一篇文章带你实现 SpringSecurity 和 Mybatis 完成登录操作

一、前期配置

1. 添加依赖

数据库参考：一篇文章带你搞定 SpringSecurity 和 SpringDataJpa 的整合

2. 配置数据库中的实体类

对于实体类和整合 SpringDataJpa 一样选用 Role 和 User

Role：

import java.io.Serializable;
public class Role implements Serializable {
    
    
    private Integer id;
    private String name;
    private String nameZh;
    //get和set 方法省略
}

User：

public class User implements UserDetails {
    
    
    private Integer id;
    private String username;
    private String password;
    private Boolean enabled;
    private Boolean locked;
    private List<Role> roles;

    @Override
    public boolean isAccountNonExpired() {
    
    
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
    
    
        return !locked;
    }

    @Override
    public boolean isCredentialsNonExpired() {
    
    
        return true;
    }

    @Override
    public boolean isEnabled() {
    
    
        return enabled;
    }
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
    
    
        List<SimpleGrantedAuthority> authorities = new ArrayList<>();

        for (Role role : roles) {
    
    
            authorities.add(new SimpleGrantedAuthority("ROLE_"+role.getName()));
        }
        return authorities;
    }
    public void setEnabled(Boolean enabled) {
    
    
        this.enabled = enabled;
    }

    public void setLocked(Boolean locked) {
    
    
        this.locked = locked;
    }
}
    
    //其他get和set方法省略
}

3. 配置 application.properties 实现数据库连接

spring.datasource.url=mysql://localhost:3306/yolo?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
spring.datasource.username=root
spring.datasource.password=root

具体信息同样参考上面整合 SpringDataJpa 的文章即可。

二、配置 UserDao 和 UserDao.xml

1. UserDao.java

@Mapper
public interface UserDao {
    
    
    User findUserByUsername(String username);
    List<Role> getRolesByUserId(Long id);
    void save(User user);
}

2. UserDao.xml

<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="org.yolo.securitymybatis.mapper.UserMapper">
    <select id="loadUserByUsername" resultType="org.yolo.securitymybatis.bean.User">
        select * from user where username=#{
    
    username}
    </select>

    <select id="getUserRolesById" resultType="org.yolo.securitymybatis.bean.Role">
        select * from role where id in (select rid from user_role where uid=#{
    
    id})
    </select>
</mapper>

三、配置 service

@Service
public class UserService implements UserDetailsService {
    
    
    @Autowired
    UserDao userDao;
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    
    
        User user = userDao.findUserByUsername(username);
        if (user == null) {
    
    
            throw new UsernameNotFoundException("用户不存在");
        }
        user.setRoles(userDao.getRolesByUserId(user.getId()));
        return user;
    }
}

四、配置 SecurityConfig

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    
    
    @Autowired
    UserService userService;
     @Bean
     PasswordEncoder passwordEncoder() {
    
    
         return new BCryptPasswordEncoder();
     }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    
    
        auth.userDetailsService(userService);
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
    
    
        http.authorizeRequests()
                .antMatchers("/admin").hasRole("admin")
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .permitAll()
                .and()
                .csrf().disable();
    }
}

五、其他配置

（1）将资源配置路径添加到 pom 文件中：

<resources>
            <resource>
                <directory>src/main/java</directory>
                <includes>
                    <include>**/*.xml</include>
                </includes>
            </resource>
            <resource>
                <directory>src/main/resources</directory>
            </resource>
</resources>

原先的问题是因为数据库存储的信息比较混乱，重新建了个数据库好使了

六、总结

可以和这篇对比下：springsecurity 整合 mybatis

两篇的区别就是 这里的mysql 是 8 以上版本，同时也没有选择 druid 连接数据库

对于 mybatis 的配置什么的是一致的，而且也不用必须加 ROLE