两个重要的接口
- UserDetailsService接口
- 查询数据库用户名和密码
- 创建类继承UsernamePasswordAuthenticationFilter,重写三个方法
- 创建类实现UserDetailsService,编写查询数据库过程,返回User对象,这个User对象是安全框架提供的对象
- PasswordEncode接口
- 数据加密的接口,用于返回User对象里面的密码加密
设置登录的用户名和密码
- 通过配置文件
spring.security.user.name=fy
spring.security.user.password=fy123
- 通过配置类
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String password = passwordEncoder.encode("123");
auth.inMemoryAuthentication().withUser("fyun").password(password).roles("admin");
}
@Bean
PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
- 自定义编写实现类
- 创建配置类,设置使用哪个UserDetailsService实现类
@Configuration public class MySecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private UserDetailsService userDetailsService; @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder()); } @Bean PasswordEncoder passwordEncoder(){ return new BCryptPasswordEncoder(); } }
- 编写实现类,返回User对象,User对象有用户名密码和操作权限
@Service("userDetailsService") public class MyUserDetailsService implements UserDetailsService { @Override public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException { List<GrantedAuthority> role = AuthorityUtils.commaSeparatedStringToAuthorityList("role"); return new User("may",new BCryptPasswordEncoder().encode("my123"),role); } }
查询数据库完成用户认证
整合MybatisPlus完成数据库操作
- 引入相关依赖
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus</artifactId>
<version>3.4.1</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
- 创建数据库和数据表
CREATE TABLE USER(
id INTEGER AUTO_INCREMENT,
username VARCHAR(225) ,
PASSWORD VARCHAR(225),
PRIMARY KEY (id)
);
- 创建User实体类
@Data
public class User {
private Integer id;
private String username;
private String password;
}
- 整合MybatisPlus
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.4.1</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
- 编写UserMapper接口
@Repository
public interface UserMapper extends BaseMapper<User> {
}
- 编写
@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {
@Autowired
private UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
QueryWrapper<User> wrapper = new QueryWrapper<>();
wrapper.eq("username",username);
User user = userMapper.selectOne(wrapper);
if (user == null){
throw new UsernameNotFoundException("用户名不存在!");
}
List<GrantedAuthority> role = AuthorityUtils.commaSeparatedStringToAuthorityList("role");
return new org.springframework.security.core.userdetails.User(user.getUsername(),new BCryptPasswordEncoder().encode(user.getPassword()),role);
}
}
- 配置数据源
spring.datasource.username=root
spring.datasource.password=123456
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://10.138.236.45/security?serverTimezone=GMT%2B8
自定义登录页面
- 在配置类中重写configure方法
@Override
protected void configure(HttpSecurity http) throws Exception {
http.formLogin() //自定义自己编写的登录页面
.loginPage("/login.html") //登录页面设置
.loginProcessingUrl("/user/login") //登录访问路径
.defaultSuccessUrl("/test/index").permitAll() //登录成功之后的跳转路径
.and().authorizeRequests()
.antMatchers("/","/test/hello","/user/login").permitAll() //设置哪些路径可以直接访问
.anyRequest().authenticated()
.and().csrf().disable(); //关闭csrf防护
}
- 编登录页面
用户名和密码的name属性必须是"username"和"password"
<form action="/user/login" method="post">
用户名:<input type="text" name="username">
<br>
密码:<input type="text" name="password">
<br>
<input type="submit" value="login">
</form>