GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → PuZhiweizuishuai → SpringSecurity-JWT-Vue-Deom

PuZhiweizuishuai / SpringSecurity-JWT-Vue-Deom

Licence: MIT license
A demonstration of stateless JWT authentication with Spring Security, Spring Boot and Vue js

Programming Languages

java
68154 projects - #9 most used programming language
Vue
7211 projects
javascript
184084 projects - #8 most used programming language
HTML
75241 projects

Labels

jwtvuespringbootspringsecurity

Projects that are alternatives of or similar to SpringSecurity-JWT-Vue-Deom

coupons
淘宝客项目,支持App,微信小程序,QQ小程序
Stars: ✭ 392 (+295.96%)
Mutual labels:  springboot, springsecurity
webauthn-demo
WebAuthn demo with Ionic/Angular and Spring Boot
Stars: ✭ 22 (-77.78%)
Mutual labels:  springboot, springsecurity
springboot-chapter
🚀Spring Boot 2.0基础教程。主流框架整合,实践学习案例。
Stars: ✭ 23 (-76.77%)
Mutual labels:  springboot, springsecurity
HumanResources
Account Registration and Confirmation. Exception Handling. Caching with Redis.Mail sender by Apache Kafka.Notification send with RabbitMq.
Stars: ✭ 19 (-80.81%)
Mutual labels:  springboot, springsecurity
spring-security-passwordless
Passwordless authentication example application using Spring Boot and Spring Security
Stars: ✭ 112 (+13.13%)
Mutual labels:  springboot, springsecurity
NBlog
🍓 Spring Boot + Vue 前后端分离博客系统 https://naccl.top
Stars: ✭ 700 (+607.07%)
Mutual labels:  springboot, springsecurity
Java-CS-Record
记录准备春招实习过程中,学习与复习的知识(模块化整理,非面试题速成)。注:暂停更新,后续请移步博客
Stars: ✭ 73 (-26.26%)
Mutual labels:  springboot
backlog-board
This is Kanban Board connected to Backlog
Stars: ✭ 18 (-81.82%)
Mutual labels:  springboot
Jyami-Java-Lab
💻 Jyami의 Spring boot 및 Java 실험소 💻
Stars: ✭ 27 (-72.73%)
Mutual labels:  springboot
vm-engine
vm-engine为“微视频”网站的后端,java语言开发。涉及技术包括,springboot,springcloud,mybaties,docker,websocket,rabbitmq,redis等。
Stars: ✭ 57 (-42.42%)
Mutual labels:  springboot
springsecuritydemo
使用javaconfig的方式整合SpringMVC+Mybatis+SpringSecurity实现基于数据库的权限系统,包括对按钮的权限控制。
Stars: ✭ 84 (-15.15%)
Mutual labels:  springsecurity
demo springboot with mybatis
No description or website provided.
Stars: ✭ 17 (-82.83%)
Mutual labels:  springboot
WebDAVServerSamplesJava
WebDAV server examples in Java based on IT Hit WebDAV Server Library for Java
Stars: ✭ 38 (-61.62%)
Mutual labels:  springboot
shik
shik项目基于springcloud微服务搭建的分布式项目。搭建了shik-config云公共配置,通过shik-RA服务注册发现各个模块,通过shik-zuul路由转发与统一接口。并整合了包括mybatis,jpa,jedis,quartz,freemarker和layui等多个模块,支持spring-session二级域名共享session,使用了RESTful方式提供api接口
Stars: ✭ 89 (-10.1%)
Mutual labels:  springboot
Spring-Boot-Reference-Guide
Spring Boot Reference Guide 2.0 中文翻译 -《Spring Boot参考指南》
Stars: ✭ 219 (+121.21%)
Mutual labels:  springboot
spring-boot-kotlin-example
Building web applications with Spring Boot and Kotlin
Stars: ✭ 17 (-82.83%)
Mutual labels:  springboot
docker-api-graphql
GraphQL API wrapper around the Docker Remote API. SpringBoot-based app, written in Kotlin
Stars: ✭ 13 (-86.87%)
Mutual labels:  springboot
shopping-kill
商品秒杀系统(限时抢购系统),包含商城展示与后台管理,主要技术有:springboot、redis、zookeeper、rabbitmq、sms通知、email通知。该项目为21年毕设设计项目,其中融入基本目前所使用的框架与技术。PS:The system includes the display and backstage management of the mall. The main technologies are: springboot, redis, zookeeper, rabbitmq, SMS notification and email notification. The project is a 21-year completed design project, …
Stars: ✭ 31 (-68.69%)
Mutual labels:  springboot
smile-monitor-starter
Microservice system monitoring
Stars: ✭ 49 (-50.51%)
Mutual labels:  springboot
creek
使用Spring Security + JWT Token + RBAC的方式实现认证和授权,持久层使用Mybatis plus。避免每次重复编写认证和授权功能、角色管理、异常处理、参数校验等代码,直接上手业务代码,不再烦恼于构建项目与风格统一。
Stars: ✭ 21 (-78.79%)
Mutual labels:  springboot
View All Similar Projects ➔

JWT Spring Boot Security

Chinese Documents 中文文档

About

This is a demonstration of stateless token-based authentication using JSON Web Token and CSRF protection, Spring Security, Spring Boot and Vue js.

Technology Stack

Component Technology
Frontend Vue.js 2
Backend (REST) SpringBoot (Java)
Security Token Based (Spring Security, JJWT, CSRF)
Client Build Tools vue-cli, Webpack, npm
Server Build Tools Maven

Quick start

Run Environment: Java11, Node 12, Maven3

Clone this project

git clone https://github.com/PuZhiweizuishuai/SpringSecurity-JWT-Vue-Deom.git

Run back end server

cd spring-security-jwt
mvn clean package

Then

java -jar target/security-0.0.1-SNAPSHOT.jar

Run front end server

cd vue
npm install

Then

npm run serve

Final

Open

http://127.0.0.1:8080

Screenshots

主页

登陆

管理员页

Security

JWT token

To generating and verifying JWT I use JJWT. JJWT – a self-contained Java library providing end-to-end JSON Web Tokens creation and verification.

JWT storing strategy

We have a couple of options where to store the token:

HTML5 Web Storage (localStorage or sessionStorage) Cookies

Main problem of Web Storage

It is accessible through JavaScript on the same domain. This means that any JavaScript running on your site will have access to web storage, and because of this can be vulnerable to cross-site scripting (XSS) attacks.

So, to prevent XSS I store the JWT token in a Http-Only/Secure cookie. Cookies, when used with the HttpOnly cookie flag, are not accessible through JavaScript, and are immune to XSS.

CSRF attack

However, cookies are vulnerable to a different type of attack: cross-site request forgery (CSRF). A CSRF attack is a type of attack that occurs when a malicious web site, email, or blog causes a user’s web browser to perform an unwanted action on a trusted site on which the user is currently authenticated.

To prevent CSRF attacks, we must create an extra Javascript readable cookie which is called: XSRF-TOKEN. This cookie must be created when the user is logged in and should contain a random, un-guessable string. Every time the JavaScript application wants to make a request, it will need to read this token and send it along in a custom HTTP header.

Reference document

Spring Security Reference

Vue.js

Dependency software

mavonEditor

element ui

Copyright and license

The code is released under the MIT license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].