如何使用 spring 引导登录/注销?
[英]How to log in/ log out using spring boot?
问题描述
I'm trying to make log in and log out system with spring boot, I have a database class that contains users info, I register users using HTTP requests in POSTMAN, my question is how I can log in and log out users with GUI/Web/HTML, only in POSTMAN, and prevent users to request a specific URL unless they are logged in? 
I'm trying to make log in and log out system with spring boot, I have a database class that contains users info, I register users using HTTP requests in POSTMAN, my question is how I can log in and log out users with GUI/ Web/HTML,仅在 POSTMAN 中,并阻止用户请求特定的 URL,除非他们已登录?
2 个解决方案
解决方案1
0 2020-04-20 12:06:59
If you are using spring, you should take a look to spring security.如果您使用的是 spring,则应查看 spring 安全性。 This for example is a tutorial explaining how to set up a login form using spring security例如,这是一个说明如何使用 spring 安全性设置登录表单的教程
https://www.baeldung.com/spring-security-login https://www.baeldung.com/spring-security-login
In addition to this, yo cannot prevent a user to make a request but using spring security you can check if a specific user has the credentials to perform an operation using a cookie, or token...除此之外,您不能阻止用户发出请求,但使用 spring 安全性,您可以检查特定用户是否具有使用 cookie 或令牌执行操作的凭据...
解决方案2
0 2020-04-20 12:08:40
It depends on how much infrastructure you are willing to implement.这取决于您愿意实施多少基础设施。 I would say that a minimum control could be based on a simple filter that verifies the session or autehtication already active, and endpoints to authenticate and set that session and other destroy it.我想说,最小控制可以基于一个简单的过滤器,该过滤器验证 session 或身份验证已经激活,并且端点来验证和设置 session 和其他破坏它。 But if you need a little more (and probably you will) it would be worth directly think of doing a minimal spring security integration and implement the standard但是,如果您需要更多(可能您会),那么值得直接考虑做一个最小的 spring 安全集成并实施标准
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.