{"id":37023293,"url":"https://github.com/reinershir/lui-auth","last_synced_at":"2026-01-14T02:47:42.625Z","repository":{"id":49884142,"uuid":"313545825","full_name":"reinershir/lui-auth","owner":"reinershir","description":"一个使用简单的安全防护、权限验证、身份验证工具，无复杂配置，只需依赖jar并简单配置即可使用，目前拥有功能：角色、菜单、权限集成管理，IP限流，内部服务双向验证、自动打印请求日志等。  A simple and secure protection tool that is easy to use, with permission verification and identity authentication. No complex configuration is required, just rely on the jar file and simple configuration to use it.","archived":false,"fork":false,"pushed_at":"2024-12-02T13:23:54.000Z","size":253,"stargazers_count":18,"open_issues_count":0,"forks_count":6,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-12-02T14:31:33.156Z","etag":null,"topics":["authentication-backend","lui-auth","modified-preorder-tree-traversal","permission","security"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/reinershir.png","metadata":{"files":{"readme":"README.jp.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-11-17T07:52:30.000Z","updated_at":"2024-12-02T13:23:57.000Z","dependencies_parsed_at":"2022-09-26T16:31:14.977Z","dependency_job_id":"9e903f0f-ac6e-401a-b5a1-808cd329e5f9","html_url":"https://github.com/reinershir/lui-auth","commit_stats":null,"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"purl":"pkg:github/reinershir/lui-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reinershir%2Flui-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reinershir%2Flui-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reinershir%2Flui-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reinershir%2Flui-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/reinershir","download_url":"https://codeload.github.com/reinershir/lui-auth/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/reinershir%2Flui-auth/sbom","scorecard":{"id":769400,"data":{"date":"2025-08-18","repo":{"name":"github.com/reinershir/lui-auth","commit":"bcb7fd83d6f672787ecadea800b60ab84736924d"},"scorecard":{"version":"v5.2.1-41-g40576783","commit":"40576783fda6698350fcbbeaea760ff827433034"},"score":1.7,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#binary-artifacts"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#sast"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 1.2.4 not signed: https://api.github.com/repos/reinershir/lui-auth/releases/108714336","Warn: release artifact 1.2.0 not signed: https://api.github.com/repos/reinershir/lui-auth/releases/44260881","Warn: release artifact 1.0.1 not signed: https://api.github.com/repos/reinershir/lui-auth/releases/40928733","Warn: release artifact 0.1.3 not signed: https://api.github.com/repos/reinershir/lui-auth/releases/36024924","Warn: release artifact 0.1.0 not signed: https://api.github.com/repos/reinershir/lui-auth/releases/35452933","Warn: release artifact 1.2.4 does not have provenance: