SpringSecurity 配置
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Resource
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(getPasswordEncoder());
}
@Bean
public PasswordEncoder getPasswordEncoder(){
return new BCryptPasswordEncoder();
}
}
UserDetailsService 是要实现的用户自定义的登录逻辑
PasswordEncoder 是Security使用的加密校验
Configure(Auth) 这个方法则是说明使用了自定义登录认证逻辑
public class UserDetailsImpl implements UserDetailsService {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Admin admin = userMapper.selectOne(new QueryWrapper<Admin>().eq("username", username));
if (admin == null){
throw new UsernameNotFoundException("用户名不存在");
}
return new User(admin.getUsername(),passwordEncoder.encode(admin.getPassword()),
AuthorityUtils.commaSeparatedStringToAuthorityList("role"));
}
}
loadUserByUsername 方法需要返回一个实现了UserDetails的实现类 同时在这个方法中处理一些登录逻辑