目录
切记不要忘记添加依赖
数据库
users表
users_roles表
roles表
注意一下各个字段的类型
controller层
package com.hnucm.c202001090135.controller;
import com.hnucm.c202001090135.dao.CourseMapper;
import com.hnucm.c202001090135.servive.StudentService;
import com.hnucm.c202001090135.servive.UserService;
import org.apache.catalina.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class studentController {
@Autowired
StudentService studentService;
@Autowired
UserService userService;
@RequestMapping("login")
public String login(){
return "login.html";
}
@RequestMapping("register")
public String register(){
return "register.html";
}
@RequestMapping("registercommit")
public String registercommit(User user){
userService.register(user);
return "redirect:/login";
}
@RequestMapping("mylogout")
public String mylogout(){
return "mylogout.html";
}
@RequestMapping("studentlist")
public String studentlist(Model model){
model.addAttribute("studentlist",studentService.findAllStudent());
return "studentlist.html";
}
@RequestMapping("studentlist2")
public String studentlist2(Model model){
model.addAttribute("studentlist",studentService.findAllStudent());
return "studentlist2.html";
}
@RequestMapping("deleteStudentByStudentid")
public String deleteCourse(Integer studentid){
studentService.deleteStudentByStudentid(studentid);
return "redirect:/studentlist";
}
@RequestMapping("findCourseByName")
public String findCourseByName(Model model, String name){
model.addAttribute("courselist",studentService.findCourseByName(name));
model.addAttribute("name",name);
return "courselist.html";
}
}
dao层
由于这次作业是在上次的基础上,所以只增加了一个dao
package com.hnucm.c202001090135.dao;
import com.hnucm.c202001090135.pojo.RoleLXC;
import org.apache.catalina.User;
import org.apache.ibatis.annotations.Mapper;
import java.util.List;
@Mapper
public interface UsersMapper {
String findUsersByUsername(String username);
List<RoleLXC> selectRolenameByUsername(String username);
public int register(User user);
}
实体类
UsersLXC
package com.hnucm.c202001090135.pojo;
import lombok.Data;
@Data
public class UsersLXC {
private int id;
private String username;
private String password;
}
RoleLXC
package com.hnucm.c202001090135.pojo;
import lombok.Data;
@Data
public class RoleLXC {
private int id;
private String rolename;
}
Service层
接口UserService
package com.hnucm.c202001090135.servive;
import org.apache.catalina.User;
import org.springframework.stereotype.Service;
public interface UserService {
int register(User user);
}
UserServiceImpl
package com.hnucm.c202001090135.servive.impl;
import com.hnucm.c202001090135.dao.UsersMapper;
import com.hnucm.c202001090135.servive.UserService;
import org.apache.catalina.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@Service
public class UserServiceImlpl implements UserService {
@Autowired
UsersMapper usersMapper;
@Override
public int register(User user) {
return usersMapper.register(user);
}
}
Utils类
这里因为要是用的到SpringSecurity框架,需要添加一个依赖:
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
MySecurityConfig
需要满足一些要求:
教师仅能查询所有学生的选课
管理员可删除学生选课,以及根据学生姓名查询他所选择的课程
package com.hnucm.c202001090135.utils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
@EnableWebSecurity
public class MySecurityConfig extends WebSecurityConfigurerAdapter {
//重写认证-->对接口拦截跳转
@Autowired
MyUserService myUserService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception{
auth.userDetailsService(myUserService).passwordEncoder(new BCryptPasswordEncoder());
}
@Bean
PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
//授权
@Override
protected void configure(HttpSecurity http) throws Exception{
http.authorizeHttpRequests()//拦截所有请求
.antMatchers("/register","/login").permitAll()//放行某些接口
.antMatchers("/studentlist2").hasAuthority("teacher")//对页面配置权限
.antMatchers("/studentlist").hasAuthority("admin")
.anyRequest().authenticated();//对其他接口进行拦截
http.formLogin()//指定登录的页面、默认是系统的页面
.loginPage("/login")// /login->默认需要权限
.loginProcessingUrl("/user/login")//登录提交的请求
.and()
.logout()
.logoutUrl("/logout");
//JSON接口配置
http.cors();
http.csrf().disable();
}
}
MyUserService(这里借鉴了一下另外一个博主)
https://yizhishubiao.blog.csdn.net/article/details/127827462?spm=1001.2014.3001.5502