https://api.github.com/repos/reinershir/lui-auth/releases/108714336","Warn: release artifact 1.2.0 does not have provenance: https://api.github.com/repos/reinershir/lui-auth/releases/44260881","Warn: release artifact 1.0.1 does not have provenance: https://api.github.com/repos/reinershir/lui-auth/releases/40928733","Warn: release artifact 0.1.3 does not have provenance: https://api.github.com/repos/reinershir/lui-auth/releases/36024924","Warn: release artifact 0.1.0 does not have provenance: https://api.github.com/repos/reinershir/lui-auth/releases/35452933"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"29 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-5mg8-w23w-74h3","Warn: Project is vulnerable to: GHSA-7g45-4rm6-3mm3","Warn: Project is vulnerable to: GHSA-27hp-xhwr-wr2m","Warn: Project is vulnerable to: GHSA-3p2h-wqq4-wf4h","Warn: Project is vulnerable to: GHSA-5j33-cvvr-w245","Warn: Project is vulnerable to: GHSA-7w75-32cg-r6g2","Warn: Project is vulnerable to: GHSA-83qj-6fr2-vhqg","Warn: Project is vulnerable to: GHSA-fccv-jmmp-qg76","Warn: Project is vulnerable to: GHSA-ff77-26x5-69cr","Warn: Project is vulnerable to: GHSA-g8pj-r55q-5c2v","Warn: Project is vulnerable to: GHSA-h2fw-rfh5-95r3","Warn: Project is vulnerable to: GHSA-h3gc-qfqq-6h8f","Warn: Project is vulnerable to: GHSA-q3mw-pvr8-9ggc","Warn: Project is vulnerable to: GHSA-qppj-fm5r-hxr3","Warn: Project is vulnerable to: GHSA-r6j3-px5g-cq3x","Warn: Project is vulnerable to: GHSA-wc4r-xq3c-5cf3","Warn: Project is vulnerable to: GHSA-wm9w-rjj3-j356","Warn: Project is vulnerable to: GHSA-rc42-6c7j-7h5r","Warn: Project is vulnerable to: GHSA-4gc7-5j7h-4qph","Warn: Project is vulnerable to: GHSA-4wp7-92pw-q264","Warn: Project is vulnerable to: GHSA-2rmj-mq67-h97g","Warn: Project is vulnerable to: GHSA-2wrp-6fg6-hmc5","Warn: Project is vulnerable to: GHSA-6r3c-xf4w-jxjm","Warn: Project is vulnerable to: GHSA-ccgv-vj62-xf9h","Warn: Project is vulnerable to: GHSA-hgjh-9rj2-g67j","Warn: Project is vulnerable to: GHSA-cx7f-g6mp-7hqm","Warn: Project is vulnerable to: GHSA-g5vr-rgqm-vf78","Warn: Project is vulnerable to: GHSA-v94h-hvhg-mf9h","Warn: Project is vulnerable to: GHSA-mjmj-j48q-9wg2"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/40576783fda6698350fcbbeaea760ff827433034/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T01:49:09.103Z","repository_id":49884142,"created_at":"2025-08-23T01:49:09.104Z","updated_at":"2025-08-23T01:49:09.104Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408737,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authentication-backend","lui-auth","modified-preorder-tree-traversal","permission","security"],"created_at":"2026-01-14T02:47:40.475Z","updated_at":"2026-01-14T02:47:42.616Z","avatar_url":"https://github.com/reinershir.