提供URL级别的访问保护#12
Open
Kirhhoff wants to merge 1 commit intoSCUT-StudentUnion:masterfrom
Kirhhoff:master
Open
Conversation
因为只需要一个Admin 所以我干了。。。 我把那个WeChatProperties类单独摘出来放成了一个类, 除了登陆账号、密码我还添加了。。 --loginURL Login界面的URL --loginSuccess 登陆成功以后的默认跳转页面,可以被覆盖 --loginError 登陆失败的跳转页面 --logoutURL 登出的页面 这些我全加到了WeChatProperties类的成员里面 所以还需要在we-chat的属性里面再加上这几个URL 我设成了NotNull 总之,如果只需要一个admin,应该只改application配置文件就可以了
Member
|
年代有些久远了。。 首先thymeleaf和我们没啥关系把,为啥要依赖它?spring boot项目的话,应该可以直接依赖spring boot弄好的spring-boot-starter-security吧。 另外,WeChatProperties里的appId 和 secret是用来和微信的服务器做认证用的呀,不是管理员的用户名和密码。 |
Member
|
如果直接用它的这个登录机制的话,那登录信息应该是写在cookie里的吧?那可不能把csrf给禁用了呀。。要么想个办法让csrf和jwt共存,要么就管理员登录也用jwt? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
因为只需要一个Admin
所以我干了。。。
我把那个WeChatProperties类单独摘出来放成了一个类,
除了登陆账号、密码我还添加了。。
--loginURL
Login界面的URL
--loginSuccess
登陆成功以后的默认跳转页面,可以被覆盖
--loginError
登陆失败的跳转页面
--logoutURL
登出的页面
这些我全加到了WeChatProperties类的成员里面
所以还需要在we-chat的属性里面再加上这几个URL
我设成了NotNull
总之,如果只需要一个admin,应该只改application配置文件就可以了