Use interface development framework
jeecg itself is based on Spring MVC framework built, so using Spring MVC framework RESTful API functions to interface development is a matter of course.
Stop and authentication interface
As with ordinary interception request, also utilizes the Interceptor Spring MVC mechanism intercepts the request interface, implemented in the logic of this class preHandle org.jeecgframework.jwt.aop.RestAuthTokenInterceptor () method. As can be seen from the code, the user's identity is the string X-AUTH-TOKEN request placed in advance, the authentication event is the use of JWT (JSON web token) specifications achieved.
In addition to the interception of the url, jeecg also implements the interface level permissions authorization management, refer to the specific implementation code demo of com.jeecg.black.controller.TsBlackListController in this class. In the first line of code specific interface, we can see a call the following methods:
org.jeecgframework.web.system.util.InterfaceUtil.getInterfaceRuleDto(HttpServletRequest request,InterfaceEnum interfaceEnum);
InterfaceEnum class is an enumeration of the interface, demo in order to facilitate the presentation, all the interfaces directly on the file to define the class, the class main code is as follows:
public enum InterfaceEnum {
blacklist_list("blacklist_list", "黑名单列表查询", "/rest/tsBlackListController", "GET", 1), blacklist_get("blacklist_get", "黑名单单条数据查询", "/rest/tsBlackListController/{id}", "GET", 2), blacklist_add("blacklist_add", "黑名单添加", "/rest/tsBlackListController", "POST", 3), blacklist_edit("blacklist_edit", "黑名单编辑", "/rest/tsBlackListController", "PUT", 4), blacklist_delete("blacklist_delete", "黑名单删除", "/rest/tsBlackListController/{id}", "DELETE", 5); /** * 接口编码 */ private String code; /** * 接口名称 */ private String name; /** * 接口url */ private String url; /** * 接口请求方式 */ private String method; /** * 接口排序 */ private Integer sort; private InterfaceEnum(String code, String name, String url, String method, Integer sort) { this.code = code; this.name = name; this.url = url; this.method = method; this.sort = sort; } ... } Each interface corresponds to an enumerated type, in getInterfaceRuleDto () method in the current user can check whether the code is granted permissions to the corresponding enumeration type. The grant of rights management with the ordinary menu interface similar to the interface privileges, and also supports setting permissions data, implement the principle of authority can refer to the article I wrote before relevant about.
to sum up
jeecg broadly consistent with the principles of the realization of the principle of common page implementation of the interface, providing interface mode mainly for docking with third-party systems, allowing third-party system call interface to easily manipulate the data. Thus, jeecg framework introduces JWT token way to implement check access rights. Due to the different usage scenarios interface with the general page usage scenarios, so do individual interfaces specifically for a set of rights management logic, it can be said to achieve the two sets of parallel rights management in a management system, respectively, for the interface and general page, but realization of logic and processes are similar.
These are the simple analysis of the realization of the principle of jeecg interface development framework and authority, hoping to have a little bit of inspiration and reference for readers thinking about interface design, develop and manage.
Author: Living Language code
link: https: //www.jianshu.com/p/9fb12455730b
Source: Jane book
Jane book copyright reserved by the authors, are reproduced in any form, please contact the author to obtain authorization and indicate the source.