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# lui-auth\n\n\u003cdiv align=\"center\"\u003e\n  \u003cp\u003e\n  \u003c/p\u003e\n\n[**简体中文**](README.zh.md) |[**English**](README.md) | **日本語**\n\n\u003c/div\u003e\n\nSpring Bootのシンプルな認証ツールで、ロール、メニュー、権限の機能を統合しています。プロジェクトのダウンロードや複雑な設定は必要ありません。単にjarファイルに依存し、簡単な設定を行うだけで使用することができます。フレームワークや複雑な依存関係を使いたくない場合に非常に便利です。\n\n以下は特徴です：`\u003cbr/\u003e`\n\n1. シンプルな設定`\u003cbr/\u003e`\n2. メニュー、ロール、権限管理の統合`\u003cbr/\u003e`\n3. 同じアカウントで一人しかログインできない制約サポート`\u003cbr/\u003e`\n4. アノテーションを使用した権限マーキングによるコードへの影響低減`\u003cbr/\u003e`\n5. 権限情報の保存にRedisを使用`\u003cbr/\u003e`\n6. 無制限階層ツリー形式のメニュー管理（左右値木構造）で効率的なクエリ処理\n\n#### 前提条件\n\n* Spring Bootバージョン2.0以上\n* Redisバージョン5.0以上\n* spring-boot-starter-data-redis依存関係\n* JDKバージョン1.8以上\n* MYSQLバージョン5.7以上またはORACLE\n\n#### サンプル\n\nシンプルな例のリポジトリ：https://github.com/reinershir/lui-auth-examp\n\n# 使用開始\n\n## 依存関係を追加\n\n```xml\n\u003cdependency\u003e\n\t\u003cgroupId\u003eio.github.reinershir.auth\u003c/groupId\u003e\n\t\u003cartifactId\u003elui-auth\u003c/artifactId\u003e\n\t\u003cversion\u003e1.2.4-RELEASE\u003c/version\u003e\n\u003c/dependency\u003e\n\n\u003cdependency\u003e\n\t\u003cgroupId\u003eorg.springframework.boot\u003c/groupId\u003e\n\t\u003cartifactId\u003espring-boot-starter-data-redis\u003c/artifactId\u003e\n\u003c/dependency\u003e\n\n```\n\nif using spring boot 3.0 + :\n\n```xml\n\u003cdependency\u003e\n\t\u003cgroupId\u003eio.github.reinershir.auth\u003c/groupId\u003e\n\t\u003cartifactId\u003elui-auth\u003c/artifactId\u003e\n\t\u003cversion\u003e2.0.1\u003c/version\u003e\n\u003c/dependency\u003e\n\n\u003cdependency\u003e\n\t\u003cgroupId\u003eorg.springframework.boot\u003c/groupId\u003e\n\t\u003cartifactId\u003espring-boot-starter-data-redis\u003c/artifactId\u003e\n\u003c/dependency\u003e\n```\n\n## 起動クラスにアノテーションのスイッチを追加\n\nプロジェクトの起動クラスに@EnableAuthenticationアノテーションのスイッチを追加してください。\n\n```java\n@SpringBootApplication\n@EnableAuthentication\npublic class Application {\n\n\tpublic static void main(String[] args) {\n\t\tApplication.run(Application.class, args);\n\t}\n}\n```\n\n## Redisの接続情報とトークンの暗号化キーを設定する\n\n```yml\nspring:\n  redis:\n    database: 0\n    host: 127.0.0.1\n    port: 6379\n    password: pwd123\n    timeout: 3000\n\nlui-auth:\n  authrizationConfig:\n    administratorId: 1 # スーパーアドミンユーザーID。ロールが全て削除された場合でもログインできるようにするため、このユーザーIDはすべての権限を持つ。\n    tokenSalt: yorTokenSalt # トークン生成用ソルト\n    tokenExpireTime: 1800 # デフォルトでは30分後にトークンが無効になる。単位は秒。\n  intergrateConfig:\n    enable:true # 統合されたロール・メニュー管理機能を使用する場合、3つのテーブルが自動的に作成され、CRUDインタフェースが提供されます。\n  securityConfig:\n    enableRequestLog:true　# リクエストログ出力を有効化します。\n    bindIp:false　# IPアドレスごとに異なるトークンを必要とする場合はtrueに設定してください。\n```\n\n## インターセプタの設定方法\n\n以下はSpring Bootでの設定方法です：\n\n```java\n@EnableWebMvc\npublic class WebMvcConfig  implements WebMvcConfigurer {\n\n\t@Autowired(required=false)\n\tAuthenticationInterceptor authenticationInterceptor;\n\n\t@Override\n    public void addInterceptors(InterceptorRegistry registry) {\n\t\tif(authenticationInterceptor!