recently, I have been learning about the backend. In the process of learning SSM, because I want to give the client a login authentication function, I thought of using token for authentication and using auth0, to generate token through user id encryption. The question arises: in addition to being returned to the client, does the generated token need to be stored in a database or redis? Or is it OK to decrypt and verify the received token directly?
just decrypt it when you want to use it directly.
storing the database doesn't seem to make any sense. Do you have to retrieve the database once, which is a waste of io
token to decrypt it? Not afraid of being cracked?
the token generated by encrypting ID is fixed, there is no need to store the database, but the problem is that it is not timely.
you can try to increase the timeliness based on random strings as Token,
if it is a login authentication token, you can consider using jwt to do it, so that after the login is completed, the subsequent request can parse the user name information with this token, in the header.
if you need to add token, to a general request to prevent the interface from being brushed or to prevent the interface parameters from being changed in series, the front and back end can use a set of encryption rules to encrypt the parameters and the expiration time of the request to generate a token and pass it to the backend, and the backend uses the same rules to generate a token for comparison. If the parameters are changed in series, or if the request time has been exceeded, a signature error is reported, which can prevent the interface from being brushed and the interface parameters from being changed in series.
Why did spring fail to automatically match fields? Wechat s front end reads as follows: Java: ...
Front-end proxy server interface controlleraxios postaxiosgetoption tried to implement the filter interface in the background, but it didn t work. Later, I deleted it. Anyway, I have tried many methods that can be found on the Internet . ...
such as the title. such as the title. such as the title. ...
1. Recently, when I was learning hibernate, a question suddenly occurred to me: can I use hibernate instead of a database to store data? Can it cooperate with hibernate with simple file access? 2. In order to answer this question, I think we should fi...
there is a set collection of tag classes in the user class; maintain relationships only from the user class, one-to-many @ OneToMany @JoinTable(name="shuo_tag", inverseJoinColumns=@JoinColumn(name="tag_id"), jo...
thymeleaf 2.+ requires < script th:inline= "javascript " > declare this Is there a better way after thymeleaf3? can the declaration be omitted? I read the document saying that it is recommended to remove . Template updates remove any th:inline= ...
when I actually use it, it s not what the documentation says. my thymeleaf version The code calls the tostring method of the class in this way <script> console.log([[${games}]]) < script> chorme console: an error will be prompted, b...
tomcat can be accessed normally at the beginning, but after a week or two of operation, it cannot be accessed normally, and it does not report an error, but it just cannot be accessed, which is very strange. jdk and tomcat are both 32-bit, is that the r...
questions about parsing parameters in request and putting them back in request get and post follow the method , parsing is normal, but an exception is thrown when a put request is encountered. put requests request of spring , while tomc...
problem description: the front end invokes a service An at the back end, and this service A contains the sub-service BMagne C * C * C has its own independent transaction mechanism and does not affect each other. After is executed, the final return fro...
there is a problem that I can t solve when I just learned ssm,. No, no, no. The directory structure is as follows error message: Caught exception while allowing TestExecutionListener [org.springframework.test.context.support.DependencyInjectionTes...
error prompt: 08-Apr-2018 22:43:20.746 [RMI TCP Connection(2)-127.0.0.1] org.springframework.web.context.ContextLoader.initWebApplicationContext Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bea...
requirements: http: localhost:80 order service?method=getTradeInfo http: localhost:80 order service?method=createTrade requires method to decide which method to map to which controller, and how should it be implemented? now only knows that spring...
the work java spring does is not caused by the language feature limitations of java. so python should need something similar, but why didn t it develop? ...
several pages are packaged with vue-cil and published to the java server. The value sent by, spring mvc to vue,vue has not been received. Can vue use ${variable} to receive the value? Because the page developed by vue is released to the backend, and the ...
problem description: basically prevents users from making malicious requests, limits the number of visits per unit time , and then makes an aop, but I can t get the return value of the aop method in the controller layer, as follows: @Pointcut("...
RT. I want to verify that in the request InnerValidatedRequest, if the fields houseName and houseAddress, in the InnerValidatedRequestData member object are annotated with the @ Validated of SpringMVC, what else do you need to add? if this is the c...
package spittr.web; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import org.springfra...
in the spring in actin fourth edition, Chapter V 5.4.2 check data section, use JSR303 for data verification, but it does not take effect, and there is no error uses the implementation of hibernate-validator, and gradle depends on: @RequestMapping(va...
when learning springboot, add: to pom.xml <dependency> <groupId>org.springframework.boot< groupId> <artifactId>spring-boot-starter-actuator< artifactId> < dependency> After restart the projec...