.util.Collection;

/**
 * 登录用的角色
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/26 15:21:19
 */
@NoArgsConstructor
public class OauthUser implements UserDetails {

    private static final PasswordEncoder passwordEncoder = SpringUtil.getBean(PasswordEncoder.class);

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return null;
    }

    @Override
    public String getPassword() {
        return passwordEncoder.encode("123456");
    }

    @Override
    public String getUsername() {
        return "root";
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}

UserDetialsService用户查询

package cn.sdadgz.oauth;

import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

/**
 * 用户详情实现类
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/26 14:41:50
 */
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        return new OauthUser();
    }
}

WebsecurityConfig安全配置

正常配置

package cn.sdadgz.oauth;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.code.InMemoryAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.token.AuthorizationServerTokenServices;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;

/**
 * 安全配置
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/22 20:46:04
 */
@Configuration
@RequiredArgsConstructor
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    private final TokenStore tokenStore;
    private final ClientDetailsService clientDetailsService;

    @Bean
    public AuthorizationServerTokenServices tokenServices() {
        DefaultTokenServices defaultTokenServices = new DefaultTokenServices();
        defaultTokenServices.setClientDetailsService(clientDetailsService);
        defaultTokenServices.setSupportRefreshToken(true);
        defaultTokenServices.setTokenStore(tokenStore);
        defaultTokenServices.setAccessTokenValiditySeconds(5673);
        defaultTokenServices.setRefreshTokenValiditySeconds(123456);
        return defaultTokenServices;
    }

    @Bean
    public AuthorizationCodeServices authorizationCodeServices(){
        return new InMemoryAuthorizationCodeServices();
    }

    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .formLogin();
    }
}

jwt配置

defaultTokenServices.setTokenStore(tokenStore);后面加上

defaultTokenServices.setTokenEnhancer(accessTokenConverter);

资源服务器

ResourceServerConfig资源服务器配置

正常配置

package cn.sdadgz.resourceServer;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;

/**
 * 资源服务器配置
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/26 16:45:16
 */
@EnableResourceServer
@Configuration
@RequiredArgsConstructor
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {

    private final ResourceServerTokenServices tokenService;

    @Override
    public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
        resources
                .resourceId("/test")
                .tokenServices(tokenService) // 验证令牌
                .stateless(true); // 无状态，不存token
    }

    @Override
    public void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/**")
                .access("#oauth2.hasScope('all')")
                .and().csrf().disable()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
    }
}

jwt配置

注释掉.tokenServices(tokenService)，加上

.tokenStore(tokenStore)

WebSecurity安全配置

package cn.sdadgz.resourceServer;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.oauth2.provider.token.RemoteTokenServices;
import org.springframework.security.oauth2.provider.token.ResourceServerTokenServices;

/**
 * 安全配置
 *
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/3/26 16:54:32
 */
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Bean
    public ResourceServerTokenServices tokenServices(){
        RemoteTokenServices services = new RemoteTokenServices();
        services.setCheckTokenEndpointUrl("http://localhost:30002/oauth/check_token");
        services.setClientId("client1");
        services.setClientSecret("123456");
        return services;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                .authorizeRequests()
                .antMatchers("/test/**")
                .authenticated()
                .anyRequest().permitAll();
    }
}

认证模式

client_credentials客户端模式

不安全，内部系统使用

1	{{base_url}}/oauth/token?client_id=client1&client_secret=123456&grant_type=client_credentials

password密码模式

安全了一点，还是内部

2023-10-25

spel入门

终于学到了网上都找不到资源的地方了。。。这大抵已经到终点了

这东西以后再说

2023-10-25

springSecurity入门

依赖

<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
</dependency>

镇

1677239193793

添加登录及权限

我怎么感觉有点麻烦呢，又是经典白学？

controller

@PostMapping("/login")
public String login(@RequestBody User user) {
    // 内部使用 UserDetailsService 查询用户，正确返回信息 错误返回空（大概）
    UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword());
    // 取出刚才返回信息的内部存储的 UserDetails
    Authentication authenticate = authenticationManager.authenticate(usernamePasswordAuthenticationToken);

    if (Objects.isNull(authenticate)) {
        throw new RuntimeException("用户名或密码错误");
    }

    LoginUser principal = (LoginUser) authenticate.getPrincipal();
    System.out.println(principal);

    // 返回一个token，在 JwtAuthenticationTokenFilter 中根据这个token获取权限和信息
    return JwtUtil.createToken(principal.getUsername(), principal.getPassword());
}