=null){\n\t\t\tregistry.addInterceptor(authenticationInterceptor);\n\t\t}\n    }\n```\n\n## 鉴权が必要なインターフェースに注釈を追加する\n\nインターセプターは、@PermissionMappingのvalue=TESTのような権限コードを使用して、インターフェースにマークされた権限を検証します。例えば、testインターフェースで@PermissionがOptionType.LISTに設定されている場合、権限コードは次のようになります： TEST:LIST\n\n権限コードはカスタマイズ可能です。例えば、「@Permission(name = \"テストインターフェース\", value = OptionType.CUSTOM, customPermissionCode = \"MYCUSTOM\")」というように指定することもできます。この場合、メニュー管理の権限コード欄に「TEST:MYCUSTOM」と入力し、ユーザーにこの権限を付与することができます。\n\n「value=OptionType.LOGIN」と設定されている場合は、有効なトークンさえ持っていればアクセス可能です。\n\n以下は簡単な例です：\n\n```java\n@RequestMapping(\"menus\")\n@RestController\n@PermissionMapping(value=\"MENU\")\npublic class MenuController {\n\t@Permission(name = \"菜单列表\",value = OptionType.LIST)\n\t@GetMapping\n\tpublic ResultDTO list(){\n\t\t//...                                          \n\t}\n}\n```\n\n上記の例では、権限コードはMENU:LISTであり、このインターフェースを一意に識別するためにメニューフィールドに入力されます。\n\n#### 一般ユーザーの権限設定\n\n**各ユーザーに対して個別の権限を割り当てる必要がない場合は、このステップをスキップし、最後のステップに進んでください**\n\n一般ユーザーは、`@Permission`アノテーションで指定した権限コードをメニュー管理に追加し、そのメニューの権限を付与されることで正当なアクセスが可能となります。ただし、「超級管理者」はこの制約の影響を受けません。\n\n##### メニュー追加例\n\n```java\n\t@Autowired\n  \tAuthorizeManager authorizeManager;\n\n\t@Permission(name = \"添加菜单\",value = OptionType.ADD)\n\t@PostMapping\n\tpublic ResultDTO\u003cObject\u003e addMenu(@Validated @RequestBody MenuDTO menu,@RequestParam(value=\"parentId\",required = false) Long parentId){\n\t\t//...\n\t\t//parentIdは親メニューのIDであり、省略可能です。\n\t\tauthorizeManager.getMenuAccess().insertMenu(menu,parentId)\n\t\t//...\n\t}\n```\n\nMenuDTO对象内容：\n\n```java\npublic class MenuVO implements Serializable{\n\n\tprivate Long id;\n\n\tprivate String name;\n\n\tprivate String url;\n\n\tprivate String icon;\n\n\t/**\n\t * メニューにアクセスするための権限コードは、@PermissionMapping + @Permissionの値で設定されます。例えば、USER:ADDです。\n\t */\n\tprivate String permissionCodes;\n\n\tprivate String description;\n\n\tprivate String property;\n\n\t//省略get set\n```\n\n##### ユーザーにメニューコードをバインドする例は以下の通りです。\n\n```java\n  @Autowired\n  AuthorizeManager authorizeManager;\n\n  //...\n  @Permission(name = \"添加角色\",value = OptionType.ADD)\n\t@PostMapping\n\tpublic ResultDTO\u003cObject\u003e addRole(@Validated @RequestBody RoleDTO roleDTO){\n\t\t//保存角色时绑定菜单ID\n\t\tauthorizeManager.getRoleAccess().insert(roleDTO,roleDTO.getMenuIds()));\n\t\t//...\n\t\t//或者修改角色时改变菜单ID\n\t\tauthorizeManager.getRoleAccess().updateById(roleDTO, roleDTO.getMenuIds()\n\t}\n```\n\nRoleDTO内容：\n\n```java\n  public class RoleDTO extends io.github.reinershir.auth.core.model.Role{\n\t//前端传过来的菜单ID\n\tprivate ArrayList\u003cLong\u003e menuIds;\n\n\tpublic ArrayList\u003cLong\u003e getMenuIds() {\n\t\treturn menuIds;\n\t}\n\n\tpublic void setMenuIds(ArrayList\u003cLong\u003e menuIds) {\n\t\tthis.menuIds = menuIds;\n\t} \n}\n```\n\n## 最後のステップ、トークンの生成\n\nログインインターフェースでアカウントとパスワードの検証が完了した後、以下のインターフェースを呼び出してトークンを生成し、フロントエンドに返します。