Sa-token, a line of code to handle login authorization!

preface

In the Java world, there are many excellent authorization frameworks, such as Apache Shiro, Spring Security, and so on. These frames have a strong background, a long history and a relatively complete ecology.

However, at the same time, these frameworks are not perfect. In the Internet era, when the separation of front and background has become standard, many of the design concepts of these old frameworks have lagged behind and cannot fit perfectly with our project.

Today, I want to introduce this framework, specially for the front and background separation architecture, powerful, easy to use – SA-Token.

What is an SA-token?

Sa-token is a lightweight Java permission authentication framework, which mainly solves a series of permission related problems, such as login authentication, permission authentication, and Session Session

The sa-token API calls are simple and can be used for login authorization in one line of code.

1. Add POM dependencies

	<! -- Sa-Token permission authentication: http://sa-token.dev33.cn/ -->
	<dependency>
		<groupId>cn.dev33</groupId>
		<artifactId>sa-token-spring-boot-starter</artifactId>
		<version>1.12.0</version>
	</dependency>
Copy the code

2. Invoke the framework API to log in

// After the user account password is successfully verified, the following API is directly invoked for login authorization
StpUtil.setLoginId(10001); 
Copy the code

So far, we have completed login authorization with sa-Token framework!

Your little head might be full of question marks. Is that it? What about custom Realms? What about global filters? Don’t I have to write various configuration files?

In fact, I can safely tell you that in sa-Token, login authorization is so simple that no global filters are required and no configuration is required! With this one line API call, session login authorization is complete!

When you’ve had enough of Shiro, Security, and the like, you’ll realize how refreshing sa-Token’s API design is compared to those traditional frameworks.

Refuse to introduce complex concepts, take the actual business needs as the first goal for directional breakthrough, sa-Token business needs to do what, do not engage in a variety of lofty concepts in the fog, to simplify complexity as the first goal!

In addition to the above login authorization, sa-Token can also perform the following functions in one line of code:

StpUtil.setLoginId(10001);          // Marks the id of the current session login account
StpUtil.getLoginId();               // Obtain the id of the current session login account
StpUtil.isLogin();                  // Gets whether the current session is logged in, returning true or false
StpUtil.logout();                   // The current session is logged out
StpUtil.logoutByLoginId(10001);     // Log out of the session with account 10001
StpUtil.hasRole("super-admin");     // Checks whether the current account contains the specified role id. Returns true or false
StpUtil.hasPermission("user:add");  // Check whether the current account has specified permissions. Return true or false
StpUtil.getSession();               // Get the Session of the current account ID
StpUtil.getSessionByLoginId(10001); // Obtain the Session whose id is 10001
StpUtil.getTokenValueByLoginId(10001);  // Obtain the token value of account 10001
StpUtil.setLoginId(10001."PC");        // Specify device id to log in
StpUtil.logoutByLoginId(10001."PC");   // Specify device id to forcibly log out (different ends are not affected)
StpUtil.switchTo(10044);                // Temporarily switch the current session id to another account
Copy the code

There are many SA-Token apis. Please note that we cannot show you all of them here. The above examples are only a small sample of the framework’s capabilities.

In the SA-Token, common functions related to login authentication, such as kicking people out, automatic renewal, and mutually exclusive login, can be invoked in one line of code

With that in mind, I will introduce the various other powerful capabilities of the Sa-Token framework in the following sections

If you feel that the article is written well, please do not hesitate to point a thumbs-up for the article, your support is the biggest power of my update!

Finally, attach the project link:

Official documentation: sa-token.dev33.cn/
Gitee open Source address: gitee.com/sz6/sa-toke…
GitHub open Source: github.com/click33/sa-…

Sa-token, a line of code to handle login authorization!

preface

What is an SA-token?

1. Add POM dependencies

2. Invoke the framework API to log in

Related Posts

The Spring framework summarizes the “very detailed”, do not believe you can not learn!

160. Intersecting linked lists

JVM family of loading processes – custom class loaders