在那些东西之前的jwt

package cn.sdadgz.security;

import cn.sdadgz.entity.User;
import cn.sdadgz.service.IUserService;
import lombok.RequiredArgsConstructor;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import org.springframework.web.filter.OncePerRequestFilter;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Collections;
import java.util.Objects;

/**
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/2/24 14:46:16
 */
@Component
@RequiredArgsConstructor
public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {

    private final IUserService userService;

    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        String token = request.getHeader("token");
        if (Objects.isNull(token)) {
            // 没有token，放行
            filterChain.doFilter(request, response);
            return;
        }

        // todo 获取用户，这里先写死
        // 这里本应是根据刚才的token从redis中取到权限信息和用户
        User user = userService.getById(4);
        LoginUser loginUser = new LoginUser(user);
        loginUser.setPermissions(Collections.singletonList("test"));

        // 授权，从数据库中获取
        UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null,/* 授权 */ loginUser.getAuthorities());
        SecurityContextHolder.getContext().setAuthentication(usernamePasswordAuthenticationToken);
        // 放行
        filterChain.doFilter(request, response);
    }
}

controller登录调用的UserDetailsService

package cn.sdadgz.security;

import cn.sdadgz.entity.User;
import cn.sdadgz.service.IUserService;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import java.util.Collections;
import java.util.Objects;

/**
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/2/22 19:46:57
 */
@Service
@RequiredArgsConstructor
public class UserDetailServiceImpl implements UserDetailsService {

    private final IUserService userService;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        LambdaQueryWrapper<User> wrapper = new LambdaQueryWrapper<>();
        wrapper.eq(User::getUsername, username);
        User user = userService.getOne(wrapper);
        if (Objects.isNull(user)) {
            throw new RuntimeException("用户名或密码错误");
        }
        return new LoginUser(user, Collections.singletonList("test")); // todo 从数据库中获取权限信息
    }
}

UserDetailsServcie使用的UserDetails

package cn.sdadgz.security;

import cn.sdadgz.entity.User;
import lombok.*;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;

/**
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/2/22 21:15:04
 */
@Getter
@Setter
@NoArgsConstructor
public class LoginUser implements UserDetails {

    private User user;

    private List<String> permissions;

    public LoginUser(User user) {
        this.user = user;
    }

    public LoginUser(User user, List<String> permissions) {
        this.user = user;
        this.permissions = permissions;
    }

    // 授权
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return permissions.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList());
    }

    // 获取密码
    @Override
    public String getPassword() {
        return user.getPassword();
    }

    // 获取用户名
    @Override
    public String getUsername() {
        return user.getUsername();
    }

    // 是否在期
    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    // true放行
    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    // true放行
    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    // 是否可用
    @Override
    public boolean isEnabled() {
        return true;
    }
}

配置

package cn.sdadgz.security;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.configuration.EnableGlobalAuthentication;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfiguration;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

/**
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/2/23 19:33:51
 */
@RequiredArgsConstructor
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    private final JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
    private final AuthenticationEntryPoint authenticationEntryPoint;
    private final AccessDeniedHandler accessDeniedHandler;

    // 使用这个加密密码
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    // 将authenticationManagerBean注入到容器中
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    // 配置，我看不懂
    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        super.configure(http);
        // 必要配置
        http.csrf().disable()
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) // session设置
                .and() // 结束上述设置
                .authorizeRequests() // 放行设置
                .antMatchers("/user/login", "/user/register").anonymous() // 未登录可访问
                .anyRequest().authenticated(); // 类 '/**' 全部拦截

        // 添加过滤器，过滤jwt伪造及过期
        http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);

        // 添加异常处理
        http.exceptionHandling()
                .accessDeniedHandler(accessDeniedHandler)
                .authenticationEntryPoint(authenticationEntryPoint);

        // 允许跨域
        http.cors();
    }
}

使用登录的信息

所有授权信息都在jwt的那里添加，config拦截未授权的访问

退出登录

删了redis中的用户信息
jwt那里发现取不到redis值
抛出用户未登录
结束

权限注解

配置文件加上@EnableGlobalMethodSecurity(prePostEnabled = true)注解，去掉冗余的@Configuration注解
需要特定权限的controller设置 @PreAuthorize("hasAuthority('test')")

或

同上第一步
。。。设置@PreAuthorize("@[my.compoment].hasAuthority('test')")