\n\n```java\n@RestController\n@RequestMapping(\"user\")\npublic class LoginController {\n@Autowired\nAuthorizeManager authorizeManager;\n@PostMapping(\"login\")\npublic Object login(@RequestBody LoginInfoDTO loginInfo) {\n  // ログイン検証が完了したら\n  String userId = \"ユーザーID\";\n  Sint userType = 1; // ユーザータイプマーク\n  String token = authorizeManager.generateToken(userId, userType); // ID={administratorId} の場合はすべての権限を持つことになります。\n  // 統合メニューや役割管理を使用している場合、このメソッドでユーザーに関連付けられたメニュー権限を取得することができます。\n  List\u003cMenu\u003e menus = authorizeManager.getMenusByUser(userId);\n  return token;\n}\n\n}\n\n```\n\nフロントエンドからトークンを送信する際は、httpヘッダに次のように追加する必要があります：Access-Token: ログインインターフェースから返されたトークン。デフォルトではHeader Nameは\"Access-Token\"です。\n\nHeader Name を設定する必要があります。\n\n```yml\nlui-auth:\n  authrizationConfig: \n    tokenHeaderName: X-Access-Token\n```\n\n# その他の説明\n\n## トークンからユーザーIDを取得する方法\n\nまず、オブジェクトをインジェクションします。\n\n```java\n@Autowired(required = false)\nAuthorizeManager authorizeManager;\n\n```\n\n根据request对象获取\n\n```java\n@GetMapping\npublic Result\u003cString\u003e getUserId(HttpServletRequest request){\n\t\tString userId = authorizeManager.getTokenInfo(request).getUserId();\n}\n```\n\n## トークンIPバインディングモード\n\n設定ファイル内：\n\n```yml\nlui-auth:\n  securityConfig:\n    bindIp: true\n```\n\n生成token時には、バインドする必要のあるIPを渡します：\n\n```java\n\n//SecurityUtil.getIpAddress(request) は、バインドするIPに置き換えられます\nString token = authorizeManager.generateToken(userId,userType,SecurityUtil.getIpAddress(request));\n```\n\n## 自動生成テーブル\n\n`intergrateConfig.enable=true` を有効にすると、3つのテーブルが自動的に生成されます。それぞれ役割テーブル、メニューテーブル、役割権限テーブルであり、これらのテーブルは追加、削除、更新、検索のインタフェースを提供します。\n\n*権限チェックをスキップする方法：*\n\n* 1. コントローラーおよびメソッドに注釈を付けない\n* 2. コントローラークラスに注釈を付けて個別のインタフェースをスキップする,例：\n\n```java\n@Permission(OptionType.SKIP)\npublic Result\u003cString\u003e login(){\n  //...\n}\n```\n\n## ロール、メニューセットの機能使用例\n\n### ロールテーブルの追加、削除、変更、検索インターフェースの例\n\n```java\n@RequestMapping(\"roles\")\n@RestController\n@PermissionMapping(value=ROLE)\npublic class RoleController {\n\n\n\tRoleAccess roleAccess;\n\t@Autowired\n\tpublic RoleController(AuthorizeManager authorizeManager) {\n\t\tthis.roleAccess=authorizeManager.getRoleAccess();\n\t}\n\n\t@Permission(name = \"角色列表\",value = OptionType.LIST)\n\t@GetMapping\n\tpublic ResultDTO\u003cPageBean\u003cRole\u003e\u003e list(@Validated PageReqDTO reqDTO){\n\t\tList\u003cio.github.reinershir.auth.core.model.Role\u003e list = roleAccess.selectList(reqDTO.getPage(), reqDTO.getPageSize());\n\t\tLong count = roleAccess.selectCount(null);\n\t\treturn ResponseUtil.generateSuccessDTO(new PageBean\u003c\u003e(reqDTO.getPage(),reqDTO.getPageSize(),count,list));\n\t}\n\n\t@Permission(name = \"添加角色\",value = OptionType.ADD)\n\t@PostMapping\n\tpublic ResultDTO\u003cObject\u003e addRole(@Validated @RequestBody RoleDTO dto){\n\t\tif(roleAccess.insert(dto,dto.getRolePermissions())\u003e0) {\n\t\t\treturn ResponseUtil.generateSuccessDTO();\n\t\t}\n\t\treturn ResponseUtil.generateFaileDTO(\"添加失败！