首先引入需要的pom
<dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring-boot-web-starter</artifactId> <version>1.4.1</version> </dependency>
配置application.properties
#登录界面 shiro.loginUrl=/login #无权限界面 shiro.unauthorizedUrl=/403 #成功界面 shiro.successUrl=/index
自定义UserRealm
public class UserRealm extends AuthorizingRealm { @Autowired private UserService userService; @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { if(principalCollection == null){ throw new AuthenticationException("PrincipalCollection参数不能为空。"); } TUser user = (TUser) getAvailablePrincipal(principalCollection); if(ObjectUtils.isEmpty(user)){ throw new AuthenticationException("用户不存在"); } SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); if(ObjectUtils.isEmpty(user.getRole())){ info.setRoles(new HashSet<String>(){{add("public");}}); }else{ info.setRoles(new HashSet<String>(){{add(user.getRole());}}); } return info; } @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken; String username = token.getUsername(); if(StringUtils.isEmpty(username)){ throw new UnknownAccountException(); } TUser user = userService.fetchByUsername(username); if(ObjectUtils.isEmpty(user)){ throw new UnknownAccountException(); } if(user.getDisabled()){ throw new LockedAccountException(); } SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(user,user.getPassword(),ByteSource.Util.bytes(user.getSalt()),getName()); return info; } }
添加用户时密码加密方法
public String md5(String password,String salt){ //加密方式 String algorithmName = "MD5"; //盐值 ByteSource byteSalt = ByteSource.Util.bytes(salt); //加密次数 int hashIterations = 3; SimpleHash result = new SimpleHash(algorithmName, password, byteSalt, hashIterations); //Md2Hash Md5Hash Sha1Hash Sha256Hash Sha384Hash Sha512Hash 最后都是调用SimpleHash加密 //Md5Hash r = new Md5Hash(password,byteSalt,hashIterations); return result.toHex(); }
配置 ShiroConfig
@Configuration public class ShiroConfig { @Bean public Realm realm(){ UserRealm userRealm = new UserRealm(); userRealm.setCredentialsMatcher(hashedCredentialsMatcher()); return userRealm; } /** * 配置url * anon 任何人都能访问 * authc 认证成功后才能访问 */ @Bean public ShiroFilterChainDefinition shiroFilterChainDefinition(){ DefaultShiroFilterChainDefinition chain = new DefaultShiroFilterChainDefinition(); Map<String,String> pathDefinitions = new HashMap<>(); pathDefinitions.put("/loginDo","anon"); pathDefinitions.put("/**","authc"); chain.addPathDefinitions(pathDefinitions); return chain; } /** * 密码验证 * @return */ @Bean public HashedCredentialsMatcher hashedCredentialsMatcher(){ HashedCredentialsMatcher credentialsMatcher = new HashedCredentialsMatcher(); credentialsMatcher.setHashAlgorithmName("MD5"); credentialsMatcher.setHashIterations(6); credentialsMatcher.setStoredCredentialsHexEncoded(true); return credentialsMatcher; } }
登录controller
@PostMapping("/loginDo") @ResponseBody public Result loginDo(String username, String password, boolean rememberMe) { if(StringUtils.isEmpty(username)){ return Result.error("请输入用户名"); } if(StringUtils.isEmpty(password)){ return Result.error("请输入密码"); } try { Subject subject = SecurityUtils.getSubject(); subject.login(new UsernamePasswordToken(username, password, rememberMe)); } catch (UnknownAccountException e1) { return Result.error("用户名或密码错误"); } catch (LockedAccountException e2) { return Result.error("用户已被锁定"); } catch (AuthenticationException e3) { return Result.error("登录失败"); } return Result.success(); }