hwf453
/
weather
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '85fc23a80e'
${ noResults }
weather/SpringCloud/auth/authentication-server/docs/权限校验.md

59 lines
2.3 KiB
Markdown
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# 权限校验
## 核心理念
建立用户-组-权限资源的关系,对用户进行鉴权
[![o4WeAI.png](https://s1.ax1x.com/2021/12/10/o4WeAI.png)](https://imgtu.com/i/o4WeAI)
## 鉴权流程
### 在权限表permission中插入资源信息
```sql
INSERT INTO permission (id, res_type, area, res_full_path, res_full_name, operation_bit, expire_date, created_time,
updated_time, created_by, updated_by)
VALUES (101, 'hive', 'china', '/test.db/test', '/测试库/测试表', 'select', '2099-12-26 10:45:26', now(), now(),
'system', 'system'),
(102, 'hive', 'china', '/test.db/test1', '/测试库/测试表1', 'select', '2099-12-26 10:45:26', now(), now(),
'system', 'system'),
(103, 'hive', 'china', '/test.db', '/测试库', 'select', '2099-12-26 10:45:26', now(), now(),
'system', 'system');
```
### 在组-权限表建立连接
```sql
INSERT INTO group_permission_relation (id, group_id, permission_id, created_time, updated_time, created_by, updated_by)
VALUES (1, 101, 101, now(), now(), 'system', 'system'),
(2, 101, 102, now(), now(), 'system', 'system'),
(3, 101, 103, now(), now(), 'system', 'system'),
(4, 102, 101, now(), now(), 'system', 'system'),
(5, 102, 102, now(), now(), 'system', 'system'),
(6, 103, 101, now(), now(), 'system', 'system'),
(7, 103, 102, now(), now(), 'system', 'system'),
(8, 103, 103, now(), now(), 'system', 'system');
```
### 访问接口进行鉴权
```shell
curl --location --request POST 'http://127.0.0.1:8443/authentication-server/auth/data/permission' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX25hbWUiOiJhZG1pbiIsInNjb3BlIjpbInJlYWQiXSwib3JnYW5pemF0aW9uIjoiYWRtaW4iLCJleHAiOjE2MzkwNzQ1MTMsImF1dGhvcml0aWVzIjpbIkFETUlOIl0sImp0aSI6IllsVVhlV2d1VFBRbGdmSHYyY0VGOC1seEVGRSIsImNsaWVudF9pZCI6InRlc3RfY2xpZW50In0.1JqUvfv5i9wd9F7hWYW-Xafoc5bh9tFEupIoVYW09nU' \
--header 'User-Agent: apifox/1.0.0 (https://www.apifox.cn)' \
--header 'Content-Type: application/json' \
--data-raw '{
"resFullName": "/测试库/测试表",
"area": "china",
"resType": "hive",
"operationBit": "select",
"resFullPath": "/test.db/test",
"groupCode": "101"
}'
```
[![o4WzrQ.png](https://s1.ax1x.com/2021/12/10/o4WzrQ.png)](https://imgtu.com/i/o4WzrQ)
Reference in New Issue View Git Blame Copy Permalink