Sa-Token
After the experience of the first two articles, I have initially touched sa-token login, exit, presence detection, and the implementation of front-end and back-end separation. This time, let's experience some of the common configurations of Sa-Token.
sa-toekn.token-name token name
The first is the token-name used earlier, token-name is used to specify the name of the token, if not specified, the default name is satoken, let's delete all the configurations to test it.
Only the port configuration is left
At this time, perform the login and view the returned content
The default tokenName
We can see that the default token name is satoken, and we can specify the token name we need by modifying the token-name configuration
sa-token:
token-name: token Sign in again
The name of the token that was modified
sa-toekn.timeout
Timeout time, the default is 30 days, the unit is seconds, let's configure a 5-second timeout to verify whether it is easy to use
sa-token:
token-name: token
timeout: 5 Perform a login and view the login status
Login successful
Check the login status again after 5 seconds
Timed out of the line
sa-toekn.activity-timeout temporary timeout
Official introduction
To be honest, I'm a little happy to see this introduction, because I've developed a similar business, but what could be more comfortable than the framework itself? Comment out the timeout period, plus set the temporary validity period to 5s and test another wave.
Log in first, and then check the login status many times, no accident after 5s dropped the line [crying can't make a sound], quickly look at the document, the document reads: In each direct or indirect call getLoginId() when an expiration check and renewal operation. Think about it, after all, in the interface that requires identity authentication, each access must obtain the user ID, there is no problem, for the time being, first get the ID in the check login status interface to return, modify the code and then test.
// 查询登录状态,浏览器访问: http://localhost:9999/user/isLogin
@RequestMapping("isLogin")
public String isLogin() {
return "当前会话是否登录:" + StpUtil.isLogin() + (StpUtil.isLogin() ? "登录的Id:"+StpUtil.getLoginId() : "") ;
} This time, there was no problem, and in the process of constantly re-requesting the interface, there was no drop in the line
Refresh the interface
After 5s no operation, refresh again
Timeout dropped
At this time, it drops normally, which is really convenient. After testing the feature, modify it to a common timeout period, and start testing additional configurations.
sa-toekn.is-concurrent concurrent login with the same account (multiple logins)
This configuration is also a commonly used configuration, some systems are only allowed to log in on one device at the same time with the same account, some systems do not have such restrictions, and now the configuration is added:
sa-token:
# 是否允许同一账号并发登录
is-concurrent: true Then use the two browsers to perform the login separately and check the login status
You can see that both browsers are successfully logged in and get the same token value, check the login status
Login status
It is also possible to get the same login information, which we modified to false and run again
sa-token:
# 是否允许同一账号并发登录
is-concurrent: false First perform the login separately
Logon conditions
Then check the login status separately
Login status
It is certain that the one who logged in first has been squeezed offline
sa-toekn.is-share Whether the same account is logged in concurrently and shares the token
This is also a very practical function, if you want the same account to enjoy a separate timeout time, device label, etc. when logging in with different devices, you can not share tokens, on the contrary, you can use the token to ensure that the account logs out, all devices go offline at the same time, increasing security.
More configurations
The official documentation provides a detailed table of configuration items, and those who are interested can go to view the documentation, which can be said to be very practical.
| Parameter name | type | The default value | illustrate |
| tokenName | String | satoken | token name (also cookie name) |
| timeout | long | 2592000 | Token validity period, unit / second Default 30 days, -1 represents permanent validity Reference: Token validity period detailed explanation |
| activityTimeout | -1 | Token temporary validity period (no operation within the specified time is considered token expiration) Unit: seconds, default -1 means unlimited (for example, can be set to 1800 means no operation within 30 minutes to expire) Reference: Token validity period detailed | |
| isConcurrent | Boolean | true | Whether to allow concurrent logins to the same account (allow login together when true, squeeze out old logins when new logins are false) |
| isShare | Whether multiple logins share a token when multiple people log in to the same account (all logins share a token when true, and create a new token for each login when false) | ||
| isReadBody | Whether to attempt to read the token from the request body | ||
| isReadHead | Whether to try to read the Token from the header | ||
| isReadCookie | Whether to try to read the token from the cookie | ||
| tokenStyle | uuid | Token style, reference: custom token style | |
| dataRefreshPeriod | int | 30 | The default dao layer implementation class, the time (in seconds) between each cleansing of expired data, the default value of 30 seconds, is set to -1 to not start scheduled cleanup |
| tokenSessionCheckLogin | Whether you must log in when getting Token-Session (if configured as true, it verifies whether you are logged in each time you get Token-Session) | ||
| autoRenew | Turn on auto-renew (if this value is true, the framework will make an expiration check and renewal operation every time getLoginId() is called directly or indirectly) | ||
| tokenPrefix | null | token prefix, e.g. fill in bearer actual reference satoken: Bearer xxxx-xxxx-xxxx-xxxx Reference: custom Token prefix | |
| isPrint | Whether to print a version of the character drawing when initializing the configuration | ||
| isLog | false | Whether to print the operation log | |
| jwtSecretKey | jwt key (this parameter takes effect only when the sa-token-temp-jwt module is integrated) | ||
| idTokenTimeout | 86400 | Validity period of Id-Token (in seconds) | |
| basic | "" | Account and password for Http Basic authentication Reference: Http Basic authentication | |
| currDomain | Configures the network access address for the current project | ||
| checkIdToken | Check Id-Token (some rpc plugins are valid) | ||
| sso | Object | new SaSsoConfig() | SSO single sign-on related configuration |
| cookie | new SaCookieConfig() | Cookie configuration object |