\");\n\t}\n\n\t@Permission(name = \"修改角色信息\",value = OptionType.UPDATE)\n\t@PatchMapping\n\tpublic ResultDTO\u003cObject\u003e updateUser(@Validated(value = ValidateGroups.UpdateGroup.class) @RequestBody RoleDTO roleDTO){\n\t\tif(roleAccess.updateById(roleDTO, roleDTO.getMenuIds())\u003e0) {\n\t\t\treturn ResponseUtil.generateSuccessDTO();\n\t\t}\n\t\treturn ResponseUtil.generateFaileDTO(\"修改失败！\");\n\t}\n\n\t@Permission(name = \"删除角色\",value = OptionType.DELETE)\n\t@DeleteMapping(\"/{id}\")\n\tpublic ResultDTO\u003cObject\u003e delete(@PathVariable(\"id\") Long id){\n\t\tif(roleAccess.deleteById(id)\u003e0) {\n\t\t\treturn ResponseUtil.generateSuccessDTO(\"删除成功！\");\n\t\t}\n\t\treturn ResponseUtil.generateFaileDTO(\"修改失败！\");\n\t}\n\n\t@Permission(name = \"查询角色所绑定的菜单权限\",value = OptionType.CUSTOM,customPermissionCode = \"ROLE_PERMISSION\")\n\t@GetMapping(\"/{roleId}/rolePermissions\")\n\tpublic ResultDTO\u003cList\u003cRolePermission\u003e\u003e getRolePermissionsById(@PathVariable(\"roleId\") Long roleId){\n\t\treturn ResponseUtil.generateSuccessDTO(roleAccess.selectRolePermissionByRole(roleId));\n\t}\n}\n\n\n\n```\n\n### メニューテーブルインタフェースの使用例\n\n```java\n@RequestMapping(\"menus\")\n@RestController\n@PermissionMapping(value=MENU)\npublic class MenuController {\n\n\n\tMenuAccess MenuAccess;\n\t@Autowired\n\tpublic MenuController(AuthorizeManager authorizeManager) {\n\t\tthis.MenuAccess=authorizeManager.getMenuAccess();\n\t}\n\n\t@Permission(name = \"菜单列表\",value = OptionType.LIST)\n\t@GetMapping\n\tpublic ResultDTO\u003cList\u003cMenu\u003e\u003e list(@RequestParam(value=\"parentId\",required = false) Long parentId){\n\t\treturn ResponseUtil.generateSuccessDTO(MenuAccess.qureyList(parentId));\n\t}\n\n\t@Permission(name = \"添加菜单\",value = OptionType.ADD)\n\t@PostMapping\n\tpublic ResultDTO\u003cObject\u003e addMenu(@Validated @RequestBody MenuVO menu,@RequestParam(value=\"parentId\",required = false) Long parentId){\n\t\tif(MenuAccess.insertMenu(menu,parentId)\u003e0) {\n\t\t\treturn ResponseUtil.generateSuccessDTO();\n\t\t}\n\t\treturn ResponseUtil.generateFaileDTO(\"添加失败！\");\n\t}\n\n\t@Permission(name = \"修改菜单信息\",value = OptionType.UPDATE)\n\t@PatchMapping\n\tpublic ResultDTO\u003cObject\u003e updateMenu( @RequestBody MenuVO MenuDTO){\n\t\tif(MenuAccess.updateById(MenuDTO)\u003e0) {\n\t\t\treturn ResponseUtil.generateSuccessDTO();\n\t\t}\n\t\treturn ResponseUtil.generateFaileDTO(\"修改失败！\");\n\t}\n\n\t@Permission(name = \"删除菜单\",value = OptionType.DELETE)\n\t@DeleteMapping(\"/{id}\")\n\tpublic ResultDTO\u003cObject\u003e delete(@PathVariable(\"id\") Long id){\n\t\tif(MenuAccess.deleteById(id)\u003e0) {\n\t\t\treturn ResponseUtil.generateSuccessDTO(\"删除成功！\");\n\t\t}\n\t\treturn ResponseUtil.generateFaileDTO(\"修改失败！