Comments (2)
安全性没验证过。不过token过期拿userid我做过类似需求。
利用sa-token自定义token的功能SaStrategy.instance.createToken();
比如我的token格式是:uuid+aes(userId)。这样即使过期了,只要能拿到前端传的token,我也能解密拿到userId。不过没验证有没有安全问题。仅供参考
from sa-token.
安全性没验证过。不过token过期拿userid我做过类似需求。 利用sa-token自定义token的功能SaStrategy.instance.createToken(); 比如我的token格式是:uuid+aes(userId)。这样即使过期了,只要能拿到前端传的token,我也能解密拿到userId。不过没验证有没有安全问题。仅供参考
很有参考价值,谢谢
from sa-token.
Related Issues (20)
- 云原生网关下如何进行鉴权
- 自定义SaTokenDao实现,无法序列化SaSession HOT 2
- sa-token 是否会推出OIDC协议 实现的案例呢 HOT 5
- StpUtil.login(loginUser.getUserId()); 报错SaTokenContextException: 未能获取有效的上下文 HOT 1
- 单元测试-未能获取有效的上下文处理器 HOT 1
- 框架集成redis的时候使用redis-om-spring包 HOT 2
- 同一个账号登录多次后,在登录失效或退出时,该账号相关缓存没法全部清空问题
- quick-login插件不支持spring boot 3.2.0
- renewTimeout是续期还是覆盖?
- 未能获取有效的上下文 HOT 5
- oauth2 - 密码登录 PasswordGrantTypeHandler 不支持自定义错误信息 HOT 1
- 国际化 HOT 2
- 国际化的问题
- SaInterceptor拦截器中功能未生效
- 使用Satoken + SpringCloudGateWay + knife4j 异常
- oauth模块 oidc 在application.yml 中 sa-token.oauth2-server.oidc 项的值不会生效 HOT 1
- 1、oauth2 时 可以像 jwt 一样 无状态登录。 2、删除缓存时增加通配符,目前缓存删除通配符*无效。
- satoken 在过滤特殊字符时返回非法请求,但是状态码是200的问题 HOT 5
- SaTokenListener 自定义全局侦听器加载顺序问题 HOT 3
- SaToken增加webFlux框架下获取各类MediaType的body参数工具类 HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sa-token.