Project Name: SA-Token Project author: Domara Community Open Source License agreement: Apache-2.0 Project Address: gitee.com/dromara/sa-…

Project introduction

Sa-token is a lightweight Java permission authentication framework, which mainly solves a series of permission related problems such as login authentication, permission authentication, Session Session, single sign-on (SSO), and OAuth2.0.

Framework integration is simple, out of the box, API design is clean, with Sa-Token, you will implement the permissions part of the system in a very simple way.

Functional structure diagram

Certification flow chart

Project features

  • The API is easy to use, well documented, and provides straightforward integration examples.
  • Support three modes, whether cross domain, whether share Redis, can be perfectly resolved.
  • High security: Built-in domain name verification, Ticket verification, and secret key verification, preventing common attacks such as Ticket hijacking and Token theft (This document describes attack principles and defense methods)
  • No parameter loss: The author has tested several single sign-on frameworks, and all have parameter loss, for example, before redirection:http://a.com?id=1&name=2After logging in successfully, it becomes:http://a.com?id=1, Sa - Token - SSOThere are special algorithms to ensure that the parameters are not lost, after successful login to return to the original page
  • Seamless integration: Since sa-Token itself is a privilege authentication framework, you can solve the privilege authentication + single sign-on problem with only one framework, so you don’t have to search everywhere: how to integrate XXX single sign-on with XXX privilege authentication……
  • Highly customizable: The Sa-token-SSO module is very non-intrusive to the code architecture. Combined with sa-Token’s own routing interception feature, you can easily customize the development

Code sample

Login Authentication Example

// Write the account ID of the current session at login
StpUtil.login(10001);

// Then call the following API wherever you want to validate the login
// If the current session is not logged in, this code throws a NotLoginException exception
StpUtil.checkLogin();

Copy the code

Permission Authentication Example

@SaCheckPermission("user:add")
@RequestMapping("/user/insert")
public String insert(SysUser user) {
	// ... 
	return "User increase";
}

Copy the code

One line of code implements functionality

StpUtil.login(10001);                     // Marks the id of the current session login account
StpUtil.getLoginId();                     // Obtain the id of the current session login account
StpUtil.isLogin();                        // Gets whether the current session is logged in, returning true or false
StpUtil.logout();                         // The current session is logged out
StpUtil.logoutByLoginId(10001);           // Log out of the session with account 10001
StpUtil.hasRole("super-admin");           // Checks whether the current account contains the specified role id. Returns true or false
StpUtil.hasPermission("user:add");        // Check whether the current account has specified permissions. Return true or false
StpUtil.getSession();                     // Get the Session of the current account ID
StpUtil.getSessionByLoginId(10001);       // Obtain the Session whose id is 10001
StpUtil.getTokenValueByLoginId(10001);    // Obtain the token value of account 10001
StpUtil.login(10001."PC");               // Specify device id to log in
StpUtil.logoutByLoginId(10001."PC");     // Specify device id to forcibly log out (different ends are not affected)
StpUtil.switchTo(10044);                  // Temporarily switch the current session id to another account

Copy the code

If you want to know more detailed project information, then click the link to go to the project home page to have a look, at the same time, the author is very welcome new requirements and open source construction, if you like it, don’t forget to give a Star: gitee.com/dromara/sa-…