Skip to content

Commit

Permalink
change version 0.4.5 to 0.4.6,docs:add emoji
Browse files Browse the repository at this point in the history
  • Loading branch information
tomsun28 committed Feb 25, 2021
1 parent 8169996 commit a86aff6
Show file tree
Hide file tree
Showing 10 changed files with 68 additions and 63 deletions.
44 changes: 22 additions & 22 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,13 @@

**Home Page: [usthe.com/sureness](https://usthe.com/sureness) or [su.usthe.com](https://su.usthe.com/)**

## Background
## 📫 Background

In the mainstream web architecture, how to protect the restful api provided by the back-end through effective and fast authentication has become particularly important.
For existing frameworks, whether it is apache shiro which does not natively support rest, or deeply bound spring, the slower performance and steep learning curve of spring security are not our ideal framework.
Ever since sureness was born, we hope to solve these, provide a **restful api**, **no framework dependency**, can **dynamically modify permissions**, **multiple authentication policies**, **faster**, **easy to use and extend** security framework.

## <font color="green">`Introduction`</font>
## 🎡 <font color="green">Introduction</font>


> Sureness is a new, permission project which we learn from apache shiro and add some ideas to create it.
Expand All @@ -35,7 +35,7 @@ Ever since sureness was born, we hope to solve these, provide a **restful api**,
> The low configuration of sureness, easy to expand, and not coupled with other frameworks, enables developers to quickly and safely protect their projects in multiple scenarios.
##### Compare
##### 🔍 Compare

| ~ | sureness | shiro | spring security |
| --- | --- | --- | --- |
Expand All @@ -49,7 +49,7 @@ Ever since sureness was born, we hope to solve these, provide a **restful api**,
| **performance** | fast | slower | slower|
| **learning curve** | simple | simple | steep|

##### Benchmark
##### 📈 Benchmark

![benchmark](docs/_images/benchmark_en.png)

Expand All @@ -59,7 +59,7 @@ Ever since sureness was born, we hope to solve these, provide a **restful api**,

Detail see [Benchmark Test](https://github.com/tomsun28/sureness-shiro-spring-security-benchmark)

##### Framework Sample Support
##### Framework Sample Support

- [x] sureness integration springboot sample(configuration file scheme) [sample-bootstrap](sample-bootstrap)
- [x] sureness integration springboot sample(database scheme) [sample-tom](sample-tom)
Expand All @@ -69,9 +69,9 @@ Detail see [Benchmark Test](https://github.com/tomsun28/sureness-shiro-spring-se
- [x] sureness integration spring webflux sample [sample-spring-webflux](samples/spring-webflux-sureness)
- [x] more samples todo

## Quick Start
## 🔨 Quick Start

#### <font color="red">Some Conventions</font>
#### 🐕 <font color="red">Some Conventions</font>

- Based RBAC, only has role-resource, no permission action.
- We treat restful requests as a resource, resource format like `requestUri===httpMethod`.
Expand All @@ -81,21 +81,21 @@ Detail see [Benchmark Test](https://github.com/tomsun28/sureness-shiro-spring-se

Resource path matching see: [URI Match](docs/path-match.md)

#### Add Sureness In Your Project
#### 🐖 Add Sureness In Your Project

When use maven or gradle build project, add coordinate
```
<dependency>
<groupId>com.usthe.sureness</groupId>
<artifactId>sureness-core</artifactId>
<version>0.4.4</version>
<version>0.4.6</version>
</dependency>
```
```
compile group: 'com.usthe.sureness', name: 'sureness-core', version: '0.4.4'
compile group: 'com.usthe.sureness', name: 'sureness-core', version: '0.4.6'
```

#### Use the Default Configuration to Configure Sureness
#### 🐵 Use the Default Configuration to Configure Sureness

The default configuration -`DefaultSurenessConfig` uses the document datasource `sureness.yml` as the auth datasource.
It supports jwt, basic auth, digest auth authentication.
Expand All @@ -106,7 +106,7 @@ public DefaultSurenessConfig surenessConfig() {
}
```

#### Load Auth Config DataSource
#### 🐮 Load Auth Config DataSource

Sureness authentication requires us to provide our own account data, role permission data, etc. These data may come from text, relational databases, non-relational databases, annotations, etc.
We provide interfaces `SurenessAccountProvider`, `PathTreeProvider` for user implement to load data from the dataSource where they want.
Expand All @@ -121,15 +121,15 @@ If the configuration resource data comes from text, please refer to [Sureness i
If the configuration resource data comes from dataBase, please refer to [Sureness integration springboot sample(database scheme)](https://github.com/tomsun28/sureness/tree/master/sample-tom)


#### Add an Interceptor Intercepting All Requests
#### 🐐 Add an Interceptor Intercepting All Requests

The essence of sureness is to intercept all rest requests for authenticating and Authorizing.
The interceptor can be a filter or a spring interceptor, it intercepts all request to check them.
```
SubjectSum subject = SurenessSecurityManager.getInstance().checkIn(servletRequest)
```

#### Implement Auth Exception Handling Process
#### 🐰 Implement Auth Exception Handling Process

Sureness uses exception handling process:

Expand Down Expand Up @@ -160,7 +160,7 @@ Detail sureness auth exception see: [Default Sureness Auth Exception](docs/defau

**Have Fun**

## Advanced Use
## 🥐 Advanced Use

Sureness supports custom subject, custom subjectCreator, custom processor and more.

Expand All @@ -180,28 +180,28 @@ Sureness provides the following common interfaces as extension points:

Refer to [Extension Point](https://usthe.com/sureness/#/extend-point) for the extended documentation.

1. **Custom Subject**
1. 🥊 **Custom Subject**

`Implment Subject, add custom subject content`
`Implment SubjectCreate to create custom subject`
`Implment Processor to support custom subject`

See [Custom Subject](docs/custom-subject.md)

2. **Custom SubjectCreator**
2. 🔫 **Custom SubjectCreator**

`Implment SubjectCreate to create your custom subject`

See [Custom SubjectCreator](docs/custom-subject-creator.md)

3. **Custom Processor**
3. 🪓 **Custom Processor**

`A subject also can support by different processor, so we can custom processor to support custom subject`
`Implment Processor, set which subject can support and implment processing details`

See [Custom Processor](docs/custom-processor.md)

4. **Custom Datasource**
4. 🏹 **Custom Datasource**

`Implment PathTreeProvider, load in DefaultPathRoleMatcher`
`Implment SurenessAccountProvide, load in processor`
Expand All @@ -210,7 +210,7 @@ See [Custom Datasource](docs/custom-datasource.md)

Detail please refer to [Sureness integration springboot sample(database scheme)](sample-tom)

## Contributing
## 🙋 Contributing

Very welcome to Contribute this project, go further and better with sureness. If you have any questions or suggestions about the project code, please contact @tomsun28 directly.

Expand All @@ -221,10 +221,10 @@ Components of Repository:
- [sample projects using sureness in each framework(javalin,ktor,quarkus)--samples](samples)


#### Why Is High Performance
#### 💪 Why Is High Performance

![pathRoleMatcher](docs/_images/PathRoleMatcher.svg)


## License
## 🛡️ License
[`Apache License, Version 2.0`](https://www.apache.org/licenses/LICENSE-2.0.html)
46 changes: 23 additions & 23 deletions README_CN.md
Original file line number Diff line number Diff line change
Expand Up @@ -16,13 +16,13 @@
**主页: [usthe.com/sureness](https://usthe.com/sureness), 备用网站: [su.usthe.com](https://su.usthe.com/)**


## 背景
## 📫 背景

在主流的前后端分离架构中,如何通过有效快速的认证鉴权来保护后端提供的`restful api`变得尤为重要。对现存框架,不原生支持`rest``apache shiro`
还是深度绑定`spring`,较慢性能,学习曲线陡峭的`spring security`,或多或少都不是我们的理想型。
于是乎`sureness`诞生了,我们希望能解决这些,提供一个面向**restful api****无框架依赖**,可以**动态修改权限****多认证策略****更快速度****易用易扩展**的认证鉴权框架。

## <font color="green">介绍</font>
## 🎡 <font color="green">介绍</font>

> `sureness` 是我们在深度使用权限框架 `apache shiro` 之后,吸取其一些优点全新设计开发的一个认证鉴权框架
> 面向 `restful api` 的认证鉴权,基于 `rbac` (用户-角色-资源)主要关注于对 `restful api` 的安全保护
Expand All @@ -35,7 +35,7 @@
>`sureness`的低配置,易扩展,不耦合其他框架,希望能帮助开发者对自己的项目多场景快速安全的进行保护
##### 框架对比
##### 🔍 框架对比

| ~ | sureness | shiro | spring security |
| --- | --- | --- | --- |
Expand All @@ -49,7 +49,7 @@
| **性能速度** | 较快 | 较慢 | 较慢|
| **学习曲线** | 简单 | 简单 | 陡峭|

##### 基准性能测试
##### 📈 基准性能测试

![benchmark](docs/_images/benchmark_cn.png)

Expand All @@ -58,7 +58,7 @@
**性能差距会随着api匹配链的增加而进一步拉大**
详见[基准测试](https://github.com/tomsun28/sureness-shiro-spring-security)

##### 框架支持样例
##### 框架支持样例

- [x] sureness集成springboot样例(配置文件方案) [sample-bootstrap](sample-bootstrap)
- [x] sureness集成springboot样例(数据库方案) [sample-tom](sample-tom)
Expand All @@ -69,9 +69,9 @@
- [x] more samples todo


## 快速开始
## 🔨 快速开始

#### <font color="red">使用前一些约定</font>
#### 🐕 <font color="red">使用前一些约定</font>

- `sureness`尽量简洁,基于`rbac`,只有(角色-资源)的映射,没有(权限)动作映射,即 用户-角色-资源
- 我们将`restful api`请求视作一个资源,资源格式为: `requestUri===httpMethod`
Expand All @@ -81,21 +81,21 @@

资源路径匹配详见 [URI路径匹配](docs/cn/path-match.md)

#### 项目中加入sureness
#### 🐖 项目中加入sureness

项目使用`maven``gradle`构建,加入坐标
```
<dependency>
<groupId>com.usthe.sureness</groupId>
<artifactId>sureness-core</artifactId>
<version>0.4.4</version>
<version>0.4.6</version>
</dependency>
```
```
compile group: 'com.usthe.sureness', name: 'sureness-core', version: '0.4.4'
compile group: 'com.usthe.sureness', name: 'sureness-core', version: '0.4.6'
```

#### 使用默认配置来配置sureness
#### 🐵 使用默认配置来配置sureness
默认配置使用了文件数据源`sureness.yml`作为账户权限数据源
默认配置支持了`jwt, basic auth, digest auth`认证
```
Expand All @@ -105,7 +105,7 @@ public DefaultSurenessConfig surenessConfig() {
}
```

#### 配置权限账户数据源
#### 🐮 配置权限账户数据源

`sureness`认证鉴权,当然也需要我们提供自己的账户数据,角色权限数据等,这些数据可能来自文本,关系数据库,非关系数据库,注解等。
我们提供了数据源接口:`SurenessAccountProvider`, `PathTreeProvider`,用户可以实现此接口实现自定义数据源。
Expand All @@ -122,7 +122,7 @@ public DefaultSurenessConfig surenessConfig() {
默认文本数据源具体实现,请参考[sureness集成springboot样例(配置文件方案)--sample-bootstrap](https://github.com/tomsun28/sureness/tree/master/sample-bootstrap)
若权限配置数据来自数据库,请参考[sureness集成springboot样例(数据库方案)--sample-tom](https://github.com/tomsun28/sureness/tree/master/sample-tom)

#### 添加过滤器拦截所有请求
#### 🐐 添加过滤器拦截所有请求

`sureness`的本质就拦截所有`rest`请求对其认证鉴权判断。
入口拦截器器实现一般可以是 `filter or spring interceptor`
Expand All @@ -132,7 +132,7 @@ public DefaultSurenessConfig surenessConfig() {
SubjectSum subject = SurenessSecurityManager.getInstance().checkIn(servletRequest)
```

#### 实现认证鉴权相关异常处理流程
#### 🐰 实现认证鉴权相关异常处理流程

`sureness`使用异常处理流程:
1. 若认证鉴权成功,`checkIn`会返回包含用户信息的`SubjectSum`对象
Expand Down Expand Up @@ -162,7 +162,7 @@ try {

> 如果这个[快速开始]对您不是很友好,可以参考这篇[一步一步搭建](docs/cn/step-by-step.md),里面一步一步详细介绍了使用sureness搭建一个完整功能认证鉴权项目的步骤。
## 进阶扩展
## 🥐 进阶扩展

`sureness`支持自定义`subject`,自定义`subjectCreator`注册,自定义`processor`处理器等

Expand All @@ -182,24 +182,24 @@ sureness提供了下面这些常用接口作为扩展点:

扩展文档详见 [扩展点](docs/cn/extend-point.md)

1. **自定义subject**
1. 🥊 **自定义subject**

实现`Subject`接口,添加自定义的`subject`内容
实现`SubjectCreate`接口方法,自定义subjectCreator创建出自定义的`subject`
实现`BaseProcessor`接口,自定义processor支持处理自定义的`subject`
详见 [自定义Subject](docs/cn/custom-subject.md)

2. **自定义subjectCreator**
2. 🔫 **自定义subjectCreator**

实现`SubjectCreate`接口方法,根据request请求的内容创建出对应需要的的`subject`
详见 [自定义SubjectCreate](docs/cn/custom-subject-creator.md)

3. **自定义processor**
3. 🪓 **自定义processor**

实现`BaseProcessor`接口,设置支持的`subject`,实现处理该`subject`的认证鉴权逻辑
详见 [自定义Processor](docs/cn/custom-processor.md)

4. **自定义数据源**
4. 🏹 **自定义数据源**

实现 `PathTreeProvider`的接口, 加载到对应的资源权限匹配器`DefaultPathRoleMatcher`
实现 `SurenessAccountProvider`的接口,加载到需要账户数据的`processor`
Expand All @@ -208,7 +208,7 @@ sureness提供了下面这些常用接口作为扩展点:
具体扩展实践请参考 [sureness集成springboot样例(数据库方案)--sample-tom](sample-tom)


## 参与贡献
## 🙋 参与贡献
非常欢迎参与项目贡献。对项目代码有疑问或者建议请直接联系 @tomsun28

仓库的组成部分:
Expand All @@ -217,11 +217,11 @@ sureness提供了下面这些常用接口作为扩展点:
- [使用sureness集成springboot搭建权限项目(数据库方案)--sample-tom](sample-tom)
- [各个框架使用sureness的样例项目(javalin,ktor,quarkus)--samples](samples)

#### 高性能匹配
#### 💪 高性能匹配

![pathRoleMatcher](docs/_images/PathRoleMatcher.svg)

## 更多相关
## 💡 更多相关

相关文章:
[restful api 权限设计 - 初探一](https://segmentfault.com/a/1190000038360856)
Expand All @@ -234,5 +234,5 @@ sureness提供了下面这些常用接口作为扩展点:
QQ交流群:390083213
微信公众号:sureness

## License
## 🛡️ License
[`Apache License, Version 2.0`](https://www.apache.org/licenses/LICENSE-2.0.html)
4 changes: 2 additions & 2 deletions core/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>com.usthe.sureness</groupId>
<artifactId>sureness-core</artifactId>
<version>0.4.5</version>
<version>0.4.6</version>
<packaging>jar</packaging>

<name>sureness</name>
Expand Down Expand Up @@ -40,7 +40,7 @@
scm:git:https://github.com/tomsun28/sureness.git
</developerConnection>
<url>https://github.com/tomsun28/sureness</url>
<tag>0.4.5</tag>
<tag>0.4.6</tag>
</scm>

<properties>
Expand Down
Loading

0 comments on commit a86aff6

Please sign in to comment.