stayhsfLee / guard Public

Notifications You must be signed in to change notification settings
Fork 0
Star 0

Guard is a framework to manage sign in and authority checks;

Apache-2.0 license

0 stars 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 35 Commits
guard-core		guard-core
guard-demo		guard-demo
guard-web		guard-web
.gitignore		.gitignore
LICENSE.txt		LICENSE.txt
README.md		README.md
design.md		design.md
install.sh		install.sh
pom.xml		pom.xml
pom.xml.versionsBackup		pom.xml.versionsBackup
release-demo.xml		release-demo.xml
release.xml		release.xml
updateversion.sh		updateversion.sh

Repository files navigation

Guard

Guard是一个集成登录控制和权限控制的框架. Guard is a framework to manage sign in and authority checks;

Guard是基于jwt的控制框架,致力于方便用户统一管理web和app端的用户以及相应的登录和权限.

Guard配置

在web.xml中加入相应filter
配置好guard.config
自己按照标准实现GuardService

Guard启动:

首先在web.xml加入Guard Filter
Guard初始化:
- Guard.init()
- 首先初始化config的init()
- 之后查找用户实现的guardService
  - 根据用户实现的service导入角色,权限等信息
  - 对角色,权限进行匹配
  - 加进缓存
Guard登录过程:
- 用户直接调用Guard.signin(...)进行登录
- 登录:
  - 根据用户实现的service获得账户信息,并且按照客户实现的密码匹配方式进行request中的密码和数据库中的密码进行匹配
  - 登陆成功返回token对象,否则返回null
- 往http header添加jwt,往cache中添加token
Guard验证过程:
- 首先根据request path判断该请求是否需要被验证
- 如需验证,则看http header是否有合法的jwt
- 验证cache中是否已有相应jwt
- 验证权限是否可以请求该path
- 放行 or 401 or 403

About

Guard is a framework to manage sign in and authority checks;

Apache-2.0 license

Report repository

Releases

No releases published

Packages

No packages published

Languages