We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authorization的格式,对于JWT标准写法应该是Bearer格式吧,而我发现代码中确要求传username。 其他问题: 这个jwt的依赖是否能设置token的超时时间?
能否增加注解@hasRole的支持
@hasRole
The text was updated successfully, but these errors were encountered:
第一个问题:官方规范的话是使用Bearer格式,不过我之所以是要使用username是因为我要通过username来校验用户的token是否合法,这个你可以看看我的逻辑处理。其实这一块不一定要按照规范来的嘛,只要你能保证最后鉴权能成功,没有权限漏洞即可。
第二个问题:JWT的token超时时间是支持的,你看看JWT的文档吧。
第三个问题:我刚刚发现shiro官方有shiro-spring-boot-web-starter的整合包,有时间我会重新写下教程,到时候也能很方便的实现注解等功能。顺便那个token鉴权方式我也会重新改写的,写好了会告诉你的。
shiro-spring-boot-web-starter
Sorry, something went wrong.
好的谢谢
教程更新了,你可以看看
No branches or pull requests
Authorization的格式,对于JWT标准写法应该是Bearer格式吧,而我发现代码中确要求传username。
其他问题:
这个jwt的依赖是否能设置token的超时时间?
能否增加注解
@hasRole
的支持The text was updated successfully, but these errors were encountered: