最近学习了模仿天猫商城,做一些必要的笔记,一来是对自己学习的知识的巩固,二来对有同样问题的人有参考作用
一 说明
这篇文章只有CustomRealm(自定义realm)的JPA方式的具体实现,完整的springboot整合shiro请参考我的上一篇文章springboot整合shiro之基本原理[亲测实现]
二 Maven
<!-- jpa-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jpa</artifactId>
</dependency>
<!-- mysql-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.21</version>
</dependency>
三 Entity层
@Entity
@Table(name = "role")
@JsonIgnoreProperties({ "handler","hibernateLazyInitializer" })
public class Role {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
private int id;
@Column
private String name;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
}
@Entity
@Table(name = "user")
@JsonIgnoreProperties({ "handler","hibernateLazyInitializer" })
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
private int id;
@Column
private String name;
@Column
private String password;
@Column
private String salt;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getSalt() {
return salt;
}
public void setSalt(String salt) {
this.salt = salt;
}
}
@Entity
@Table(name = "user_roles")
@JsonIgnoreProperties({ "handler","hibernateLazyInitializer" })
public class UserRoles {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
private int id;
@Column
private int uid;
@Column
private int rid;
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public int getUid() {
return uid;
}
public void setUid(int uid) {
this.uid = uid;
}
public int getRid() {
return rid;
}
public void setRid(int rid) {
this.rid = rid;
}
}
注:
- 运行代码时会自动生成user,role表和中间表user_roles
- user表用于登录验证
- role表和user_roles表用于登录后的角色(权限)分配
四 Dao层
//RoleDao
public interface RoleDao extends JpaRepository<Role,Integer> {
}
//UserRolesDao
public interface UserRolesDao extends JpaRepository<UserRoles,Integer> {
}
//UserDao
public interface UserDao extends JpaRepository<User,Integer> {
//根据用户id获取用户权限
@Query(nativeQuery = true,value = "select r.name from user_roles urs inner join role r on urs.uid = ?1 and urs.rid = r.id;")
List<String> getRolesByUser(Integer uid);
//根据用户名获取用户
User getUserByNameEquals(String userName);
}
五 Service层
@Service
public class UserService {
@Autowired
UserDao userDao;
public List<String> getRolesByUser(Integer uid){
return userDao.getRolesByUser(uid);
}
public User get(Integer uid){
return userDao.getOne(uid);
}
public User get(String userName){
return userDao.getUserByNameEquals(userName);
}
public void add(User user){
userDao.save(user);
}
public void delete(Integer uid){
userDao.delete(uid);
}
public void update(User user){
userDao.save(user);
}
}
六 自定义的Realm类
/**
* @author yangsong
* @create 2020.04.01
*/
public class CustomRealm extends AuthorizingRealm {
@Autowired
UserService userService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
int userId = (Integer) SecurityUtils.getSubject().getPrincipal();
List<String> roles = userService.getRolesByUser(userId);
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
Set<String> rolesSet = new HashSet<>(roles);
info.setRoles(rolesSet);
return info;
}
/**
* 进行身份验证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
String userName = (String) authenticationToken.getPrincipal();
if (StringUtils.isEmpty(userName)){
throw new AccountException("用户名格式错误");
}
User user = userService.get(userName);
if (user == null){
throw new AccountException("用户名不存在");
}
int userId = user.getId();
String dbPassword = user.getPassword();
String salt = user.getSalt();
SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(userId, dbPassword, ByteSource.Util.bytes(salt), getName());
return simpleAuthenticationInfo;
}
}
七 总结
如有错误恳请指正,如有侵权请联系我删除