一、第一种:配置文件
spring.security.user.name=admin
spring.security.user.password=123456
二、第二种:配置类
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//使用BCryptPasswordEncoder类对密码进行加密
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
String encode = bCryptPasswordEncoder.encode("123456");
//roles不可以为空,如果没有设置roles,就会报错
auth.inMemoryAuthentication().withUser("lucy").password(encode).roles("admin");
}
//加密密码需要用到PasswordEncoder接口,需要设置PasswordEncoder实例化对象
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
三、第三种:自定义编写实现类
注:当SpringBoot在配置文件和配置类中都无法找到,才会在UserDetailsService接口中找
实现UserDetailsService接口
配置
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//设置使用的userDetailsService与passwordEncoder实现类
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
//加密密码需要用到PasswordEncoder接口,需要设置PasswordEncoder实例化对象
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
UserDetailsService实现类
这里是写死的用户名和密码
@Service("userDetailsService")
public class MyDetailService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
List<GrantedAuthority> auth = AuthorityUtils.commaSeparatedStringToAuthorityList("admin");
//返回User对象,User对象中有用户名、密码、操作权限
return new User("aaa",new BCryptPasswordEncoder().encode("123"),auth);
}
}
3.1、从数据库查询用户名对应的密码
这里是使用mybatis-plus查询的信息
导入依赖
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.47</version>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.3.2</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.18.12</version>
<scope>provided</scope>
</dependency>
创建数据库表
创建实体类
@Data
@Component
public class Users {
private int id;
private String username;
private String password;
}
创建mapper接口
@Repository
public interface UserMapper extends BaseMapper<Users> {
}
设置MapperScan
@SpringBootApplication
@MapperScan("com.springsecurity.setlogin.mapper")
public class SpringsecuritySetloginApplication {
public static void main(String[] args) {
SpringApplication.run(SpringsecuritySetloginApplication.class, args);
}
}
配置数据库信息
spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/security?useSSL=false&serverTimezone=GMT%2B8
spring.datasource.username=root
spring.datasource.password=123456
实现类
@Service("userDetailsService")
public class MyDetailService implements UserDetailsService {
@Autowired
UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
//从数据库中查询对应用户名的密码
QueryWrapper<Users> wrapper = new QueryWrapper();
wrapper.eq("username", s);
Users users = userMapper.selectOne(wrapper);
//查出的用户信息为空时,报出异常
if(users == null){
throw new UsernameNotFoundException("用户名不存在");
}
List<GrantedAuthority> auth = AuthorityUtils.commaSeparatedStringToAuthorityList("admin");
return new User(users.getUsername(),new BCryptPasswordEncoder().encode(users.getPassword()),auth);
}
}
四、测试
控制层
@RestController
public class loginController {
@GetMapping("/hello")
public String hello(){
return "hello SpringSecurity";
}
}
输入用户名和密码
结果