springsecurity+mybatis
-
导入依赖
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.4</version> </dependency> <dependency> <groupId>org.thymeleaf.extras</groupId> <artifactId>thymeleaf-extras-springsecurity5</artifactId> </dependency> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <scope>runtime</scope> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <optional>true</optional> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <dependency> <groupId>org.springframework.security</groupId> <artifactId>spring-security-test</artifactId> <scope>test</scope> </dependency>
-
配置yml
server: port: 8080 spring: datasource: url: jdbc:mysql://localhost:3306/springsecurity?useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai username: root password: 664732047 driver-class-name: com.mysql.cj.jdbc.Driver mybatis: mapper-locations: classpath:mapper/*.xml
-
编写UserDetailsService的实现类UserServiceImpl
package com.liu.service.impl; import com.liu.mapper.AdminMapper; import com.liu.pojo.Admin; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import javax.annotation.Resource; import java.util.ArrayList; import java.util.Collection; import java.util.List; @Service public class UserServiceImpl implements UserDetailsService { @Resource private AdminMapper adminMapper; @Resource private PasswordEncoder passwordEncoder; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { Admin admin = adminMapper.selectByUsername(username); if (admin == null){ throw new RuntimeException("没有获取到数据!"); } String password = passwordEncoder.encode(admin.getPassword()); return new User(admin.getUsername(),password,getauthorities(admin.getQuanxian())); } private Collection<GrantedAuthority> getauthorities(String s){ List<GrantedAuthority> objects = new ArrayList<>(); objects.add(new SimpleGrantedAuthority(s)); return objects; } }
-
编写SecurityConfig配置类
package com.liu.config; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter { @Autowired private UserDetailsService userDetailsService; @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests().antMatchers("/liulogin").permitAll() .antMatchers("/**").hasRole("ROOT"); http.formLogin().loginPage("/liulogin"); } @Bean public PasswordEncoder createPasswordEncoder(){ return new BCryptPasswordEncoder(); } @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder()); } }
-
定制自己的登录页面
<!--action路径要与指定跳转路径一致,不然不成功,而且后台的登录接口也不需要写了--> <form th:action="@{/liulogin}" method="post"> 用户名<input type="text" name="username"><br> 密码<input type="password" name="password"><br> <input type="submit" value="登录"> </form>