自定义权限验证类

package cn.sdadgz.security;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;

import java.util.Collection;
import java.util.List;

/**
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/2/26 15:01:14
 */
@Component
public class Ex {
    public static boolean hasAuthority(String auth){
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        LoginUser loginUser = (LoginUser) authentication.getPrincipal();
        // 我觉得可以这样写
        Collection<? extends GrantedAuthority> authorities = authentication.getAuthorities();
        // 他的写法
        List<String> permissions = loginUser.getPermissions();

        // todo 自定义验证

        return true;
    }
}

其他

登录成功处理器
登录失败处理器
登出成功处理器
。。。

例一：

需要在配置中加上对应配置，似乎像是废话

package cn.sdadgz.security;

import cn.hutool.json.JSON;
import cn.hutool.json.JSONUtil;
import cn.sdadgz.exception.MyException;
import cn.sdadgz.utils.WebUtil;
import org.springframework.http.codec.cbor.Jackson2CborEncoder;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandler;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/2/25 13:57:07
 */
@Component
public class AccessDeniedHandlerImpl implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws MyException {
        String json = JSONUtil.toJsonStr("权限不足");
        WebUtil.renderString(response, json);
    }
}

例二：

package cn.sdadgz.security;

import cn.hutool.json.JSONUtil;
import cn.sdadgz.exception.MyException;
import cn.sdadgz.utils.WebUtil;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * <p>
 * 废物本物
 * </p>
 *
 * @author sdadgz
 * @since 2023/2/25 11:51:09
 */
@Component
public class AuthenticationEntryPointImpl implements AuthenticationEntryPoint {
    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws MyException {
        String json = JSONUtil.toJsonStr("认证失败");
        WebUtil.renderString(response, json);
    }
}

2023-10-25

窗口跑外边去了

问题

最小化动画能看到从屏幕外缩小
win+tab能看看到跑去屏幕外边去了

解决

通过上面获取到具体卡到哪个外面了
alt+tab选中
alt+space调出选项
选择移动
按方向键往回拉
骂一句傻逼win

法二

鼠标放到最下任务栏
鼠标放到预览窗
右键
移动
拉回来
骂一句傻逼win

转移不动特殊文件夹

移动文档位置时发生的问题

解决方法：删除文档中的Default.rdp

快捷键冲突

Release OpenArk v1.3.0 · BlackINT3/OpenArk (github.com)

管理员方式启动
看看谁占用了
删了快捷键
不行？？？删了他不要了

2023-10-25

skywalking入门

2023-10-25

gateway入门

依赖

<!--    gateway    -->
<dependency>
    <groupId>org.springframework.cloud</groupId>
    <artifactId>spring-cloud-starter-gateway</artifactId>
</dependency>
<dependency>
    <groupId>com.alibaba.cloud</groupId>
    <artifactId>spring-cloud-alibaba-sentinel-gateway</artifactId>
</dependency>

<!--   scope改test使该依赖仅在test文件夹下生效，从而优雅的去掉web依赖，十分优雅     -->
<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
    <scope>test</scope>
</dependency>

配置文件

繁文缛节

spring:
  cloud:
    gateway:
      routes:
        - id: config_route
          uri: lb://config # 负载均衡nacos
          predicates:
            - Path=/config-server/** # 访问前缀
          filters:
            - StripPrefix=1 # 去掉访问前缀

简化了繁文缛节

spring:
  cloud:
    gateway:
      discovery:
        locator:
          enabled: true # 服务名作为前缀

繁文缛节展开

predicates 不要加空格

- After=2023/02/17T13:02:01.666+8:00[Asia/Shanghai]
- Between=2023/02/17T13:02:01.666+8:00[Asia/Shanghai], 2023/02/18T13:02:01.666+8:00[Asia/Shanghai]
- Before=…..
- Header=X-Request-Id, \d+ // 支持正则
- Host=**.sdadgz.cn, **.s.cn
- Method=GET,POST
- Path=/config-server/{id}/**
- Query=green // url?green=1&red=2
- Query=green,red // url?green=red 支持正则
- Weight=group1, 8 // 分组组名，权重

自定义我不想学，长大后再学习

创建 *RoutePredicateFactory 继承AbstractRoutePredicateFactory<CheckAuthRoutePredicateFactory.Config>
@Component注解

跨域我们的老朋友

spring:
  cloud:
	gateway:
      globalcors:
        cors-configurations:
          '[/**]':
            allowedOrigins: "*"
            allowedMethods:
              - GET
              - POST
              - PUT
              - OPTION
              - DELETE