\");\n\t}\n\n\t@Permission(name = \"移动菜单\",value = OptionType.UPDATE)\n\t@PatchMapping(\"/position\")\n\tpublic ResultDTO\u003cObject\u003e updateMenu(@RequestBody @Validated  MenuMoveDTO dto){\n\t\tboolean flag = false;\n\t\tLong moveId = dto.getMoveId();\n\t\tLong targetId = dto.getTargetId();\n\t\tswitch(dto.getPosition()) {\n\t\tcase 1:\n\t\t\tflag = MenuAccess.moveNodeBefore(moveId, targetId)\u003e0?true:false;\n\t\t\tbreak;\n\t\tcase 2:\n\t\t\tflag = MenuAccess.moveNodeAfter(moveId, targetId)\u003e0?true:false;\n\t\t\tbreak;\n\t\tcase 3:\n\t\t\tflag = MenuAccess.moveNodeByParentAsLastChild(moveId, targetId)\u003e0?true:false;\n\t\t\tbreak;\n\t\t}\n\t\tif(flag) {\n\t\t\treturn ResponseUtil.generateSuccessDTO();\n\t\t}\n\t\treturn ResponseUtil.generateFaileDTO(\"修改失败！\");\n\t}\n}\n\npublic class MenuMoveDTO {\n  @NotNull\n  @ApiModelProperty(value = \"移動されるメニューのID\",notes = \"\", required = true, example = \"1\")\n  private Long moveId;\n  @NotNull\n  @ApiModelProperty(value = \"目標メニューのID\",notes = \"\", required = true, example = \"11\")\n  private Long targetId;\n  @NotNull\n  @ApiModelProperty(value = \"目標メニューへの位置、1=目標の前、2=目標の後ろ、3=目標の最後の子ノード\",notes = \"1=目標の前、2=目標の後ろ、3=目標の最後の子ノード\", required = true, example =\"1\")\n  private int position;\n}\n```\n\n### ユーザーに役割をバインドする例\n\n```java\n@Autowired\nAuthorizeManager authorizeManager;\n\n...\n//为用户绑定角色\nif(!CollectionUtils.isEmpty(roleIds)) {\n\tauthorizeManager.getRoleAccess().bindRoleForUser(userId, roleIds);\n}\n\n\n//获取用户绑定的角色：\nauthorizeManager.getRoleAccess().getRoleByUser(userId);\n```\n\n*トークンの有効性を確認するだけの例：*\n\n```java\n@PermissionMapping(自定义填写)\n@Permission(OptionType.LOGIN)\npublic class RoleController{\n}\n```\n\n### IP制限機能を有効にする\n\n以下の設定を追加してください。\n\n```yml\nlui-auth:\n  securityConfig:\n    enableRequestLimit: true\n    requestTime: 3000\n    requestLimit: 1\n#\trequestLimitStorage: memory #IP制限のキャッシュオプション：memory、redis。memoryはメモリストレージをお勧めしますが、クラスターサービスではredisストレージを使用することをお勧めします。\n```\n\n上記の設定は、グローバルIP制限を有効にするものであり、つまり、同じインターフェースに対して3秒以内に同じIPからのリクエストは1回しか行えません。\n\n*個別のインターフェース/コントローラーのIP制限設定：* `@RequestLimit(requestLimit = 1,requestTime = 3000)` をコントローラークラスまたはメソッドに追加します（メソッドのアノテーションが優先されます）\n\n### リクエストログを自動的に出力する\n\n以下の設定を追加してください：\n\n```yml\nlui-auth:\n  securityConfig:\n    enableRequestLog: true\n```\n\n開始すると、IPアドレス、ユーザーID、リクエストパラメータ、リクエストURIなどの情報が自動的に印刷されます。\n\n*カスタムログ出力クラス（RequestLoggerインターフェースを実装する必要があります）：*\n\n```java\n@Configuration\npublic class WebConfig{\n\n\t@Bean\n\tpublic RequestLogger initRequestLogger(){\n\t\treturn new MyRequestLogger();  //返回自己定义的日志处理类，该类需要实现RequestLogger接口\n\t}\n\n\tpublic MyRequestLogger implements RequestLogger{\n\n\t\t@Override\n\t\tpublic void processRequestLog(HttpServletRequest request, RequestLog requestLog) {\n\t\t\t// ......\n\t\t\n\t\t}\n\t  \n\t}\n}\n```\n\n自動ログ出力スイッチをオンにすると、インターセプターはHttpServletRequestクラスを自動的にラップし、そのIOストリームを繰り返し読み取ることができます。\n\n# ログの更新\n\n*1.2.4* バグ修正、IPバインディングモードの追加、IP取得方法の更新\n\n*1.2.3* バグ修正、MySQL 8サポートの追加\n\n*1.2.2* PostgreSQLサポートの追加\n\n*1.0.1* 多くのバグ修正。