How to implement SpringBoot single sign-on

1. Specific implementation steps

Add an interceptor, set UUID as a unique identifier, and store it in the database

Query through the account of the current login

If the current If the UUID value stored in the user's session is the same as the UUID value in our database, pass

Otherwise, return false, indicating that the user has logged in on another device or browser

2. Code display

First we create a new Spring project

Add the following dependencies

yml configuration file

server:
port: 8080
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
url: jdbc:mysql://127.0.0.1:3306 /userdb?characterEncoding=utf-8&&severTimezone=utc
username: root
password: root
thymeleaf:
mode: HTML5
cache: false
suffix: .html
prefix : classpath:/templates/
mybatis:
Mapper-locations: classpath:/mapper/*.xml #Introduce mapper files
type-aliases-package: com.bdqn.springsso.pojo #Introduce type aliases

pom.xml configuration file

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>2.7.5</version>
        <relativePath/> <!-- lookup parent from repository -->
    </parent>
    <groupId>com.bdqn</groupId>
    <artifactId>springsso</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <name>springsso</name>
    <description>Demo project for Spring Boot</description>
    <properties>
        <java.version>1.8</java.version>
    </properties>
    <dependencies>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-thymeleaf</artifactId>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
        </dependency>
        <dependency>
            <groupId>org.mybatis.spring.boot</groupId>
            <artifactId>mybatis-spring-boot-starter</artifactId>
            <version>2.2.2</version>
        </dependency>
        <dependency>
            <groupId>com.mysql</groupId>
            <artifactId>mysql-connector-j</artifactId>
            <scope>runtime</scope>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <optional>true</optional>
        </dependency>
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-test</artifactId>
            <scope>test</scope>
        </dependency>
    </dependencies>
    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <excludes>
                        <exclude>
                            <groupId>org.projectlombok</groupId>
                            <artifactId>lombok</artifactId>
                        </exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>
</project>

Backend code

Create the following packages in the java directory, and create the mapper package in resources

First write the pojo layer entity class User

Note: When creating a table in MySQL, the data type of uuid is varchar, and the length must be larger, otherwise it will run Report an error

package com.bdqn.springsso.pojo;
import lombok.Data;
@Data
public class User {
    //用户id
    private Integer id;
    //账户
    private String username;
    //密码
    private String password;
    //uuid
    private String uuid;
}

Then write the mapper layer UserMapper interface

package com.bdqn.springsso.mapper;
import com.bdqn.springsso.pojo.User;
import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
@Mapper
public interface UserMapper {
    //根据姓名和密码查询
    User chekLogin(@Param("username") String username, @Param("password") String password);
    //根据姓名修改uuid
    void update(@Param("uuid") String uuid,@Param("username") String username);
    //根据姓名查询uuid
    String getUUID(@Param("username") String username);
}

Then write the service layer UserService and UserServiceImpl

package com.bdqn.springsso.service;
import com.bdqn.springsso.pojo.User;
public interface UserService {
    //根据姓名和密码查询
    User chekLogin(String username, String password);
    //根据姓名修改uuid
    void update(String uuid,String username);
}

package com.bdqn.springsso.service;
import com.bdqn.springsso.mapper.UserMapper;
import com.bdqn.springsso.pojo.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@Service
public class UserServiceImpl implements UserService {
    @Autowired
    private UserMapper userMapper;
    @Override
    public User chekLogin(String username, String password) {
        return userMapper.chekLogin(username,password);
    }
    @Override
    public void update(String uuid,String username) {
        userMapper.update(uuid,username);
    }
}

Then write the interceptor layer UserInterceptor interceptor

package com.bdqn.springsso.interceptor;
import com.bdqn.springsso.mapper.UserMapper;
import org.springframework.web.servlet.HandlerInterceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
public class UserInterceptor implements HandlerInterceptor {
    private UserMapper userMapper;
    public UserInterceptor(UserMapper userMapper){
        this.userMapper=userMapper;
    }
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        HttpSession session = request.getSession();
        String username = (String) session.getAttribute("username");
        //数据库
        String UUID=userMapper.getUUID(username);
        //session
        String uuid = (String)session.getAttribute("uuid");
        System.out.println("uuid = " + uuid);
        System.out.println("UUID = " + UUID);
        if(UUID.equals(uuid)){
            return true;
        }else  {
            System.out.println("拦截"+request.getRequestURI());
            response.sendRedirect("/login");
            response.setStatus(401);
            return false;
        }
    }
}

Then the controller layer UserController

package com.bdqn.springsso.controller;
import com.bdqn.springsso.pojo.User;
import com.bdqn.springsso.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
import java.util.UUID;
@Controller
@CrossOrigin
public class UserController {
    @Autowired
    private UserService userService;
    //登录
    @RequestMapping("/")
    public String goLogin(){
        return "login";
    }
    //登录验证
    @RequestMapping("/login")
    public String chekLogin(String username, String password, HttpSession session){
        User user=userService.chekLogin(username,password);
        if (user==null){
            return  "login";
        }else {
            session.setAttribute("username",username);
            String uuid= UUID.randomUUID().toString().replace("-", "");
            System.out.println("uuid = " + uuid);
            userService.update(uuid,username);
            session.setAttribute("uuid",uuid);
            return "index";
        }
    }
    //测试
    @RequestMapping("/test")
    @ResponseBody
    public String test(){
        return "成功";
    }
}

Then the writing of the config layer MvcConfig

package com.bdqn.springsso.config;
import com.bdqn.springsso.interceptor.UserInterceptor;
import com.bdqn.springsso.mapper.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
@Configuration
public class MvcConfig implements WebMvcConfigurer {
    @Autowired
    private UserMapper userMapper;
    @Override
    public void addInterceptors(InterceptorRegistry registry) {
        //添加拦截器，排除/路径和 /login路径
        registry.addInterceptor(new UserInterceptor(userMapper))
                .excludePathPatterns("/","/login");
    }
}

The last is the writing of userMapper.xml

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.bdqn.springsso.mapper.UserMapper">
    <update id="update">
        update user set uuid=#{uuid} where username=#{username}
    </update>
    <select id="chekLogin" resultType="com.bdqn.springsso.pojo.User">
        select * from user where username=#{username} and password=#{password}
    </select>
    <select id="getUUID" resultType="java.lang.String">
        select uuid from user where username=#{username}
    </select>
</mapper>

The front-end code

login.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
  <meta charset="UTF-8">
  <title>Login Module</title>
</head>
<body>
<h2 >欢迎来到登录页面</h2>
<form  th:action="@{/login}" method="post">
  用户：<input type="text" name="username"><br>
  密码：<input type="password" name="password"><br>
  <button type="submit">登录</button>
</form>
</body>
</html>

index.html

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h2>登录成功</h2>
<a th:href="@{/test}" rel="external nofollow" >测试</a>
</body>
</html>

Effect display

First we use Firefox browser to operate

Enter http:// localhost:8080/Enter the login page

##Click to log in

Click to test

Then we return to the login success page

Use Google Chrome to enter http://localhost:8080/ to log in

After logging in, you will enter the login success page

At this time we return to the Firefox browser

Click the test hyperlink to find that the page jumps to the login page

Indicates that the single sign-on test was successful

The above is the detailed content of How to implement SpringBoot single sign-on. For more information, please follow other related articles on the PHP Chinese website!