package com.hnucm.c202001090135.utils;
import com.hnucm.c202001090135.dao.UsersMapper;
import com.hnucm.c202001090135.pojo.RoleLXC;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
@Service
public class MyUserService implements UserDetailsService {
//重写登录逻辑 username->登陆页面输入的用户名
//从数据库中获得获得验证
// 第一步:数据库user(id,username,password) username去数据库中查询用户selct * from user where username=? 0或1
//如果是0条 throws UsernameNotFoundException 如果是1条 从用户信息中获取密码
//第二步 根据username 去查询权限 roles(id,name) user表roles表多对多 中间表
@Autowired
UsersMapper usersMapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
String password = usersMapper.findUsersByUsername(username);//todo 从数据库中查到
List<RoleLXC> authority= usersMapper.selectRolenameByUsername(username);
//定义一个StringBuffer,用来拼接权限
StringBuffer stringBuffer = new StringBuffer();
authority.forEach(role -> stringBuffer.append(role.getRolename()+","));
if (stringBuffer.length() > 0){
//因为拼接完成后,会多一个逗号,所以删除最后一个逗号
stringBuffer.deleteCharAt(stringBuffer.length() - 1);
}
//User框架完成身份验证
return new User(username, new BCryptPasswordEncoder().encode(password),
AuthorityUtils.commaSeparatedStringToAuthorityList(stringBuffer.toString()));
}
}
界面
studentlist(admin)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<center>
<h1>用户列表</h1>
<form th:action="@{/findCourseByName}" method="post" style="margin-top: 20px">
请输入用户名:<input name="name" width="100dp"><br>
<div style="margin-top: 20px" ><input type="submit" value="查询"></div>
</form>
<table border="1" width="1000dp"style="margin-top: 50px">
<tr>
<td>序号</td>
<td>学生姓名</td>
<td>班级</td>
<td>学号</td>
<td>成绩</td>
<td>课程名称</td>
<td>删除</td>
</tr>
<tr th:each="student:${studentlist}">
<td th:text="${student.id}"></td>
<td th:text="${student.name}"></td>
<td th:text="${student.classname}"></td>
<td th:if="${student.transcriptLXC} ne null" th:text="${student.transcriptLXC.studentid}"></td>
<td th:if="${student.transcriptLXC} ne null" th:text="${student.transcriptLXC.achievement}"></td>
<td>
<ul th:each="course:${student.courseLXCList}" >
<li th:text="${course.coursename}"></li>
<li><h5>学分:</h5></li>
<li th:text="${course.credit} "style="list-style-type: none;"></li>
</ul>
</td>
<td>
<a th:href="@{'/deleteStudentByStudentid?studentid='+${student.id}}">删除</a>
</td>
</tr>
</table>
</center>
</body>
</html>
studentlist2(teacher)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<center>
<table border="1" width="1000dp"style="margin-top: 50px">
<tr>
<td>序号</td>
<td>学生姓名</td>
<td>班级</td>
<td>学号</td>
<td>成绩</td>
<td>课程名称</td>
</tr>
<tr th:each="student:${studentlist}">
<td th:text="${student.id}"></td>
<td th:text="${student.name}"></td>
<td th:text="${student.classname}"></td>
<td th:if="${student.transcriptLXC} ne null" th:text="${student.transcriptLXC.studentid}"></td>
<td th:if="${student.transcriptLXC} ne null" th:text="${student.transcriptLXC.achievement}"></td>
<td>
<ul th:each="course:${student.courseLXCList}" >
<li th:text="${course.coursename}"></li>
<li><h5>学分:</h5></li>
<li th:text="${course.credit} "style="list-style-type: none;"></li>
</ul>
</td>
</tr>
</table>
</center>
</body>
</html>
login
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<center>
<h1>登陆界面</h1>
<!-- /user/login security提供登录验证接口-->
<form th:action="@{/user/login}" method="post">
<div>用户名:<input name="username"></div>
<div>密码:<input name="password"></div>
<div><input type="submit" value="提交"></div>
</form>
</center>
</body>
</html>
courselist(admin)
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<center>
<form th:action="@{/findCourseByName}" method="post" style="margin-top: 20px">
请输入用户名:<input name="name" width="100dp"><br>
<div style="margin-top: 20px" ><input type="submit" value="查询"></div>
</form>
<h1>选课信息</h1>
<h3>学生:<h3 th:text="${name}"></h3></h3>
<table border="1px" cellspacing="0px" width="400dp">
<tr>
<th th:width="40px">课程号</th>
<th th:width="40px">课程名</th>
<th th:width="150px">学分</th>
</tr>
<tr th:each="course:${courselist}">
<td th:text="${course.id}"></td>
<td th:text="${course.coursename}"></td>
<td th:text="${course.credit}"></td>
</tr>
</table>
</center>
</body>
</html>
制作不易,关个注,点个赞吧!!!