package com.alatus.shiro.realm;
import com.alatus.shiro.entity.User;
import com.alatus.shiro.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import java.util.List;
@Component
public class MyRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
// 自定义授权方法
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
// 获取用户身份信息
String name = principalCollection.getPrimaryPrincipal().toString();
// 获取授权角色列表
List<String> roles = userService.getUserRoleInfo(name);
// 获取角色权限信息
List<String> userPermission = userService.getUserPermissionInfo(roles);
// 创建对象封装当前用户的角色和权限信息
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 存储角色
info.addRoles(roles);
// 储存角色权限信息
info.addStringPermissions(userPermission);
// 返回角色信息
return info;
}
// 自定义登录认证方法
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
// 获取用户身份信息
String name = authenticationToken.getPrincipal().toString();
// 调用业务层提供的用户信息
User user = userService.getUserInfoByName(name);
// 非空判断,完成封装
if(!ObjectUtils.isEmpty(user)){
AuthenticationInfo info = new SimpleAuthenticationInfo(
authenticationToken.getPrincipal(),
user.getPwd(),
ByteSource.Util.bytes("salt"),
authenticationToken.getPrincipal().toString()
);
return info;
}
return null;
}
}
package com.alatus.shiro.realm;
import com.alatus.shiro.entity.User;
import com.alatus.shiro.service.UserService;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
import java.util.List;
@Component
public class MyRealm extends AuthorizingRealm {
@Autowired
private UserService userService;
// 自定义授权方法
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
// 获取用户身份信息
String name = principalCollection.getPrimaryPrincipal().toString();
// 获取授权角色列表
List<String> roles = userService.getUserRoleInfo(name);
// 获取角色权限信息
List<String> userPermission = userService.getUserPermissionInfo(roles);
// 创建对象封装当前用户的角色和权限信息
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// 存储角色
info.addRoles(roles);
// 储存角色权限信息
info.addStringPermissions(userPermission);
// 返回角色信息
return info;
}
// 自定义登录认证方法
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
// 获取用户身份信息
String name = authenticationToken.getPrincipal().toString();
// 调用业务层提供的用户信息
User user = userService.getUserInfoByName(name);
// 非空判断,完成封装
if(!ObjectUtils.isEmpty(user)){
AuthenticationInfo info = new SimpleAuthenticationInfo(
authenticationToken.getPrincipal(),
user.getPwd(),
ByteSource.Util.bytes("salt"),
authenticationToken.getPrincipal().toString()
);
return info;
}
return null;
}
}
package com.alatus.shiro.controller;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
@Controller
@RequestMapping("myController")
public class MyController {
@GetMapping("userLogin")
public String userLogin(String name, String pwd,@RequestParam(defaultValue = "false")boolean rememberMe, HttpSession session){
// 获取subject对象
Subject subject = SecurityUtils.getSubject();
// 封装对象到token
AuthenticationToken token = new UsernamePasswordToken(name,pwd,rememberMe);
// 调用login方法进行认证
try{
subject.login(token);
session.setAttribute("user",token.getPrincipal().toString());
return "main";
}
catch (AuthenticationException e){
e.printStackTrace();
return "登陆失败";
}
}
@GetMapping("userLoginRm")
public String userLogin(HttpSession session){
session.setAttribute("user","rememberMe");
return "main";
}
// 跳转登陆页面
@GetMapping("login")
public String login(){
return "login";
}
// 登录认证验证角色
@RequestMapping("userLoginRoles")
@RequiresRoles("admin")
@ResponseBody
public String userLoginRoles(){
return "验证角色成功";
}
// 登陆验证权限
@RequestMapping("userLoginPermission")
@RequiresPermissions("user:add")
@ResponseBody
public String userPermission(){
return "验证权限成功";
}
}
package com.alatus.shiro.controller;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
@Controller
@RequestMapping("myController")
public class MyController {
@GetMapping("userLogin")
public String userLogin(String name, String pwd,@RequestParam(defaultValue = "false")boolean rememberMe, HttpSession session){
// 获取subject对象
Subject subject = SecurityUtils.getSubject();
// 封装对象到token
AuthenticationToken token = new UsernamePasswordToken(name,pwd,rememberMe);
// 调用login方法进行认证
try{
subject.login(token);
session.setAttribute("user",token.getPrincipal().toString());
return "main";
}
catch (AuthenticationException e){