2023-10-25

bat典本

chip 65001 或 chcp 65001，编码改utf-8
[cmd] && [cmd]，前面成了再执行后面

2023-10-25

seata入门

部署

官网下releases，不要用官方镜像部署，手动部署（centos）

Releases · seata/seata (github.com)

梦幻联动nacos

前提

官网下载releases源码，找到script文件夹

config.txt配置

scritpt -> config-cente 点进去

config.txt照官网修改

store.mode=db
store.db.driverClassName=com.mysql.cj.jdbc.Driver
store.db.url=jdbc:mysql://sdadgz.cn:3307/seata?useUnicode=true&rewriteBatchedStatements=true
store.db.user=root
store.db.password=123456

service.vgroupMapping.my_test_tx_group=default

其中 my_test_tx_group 对应 resource.application.yaml 中 seata.tx-service-group

default 对应 seata服务端registry.conf 中 registry -> nacos -> cluster

config.txt上载

scritpt -> config-center -> nacos 点进去

# win
sh .\nacos-config.sh -h sdadgz.cn -p 8849 -g SEATA_GROUP -t test
# 参数说明
	-h host
	-p port
	-g group
	-t namespase

梦幻联动mysql

服务端

创个数据库

script -> server -> db -> mysql.sql

客户端

每个使用的表都需要放一个，例：user表

script -> client -> at -> db -> mysql.sql

依赖

<dependency>
    <groupId>com.alibaba.cloud</groupId>
    <artifactId>spring-cloud-starter-alibaba-seata</artifactId>
</dependency>

启动项

@EnableTransactionManagement

配置文件

seata:
  tx-service-group: my_test_tx_group
  registry:
    type: nacos
    nacos:
      server-addr: sdadgz.cn:8849
      application: seata-server
      username: nacos
      password: sdadgz.cn
      group: SEATA_GROUP
      namespace: test
  config:
    type: nacos
    nacos:
      server-addr: sdadgz.cn:8849 # 哪个傻逼没指定server-addr然后找了半天bug
      group: SEATA_GROUP
      namespace: test
      username: nacos
      password: sdadgz.cn

2023-10-25

spring-cloud-alibaba入门

依赖

固定内容

<dependencyManagement>
    <dependencies>
        <!--  spring-cloud-alibaba  -->
        <dependency>
            <groupId>com.alibaba.cloud</groupId>
            <artifactId>spring-cloud-alibaba-dependencies</artifactId>
            <version>2021.0.1.0</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>

        <!--   springboot     -->
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-parent</artifactId>
            <version>2.6.3</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>

        <!--   spring-cloud 离谱，他居然找不到，换maven版本解决  -->
        <dependency>
            <groupId>org.springframework.cloud</groupId>
            <artifactId>spring-cloud-dependencies</artifactId>
            <version>2021.0.1</version>
            <type>pom</type>
            <scope>import</scope>
        </dependency>
    </dependencies>
</dependencyManagement>

<build>
    <plugins>
        <plugin>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-maven-plugin</artifactId>
        </plugin>
    </plugins>
</build>

百度地图api入门

申请ak

整合vue

api

大多数

少数

问题

报错

和官网不一致

oauth入门

认证服务器

依赖

认证服务器

token存储

uuid存储

jwt存储

UserDetails用户

UserDetialsService用户查询

WebsecurityConfig安全配置

正常配置

jwt配置

资源服务器

ResourceServerConfig资源服务器配置

正常配置

jwt配置

WebSecurity安全配置

认证模式

client_credentials客户端模式

password密码模式

spel入门

springSecurity入门

依赖

镇

添加登录及权限

controller

在那些东西之前的jwt

controller登录调用的UserDetailsService

UserDetailsServcie使用的UserDetails

配置

使用登录的信息

退出登录

权限注解

自定义权限验证类

其他

例一：

例二：

窗口跑外边去了

问题

解决

法二

转移不动特殊文件夹

快捷键冲突

skywalking入门

gateway入门

依赖

配置文件

繁文缛节展开

predicates 不要加空格

自定义 我不想学，长大后再学习

跨域 我们的老朋友

bat典本

seata入门

部署

梦幻联动nacos

前提

config.txt配置

config.txt上载

梦幻联动mysql

服务端

客户端

依赖

启动项

配置文件

spring-cloud-alibaba入门

依赖

自定义我不想学，长大后再学习

跨域我们的老朋友