現在はプロジェクトで正常に使用できます。ユーザーの役割関係データがデータベースに保存されるように変更されました。\n\n*0.1.1* リクエストログ機能を最適化し、トークンにユーザー情報を含めるようにしました。\n\n*0.10* IP制限機能およびリクエストログ自動印刷機能を追加しました。\n\n*0.0.3 * 役割およびメニューのアクセス許可管理機能を追加しました。\n\n* 0 .01 * シンプルな認証およびトークン認証機能\n\n＃TODOリスト\n\n1つ目：独立した認証サービスとして独立し、レジストリセンター、HTTPなどの呼び出し方法をサポートします。`\u003cbr/\u003e`\n\n2つ目：IPホワイトリスト/ブラックリスト`\u003cbr/\u003e`\n\n3番目：データアクセス権限（コンセプト中...）`\u003cbr/\u003e`\n\n4番目：redissonのサポートを追加する\n\n5番目：対応するデータベースを追加する\n\n6番目：マルウェアIP /ドメインナレッジベース\n\n7番目: IPとTOKENのバインド\n\n8番目: 非対称暗号化要求パラメータ\n\n**PostgreSql**\n\n```sql\nCREATE TABLE public.MENU (\n  ID serial4 NOT NULL ,\n  NAME varchar(100) COLLATE \"pg_catalog\".\"default\" NOT NULL,\n  URL varchar(200) COLLATE \"pg_catalog\".\"default\",\n  ICON varchar(300) COLLATE \"pg_catalog\".\"default\",\n  PERMISSION_CODES varchar(150) COLLATE \"pg_catalog\".\"default\",\n  DESCRIPTION varchar(255) COLLATE \"pg_catalog\".\"default\",\n  LEFT_VALUE int4 NOT NULL,\n  RIGHT_VALUE int4 NOT NULL,\n  LEVEL int2 NOT NULL,\n  PROPERTY varchar(100) COLLATE \"pg_catalog\".\"default\",\n  CREATE_DATE date NOT NULL,\n  UPDATE_DATE date,\n  PRIMARY KEY (\"ID\")\n)\n;\n\nCOMMENT ON COLUMN public.MENU.\"URL\" IS '跳转地址';\n\nCOMMENT ON COLUMN public.MENU.\"ICON\" IS '图标';\n\nCOMMENT ON COLUMN public.MENU.\"PERMISSION_CODES\" IS '权限码';\n\nCOMMENT ON COLUMN public.MENU.\"DESCRIPTION\" IS '说明 ';\n\nCOMMENT ON COLUMN public.MENU.\"LEFT_VALUE\" IS '左节点值';\n\nCOMMENT ON COLUMN public.MENU.\"RIGHT_VALUE\" IS '右节点值';\n\nCOMMENT ON COLUMN public.MENU.\"LEVEL\" IS '节点等级';\n\nCOMMENT ON COLUMN public.MENU.\"PROPERTY\" IS '属性(自由使用标识)';\n\nCOMMENT ON COLUMN public.MENU.\"CREATE_DATE\" IS '创建时间';\n\nCOMMENT ON COLUMN public.MENU.\"UPDATE_DATE\" IS '修改时间';\n\nCOMMENT ON TABLE public.MENU IS '菜单表';\n\n\n\n\nCREATE TABLE public.ROLE (\n  ID serial4 NOT NULL,\n  ROLE_NAME varchar(100) COLLATE \"pg_catalog\".\"default\" NOT NULL,\n  DESCRIPTION varchar(200) COLLATE \"pg_catalog\".\"default\",\n  CREATE_DATE date NOT NULL,\n  UPDATE_DATE date,\n  PRIMARY KEY (\"ID\")\n)\n;\n\n\nCOMMENT ON COLUMN public.ROLE.\"ID\" IS 'ID';\n\nCOMMENT ON COLUMN public.ROLE.\"ROLE_NAME\" IS '角色名称';\n\nCOMMENT ON COLUMN public.ROLE.\"DESCRIPTION\" IS '  说明';\n\nCOMMENT ON COLUMN public.ROLE.\"CREATE_DATE\" IS '创建时间';\n\nCOMMENT ON COLUMN public.ROLE.\"UPDATE_DATE\" IS '修改时间';\n\nCOMMENT ON TABLE public.ROLE IS '角色表';\n\n-- 关系表\n\nCREATE TABLE public.ROLE_USER (\n  ID serial4,\n  ROLE_ID int8 NOT NULL,\n  USER_ID varchar COLLATE pg_catalog.default NOT NULL\n);\n\n\nCREATE TABLE public.ROLE_MENU (\n  ID serial4,\n  ROLE_ID int8 NOT NULL,\n  MENU_ID int8 NOT NULL,\n  PERMISSION_CODES varchar(150),\n  PRIMARY KEY (ID)\n)\n;\n\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freinershir%2Flui-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Freinershir%2Flui-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Freinershir%2Flui-auth/lists"}