5.Spring Security-web权限方案

设置登录的用户名和密码

1.通过配置文件设置用户名密码

spring:
  security:
    user:
      name: xiankejin
      password: 123456

如果没有以上配置，那么就会在后台生成一个随机密码，用户名固定位user。

2.通过配置类设置用户名密码

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //将密码加密处理
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        String encode = bCryptPasswordEncoder.encode("123456");
        auth.inMemoryAuthentication().withUser("Lucy").password(encode).roles("admin");
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

3.自定义实现类设置用户名密码

spring security中的用户接口UserDetails和实现类User

User类中的构造器（用户名，密码，权限集合） 

定义配置类继承WebSecurityConfigurerAdapter类

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter{

    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
       auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

定义类实现UserDetailsService接口

@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        List<GrantedAuthority> authorities =
                AuthorityUtils.commaSeparatedStringToAuthorityList("role");
        return new User("Marry", new BCryptPasswordEncoder().encode("123456"), authorities);
    }
}

这里就可以写入查询数据库的验证用户的逻辑

引入mybatisplus + mysql 坐标：

 <dependency>
            <groupId>com.baomidou</groupId>
            <artifactId>mybatis-plus-boot-starter</artifactId>
            <version>3.0.5</version>
        </dependency>
        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>5.1.47</version>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
        </dependency>

spring:
  datasource:
    username: root
    driver-class-name: com.mysql.jdbc.Driver
    password: 123456
    url: jdbc:mysql://localhost:3306/demo
mybatis-plus:
  configuration:
    log-impl: org.apache.ibatis.logging.stdout.StdOutImpl

@Repository
public interface UsersMapper extends BaseMapper<Users> {


}

@Data
public class Users {

    private Long id;
    private String username;
    private String password;

}

@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {

    @Autowired
    private UsersMapper usersMapper;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        LambdaQueryWrapper<Users> wrapper = new LambdaQueryWrapper<>();
        wrapper.eq(Users::getUsername, username);
        Users users = usersMapper.selectOne(wrapper);
        if(null == users) {
            throw new UsernameNotFoundException("用户名不存在");
        }
        List<GrantedAuthority> authorities =
                AuthorityUtils.commaSeparatedStringToAuthorityList("role");
        return new User(users.getUsername(), new BCryptPasswordEncoder().encode(users.getPassword()), authorities);
    }
}

@SpringBootApplication
@MapperScan("com.xkj.org.mapper")
public class Application {

    public static void main(String[] args) {
        SpringApplication.run(Application.class, args);
    }
}