e.printStackTrace();
return "登陆失败";
}
}
@GetMapping("userLoginRm")
public String userLogin(HttpSession session){
session.setAttribute("user","rememberMe");
return "main";
}
// 跳转登陆页面
@GetMapping("login")
public String login(){
return "login";
}
// 登录认证验证角色
@RequestMapping("userLoginRoles")
@RequiresRoles("admin")
@ResponseBody
public String userLoginRoles(){
return "验证角色成功";
}
// 登陆验证权限
@RequestMapping("userLoginPermission")
@RequiresPermissions("user:add")
@ResponseBody
public String userPermission(){
return "验证权限成功";
}
}
package com.alatus.shiro.service;
import com.alatus.shiro.entity.User;
import java.util.List;
public interface UserService {
// 用户登录
User getUserInfoByName(String name);
// 根据用户查询角色信息
List<String> getUserRoleInfo(String principal);
// 获取用户的角色权限信息
List<String> getUserPermissionInfo(List<String> roles);
}
package com.alatus.shiro.service;
import com.alatus.shiro.entity.User;
import java.util.List;
public interface UserService {
// 用户登录
User getUserInfoByName(String name);
// 根据用户查询角色信息
List<String> getUserRoleInfo(String principal);
// 获取用户的角色权限信息
List<String> getUserPermissionInfo(List<String> roles);
}
package com.alatus.shiro.service.impl;
import com.alatus.shiro.entity.User;
import com.alatus.shiro.mapper.UserMapper;
import com.alatus.shiro.service.UserService;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
@Service
public class UserServiceImpl implements UserService {
@Autowired
private UserMapper userMapper;
@Override
public User getUserInfoByName(String name) {
QueryWrapper<User> wrapper = new QueryWrapper<>();
wrapper.eq("name",name);
User user = userMapper.selectOne(wrapper);
return user;
}
@Override
public List<String> getUserRoleInfo(String principal) {
return userMapper.getUserRoleInfoMapper(principal);
}
@Override
public List<String> getUserPermissionInfo(List<String> roles) {
return userMapper.getUserPermissionInfoMapper(roles);
}
}
package com.alatus.shiro.service.impl;
import com.alatus.shiro.entity.User;
import com.alatus.shiro.mapper.UserMapper;
import com.alatus.shiro.service.UserService;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.List;
@Service
public class UserServiceImpl implements UserService {
@Autowired
private UserMapper userMapper;
@Override
public User getUserInfoByName(String name) {
QueryWrapper<User> wrapper = new QueryWrapper<>();
wrapper.eq("name",name);
User user = userMapper.selectOne(wrapper);
return user;
}
@Override
public List<String> getUserRoleInfo(String principal) {
return userMapper.getUserRoleInfoMapper(principal);
}
@Override
public List<String> getUserPermissionInfo(List<String> roles) {
return userMapper.getUserPermissionInfoMapper(roles);
}
}
package com.alatus.shiro.mapper;
import com.alatus.shiro.entity.User;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface UserMapper extends BaseMapper<User> {
@Select("SELECT `name` FROM role " +
"WHERE id IN (" +
" SELECT rid FROM role_user " +
" WHERE uid = (" +
" SELECT id FROM `user` " +
" WHERE `name` = #{principal}" +
" )" +
");")
List<String> getUserRoleInfoMapper(@Param("principal") String principal);
@Select({
"<script>",
"SELECT info FROM permissions WHERE id IN (",
"SELECT pid FROM role_ps WHERE rid IN (",
"SELECT id FROM role WHERE name IN",
"<foreach collection='roles' item='name' open='(' separator=',' close=')'>#{name}</foreach>",
" )", // 加上关闭IN子句的括号
")",
"</script>"
})
List<String> getUserPermissionInfoMapper(@Param("roles") List<String> roles);
}
package com.alatus.shiro.mapper;
import com.alatus.shiro.entity.User;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface UserMapper extends BaseMapper<User> {
@Select("SELECT `name` FROM role " +
"WHERE id IN (" +
" SELECT rid FROM role_user " +
" WHERE uid = (" +
" SELECT id FROM `user` " +
" WHERE `name` = #{principal}" +
" )" +
");")
List<String> getUserRoleInfoMapper(@Param("principal") String principal);
@Select({
"<script>",
"SELECT info FROM permissions WHERE id IN (",
"SELECT pid FROM role_ps WHERE rid IN (",
"SELECT id FROM role WHERE name IN",
"<foreach collection='roles' item='name' open='(' separator=',' close=')'>#{name}</foreach>",
" )", // 加上关闭IN子句的括号
")",
"</script>"
})
List<String> getUserPermissionInfoMapper(@Param("roles") List<String> roles);
}