1、SpringSecurity实现用户密码的加密和密码对比的方法,encode()方法用来加密数据,matches()用来对比加密数据和字符串是否一致
import org.junit.Test;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
public class passwordTest {
@Test
public void test1(){
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String encode="";
for (int i = 0; i < 10; i++) {
encode = passwordEncoder.encode("1234");
System.out.println(encode);
}
System.out.println(passwordEncoder.matches("1234", encode));
}
}
2、用户权限验证需要一个类实现UserDetailsService接口,类中从数据库中根据用户名查询出用户对象和角色权限数据,将权限授权给认证通过的用户,并返回一个具有功能权限的新用户对象
package com.itheima.service;
import com.alibaba.dubbo.config.annotation.Reference;
import com.itheima.pojo.Permission;
import com.itheima.pojo.Role;
import com.itheima.pojo.User;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import java.util.ArrayList;
import java.util.List;
import java.util.Set;
@Component
public class SpringSecurityUserService implements UserDetailsService {
@Reference
private UserService userService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//在数据库中查询是否存在此用户,不存在return null,存在就给用户赋予权限
User user=userService.findUserByUsername(username);
if(user==null){
return null;
}
//根据查询出来的用户数据给用户赋予权限
List<GrantedAuthority>