SpringBoot使用BCryptPasswordEncoder进行密码加密

为了数据库安全，现在一般不在数据库，前端将密码传入后端进行处理，后端对密码进行加密，然后再储存到数据库中，SpringBoot框架一般使用的是BCryptPasswordEncoder来进行操作。

1.加入依赖

        <!--        securityr认证-->
        <dependency>
	        <groupId>org.springframework.boot</groupId>
	        <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

2.加密

        User newUser = new User();
        BeanUtils.copyProperties(user,newUser);
        newUser.setPassword(encoder.encode(user.getPassword()));
        this.save(newUser);

3.匹配

        QueryWrapper<User> queryWrapper = new QueryWrapper<>();
        queryWrapper.eq("username",username);
        User user = this.getOne(queryWrapper);
        if(user == null){
            return 0;
        }
        final boolean matches = encoder.matches(password, user.getPassword());
        if(matches){
            return 1;
        }
        return 0;

4.在启动类下添加一方法

    @Bean
	public BCryptPasswordEncoder encoder() {
		return new BCryptPasswordEncoder();
	}

5.在config包下新建SecurityConfig.java文件

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {


    @Override
    protected void configure(HttpSecurity http) throws Exception {

        http.authorizeRequests().antMatchers("/**").permitAll()
                .and()
                .csrf().disable();//相当于<security:scrf enabled=false/>标签
    }


}